To optimize their SOA investment and accomplish SOA business goals such as increasing business agility, organizations are turning to SOA governance. An effective SOA governance strategy must not only ensure that the behavior of project development teams is in-line with corporate goals; it also must address security and compliance issues that arise from regulations and business demands such as Sarbanes-Oxley, MIFID, and Visa PCI, ensuring nothing falls through the cracks. And, finally, it must control rogue services.
The Progress Actional product family complements governance tools such as registries and repositories and provides organizations with comprehensive runtime SOA governance capabilities from monitoring SOA operations, to improving business outcomes, to ensuring enforcement of security, compliance, and business policies and controlling rogue services.
Fundamental SOA Governance: Ensuring Reliable SOA Operations

As a governance foundation, organizations must be able to understand what services are operating in their SOA, how they are operating, and who is using them in order to ensure reliable operations. But how can you monitor for service performance and availability in the loosely coupled SOA environment, where services that can be reused and recombined execute across diverse computing resources
Progress Actional SOA Operations provides IT organizations with the end-to-end SOA visibility needed to ensure SOA reliability while eliminating most of the coding and manual configuration required by other solutions to achieve this end. It automatically discovers and monitors services and triggers alerts on performance and availability issues. These alerts, in turn, generate flow maps of the individual "violating" SOA process. SOA administrators can drill down into an individual transaction—to perform root cause analysis, so they can act quickly to solve problems before they impact end users.
Achieving Business Goals with SOA Governance

Once the SOA is running successfully, governance must be established to control the quality of service the SOA delivers to customers, partners, and other consumers and to meet service-level agreements (SLAs). However, to achieve this level of governance requires business insight into SOA operations. This is the basis for aligning the SOA with business goals.
Progress Actional Continuous Service Optimization uniquely provides a detailed business perspective for viewing how the SOA is serving customers. Actional captures metrics on service levels, processes, and key business indicators related to the underlying IT infrastructures in multiple dimensions, for example, for individual customers, customer groups, regions, and custom-defined segments. This information provides the basis for optimizing SOA behavior dynamically or manually, using Actional control mechanisms, in order to ensure quality of service for customers.
Reducing Security and Compliance Risk with SOA Governance

No areas of SOA governance are more vital than enforcing security and compliance. Breaches in these areas can lead to financial penalties, litigation, and other business losses. But SOA governance in these areas isn't easy. It requires strict monitoring of information contained within the context of messages flowing through the SOA and consistent enforcement across the many services that make up an SOA business process. When IT developers are responsible for policies related to the services they create, there is a risk of inconsistent policies and coverage gaps.
Progress ?/span>Actional for Active Policy Enforcement provides centralized security and compliance policy management with distributed policy enforcement. This allows organizations to put policy into the hands of security and compliance experts and empowers them to author policies once and apply them consistently across the SOA—guaranteeing complete coverage to reduce risk and cost.
Finding and Controlling the Rogue Services

Undetected, rogue services can wreak havoc—exposing sensitive information to unauthorized users and eluding compliance audits. Even when rogue services aren't malicious, they can subvert system capacity planning. What is SOA governance if not control of what's occurring and who is using the SOA
The Progress Actional Governance Integration Module integrates with third-party governance tools, such as Systinet, and provides detection, interruption, and reporting controls. It automatically finds all rogue services and stops them until they are reviewed and approved. Finally, it feeds back runtime metadata on actual services, their usage and dependencies, to add value to registry and repository metadata and help service developers minimize SOA disruption during service versioning and maintenance.