Integrating the dynamics of SOA and ITSM for ultimate success

The difference between a good IT Service Organisation and a world class IT service organisation lies in a holistic approach to managing service that is properly planned and adopted.

In an IT service organisation the crucial concepts of Service Orientated Architecture (SOA) and IT Service Management (ITSM) operate as separate entities but they are in so many ways utterly reliant upon each other for the smooth running of an IT service organisation's daily activities.

"It is imperative for both SOA and ITSM practitioners to understand the concept of the business service chain before attempting to target any SOA and ITIL (r) ITSM initiatives. Both these concepts in essence have the same goal and must be considered within the framework of a service chain in order to maximise each respective initiative," says Ian Clark, Principal Consultant, Foster-Melliar.

The Business Service Chain is an integrated collection of building blocks where each block represents a business process providing a business service to a client. In order for each block to function it is reliant on business enablers and supporting IT services. Each business service, process, enabler and related IT service is underpinned by numerous IT infrastructure components that collectively enable the business service to occur.

The Business Executives and the Chief Information Officer (in ITSM terms, the IT Customer) are interested in the IT organisation's ability to report, improve, manage and align itself with business services. They are interested in establishing how well an IT organisation can deliver a service to and support the business service or staff from an operational, tactical and strategic perspective allowing them in turn to perform their business processes.

"The challenge for IT organisations adopting either or ideally both ITSM and SOA concepts is to collectively align their thinking, methodologies and activities to the above differing Business and IT-focused views," explains Ian.

According to OASIS (Organisation for the Advancement of Structured Information Standards) SOA is a paradigm for organising and utilising distributed capabilities that may be under the control of different ownership domains. It is essentially the capability in a network of computer systems, for individual pieces of application function to dynamically and co-operatively locate and use each other to build larger applications or services, instead of these applications being built statically and inflexibly by developers.

"SOA offers a key tool in the battle for Business and IT Alignment. It enables rapid, dynamic and flexible matching of IT Systems and infrastructure to IT services, business processes and service needs in comparison to the lengthy development cycles of current systems and the spiralling costs of integrated suites.

"SOA is not a technology nor is it a standard, it is an architectural concept that has the potential to revolutionise IT systems development, deployment and service management. Some standards are however relevant to SOA such as Web Services Description Language (WSDL), the SOAP protocol, the XML mark-up language, and Universal Description, Discovery, and Integration (UDDI) which is an XML-based registry to publish service descriptions and allow their discovery," explains Ian.

ITSM and ITIL(tm) (IT Infrastructure Library) is the best practice guidance for the support and delivery of IT services. "It assists IT organisations to plan and set-up policies and processes to manage the end-to-end delivery and support of IT services, essentially providing the organisation with a solid foundation from which to manage their IT services," says Simon Turner, Executive Director, Foster-Melliar.

"From an ITSM perspective, SOA changes the assumption of a stable and well-documented IT infrastructure. Many attributes of infrastructure and service will become much more fluid and dynamic," states Simon.

Ian further comments that there are 4 key relationship areas that need to be addressed, Service Level Management

"The key word is service"

From the users' perspective, the Service Catalogue can be built on demand. Whether it is compiled from fixed elements or basic SOA components may be of little or no consequence to end-users. The infrastructure behind it is however crucial in terms of the service provided by the IT company that allows application functions to be located and used dynamically.

It is paramount to establish an exact service level agreement (SLA) based on a contract drawn up for a specific service or application component. The SLA must contain specific details around definitive names; Owners and Responsible, Accountable, Consulted and Informed (RACI) roles; Versioning; Type or class; Methods provided; inputs, invocation and pre-requisites; Quality of service; Availability; Performance and latency to mention a few.

"Well Established ITIL (r) ITSM Change Management will Protect SOA initiatives from Risk!"

ITSM is not aimed at preventing change, but rather preventing unauthorised change. In a SOA environment changes of application structure and perhaps overall functionality could be delegated to the applications themselves. Service management staff and the systems they employ will have to tread a very fine line between too rigid control and chaos.

Rules for what changes and configurations are authorised will need to be programmatically accessible by SOA components, as well as by staff and classical Change Management procedures.

"Plan & Embed Security within your SOA solution"

SOA components provide data as well as functionality in a flexible and necessarily visible way. Certain components may even be available outside an organisation, to suppliers, customers and other business partners. The key aspect lies in defining and controlling the desired level of accessibility, and the classification and enforcement of confidentiality and integrity which require significant attention and auditable controls. This cannot be left to design assumptions.

"ITIL (r) ITSM Configuration Management will play a key role in the Rapid delivery of SOA Initiatives"

There is a definite need for more comprehensive, accurate and up-to-date configuration information. Staff, tools and SOA components themselves will need to assess the current state of infrastructure, applications and services in addition to identifying the desired correct state of each of these.

SOA registries are an important part of the SOA concept, with emerging metadata standards for their realisation. But these are nothing more than repositories of configuration information about the SOA components, and as such need to be closely integrated with the Configuration Management Database (CMDB). The argument could be made that the CMDB should host the SOA registry.

"IT Service Management and SOA should be combined. When this is done they will provide a powerful mechanism for organisations to control and manage the provision of business services that are in-line with business needs. Thoroughly assess an organisation's current capability before embarking on SOA and ITSM initiatives in order to map out the most successful path," concludes Simon.