SOA Business Process: Focus on What Matters Most

SOA business process is entirely enabled by SOA governance. And there are a couple of different ways we can look at SOA governance and how policy applies.

Technical policies include things like ensuring consistency in your development environment, making sure people are following WS-I policy, having consistent schema usage throughout an organization; all these are important because they enable you to realize many of the benefits of SOA, including service re-use. The implications of not following such technical policies are somewhat limited and less serious. It makes re-use harder, resulting in the realization of fewer benefits.

Business policies, on the other hand, are not optional, they are must-haves: rules that must be followed or people can be fined. Jail terms can be imposed. Companies can be sued. Meaningful loss of revenue can occur.

SOA Business Process: Business Policies Require a Business Focus

Business policies require a different kind of focus; very often un-like the technical policies, they're not tied directly to services. They tend to be more service-independent. Take, for example, EU privacy policies: when you want to apply policy to this kind of information -- this would be a broad type of policy -- it's not specific to any one service. For example, a policy may specify that anywhere personal identities exist, they need to be encrypted in order to force this type of compliance.

SOA Business Process: Regulatory Policy

The same sort of thing applies with regulations like Sarbanes-Oxley (SOX): it's not a service-specific type of business rule, but, rather, in the case of a given business process, the process may indicate that for each step in the process, auditing needs to take place in order to remain in compliance with SOX. So it's not about the specific services; it's more about the processes and how the policy is applied to them.

SOA Business Process: A Contextual Approach

Finally, there's the context of information. What if you want to make sure that you're treating some of your customers with higher priority than others? A standard way to do this is to split up your customers into Gold, Silver and Bronze groups to make sure you're not violating the customer service-level agreements (SLAs) -- so that you are always giving the best experience to your Gold customers.

In summary, while technical policies focus on infrastructure -- application, platform and network elements, for example -- SOA business process policies focus on business-oriented elements: complying with government regulations, managing client service levels and other issues related to the security and functioning of the business.

For More Information

Business process comes before the IT agenda in most companies. Find out how Actional can help align your IT and business goals. Download the free white paper, Aligning IT and Business Goals with Business Process Visibility