This paper documents the results of the Mission Oriented Investigation and Experimentation project called "Governance of Composable Capability on Demand (CCOD)."
Governance of Composable Capability on Demand (CCOD)
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
This paper documents the results of the Mission Oriented Investigation and Experimentation project called "Governance of Composable Capability on Demand (CCOD)." In this project we modify and extend the definition of IT Governance—"a framework that addresses strategic alignment, performance measurement, risk management, value delivery and resource management." (IT Governance Institute)—to cover the unique aspects of CCOD, particularly, the fact that users are the primary contributors to the information technology capability.
"Composable Capability" implies that users compose pre-existing low level functional software components into compositions that themselves can be further composed into higher level capabilities without the need to resort to programming. The concept of "on Demand" refers to the desire to create software capability when and where it is needed, preferably, in the time frame of minutes to days.
The most compelling form of CCOD is that in which the users are empowered to compose their own capabilities and those capabilities are made available for others to reuse, modify and extend. In an environment where sharing and reuse are encouraged, governance becomes important. Processes that assure performance and reduce risk are clearly needed. In a CCOD enabled community there is a need for a level of control that assures a sense of trust and, therefore, reduced risk. Users must know, to some extent, that the capability they are about to use will perform with some level of accuracy, timeliness, security, reliability, etc.
Beyond trust there are other needs for governance. For example, there will be a need for a process to respond to problems encountered during use. Original composers will not likely be able to respond to problems in their compositions.
In order to create this governance process we have defined the following:
- The environment being governed,
- The stakeholders in this process,
- The life cycle model to be used, and, most importantly,
- A way to measure the trustworthiness of the CCOD user products, the trust taxonomy.
Each of these products is described in the body of the paper and is provided in their entirety in the Appendices that follow.
The governance processes we define in this paper are intended to provide a starting point for a community planning to adopt a CCOD environment. Governance of CCOD, like any other form of governance, must be reassessed periodically to assure that the processes are providing the level of risk reduction desired while not becoming onerous to the extent where the community rebels. For CCOD, the balance will be between assuring trustworthy capability while not significantly affecting the desired timeliness and agility that CCOD can provide.