After clarifying where SharePoint Governance belongs in the big picture, it's time to take a look at new up and coming features of SharePoint 2010 that will make keeping control much easier. This will be one of several posts on this subject and each time I'll take a look at a different area. For the first post I'll take a look at the replacement for the Shared Service Provider: Service Applications and what that means for Governance.
In SharePoint 2010 the Shared Service Provider was replaced by a more flexible concept, the Service Applications. Service Applications are now managed via central administration and can be pick and chosen as needed. More importantly, Web Apps can chose which services they utilize on a individual basis or use one of multiple instances of the same Service Application.For the Governance of SharePoint this means a far more fine-grained control of what is utilize where. Either a Service Application instance is shared by multiple Web Apps or each one has it's own. By making SAs a Virtual Directory it is possible to isolate each one with an own AppPool. The SA communication is facilitated by HTTPS - a Webservice - so that is another surface that will require security consideration.
Custom Service Applications can be easily developed now - unlike in the SharePoint 2007 variant. Next to the Webservice surface, SharePoint 2010 comes with a Object Model which allows the custom Service Application to act like a out-of-the-box Service Application. This can be especially practical if one wants to have a scale-out strategy or one needs a central place to process long-running operations. It could also offer a central place to integrate custom governance policies which could be utilized by custom extensions and aplications. The one thing to consider here: how and when to develop such Services must be defined and monitored in detail.
One thing I haven't mentioned so far is the new feature multi-tenancy and it's implications for Service Applications: they can be configured to either share or partion data between tenants. Here is where the flexibility of the new Shared Application architecture really pays off: one can use one or several of them for different tenants as needed.
That was a short intro to Service Applications and it's implication for Governance. To sum it up: Governance becomes far easier through the new Service Application model. No longer are mutliple Services tied to each other. Also Services can be configured to share or partition data between tenants, if necessary allowing for a fine-grained control of everything - as needed. Finally, one can extend the System with custom Service Application but must take care to define how and when. All in all: much needed improvements to increase flexibility and control.