Quality Attribute Strategy
Template Library
Quality Attribute Strategy Template
Define how the architecture will satisfy quality attributes, trustworthiness requirements, operational expectations, security, privacy, observability, and maintainability.
ES-104
Quality Attributes
Architecture Strategy
Template purpose
Use this template to connect non-functional requirements to architectural strategies.
Quality attributes are not slogans. They require architectural choices, verification approaches, evidence, and risk management.
Project
<Project name>
Document control
| Field |
Value |
| Artifact owner |
<owner> |
| Primary reviewers |
<reviewers> |
| Status |
<draft / in review / accepted / revised> |
| Last updated |
<YYYY-MM-DD> |
| Related Engineering Stage |
ES-104 — Architecture and Technical Approach |
| Project workspace target |
docs/project-workspace/architecture/quality_attribute_strategy.md |
Quality attribute register
| Attribute |
Requirement Source |
Architectural Strategy |
Verification Approach |
Risk |
<attribute> |
<requirement> |
<strategy> |
<verification> |
<risk> |
Security strategy
| Security Concern |
Architectural Control |
Evidence Later |
<concern> |
<control> |
<test, review, audit, monitoring> |
Privacy and data protection strategy
| Privacy Concern |
Architectural Control |
Evidence Later |
<concern> |
<control> |
<review, access record, test, audit> |
Reliability and availability strategy
| Concern |
Architectural Control |
Verification |
<concern> |
<control> |
<test, analysis, monitoring> |
| Concern |
Strategy |
Verification |
<concern> |
<strategy> |
<test, benchmark, monitoring> |
Auditability and evidence strategy
| Evidence Need |
Architectural Strategy |
Review / Retention |
<evidence need> |
<strategy> |
<review/retention> |
Observability and operations strategy
| Signal / Event |
Purpose |
Consumer |
<signal> |
<purpose> |
<operator, reviewer, dashboard, incident process> |
Maintainability and change strategy
| Maintainability Concern |
Strategy |
Evidence |
<concern> |
<strategy> |
<ADR, tests, modularity evidence, review> |
Usability and accessibility strategy
| Concern |
Strategy |
Verification |
<concern> |
<strategy> |
<review, test, accessibility check> |
AI quality and safety strategy
Use this section if AI is used.
<strategy or "AI is not used in this architecture.">
| Concern |
Strategy |
Verification / Evidence |
<accuracy, safety, hallucination, bias, misuse, prompt drift, automation bias, human review> |
<strategy> |
<evaluation, review, monitoring, AI use log> |
Open quality questions
| ID |
Question |
Owner |
Needed By |
| QQ-001 |
<question> |
<owner> |
<date or stage> |
Review checklist
- [ ] Quality attributes trace to requirements.
- [ ] Each major quality attribute has an architectural strategy.
- [ ] Security and privacy are addressed.
- [ ] Reliability, availability, and recoverability are addressed where relevant.
- [ ] Auditability and evidence preservation are addressed.
- [ ] Observability and operational use are addressed.
- [ ] AI quality and safety are addressed or marked not applicable.
- [ ] Verification approaches are identified.