Most digital solutions are poorly documented — not because teams don’t care, but because documentation feels difficult, time is always short, and there’s rarely a shared understanding of what complete documentation actually requires. Without that, teams document what they know how to document and skip the rest. The result is gaps that only become visible when something goes wrong, a key person leaves, or a regulator asks a question nobody can answer.
This is well-trodden ground. The 4+1 architectural view model, ArchiMate, TOGAF, the C4 model, and many others have mapped the documentation landscape for decades. What follows is my expression of what I believe a well-documented digital solution actually needs — shaped by practical experience with solutions that failed their owners because the wrong things were left undocumented.
The ten views below are the ones I think every solution should be considered against. Each answers a different set of questions and produces different artifacts. Not every solution will need all of them in full — but skipping a view should be a conscious decision, not a default. Together, they create a record that can be understood, operated, audited, and eventually decommissioned by people who weren’t in the room when it was built.
Not every view requires the same level of detail either. A simple internal tool doesn’t need the same coverage as a regulated platform operating across organizational boundaries. The depth required within each view is largely determined by the solution’s security classification — but how to make that determination is a topic for another post.
One thing the ordering doesn’t imply: a sequential process. In practice, working the views is iterative — you move between them as each one informs and clarifies the others. A component discussion surfaces a gap in the information model. A process walkthrough exposes an accountability that was assumed but never stated. Domain work reshapes requirements. The order reflects dependency and priority; the work is exploratory and cyclical, with each pass filling in more of the picture.
The starting point depends on whether you are working on something that already exists. For brownfield solutions, Current State comes first — understand what you are working with before designing what you want. For all solutions, Domain follows: it establishes the business landscape, the shared language, and the bounded contexts that every other view depends on. Requirements then builds on that foundation — defining what the solution must achieve, for whom, and under what constraints, now informed by what exists and the domain it operates in. How you express requirements matters as much as where you record them; I’ve touched on this in the Stakeholder Stories post. That said, don’t aim for completeness before moving on — working the other views will surface requirements you didn’t know to ask for. Capture what you know, move forward, and return as the picture sharpens.
“Speed of iteration beats quality of iteration.”
The Views I Work With
These are the views I return to on every engagement. For years I worked within formal frameworks — TOGAF, ArchiMate, the 4+1 model — and they taught me a lot about structured thinking. But over time I developed my own take — a different way of cutting the problem — one I found more practical to work with in the field. These ten emerged from that experience: from solutions where missing one of them created real problems, for the team, for the business, or for the people auditing it afterwards:
| View | What it covers |
|---|---|
| Current State | For brownfield solutions, what exists today — the as-is picture across each applicable view, capturing the baseline from which the solution will evolve. |
| Domain | What are the business domains, where are the bounded contexts and their responsibilities, and what is the ubiquitous language within each? |
| Requirements | What outcomes must the solution achieve, what are the functional and non-functional requirements, and what compliance or regulatory obligations must it satisfy? |
| Customer | Who are the customers and users, what are their drivers and goals, what channels do they use to interact with the solution, and what does their journey look like? |
| Organizational | Who owns what and who is accountable — roles, responsibilities, regulatory scope, and authority relationships? |
| Information | What information exists, what are its relationships and attributes, how is it classified, who owns it, and what obligations does it carry? |
| Process | How does the solution behave from a human perspective — manual activities, handoffs, exception paths, security gates, and who is responsible, accountable, consulted, and informed for each activity? |
| System | What systems exist, what actors interact with them, and how are they connected — at the systems level; and for each system that warrants it, what are its internal components, interfaces, and data stores? |
| Interaction | The dynamic view of the system view — for a given scenario, how do the actors, systems, components, and interfaces interact over time, in what order, and with what data? |
| Operational | Where does the solution run and how is it released — infrastructure topology, environment separation, release pipeline, and data residency? |
A solution documented across all ten views can be handed to a new team, audited by a regulator, extended by an architect who wasn’t there at the start, and eventually decommissioned without leaving orphaned dependencies or unresolved obligations.
