Foreword by Roberto Medrano

We have spent the better part of the last decade working on SOA governance programs at some of the world’s largest and most complex IT organizations. We are very pleased, therefore, to see this important topic addressed in detail by Thomas Erl, one of this generation’s truly great software architecture authors. Thomas’ book is beyond timely, in our view, as it captures a serious truth that has crept up on even some of the most savvy CIOs. That is, SOA has gone from “nice to have,” to “have to have,” to today’s reality that SOA is just here. Period. You have it. You don’t have any choice but to have it. And now that you have, you have to govern it.

How did this happen? How did SOA emerge from the egghead shadows to become the de facto enterprise architecture across the globe? Many factors contributed to this situation, but perhaps most important has been the ascendancy of cloud computing. Though still in its infancy, cloud computing has been absolutely transformative in the role that SOA plays in day-to-day enterprise computing. The cloud is inherently service-oriented. Whether an organization is totally cloud-based, a hybrid of on-premise and cloud, or using a private cloud, its applications are now reaching out to consume and expose Web services in ways that would have been hard to imagine even a few years ago. Even organizations that shunned SOA now have one. It’s called the cloud, and it’s here to stay.

SOA governance and the cloud are vital companions, for better or worse. In a nutshell SOA governance is about making sure the enterprise builds the right things, build them right, and makes sure that what it has built is behaving right. With proper SOA governance, the cloud can be a strategic bonanza, smoothing the way for improving agility, reducing risks, reducing costs and economies that everyone should want. Companies realizing the most success are those that have built a Unified SOA Governance infrastructure that governs a wide range of assets and artifacts through their entire lifecycle. Without SOA governance, the cloud threatens operational disaster and exposure to multiple levels of risk. And now, we have a thorough and well thought out book on the subject. Thomas has done the industry a great service by delving deeply into this topic in a way that readers of many different backgrounds can understand.

This book works because it gives the reader a sense of SOA governance across the full IT lifecycle and spans the organizations that are charged with managing the SOA. Thomas offers valuable insights and pragmatic tips on how to implement governance that is sensible yet effective, touching on managerial and business issues as much as technology. He probes into the nature of rules and organizations, even human nature, as he lays out the groundwork for good governance. Thomas understands that all of these aspects of governance are relevant to the success of a program. Enjoy this book. If you are involved in IT management, you will find it an indispensible companion in your quest for success with SOA.

—Roberto Medrano

EVP, SOA Software