December 3, 2010 SAIF Governance Framework A Brief Update on work to date

Purpose Provide a brief update on work completed so far on the Governance Framework of SAIF Implementation Guide 2

SOA Governance - Context for NCI - CBIIT CBIIT has embarked on the implementation of Service Oriented Architecture across the Enterprise and adopted Services Aware Interoperability Framework (SAIF) This will span all workspaces and domains such as Clinical Trial Management Systems, Life Sciences (Integrative Cancer Research, Tissue Banks and Pathology Tools, Imaging) and Core/Infrastructure A robust SOA Governance will need to be established to ensure success in delivering on the strategy and goals –Match the needs and capabilities across the enterprise –Guide the Service Identification, Prioritization and Funding –Establish standards, policies, procedures and metrics to cover all aspects of SOA development –Monitor compliance and effectiveness 3

SAIF GF - Design Goals Portfolio Management –Guide the process of selecting the “right” set of services and capabilities for development –Assign resources for service development –Ensure optimum utilization of developed services Design and Development –Ensure services are specified using the Enterprise Conformance and Compliance Framework (ECCF), supporting common models to achieve interoperability across domains –Enforce service composition and reuse through standard design patterns –Enable easier maintenance of individual components Run-Time and Operational Standards –Enhance the visibility of available assets through the use of service registry and standardized service metadata repository –Facilitate robust change management for deployed services –Define and enforce policies related to availability and security of deployed services 4

SAIF GF – Desired End Results An effective Governance Framework will result in a solid portfolio of interoperable, maintainable, reusable and visible Services – ultimately helping an Enterprise accomplish its goals such as reducing the time taken to implement new capabilities This will mean –Faster fulfillment of the bioinformatics needs of cancer researchers through the ability to quickly roll out new capabilities –Reduced long-term cost of creation of new capabilities as well as maintenance –Simplified design of applications as the core functionality is shifted to services 5

SAIF GF – Key Components Governance provides a systematic way for organizations to make decisions. A governance system is implemented using: Precepts –Define the rules that govern decision-making –Codified using principles, policies, standards and guidelines People –Make decisions in accordance to and within the constraints stipulated by Precepts Processes –Coordinate decision-making activities –Provide the means and opportunities to control decisions, enforce policies and take corrective action 6

SAIF GF – Key Components – contd. Metrics –Measure compliance with Precepts –Provide visibility into the progress and effectiveness of the governance system Reference – SOA Governance – Thomas Erl - Copyright © 2010 by Prentice Hall 7

SAIF GF – Work completed so far Defined an approach to design the Governance Framework adapted from SOA Governance by Thomas Erl and others Identified risks associated with the following Service Development Lifecycle stages –Service Inventory Analysis –Service Oriented Analysis and Modeling –Service Oriented Design (Contract Design) –Service Logic Design –Service Development –Service Testing –Service Deployment and Maintenance –Service Discovery –Service Versioning 88

SAIF GF – Work completed so far – contd. Identified Precepts to address the risks associated with each Service Development Lifecycle stage (see definition of Precept in earlier slides) Prioritized the Precepts to elaborate and implement in the first phase of SAIF Governance Framework Elaborated each prioritized Precepts to identify –Objectives –Policies –Standards –Guidelines and Patterns –Associated Roles –Processes and Metrics –Required SAIF Artifacts 99

SAIF GF – Work completed so far – contd. Example Precept - Service Candidate Versioning Standards +Service+Candidate+Versioning+Standardshttps://wiki.nci.nih.gov/display/SAIF/ Precept+5+- +Service+Candidate+Versioning+Standards 10

SAIF GF – Work completed so far – contd. Service Identification Planning and Portfolio Management High-level Service Scope Identification Service Dependency Identification Service Prioritization & Service Assignment Service Design & Development Design and Development Standards Service Specification Reviews and Approvals √ Architectural Patterns, Development Guidelines, Checklists Service Conformance Validation √ Service Deployment Run-time and Operational Standards Service Registration Service Deployment √ Service Change Management √ Dispensation (Appeals & Exceptions) √ Process Deliverables by Service Development Stage Note: √ indicates draft of the process has been completed. These drafts have not been published on SAIF IG Wiki yet. 11

SAIF GF - Proposed Governance Structure NEARB NCI’s Enterprise Architecture Review Board ESGT Enterprise Service Governance Team ESSRT Enterprise Service Standards and Review Team CS-CAT Clinical Sciences Composite Architecture Team LS-CAT Life Sciences Composite Architecture Team Core Platform, Security, Semantic Infrastructure SOMT Service Operations Monitoring team 12

SAIF GF - Proposed Governance Structure NEARB (NCI Enterprise Architecture Review Board) Meets every month Representation from C-team, ESGT and ESSRT Establishes policies, standards, processes Approves and Prioritize NES Reviews Compliance and Conformance metrics Communicates with the C-team Decides on appeals related to ESGT decisions ESGT (Enterprise Service Governance Team) Meets every two weeks Representation from CS-CAT, LS-CAT, Core teams (Platform, Security, Semantic Infrastructure) and ESSRT Enforces policies, standards, processes Makes recommendations on scope and priority of NES to NEARB Approves change requests for all NES 13

SAIF GF - Proposed Governance Structure ESSRT (Enterprise Service Standards & Review Team) Participates in Domain CAT, ESGT and NEARB meetings Acts as a custodian of the NES Governance Creates Templates, Standards, Guidelines Reviews service artifacts Generates compliance metrics and reports to ESGT, NEARB SOMT (Service Operations & Monitoring Team) Operationalizes “run-time” policies Monitors service performance against SLAs Generates metrics related service operations such as discovery, availability, performance Answers questions from and supports Service Consumers 14

Governance – In Action today CS-CAT, LS-CAT currently govern the following aspects of Service Development Lifecycle with support from ESSRT High-level Service Scope and Dependency Identification Service Prioritization and Assignment Service Scope & Specifications  ECCF Artifact Templates  ECCF Artifact Review Checklists  ECCF Artifact Reviews and Approvals Service Change Management 15

Governance – In Action today - contd. Service Scope & Specification Governance 16

SAIF IG GF – Remaining Work 1.Review and Comment on existing GF content 2.Provide disposition on comments/suggestions 3.Incorporate final dispositions on all suggested changes in the GF 4.Review existing Process drafts and update to synch up with GF and proposed Governance Structure (Orgs and Roles) 5.Review detailed Percepts to identify all processes that still need to be defined 6.Create drafts for remaining processes 7.Create artifact templates for newly defined processes 17