If you are coming from an established framework, here is a rough orientation. The System and Interaction views cover similar ground to the Logical and Process views in 4+1; the Operational view maps to 4+1’s Physical view. C4’s Context and Container diagrams live within the System view here. ArchiMate’s Application and Technology layers span the System, Interaction, and Operational views. What the Ten Views adds — and what most architecture frameworks leave out — is the non-technical ground: Current State, Domain, Customer, Information, Organizational, and Process. These are the views that aren’t code, aren’t diagrams of running systems, and aren’t deployment topology — but they are the views where most solutions actually fail their owners. The mappings are loose by design; the intent is orientation, not formal alignment.
These ten views form the documentation backbone of the Digital Solution Lifecycle Model I’m building — an opinionated framework for taking solutions from first design to reliable operation and eventual decommission.
The Ten Views
Current State View
Purpose. The current state view documents what exists before any design work begins. It is only relevant for brownfield solutions — where you are changing, extending, or replacing something that already exists. Skipping it in those contexts is one of the most reliable ways to introduce integration failures, inherit undocumented constraints, and underestimate decommissioning complexity.
What matters. The as-is version of each applicable view: current customer journeys, current domain model, existing systems and components, active processes, current deployment topology, and known information assets and obligations. Technical debt — known issues, constraints, and compromises inherited from the current state. Decommission candidates — what will be retired and when. The gap between current and target state, view by view. Pain points and friction in current processes and journeys — where the existing solution or ways of working are failing the people who depend on them.
Deliverables.
| Deliverable | What it is |
|---|---|
| As-is versions of each applicable view | Current state documented using the same view structure as the target, so gaps are immediately visible across customer, domain, information, component, process, and deployment |
| Technical debt register | Known issues and constraints inherited from the current state, with an assessment of whether each will be carried forward or resolved |
| Decommission plan | What will be retired, in what order, and what dependencies must be unwound before each component can be safely removed |
| Gap analysis | Delta between current and target state per view, used to scope the work and identify transition risks |
| Pain point and friction register | Where current journeys fail or frustrate — captured as part of the as-is picture and used to prioritize what the solution must improve |
Domain View
Purpose. The domain view establishes the high-level business landscape before any technical detail is introduced. It maps the business domains, defines bounded contexts, and makes explicit where the solution sits within the broader domain model. It is the view that prevents two teams from using the same word to mean different things, and from building integrations that silently corrupt data because domain boundaries were never agreed.
What matters. Business domain identification and their relationships. Bounded context definitions with clear responsibility boundaries — what each context owns and what it does not. Ubiquitous language: the terms agreed within each context that all documentation, code, and conversation must use consistently. Context maps showing how bounded contexts relate — partnership, customer-supplier, shared kernel, anti-corruption layer, or open-host service. Domain events that cross context boundaries. Aggregate boundaries and their consistency rules.
Deliverables.
| Deliverable | What it is |
|---|---|
| Bounded context map | A diagram showing each bounded context, its responsibilities, and how it relates to others (e.g. Customer, Order, and Payment as separate contexts with defined relationship types) |
| Domain model diagram | The aggregate roots, entities, value objects, and domain events within each context (e.g. an Order aggregate containing OrderLine entities and a PaymentRequested event) |
| Ubiquitous language glossary | Agreed definitions for all domain terms within each context (e.g. “Customer” in Sales means something different from “Customer” in Billing — both must be documented) |
| Domain event catalogue | All events that cross context boundaries, with their payload, the context that produces them, and the contexts that consume them |
Requirements View
Purpose. The requirements view makes explicit what the solution must achieve before any design decisions are made. Without it, every other view risks being built on assumptions rather than agreed outcomes. It is the view that connects stakeholder needs to documented artifacts — and makes it possible to trace every design decision back to a stated requirement.
