BMAD-METHOD/.claude/checklists/architect-checklist.md

Architect Solution Validation Checklist

Purpose

Comprehensive validation framework for the Architect to ensure technical design is robust, scalable, secure, and aligned with product requirements before development execution.

Required Artifacts

Before proceeding, ensure access to:

• ✅ docs/architecture.md - Primary architecture document
• ✅ docs/prd.md - Product Requirements Document
• ✅ docs/ui-spec.md - UI/UX specifications (if applicable)
• ✅ API documentation and technology stack details
• ✅ System diagrams and integration patterns

Project Type Detection

Frontend/UI Component: [ ] Yes [ ] No Backend/API Component: [ ] Yes [ ] No
Database Component: [ ] Yes [ ] No Integration Requirements: [ ] Yes [ ] No

---

1. Requirements Alignment

Business Requirements Validation

• Core business problem clearly addressed in architecture
• Success criteria achievable with proposed technical solution
• User personas and workflows supported by system design
• Performance requirements specified and architecturally feasible
• Security requirements incorporated into design decisions

Technical Requirements Coverage

• All functional requirements mapped to system components
• Non-functional requirements (scalability, performance, reliability) addressed
• Integration requirements clearly defined and technically sound
• Compliance requirements (WCAG, security standards) incorporated
• Data requirements satisfied by database and API design

Notes: {{requirements_alignment_notes}}

---

2. System Architecture Design

Overall Architecture Quality

• Architecture pattern appropriate for project complexity and requirements
• Clear separation of concerns between system layers
• Logical component organization with well-defined boundaries
• Data flow and process flow clearly documented
• Error handling strategy defined at architectural level

Technology Stack Validation

• Technology choices justified with specific rationale
• Version compatibility verified across all stack components
• Performance implications of technology choices considered
• Team expertise alignment with selected technologies
• Long-term maintainability and support considerations addressed

Scalability Architecture

• Horizontal scaling strategy defined where needed
• Performance bottlenecks identified and addressed
• Caching strategy appropriate for expected load patterns
• Database optimization and indexing strategies defined
• CDN and static asset delivery strategy specified

Notes: {{architecture_design_notes}}

---

3. Security Architecture

Authentication & Authorization

• Authentication mechanism appropriate for user base and security requirements
• Authorization model supports all required access patterns
• Role-based access control (RBAC) properly designed
• Session management secure and scalable
• Multi-factor authentication considered where appropriate

Data Protection

• Sensitive data encryption at rest and in transit
• Data privacy compliance (GDPR, CCPA) addressed in design
• Input validation and sanitization strategies defined
• SQL injection and XSS prevention measures specified
• Audit logging for security-sensitive operations

Infrastructure Security

• Network security and firewall strategies defined
• API security (rate limiting, authentication) properly designed
• Secrets management strategy specified
• Backup and disaster recovery security considerations
• Compliance requirements (SOC 2, HIPAA) addressed if applicable

Notes: {{security_architecture_notes}}

---

4. Database Design & Data Architecture

Data Model Quality

• Entity relationships logically sound and normalized appropriately
• Database schema supports all required operations efficiently
• Indexing strategy optimized for expected query patterns
• Data migration strategy defined for schema changes
• Referential integrity and constraint design appropriate

Performance & Scalability

• Database performance requirements achievable with proposed design
• Connection pooling and database resource management addressed
• Read/write splitting considered for high-load scenarios
• Database sharding strategy defined if needed
• Backup and recovery procedures specified

Data Integration

• ETL/data pipeline requirements clearly specified
• Data synchronization between systems properly designed
• Data consistency guarantees defined and achievable
• Real-time vs. batch processing decisions justified
• Data quality and validation rules defined

Notes: {{database_design_notes}}

---

5. API Design & Integration Architecture

API Quality & Standards

• RESTful design principles followed (or GraphQL properly implemented)
• API versioning strategy defined and implementable
• Error handling and status code usage consistent and meaningful
• API documentation format specified (OpenAPI, GraphQL schema)
• Rate limiting and throttling strategies defined

Integration Patterns

• Third-party service integrations properly abstracted
• Microservices communication patterns well-defined
• Event-driven architecture patterns appropriate where used
• Service discovery and load balancing strategies specified
• Circuit breaker and retry patterns implemented for resilience

