Purpose

The Architecture Requirements Specification provides a formal, measurable set of requirements that the architecture must meet, bridging the gap between business requirements and architecture design. It ensures the architecture is designed to meet specific, verifiable criteria.

When to Use

Create during TOGAF Phase B-D (Business, Information Systems, and Technology Architecture) as requirements are identified. Reference during Phase E when evaluating solution options.

How to Build

Gather requirements from multiple sources: business requirements, stakeholder concerns, existing architecture principles, regulatory obligations, and technology constraints.

Categorise requirements by domain: business architecture requirements, data architecture requirements, application architecture requirements, and technology architecture requirements.

Make each requirement specific, measurable, achievable, relevant, and time-bound (SMART). Avoid vague requirements that cannot be verified.

Prioritise requirements and identify conflicts between them. Document trade-off decisions where requirements compete.

Trace requirements to their source (stakeholder, regulation, principle) for accountability and change management.

Tips

  • Make every requirement measurable — if you cannot test it, it is not a requirement.
  • Trace requirements to their source for accountability.
  • Identify conflicts between requirements early and document trade-off decisions.
  • Prioritise using MoSCoW to guide architecture decisions.
  • Review with stakeholders to confirm requirements are correctly captured.

Common Mistakes

  • Writing vague requirements that cannot be verified.
  • Not prioritising, implying all requirements are equally important.
  • Not tracing requirements to their source.
  • Ignoring conflicts between competing requirements.
  • Not reviewing with stakeholders for validation.

Government Context

In UK government, architecture requirements should reference the Technology Code of Practice, GDS Service Standard, and relevant legislation. Accessibility requirements (WCAG 2.2 AA) are legally mandated. Security requirements should align with NCSC guidance. Requirements should be proportionate to the risk and value of the service.

Related Artifacts