What matters. Stakeholder outcomes — what each affected party needs the solution to achieve. Functional requirements — what the solution must do. Non-functional requirements — performance, availability, security, scalability, and other quality attributes. Compliance and regulatory obligations — what the solution must satisfy by law, policy, or contractual agreement. Acceptance criteria — how each requirement will be demonstrated to be met.
Deliverables.
| Deliverable | What it is |
|---|---|
| Stakeholder list | All parties with needs or interests in the solution, from end users to regulators and auditors |
| Informal scope notes | Early agreed boundaries of what is and isn’t included, used to frame architectural thinking |
| Stakeholder stories | Needs captured as “In order to [outcome], As [stakeholder], I want [capability]”, covering all affected parties |
| Features with acceptance criteria | Discrete deliverable capabilities, each with testable pass/fail conditions including required security controls |
| Gherkin Feature Files | Given/When/Then scenarios for each feature that form the machine-readable, immutable requirements baseline |
| Security Requirements Specification | Produced per component or system that carries a security classification — covering the functional, non-functional, and mandated security requirements specific to that scope |
Customer View
Purpose. The customer view documents who interacts with the solution from the outside — their drivers, goals, and the channels through which they engage. It is the outside-in perspective that grounds every other view in real user experience. Without it, design decisions are made for an assumed user who may not reflect the people actually affected by the solution.
What matters. Customer and user segments — the distinct groups of people the solution serves or affects. Their drivers and goals — what they are trying to achieve and why. The channels through which they interact with the solution. The customer journeys — the sequences of touchpoints and decisions that make up their experience. The value moments — where the solution succeeds or fails in meeting customer expectations at the points that matter most.
Deliverables.
| Deliverable | What it is |
|---|---|
| Customer and user segment register | The distinct groups of people the solution serves, with their characteristics, goals, and relationship to the solution |
| Driver and motivation map | What each segment is trying to achieve and why — the underlying goals that requirements must address |
| Channel register | The interaction channels available to each segment and the capabilities required of each |
| Customer journey maps | End-to-end journeys for key segments showing touchpoints, decisions, and the experience at each step |
| Touchpoint inventory | All points of interaction between customers and the solution, mapped to channels and owning components |
Organizational View
Purpose. The organizational view is where every actor, owner, and role referenced in the other views gets their organizational identity. It does not describe what people do — that belongs to the process view — or what they can access — that belongs to the information view. What it captures is accountability: who owns what at the organizational level, who has the authority to approve decisions, and who is answerable to regulators, auditors, and external parties when something fails.
What matters. Named ownership of the solution and its information assets — defined here so that the information view can assign stewardship to parties that already have an organizational identity. The actors that appear in component and sequence diagrams, and the roles that appear in process flows, have their organizational home here: their accountability, authority, and reporting position. External party relationships at the organizational level. Regulatory scope and compliance obligations by unit. Authority chains for security decisions and exception approvals.
Deliverables.
| Deliverable | What it is |
|---|---|
| System ownership register | Business owner and technical owner per system within the solution — a single solution may have different accountable parties for different systems |
| Data controller and processor identification | Formal identification under GDPR or applicable privacy regulation, including data subject rights responsibility assignments |
| Role and access register | All roles with access to components, personal data, or classified systems, including clearance levels and conditions |
| External party register | All third parties with system access, their organizational relationship, and the scope of their access |
| Information asset ownership register | Named owner per asset with accountability for integrity and compliance |
| Security accountability matrix | Who is responsible for enforcing each security control and who is accountable when it fails |
| Regulatory scope and escalation register | Which obligations apply to which organizational units and the decision authority chain for exceptions and security approvals |
Information View
Purpose. The information view establishes the information model — the information the solution creates, stores, processes, or transmits. It is the foundation everything else builds on. Without it, data model decisions are made ad hoc, information is misclassified or never classified at all, compliance obligations are discovered late, and nobody has a clear picture of what the solution actually handles.
