Architecture Intent

Last Updated: October 28, 2025

Are you getting ready to start working on your product? The Architecture Intent touchpoint is required for all products launching on VA.gov. Follow these guidelines to get started.

Don’t have a GitHub ticket yet? You may need to start the Collab Cycle with a Kickoff.

The Architecture Intent meeting is a requirement. It helps your team build a technical solution that meets VA.gov Engineering and Security Standards, and lowers the potential for launch-blocking issues at the final Staging Review.

What’s the purpose of the Architecture Intent?

The goal of the Architecture Intent meeting (or “touchpoint”) is to ensure you’re building a product that meets VA.gov Engineering and Security Standards before you’ve started building your product.

This meeting is less a formal presentation and more a collaborative discussion surrounding the architectural decisions that impact the engineering and security posture of the product you are building or iterating on. It not only provides OCTO-DE and Platform with an early understanding of the product/feature your team wants to build, but is also an opportunity to collaborate with VA’s engineering and security stakeholders to assist you with building out the correct technical solution. The focus is on making sure your code meets user needs within the constraints of the platform you're building on.

Preparing for the Architecture Intent

When should the Architecture Intent be scheduled?

You should schedule an Architecture Intent meeting if any of these apply and you’re at a point where you’re ready to discuss your approach:

• You haven't previously completed an Engineering and Security Checklist for the application

• You're launching a new service or major new feature

• You're using an architectural pattern that is not currently used on the va.gov Platform

• You want to introduce a new technology, library, or dependency not previously used on va.gov

• You're integrating with a new system or API, inside or outside of VA

• Your change introduces a new coordination point between teams

• You're gathering new Personally Identifiable Information (PII) and/or Protected Health Information (PHI) or saving PII/PHI in a new place

• There are cost, performance, or security implications to your change

• The update materially changes the amount or type of traffic received by components of the system, particularly RDS/PostgreSQL, Elasticache/Redis, or any back-end service API

• You’re adding a component or service that requires ongoing licensing fees or a period rotation (like a new API key or mTLS certificate)

• You have questions about one or more of the items on the Engineering and Security Checklist

• You're having trouble locating or getting technical information from other stakeholders or system owners

• You have a question or concern about an architectural approach for your app and want guidance or validation from the Architecture Intent team

Note: OCTO-DE and Platform Engineering and Security will need at least 2 business days to review your materials. Ensure you provide enough lead time, otherwise the meeting may need to be rescheduled.

What artifacts will be needed?

Artifacts are anything that will help OCTO-DE and Platform Engineering and Security understand your product. For the Architecture Intent, please provide these artifacts:

• Complete the Engineering and Security Checklist

• Complete an Architecture Diagram and store it in the sensitive repo

• Create a user data flow diagram

The checklist, along with any other supporting documentation or diagrams, should be ready and linked in the VFS team’s Collaboration Cycle Request GitHub ticket at least 2 business days before the scheduled meeting.

How to schedule the Architecture Intent

Follow the steps in your team’s Collaboration Cycle Request GitHub ticket.

1. Schedule: Use the Calendly link in the Before Meeting > VFS Actions section to select a date for the touchpoint meeting.

2. Add artifacts: Make sure you have provided clear answers to every section on the ticket.

Please request your Architecture Intent meeting and provide artifacts at least 2 business days ahead of time so the Platform Engineering and Security team and OCTO-DE can review your artifacts.

Who should schedule the Architecture Intent?

No one specific role on the VFS team is required to schedule the Architecture Intent. However, whoever schedules the Architecture Intent will be responsible for inviting the rest of their team to the scheduled Architecture Intent meeting.

Who should attend the Architecture Intent?

The VFS team’s technical leadership and product manager should attend the Architecture Intent. You’re also encouraged to invite relevant members of your team, such as engineers, and VA stakeholders who will be working on or advising the product.

The Governance team will ensure that the relevant Platform Engineering and Security and OCTO-DE participants are invited.

What happens during the Architecture Intent?

Meeting format

• 30-minute synchronous Microsoft Teams meeting

• Hosted by OCTO-DE and Platform Engineering and Security

• Recorded for later reference

Agenda

Architecture Intent meetings often follow this format:

• OCTO-DE and Platform Engineering and Security welcome everyone to the call.

• Your team has about 10 minutes to introduce your initiative. We recommend using this time to:

  • Discuss the problem space you are trying to solve for, including any constraints you’re facing.

  • Present your artifacts and walk us through the technical direction

• OCTO-DE and Platform Engineering and Security will ask questions and provide feedback. They'll also provide you with written feedback through GitHub after the meeting.

What sort of feedback can teams expect?

After you present your artifacts and explain the user flow, OCTO-DE will ask questions and provide feedback. They may:

• Share what other teams have done in the past to solve this technical problem

• Share information about security rules and/or implications based on your given approach

Remember, this is more of a discussion than a formal presentation. If you have questions you want answered or have questions about the feedback, ask!

After the Architecture Intent Meeting

OCTO-DE and Platform Engineering and Security stakeholders will document their feedback via comment on the Collaboration Cycle Request GitHub ticket by EOD the next business day. Once the Feedback is provided, you can update your technical plan to conform to relevant Engineering and Security standards.

How to request a waiver of the Architecture Intent requirement

Although rare, some teams may not require an Architecture Intent. If you believe that your team does not meet the requirements outlined in the “When should the Architecture Intent be scheduled” section of this document, you may request to skip the Architecture Intent meeting.

To submit a request to skip the Architecture Intent meeting:

1. Double check the checklist in the “When should the Architecture Intent be scheduled” section of this document. Ensure that your team does not meet any of the requirements for holding an Architecture Intent.

2. Complete the Engineering and Security Checklist.

3. Comment on your Collaboration Cycle Github Ticket

   1. Include a brief explanation of why you believe your team should be exempt from the Architecture Intent

   2. Include a link to your team’s completed Engineering and Security Checklist

   3. Tag both Steve Albers (@va-albers ) and Andrew Mo (@amo-va-octo)

Steve and/or Andrew will respond via your Collab Cycle Github Ticket to confirm or request additional details.

Help and feedback

• Suggest content changes to this page.

• Submit new Platform Website content.

• Get help from the Platform Support Team in Slack.

• Submit a feature idea to the Platform.