As I've stated here a few times before, while I do believe in the notion of SOA governance the available tools and technology will only get you a small part of the way down the true SOA governance path. A good summary of this issue is a post by Nick Malik, I thought Nick caught the essence of the issue. "So your CIO says 'build SOA.' You do a search and plop down your hard earned cash on a SOA Governance tool. D As I’ve stated here a few times before, while I do believe in the notion of SOA governance the available tools and technology will only get you a small part of the way down the true SOA governance path. A good summary of this issue is a post by Nick Malik, I thought Nick caught the essence of the issue. “So your CIO says ‘build SOA.’ You do a search and plop down your hard earned cash on a SOA Governance tool. Do you now have what you need for SOA Governance? Nope.” “The whole point of SOA is to create an agile environment, making it easier to build fully integrated applications from the get-go. This is the goal. If your services don’t allow you to build service oriented applications, then you have wasted your money and time. Governance is about making sure you don’t waste your time and money by building the services you don’t need, or failing to build the services you do need.” Nick goes on to define the activities which are included in SOA governance, highlighting only 3 of the activities that are solved by SOA governance technology today: ActivityWhat it gives youStageBusiness Service AnalysisAn understanding of the data entities and process steps that drive the need for the creation of a service.PlanningService PartitioningAn understanding of the different levels of services (data level, orchestration, composition, management) needed to meet the needs of the business, what each service will do. This drives the definition of business events and documents.Planning, DesignEvent and Schema designA plan for the behavior of the services that meets the operational, informational, and business process needs of the organization. Behavior is often described as a protocol, but it can include service level expectations, exception management and compensation definitionPlanning, DesignSecurity Policy Creation / ManagementA set of standards for how services will be secured, what level of authorization is needed for services of different types, how network boundaries will affect the access to different forms, levels, and types of data.PlanningOperational Policy Creation / ManagementA set of standards for how services will be constructed so that they can be seen, tracked, managed, audited, and monitored. PlanningPolicy enforcementAutomated application of policies to services running in the networkDeployment, support Service MonitoringAutomated monitoring, logging, and tracking of service calls to insure that service levels are maintained and to aid in debugging and exception handling.Deployment, support Rogue service discoveryAutomated discovery of services running in the network to capture services that may offer uncontrolled functionality, backdoor access, and audit gaps.SupportSOA Project ComplianceA process for insuring that projects funded in corporate IT departments actually consume or deliver the services needed by the enterprise.Envisioning, Design, Construction  I thought Nick nailed it, and really supports what I’ve been saying for a long time. SOA governance is complex, and you have to considering many activities that are part of it, including understanding the business, service planning, service design, policy design, etc., not just operational control of the services. I’m not sure the SOA governance guys get that at this point, but should if they have any desire to support the more holistic notion of SOA governance. This goes to a larger issue. There is a lot of cloudiness around SOA governance right now, and once again many SOA governance systems are selling into organizations that have no idea as to how to leverage them, or more importantly how they exist in the context of SOA. That has to change pretty quickly. Software Development