What matters. The conceptual entity model with relationships and attributes. Information ownership and stewardship assignments. Classification of all information assets — sensitivity, handling requirements, and where applicable, sovereign or security classification. Compliance obligations: personal data register, legal basis for processing, retention schedule, and data flow classification showing where information moves and at what level. Audit log classification — log content inherits the classification of the information it records or gives access to.
Deliverables.
| Deliverable | What it is |
|---|---|
| Conceptual entity model | The business information objects the solution handles, with relationships and attributes, before any technical detail is introduced |
| Information asset register | Ownership, classification, and obligations per asset, including PSA classification where applicable |
| Personal data register | All personal data elements, their legal basis for processing, retention schedule, and data subject rights obligations |
| Information flow diagram | Where information moves between components and external parties, annotated with classification levels |
| Lifecycle policy | Creation, retention, and disposal rules for each information asset |
| Audit log register | Which components produce which logs, what those logs expose, their classification, and immutability requirements |
| Need-to-know matrix | Which roles and components are authorised to access which information assets, and under what conditions |
Process View
Purpose. The process view covers how people interact with the solution — manual activities, human-in-the-loop handoffs, and the operational workflows the system supports but doesn’t fully automate. It makes explicit what a sequence or component diagram leaves invisible: the human steps, the exceptions, and the approval gates.
What matters. Manual activities and role assignments. Human-in-the-loop handoffs between automated and manual steps. Exception and escalation paths — not as afterthoughts but as first-class documented flows. Security approval gates and the authority required at each decision point. The distinction between informal process diagrams used for discussion and formal, baselined process models that define how the solution is actually operated — and which processes fall into each category.
Deliverables.
| Deliverable | What it is |
|---|---|
| Manual activity descriptions | Prose descriptions of each human step with preconditions, inputs, outputs, and the role responsible |
| Role-to-activity assignments (RACI) | Who is responsible, accountable, consulted, and informed for each activity |
| Process diagrams | Activity and state flows annotated with security gates, clearance requirements, and need-to-know handoffs |
| Formal process models | Versioned, baselined models for processes requiring auditable documentation — notation chosen to suit the team and tooling, treated as controlled documents under version control |
| Exception and escalation documentation | All exception and escalation paths as first-class documented flows, not afterthoughts |
| Approval chain register | The authority required to approve each step, exception, or escalation |
System View
Purpose. The system view maps the static landscape at two levels. The systems diagram shows all actors and systems as connected black boxes — who interacts with what, and how systems relate to each other. The component diagram zooms into a single system to reveal its internal structure: APIs, domain layer, data stores, and event queues. It is the most familiar view for technical teams, but it is often underdeveloped: systems without clear responsibility definitions, interfaces without protocol or data specification, and trust boundaries left implicit.
What matters. Systems with explicitly defined responsibilities — what each system does and what it doesn’t. Integration points with direction, protocol, and data exchanged. Trust boundaries with explicitly classified cross-boundary interactions. Formal data models: both logical (what entities exist and how they relate) and physical (schemas, constraints, storage design). API specifications for all endpoints. A dependency map with version constraints.
Deliverables.
| Deliverable | What it is |
|---|---|
| Systems diagram | All actors and all systems as black boxes, with the connections between them — the entry point to the view, readable by technical and non-technical audiences alike |
| Component diagram | The internal structure of a single system: APIs, domain layer, data stores, and event queues, with the external systems it integrates with — produced once per system that is owned and has meaningful internal structure |
| Data model | Logical and physical; entities, relationships, schemas, constraints, and storage design |
| Integration catalogue | All integrations with direction, protocol, authentication method, data payloads, and the communication patterns applied across the solution |
| API and interface specifications | Detailed contracts for each exposed interface and endpoint — request/response structure, authentication, error handling, and versioning |
| Dependency map | All component-to-component dependencies with version constraints |
| Trust boundary and security control diagram | Trust zones, cross-boundary classifications, and the security controls each component is responsible for enforcing |
| Component-to-personal-data mapping | Which components handle personal data, with clearance and isolation requirements noted |
Interaction View
Purpose. The interaction view takes the static landscape of the system view and layers scenarios on top of it — showing how the solution actually works when used. For a given scenario, it makes explicit which actors initiate the flow, which components are involved, what messages and data pass between them, in what order, and under what conditions. Where the system view shows what exists, the interaction view shows what happens.
