In a governance-free environment, coordinated cloud service planning and optimization becomes frustratingly difficult. In addition, rogue cloud services could spring up and pass themselves off as legitimate nodes, thereby wreaking havoc on the delicate trust that underlies production SOA.

Simply put, cloud services can circumvent even the best-laid service governance practices. By enabling rapid no-touch outsourcing of many or all IT functions, cloud services make it very difficult for enterprise IT to enforce policies governing service composition, integration, security, management, and other key functions.

Furthermore, cloud services often differ so fundamentally from enterprises' core SOA environments that IT professionals may not be sure what governance best practices -- if any -- are best suited to this new environment.

Many of the components that organizations have deployed in support of Web services -- such as service registries and service-level management agents and consoles -- are partly or entirely lacking from many public or private cloud environments.

From the viewpoint of SOA professionals, cloud environments are potential breeding grounds for undocumented, unsupported, and non-standard application services. Imagine the chaos if users start accessing externally provided cloud services without first gaining IT's approval.