6.8. WHAT POLICIES ARE REQUIRED?
The body of policies necessary to govern your SOA and services comes from two sources: They are derived from your SOA goals and principles, as well as from your SOA reference architecture and supporting SOA enterprise architecture artifacts. The policies derived from SOA goals and principles are often business and process level policies, while those derived from the SOA reference architecture are technical in nature and relate to service design and implementation patterns, design- and runtime governance, and security implementation and enforcement from both a service design perspective as well as a runtime perspective. Some policies are derived from the convergence of both exercises. The resulting policy model will form the basis for enforcing governance for key SOA processes and governance requirements.
Many types of policies must be defined to support your SOA efforts, such as:
Enterprise Policies. Policies that affect all business units, processes and roles such as reuse, security policies, design best practices and standards.
Business Policies. Address business issues, including process policies, SLAs and performance criteria, approval levels, spending limits for external services, and more.
Process Policies. Who is allowed to publish a service? What minimal standards must be adhered to for a service to be published to a registry? How will versioning of services be managed? How many versions will be allowed? How will new versions of services ...
Get Service-Oriented Architecture Governance for the Services Driven Enterprise now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
