The importance of governance for both service-oriented architecture (SOA) implementations and the enterprise data consumed by them was emphasized by IBM at two user events this past week.
Governance was a major topic of interest at the annual SHARE mainframe users group conference in Orlando, FL, and data governance was the only topic at the IBM Data Governance Council Meeting in New York, NY.
At SHARE, several panelists argued that governance should not be thought of as a police action. That theme was summarized in a slide put up by Mark Ericson, CTO of Mindreef Inc., the SOA software vendor: "Governance processes should make it easy to do things the right way and hard to do them the wrong way. Build schools, not prisons. The goal is to help people conform to best practices, not police them."
In a panel on "Experience with SOA for governance" Paul Giangarra, IBM distinquished engineer, used a first aid analogy to stress the importance of governance. "Without governance all you are doing is putting a Band-Aid on something that's already hemorrhaging," he said.
On the positive side, Giangarra stressed that "governance is a must for success with SOA." He said it required IT and business to work together using the center of excellence model and stressing teamwork.
"SOA is a team sport," he said. "Business teams and IT teams must work hand-in-hand."
Giangarra discussed the SOA governance lifecycle and described it more as a governance lifecycle that applies to SOA, but could also be applied to other IT areas that also require governance. He offered four steps to SOA governance:
- Planning phase - Scope out the governance needed, layout strategy, and prepare for this phase to be continuous.
- Define - Understand what types of policies need to be enforced.
- Enable - Employ a system to inform the company of set processes, deploy governance policies.
- Measure - Manage and monitor the governance processes and compliance with policies.
"Looking at data governance the biggest question is: how are we actually going to pull this off?" said Patrick Connolly, IBM's product marketing leader for data quality, data governance and master data integration. Connolly, was interviewed following last week's meeting of the IBM Data Governance Council, where more than 60 IBM customers in industries – including financial services, banking, insurance and retail – met to focus on furthering data governance.
Data governance seeks to define the policies needed to make sure enterprise data is in a consistent and useable form when it is consumed by SOA applications, he said. One of the answers to the data governance how-to question is to make use of SOA governance. With SOA it is possible to "get data governance for free in some cases," Connolly said
"If I can create a unit of work for data quality, deploy that as a Web service as part of an overall enterprise data quality and SOA initiative, I've got a single point of maintenance," he explained. "SOA provides that lowest common denominator of support for things like traceability for compliance."
In this way SOA becomes a key enabler of data governance in large multi-systems enterprises with multiple data bases including legacy data, he said. "We can deliver a service level agreement on data quality."
One goal of data governance is to provide what Connolly defines as "the information dial tone that you can access anywhere to do almost anything in terms of moving, touching and understanding data" in an SOA application.
It is similar to the telephone dial tone, in the sense that the business users of the SOA application do not need to worry about the mechanics behind how the data is being accessed, any more than a caller in South Dakota has to worry about the switching involved in making the phone connection to Denmark.
"Data governance defines the policies, the elements of the conversation," Connolly explained. "It provides ubiquity of use. That's where data governance becomes real because you're defining policies that are a baseline definition and structure of those data services across the enterprise and make them available through that dial tone that gives you access to the information."
Just as in SOA governance where one of the contentious policy issues is who owns the individual Web service, data governance also has ownership issues.
"When we talk about data governance one of the first things we want to talk about is data ownership," Connolly said. "Who owns the data? We're starting to steer the ship towards the business process owner, the person whose job depends on the availability and accuracy of the data.
He said the common misconception is that database administrators are the owners, but he argues that they are not the owners, just the "zookeepers."
"They are the caretakers," Connolly said. "They are responsible for the care and feeding." But the business process owner needs to take an active role in make sure data governance is working because if the business process owner can't use the information, can't access the information, can't trust it, then data governance is failing, he said. And if that fails, both business and IT fail.
So there is another argument for teamwork in governance for both SOA and data.