Performance & Monitoring

• API response time requirements achievable
• Caching strategies appropriate for API usage patterns
• API monitoring and observability strategy defined
• Load testing approach specified for critical endpoints
• SLA definitions realistic and measurable

Notes: {{api_integration_notes}}

---

6. Frontend Architecture (If Applicable)

Component Architecture

• Component hierarchy logical and maintainable
• State management strategy appropriate for application complexity
• Routing strategy supports required user workflows
• Code splitting and lazy loading strategies defined
• Reusable component library approach specified

Performance Optimization

• Bundle size optimization strategies defined
• Image optimization and CDN usage planned
• Caching strategies for static and dynamic content
• Progressive web app (PWA) features considered if appropriate
• Mobile performance optimization addressed

User Experience Integration

• Responsive design approach clearly specified
• Accessibility standards (WCAG 2.1 AA) compliance planned
• Loading states and error handling user experience defined
• Offline functionality considered and specified if needed
• Browser compatibility requirements addressed

Notes: {{frontend_architecture_notes}}

---

7. DevOps & Deployment Architecture

Deployment Strategy

• Deployment environment strategy (dev/staging/prod) defined
• CI/CD pipeline architecture appropriate for team size and complexity
• Container strategy (Docker, orchestration) specified if applicable
• Infrastructure as code approach defined
• Blue-green or canary deployment strategies considered

Monitoring & Observability

• Application monitoring and alerting strategy comprehensive
• Log management and analysis approach defined
• Performance monitoring and APM integration specified
• Error tracking and notification systems planned
• Health check and uptime monitoring strategies defined

Infrastructure Requirements

• Cloud provider choice justified with specific rationale
• Resource allocation and auto-scaling strategies defined
• Disaster recovery and business continuity plans specified
• Cost optimization strategies considered
• Compliance and audit requirements addressed in infrastructure design

Notes: {{devops_deployment_notes}}

---

8. Quality Assurance Integration

Testing Architecture

• Unit testing strategy and coverage targets defined
• Integration testing approach comprehensive for system complexity
• End-to-end testing strategy covers critical user journeys
• Performance testing approach defined with specific targets
• Security testing integration planned

Code Quality Standards

• Code review process and standards defined
• Static analysis tools and quality gates specified
• Documentation standards and requirements clear
• Technical debt tracking and management approach defined
• Coding standards and style guides specified

Notes: {{quality_assurance_notes}}

---

9. Risk Assessment & Mitigation

Technical Risks

• High Risk: {{high_risk_1}} - Mitigation: {{high_risk_1_mitigation}}
• High Risk: {{high_risk_2}} - Mitigation: {{high_risk_2_mitigation}}
• Medium Risk: {{medium_risk_1}} - Mitigation: {{medium_risk_1_mitigation}}
• Medium Risk: {{medium_risk_2}} - Mitigation: {{medium_risk_2_mitigation}}

Integration Risks

• Third-party service dependencies identified and mitigated
• Data migration risks assessed and addressed
• Performance risks under load identified with mitigation plans
• Security vulnerabilities assessed and mitigated
• Team capability gaps identified with training/hiring plans

Notes: {{risk_assessment_notes}}

---

10. Implementation Readiness

Development Preparation

• Architecture documentation complete and accessible to development team
• Development environment setup instructions complete
• Database setup and seed data scripts prepared
• API documentation and contract specifications ready
• Code repository structure and branching strategy defined

Team Readiness

• Technical knowledge gaps identified and training planned
• Development tools and environment standardized
• Code review and collaboration processes established
• Definition of done and quality standards communicated
• Sprint planning and story estimation approach aligned with architecture

Notes: {{implementation_readiness_notes}}

---

Final Validation Summary

Overall Assessment

Architecture Quality Score: {{quality_score}}/10 Implementation Risk Level: {{risk_level}} (Low/Medium/High) Estimated Development Complexity: {{complexity_estimate}}

Critical Issues Identified

1. {{critical_issue_1}}
2. {{critical_issue_2}}
3. {{critical_issue_3}}

Recommendation

[ ] APPROVED - Architecture ready for development [ ] APPROVED WITH CONDITIONS - Address listed issues before development [ ] REQUIRES REVISION - Major architectural changes needed

Next Steps

1. {{next_step_1}}
2. {{next_step_2}}
3. {{next_step_3}}

---

Sign-off

Architect: {{architect_name}} Date: {{validation_date}} Architecture Version: {{architecture_version}}

Final Notes: {{final_validation_notes}}