What matters. Scenario coverage — the key flows that reveal how the solution behaves in normal operation, under error conditions, and in exception paths. The actors that initiate each scenario and their entry points into the system. The sequence of component interactions, including the messages and data exchanged at each step. Authentication and authorisation at each boundary crossing. Trust zone transitions — especially where data moves between classification levels. Personal data flows through the solution from entry to exit.
Deliverables.
| Deliverable | What it is |
|---|---|
| Scenario inventory | The defined set of scenarios to document — normal flows, error conditions, and exception paths |
| Sequence diagrams | One per scenario showing actors, components, messages, data exchanged, trust zone crossings, and authentication at each boundary |
| Personal data flow diagrams | Annotated sequences tracing where personal data enters, is processed, and exits — used to demonstrate compliance |
| Cross-domain interaction register | All interactions crossing security domain boundaries, with guard or data diode requirements specified for each |
Operational View
Purpose. The operational view documents how the solution is hosted and how it is released. It records the infrastructure decisions that have been made — where components run, how environments are separated, how the network is structured, and how changes move from development to production. It is the view that makes hosting decisions explicit and auditable, and that shows how the physical and regulatory constraints identified elsewhere in the documentation have been addressed in the design.
What matters. The infrastructure topology — where components are hosted and how they connect. The environment separation design — how environments are divided and what controls exist between them. The network topology — boundary placements, zone definitions, and the controls enforced at each. The release pipeline design — the stages and gates that govern how changes are promoted. The data residency design — where data is physically stored and how jurisdictional obligations are met. The physical security and isolation design — zone classifications, isolation mechanisms, and air-gap arrangements in place.
Deliverables.
| Deliverable | What it is |
|---|---|
| Infrastructure topology | How components are hosted and connected, mapped to their deployment environments |
| Environment separation design | How environments are structured and isolated, with the controls that exist between them |
| Network topology | Zone definitions, boundary placements, and the controls enforced at each |
| Release pipeline design | The stages and gates that govern how changes are promoted through environments |
| Data residency register | Where data is physically stored and how each jurisdictional obligation is addressed in the design |
| External service register | All external services used, their hosting location, and the data flows involving them |
| Physical security and isolation design | Zone classifications, isolation mechanisms, and air-gap arrangements in place |
The Full Picture
Ten views is a lot — but no single view is complete without the others. A requirements view without a customer view can capture what must be built but miss who it needs to work for. Requirements without a domain model can produce technically correct solutions to the wrong problem. A system view without an information view leaves data classification invisible. An operational view without an organizational view tells you where the system runs but not who is accountable when something fails.
The views are designed to be used together. Each illuminates something the others don’t — and the gaps between them are often exactly where the most consequential design decisions get made implicitly rather than explicitly. A solution documented across all ten can be understood, operated, audited, extended, and eventually decommissioned by people who weren’t there at the start. That’s the standard worth aiming for.
These ten views are the documentation backbone of the Digital Solution Lifecycle Model — a broader framework I’m building for taking solutions from first design through reliable operation to eventual decommission.
Which of these views is hardest to establish on your team — and which gets skipped most often? Get in touch — I’m genuinely curious how different organisations approach solution documentation and where the gaps tend to be.
Want more on solution design, architecture documentation, and the digital solution lifecycle?
Follow my RSS feed for practical perspectives on building IT organizations that deliver and operate consistently.