How API governance delivers on business KPIs

The business value of integration and API governance

The introduction of APIs is an exercise of integration. This cohesive umbrella, the structure to secure compliance of published norms across diverse users and often business units, is referred to as “API governance”. While governance is important across the spectrum in IT, it takes special importance in an API initiative as users and stakeholders are likely to be spread out and often external to the enterprise. The commitment to governance that is designed for digital use must start from the very top of the enterprise: at CXO level, with active involvement of the CEO. The bigger and more diverse the organization, the more scattered the revenue and power centers, the greater the danger (and the higher the stakes) of failing to unite forces and withstand a focused attack from external forces with disruptive business models. Even more crucial than this is the need for a centralized, cohesive commitment by a set of dedicated pioneers who have the dream, energy and power to do what it takes to protect and build what they have, using digital expertise. The ‘why’ and ‘how’ of the governance of APIs is core to the digital success of any enterprise that “plays to win” in the digital world.

This slant, an understanding of this nuance, is critical to the creation of a system of API governance that actually works. It is, to quote the Father of Freedom, “for the people, by the people”. APIs need developers, developers need users, and users need to see benefits. This seemingly limitless network can only work if there is a clear and published order as to how the APIs, which form the core tool of access, should be created and used. To govern in the digital world, one needs the support and belief of those governed: developers, users, and everybody providing the infrastructure. This alignment is to be earned and created every day.

This is perhaps a key difference between how API Governance is constructed, and Governance as we know it in IT has been practiced. Hitherto, governance assumed that policing would work – now we need to adopt voluntary compliance to enable the system. The digital world is far too diverse, with different jurisdictions and individual legal frameworks, to believe naively in enforcement.

Organizing API Teams for Business Alignment

The use of APIs involves a variety of stakeholders. APIs are simply a means of access, like doorknobs - or perhaps better described as push button security door locks – which allow access to what lies behind. It is helpful here to split the players that are involved in the build and use of APIs into three categories: those whom the API is designed to serve, those who build them and those who help the builders and designers. We call them Beneficiaries, Enablers and Catalysts.

The Beneficiaries

The Beneficiaries are those who will gain from a system that wraps up these three elements. Their role is to guide, support and fund, emotionally and financially, those who make these changes happen, so they can carve out a benefit for the organizations they serve. Example: API Product Managers, Marketing, Offering definition team, etc.

The Enablers

these are the doers who create, who make the changes in what is here and now, for present and future, yet unseen beneficiaries. Example: Backend system owners, legacy application maintainers, infrastructure providers, security providers, etc.

The Catalysts

The Catalysts are that important group of unsung and often-invisible heroes, who set the stage and provide the backdrop and conditions required for the elements of change and creation to spark meaningfully. A key distinction between Enablers and Catalysts is that Enablers primarily act to make changes in the assets they own and control, i.e. in themselves; while Catalysts primarily act to facilitate these changes. They do not change themselves. Example: Integration Team, API Management Team.

All these actions must be oriented to a set of targeted beneficiaries – those who receive something tangible that can also be seen and measured.

Areas of API Governance that influence business metrics

With the context described above, the following aspects of API governance have direct influence on the digital maturity of an organization. Relating to business KPIs, organizations must focus on:

• Identifying API candidates to ensure use and reuse across Lines of Business through a business-oriented demand management process
• Applying API standards, guidelines, security and industry best practices to new and existing APIs
• Managing the end-to-end development lifecycle of APIs in alignment to the standards, and business objectives
• Adopting an API-first strategy where applications that are newly built or third-party products purchased, ensure they expose and publish APIs that facilitate integration. Like how Amazon, in 2002, mandated all teams to expose webservices on whatever they built. This set the stage for business scalability of Amazon, enabling the launch of AWS as a separate business.
• Governing the touchpoints in an extended enterprise where API boundaries span across partner companies and external developers.
• Defining a robust API Monetization strategy in terms of charging models, price plans, consumption quotas, etc.
• Defining the foundation to support API-driven business models – measurement of business KPIs.
• Managing the evolution of Technology building blocks for APIs – API Gateway, Developer Portal, Underlying Cloud infrastructure, DevOps, etc.
• Defining and measuring the operational characteristics of APIs such as security, performance, runtime SLA management, stability and ease of consumer on-boarding.
• Defining an API-consumer experience definition and measurement practice or as it is commonly called “Developer Experience”, that lays out different experience touchpoints of APIs such as:

• Ease of API discovery
• Business fitment / usefulness of APIs
• Ease of accessing API sandbox
• Quality of API documentation
• Quality of test data
• Operational stability – uptime, performance, errors, etc.
• Ease of communicating and implementing changes
• Speed of bug/issue resolution
• Ease of automated financial settlements (payments for revenue-share, etc.)
• Availability of migration path when decommissioning APIs

• Establishing success parameters, KPIs and identifying ways to define and measure them

Examples of Top 3 API metrics that map to business KPIs

Summary and Key Takeaway

Enterprises today have a need to align their API initiatives with their business goals, more than ever before. Governance, in today’s context, is not about enforcing standards and following best practices. It is a formal discipline to align different touchpoints of the API lifecycle to ensure APIs can demonstrate tangible business value. API Programs, by nature, are business initiatives. Their aim is to build an extended enterprise, create digital ecosystems and generate new revenue streams. While technical constructs such as principles, patterns, decision trees and best practices are essential components of API Governance, a successful API Governance model requires careful tailoring of these artifacts to ensure each element is designed with your business objectives in mind.

Karthik T S, Head - Centre of Excellence, Torry Harris