The Impact of SOA on Business Risk
More and more companies are investigating service-oriented architecture (SOA) as a way to improve flexibility and agility, while at the same time reducing costs. After all, the idea of cleaning up IT systems by turning them into a selection of reusable, business-context based services promises much. New challenges and opportunities can be addressed more rapidly and effectively, while at the same time the alignment between IT and business objectives is improved.
However, now that companies are starting to think seriously about SOA, many executives are looking to carry out some level of ’due diligence’ on the whole SOA idea. Granted, the benefits look attractive, but nothing ever comes for free. How does SOA affect the risks facing the business? Does it add to them, creating additional areas of exposure? Or maybe it provides mitigation of existing risk?
This paper discusses the different aspects of SOA’s effect on business risk, taking into account strategic, compliance, financial and operational risk implications. The result is a list of positive and negative areas of impact that provides a framework against which individual risk assessments can be carried out.