This multi-step SOA process is the "SOA Implementation Roadmap" that ZapThink has developed and detailed in its research. In summary, companies should follow these general steps when putting together an SOA:
- Move from proprietary systems with proprietary interfaces to standards-based interfaces that operate in an environment of heterogeneity.
- Apply security and identity management to those services so that they can exist in a coarse-grained, composable ecosystem. Without security and identity management applied at this phase, trying to achieve any loose coupling or coarse granularity in practice will be very difficult.
- Implement runtime management for services to guarantee loose coupling and assure that the services a company has implemented will be truly reusable at runtime.
- After implementing a managed, secure set of services, companies should then seek to implement a metadata-based, registry-enhanced service ecosystem that provides for real reusability across business units and the enterprise and enables service use across the corporate firewall. In this phase, companies should develop policies and utilize a registry to manage those services and policies at runtime.
- With registered, managed and secure services in place, the next step is to implement a process-driven approach that seeks to implement business agility through business processes that are defined as services and consume services -- the so-called service-oriented process.
- Once process-driven, registered, managed and secure services are in place, the next steps are to scale the services in the organization by moving to more sophisticated approaches of delivering, provisioning and negotiating services at runtime.