Expand +



SOA Success: Got Process Governance?

by Puneet Suppal

January 2, 2009

Enterprise borders are becoming more fluid, requirements are changing dramatically, and processes need to be more responsive. As a result, every company must have robust process governance that requires them to think beyond traditional IT management.

This is the third and final column in a series on how to become a more services-oriented, process-focused organization — a Business Process Enterprise (BPEn).

The permanent primacy of processes is key to establishing the foundation for your service-oriented architecture (SOA) success. To establish a culture that reverberates with an unwavering attention to processes, enterprises must place their processes first. They need to unleash the energy of business process experts (BPXers) to drive the transformation to a Business Process Enterprise (BPEn) and deliver on executable process models. As organizations move toward a strong “business process perspective,” how can they ensure that process governance becomes an integral part of their overall governance framework?

The Evolving World of IT

Good IT governance has always focused on the validity and integrity of information with the enterprise. But with Web 2.0 technology now centering on agile business process platforms and taking a decidedly people-centric turn, many IT departments find themselves in unfamiliar territory.

For example, to redefine and enrich a business process, a BPXer might obtain external data through electronic collaboration with a third party. The moment this external data becomes a part of the company’s data set, the organization and its senior executives must manage its internal and external effects. In our post-Enron world, this data may not have the validation that the rest of the enterprise data does. At the same time, users and BPXers can’t be barred from using external data, which means that the IT department has to ensure that comprehensive, new IT governance measures are in place.

SAP NetWeaver Governance

When SAP introduced its three-tier client-server architecture (SAP R/3), traditional IT folks found logical extensions to the governance methods they already employed and simply built a governance model around them. This was fine until the age of SAP NetWeaver, when the IT world shifted to an Internet-intensive model, requiring organizations to think beyond traditional IT governance and consider how to best use and manage the newer stacks necessary for maintaining meaningful SAP functionality.

From a governance standpoint, SAP NetWeaver tools don’t present any significantly new challenges. To be truly successful with SOA, however, enterprises need to leverage these tools differently and revisit the governance model, recognizing that a key role of the SAP NetWeaver stack is to further an organization’s SOA ambitions and support more effective process renewal and excellence. This perspective links to how enterprises manage and improve processes, which will require them to look at how to administer process governance.

Why Process Governance?

Processes no longer change slowly and occasionally; they often change prolifically and at the speed of thought. To meet the demands of this new era, enterprises need a more robust framework and a process governance model that allow them to:

  • Measure the impact of process changes. Companies must study the interactivity between processes to help them gauge how change in one area affects another. A comprehensive, catalogued repository of working process models would easily show the changes to specific processes and the impacts of those changes. The presence of such modeling tools, which help show and measure the effects of this change, is beginning to emerge.

  • Inject consistent best practices into processes. Companies need rigorous ways of introducing best practices to new and changing processes. Without process governance, there is no clear way to bake best practices into your processes — and to do it consistently.

  • Ensure changes to processes don’t conflict. With BPXers out there making lots of changes to business processes, who makes sure that they don’t step over each other? Process excellence centers around reusing methods in creative ways. If two groups use the same pieces of existing processes to build new ones, they must ensure that they don’t end up with similar but conflicting methods.

Implementing a process governance model that addresses these issues requires selecting who will have ownership of the model, what tools to employ, and what audit mechanism will work best.

Identify a Process Governance Champion

Who will take ownership of processes, manage their lifecycles and usage, and ensure that changes are compliant?

A BPXer is the ideal person to assume the responsibility of process governance. Companies should assign the task of establishing toll gates to a champion BPXer to ensure that while process changes happen quickly, the organization will not endure a host of unmanageable changes.

Select Tools for Governance

Software and niche functionality providers in the ecosystem are beginning to offer up new ways and tools to put process governance in place. One way is through collaboration tools that bring process standards to implementation team members. There are also tools in development that are designed to be repositories of best practices (as accepted by the organization), as well as function as a guide for implementing them. Tools like these will help provide an auditable trail of changes and help companies understand why their processes are what they are.

Define an Audit Mechanism

To establish a meaningful governance model, an organization must work closely with its auditors to verify its internal controls and reliable data. It’s important to identify and define an audit mechanism so that the ability to flexibly alter processes does not lead to unchecked, ad hoc changes with potentially damaging effects.

A key feature of auditing an organization is to examine the control structure of its business processes. In an environment where end users can deploy significant changes, there must be a way to validate that the organization’s controls have not been compromised. Closely cooperating with the internal (and potentially external) auditors, the champion BPXer should work out the guidelines and boundaries of how end users can reshape and use business processes.

A Comprehensive Framework

A true BPEn will have a comprehensive framework that eliminates risk and encompasses the need for overall IT and process governance. This framework must provide coverage for the infrastructure, the SAP NetWeaver platform, and beyond. It will have an integrated aspect of process governance that encompasses both IT and the business so that the business domain requirements don’t conflict with those of the IT domain.

Puneet Suppal is a solution architect for Capgemini, specializing in SAP-centric solutions that enable a service-oriented view of the business. He is one of Capgemini’s key evangelists, propagating solutions that recognize the impact of Web 2.0 and the use of innovative approaches to expedite the realization of SOA-based solutions. He publishes on these topics regularly and is a frequent presenter at SAP events worldwide. You may contact him at

An email has been sent to:

More from SAPinsider


Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!