It's all or nothing: the impact of half-baked governance
Monday, July 27, 2009
Now I get the fact that this blog is supposed to be about SOA and the industry and not a forum for shameless WebLayers promotion. But I have to say I'm pretty excited about the release of WebLayers Center 5.0. Before you think the rest of this is going to be a commercial, let me say just say that no, I won't give you the marketing spin but I will spell out what this new product means for business, especially the financial services industry.
What I find most interesting about Release 5.0 is the distributed governance capabilities. So what does that really mean? Well, when you really think about the way that governance is deployed, you realize that there are some inevitable gaps.
These gaps can be due to the way that governance is viewed in the company meaning that architects and developers may only govern pieces of the development process or certain applications and services. Some also subscribe to the notion that another gap exists in the technology itself with regard to popular governance platforms. Complementing what's already in place, Release 5.0 is filling in the gaps to enable governance across any platform and development environment.
So why is this a big deal? Well, a lot of times the errors in the software development process don't rear their ugly head until the application is pretty far down its path or actually deployed and this is true whether the development is done onsite or offshore. This is largely due to lack of visibility. And without visibility into the development process, including how all the pieces fit together, you put your business at tremendous risk. This becomes especially tricky when you consider the implications of applications and services that may proliferate throughout the organization as part of an SOA strategy.
For example, imagine a global financial services firm that has within its SOA a specific application designed to ensure the immediacy, security and validity of overseas funds transfers over $100,000. Now imagine a glitch in that application that compromised the transaction resulting in a breach in security and a delay in the transaction posting which not only cost the firm a valued customer, it also resulted in government fines.
While that application may have been properly governed during the development process, the compromise could have sneaked in through a shared business service that was reused and distributed throughout the firm.
You can quickly begin to imagine similar scenarios of what I like to call 'half baked governance' as they apply to other industries as well.
For example, what if you went to the emergency room and the technology that's supposed to align your healthcare provider with your primary care doctor and securely connect to hospital billing erroneously mixes up the cost of your outpatient needs with a more serious and prolonged overnight stay. Not to mention the less drastic yet equally thought-provoking issue associated with the quadrillion dollar cigarette charge that I blogged about last week.
Without governance in place at every gate, the business is clearly at a tremendous risk. This risk goes beyond the IT department as illustrated through the above examples. Along these lines, if you've got some true governance confessions that you'd like to share with the readers - anonymously if you prefer - please drop me a line as one thing I've learned since taking this post in January is that the more we share information, the smarter we all become.
What I find most interesting about Release 5.0 is the distributed governance capabilities. So what does that really mean? Well, when you really think about the way that governance is deployed, you realize that there are some inevitable gaps.
These gaps can be due to the way that governance is viewed in the company meaning that architects and developers may only govern pieces of the development process or certain applications and services. Some also subscribe to the notion that another gap exists in the technology itself with regard to popular governance platforms. Complementing what's already in place, Release 5.0 is filling in the gaps to enable governance across any platform and development environment.
So why is this a big deal? Well, a lot of times the errors in the software development process don't rear their ugly head until the application is pretty far down its path or actually deployed and this is true whether the development is done onsite or offshore. This is largely due to lack of visibility. And without visibility into the development process, including how all the pieces fit together, you put your business at tremendous risk. This becomes especially tricky when you consider the implications of applications and services that may proliferate throughout the organization as part of an SOA strategy.
For example, imagine a global financial services firm that has within its SOA a specific application designed to ensure the immediacy, security and validity of overseas funds transfers over $100,000. Now imagine a glitch in that application that compromised the transaction resulting in a breach in security and a delay in the transaction posting which not only cost the firm a valued customer, it also resulted in government fines.
While that application may have been properly governed during the development process, the compromise could have sneaked in through a shared business service that was reused and distributed throughout the firm.
You can quickly begin to imagine similar scenarios of what I like to call 'half baked governance' as they apply to other industries as well.
For example, what if you went to the emergency room and the technology that's supposed to align your healthcare provider with your primary care doctor and securely connect to hospital billing erroneously mixes up the cost of your outpatient needs with a more serious and prolonged overnight stay. Not to mention the less drastic yet equally thought-provoking issue associated with the quadrillion dollar cigarette charge that I blogged about last week.
Without governance in place at every gate, the business is clearly at a tremendous risk. This risk goes beyond the IT department as illustrated through the above examples. Along these lines, if you've got some true governance confessions that you'd like to share with the readers - anonymously if you prefer - please drop me a line as one thing I've learned since taking this post in January is that the more we share information, the smarter we all become.
posted by Web Layers Blogger at
7:43 AM
0 Comments:
Post a Comment
<< Home