To the extent that enterprises are adopting cloud services, it is via a selective outsourcing of specific applications and infrastructure. One of the principal cloud/SOA governance decisions is in determining which services to source from which public clouds, so as to avoid unnecessary duplication with internal application environments.

"The larger business decisions really are around which services should or shouldn't be sourced in a certain way, and what level of comfort and risk aversion are acceptable," says Dana Gardner, principal analyst at Interarbor Solutions. "One risk would be that people start jumping into cloud and external-service consumption piecemeal, without it being governed or managed centrally, or with some level of oversight in a holistic sense.''

He adds, "The other risk might be that you are so clamped down, and you are so centralized and tightly managed, that no one takes advantage of efficiencies that become available through the cloud. You then have unfortunate costs and an inability to adapt quickly."

IT execs should expect to see SOA governance tools enter the cloud market in droves over the next several years, addressing a pent-up demand among enterprise IT professionals. "As IT strategists look over the horizon to what they some day would like to do with cloud computing, be it internal, external or hybrid, they can begin to set themselves up for success on that front now," Gardner says. "Moving toward SOA best practices and implementing strong governance across IT services and resources is an excellent place to gain advantage over today's IT, while preparing for newer models and efficiencies."

Clouds complicate SOA governance