Skip to main content
SAHM

This site uses cookies to improve your experience and analyze visits.

Accept all
Reject all (essential only)
Customize
Learn more about cookies
SAHM logo
  • Home
  • About
  • Pricing
  • Knowledge Hub
  • Support
  • Book a Meeting
  • Customer Portal
  • Employee Portal
  • Contact
Menu

Language

Services

Digital TransformationEnterprise ArchitectureNORA ComplianceEA Tool ImplementationPricing

Expertise

TOGAF FrameworkDGA NORAAvolution ABACUSIT Strategy

Company

About UsContact Us

Resources

Schedule ConsultationRequest DemoCustomer SupportSubmit Ticket

Legal

Privacy PolicyTerms of ServiceCookie PolicyAccessibilitySecurity Policy

Get in touch

info@sahm.sa+966 53 113 0434

2023 - 2026 © SAHM Information Technology. All Rights Reserved. | Riyadh, Saudi Arabia

Back to Guides

EA Principles

The set of principles tied to each of the six EA domains. They lay out the main considerations for developing components and bring one rulebook to governance and investment decisions.

Overview

  • Placement in NORA: Section I (5.1.2) — Principles of Enterprise Architecture, 32 principles spread across the six domains.
  • Each of the six domains has a list of principles that frame the main considerations when its components are developed.
  • The list is not exhaustive. Entities can extend it in coordination with the relevant subject-matter specialists.
  • Applying the principles brings standardisation, consistency, and alignment to components inside the same domain, and helps with compliance to the regulations tied to it.
  • Every principle is recorded with a code, a name, a description, the rationale for applying it, and the implications of doing so.

Principles Catalog by Domain

Business Architecture
CodePrincipleDescription
BA 01Strategic AlignmentApply the entity’s strategic requirements and directions to business architecture components, and connect them to the other EA domains.
BA 02Innovation and CreativityBring innovation and creativity into the way components are developed, and point investment decisions toward modern and emerging technologies during gap analysis and roadmap building.
BA 03Co-creation & InteroperabilityWork jointly across internal units and with external stakeholders when business architecture components are developed.
BA 04Unified Approach to Document and Execute Services and ProcessesFollow one set of reference standards when documenting the entity’s capabilities, services, and processes, and execute them in a single consistent way against the approved templates.
BA 05Business ContinuityKeep critical capabilities, services, and processes running at the target level under any conditions.
BA 06Compliance with Regulations & MandateComply with internal and national laws, regulations, and policies when business architecture is developed, and pick solutions that support the entity in carrying out its mandate.
Beneficiary Experience Architecture
CodePrincipleDescription
XA 01Beneficiary CentricityApply the directions set in the Beneficiary Centricity Policy issued by the Digital Government Authority across its three pillars: empowerment, execution, and continuous improvement.
XA 02Beneficiary SegmentationStudy every beneficiary segment of the entity’s services when experience architecture components are developed, and examine each segment’s needs and expectations.
XA 03Life ExperienceBuild the experience architecture components around life-experience concepts, and keep searching for integration and inclusion solutions in how services are delivered.
Application Architecture
CodePrincipleDescription
AP 01Fit for PurposePick application functions that fit the business requirements being digitised, align them with the entity’s capabilities, and take existing investments in the digital landscape into account.
AP 02Development Based on StandardsBuild the entity’s applications on internationally recognised standards from trusted bodies covering the different IT areas, and stay within the related regulations.
AP 03Ease of UseDesign the entity’s applications to be easy to learn, to make day-to-day work simpler, and to be reachable through more than one channel.
AP 04Secured by DesignBuild security considerations into the architectural and engineering designs of every EA component: applications, data, technical components, and security controls.
AP 05Adaptable & ScalableDesign applications to absorb changes in business requirements, workload, and data growth in a systematic and standardised way.
AP 06ReusableBuild application modules so they can run independently and be reused in functional contexts beyond the one they were first written for.
Data Architecture
CodePrincipleDescription
DA 01Single Request for DataAsk the beneficiary for data once. If the data already exists inside the entity, in another government body, or with a service provider, build the technical integration that pulls it from its source.
DA 02Single Data SourceLean on one trusted source to define and catalogue every data entity, have the data owner document its attributes, and avoid storing it in more than one operational system.
DA 03Data Management & Governance ComplianceStick to the entity’s approved requirements and standards for data management and governance, and reflect them in the data architecture components in both their current and target states.
DA 04Support Analysis & Decision MakingUse data to back leadership decisions, shape business rules, and follow performance indicators against numbers that are highly trustworthy.
DA 05360-Degree ViewDocument data entities in full, showing how they connect to the systems, sources, and other components around them, so the data architecture components and their blueprints come out complete and accurate.
Technology Architecture
CodePrincipleDescription
TA 01Cloud FirstMake cloud computing a core part of the technology architecture strategy, using its flexibility, scale, and efficiency to cut down on owning data centres, hardware, and the operational load that comes with them.
TA 02Compliance with StandardsStick to national standards issued by bodies such as NCA, NDMO, DGA, CST, and SAMA, and to international standards such as ISO, NIST, Uptime Institute, and PCI-DSS.
TA 03Business-led ChangesRespond to business needs and requirements, and plan the changes in applications and technology around them.
TA 04Control Technical DiversityKeep technical diversity in check to lower the cost of holding the right technical knowledge and integrating different systems, and standardise the technologies and platforms across the entity to simplify operations and management.
TA 05Resilience and High AvailabilityInfrastructure that holds up against failures and outages, with redundancy for critical resources and automatic failover that keeps service availability high.
TA 06Cost Optimization and EfficiencyDesign the technology infrastructure for the best use of cost and higher efficiency, balancing performance needs against resource use to reduce both spend and waste.
TA 07Scalability and PerformanceDesign technology solutions that can scale with rising demand and perform well under different workloads, while planning for the systems’ future growth.
TA 08Sustainability and Environmental ResponsibilityAccount for environmental sustainability, reduce the carbon footprint of infrastructure solutions, and encourage environmentally friendly practices, energy-efficient designs, and responsible resource management.
Security Architecture
CodePrincipleDescription
SA 01Least PrivilegeHold application user permissions at the minimum their roles and tasks actually need.
SA 02Defense in DepthRun a security strategy made of multiple layers of controls spread across different levels of the entity’s technology architecture.
SA 03Zero Trust ArchitectureA security model built on “never trust, always verify”, on the assumption that threats can come from inside the entity’s network as well as from outside it.
SA 04Implement a Strong Identity FoundationSet up a full Identity and Access Management (IAM) framework so that only authorised users and devices reach the entity’s resources.

Benefits of Applying the Principles

When the principles are applied for real they raise the efficiency of documenting and developing EA components and viewpoints, hold the standardisation, consistency, and alignment together inside each domain, deliver compliance with the regulations tied to each one, get value out of every methodology stage, contribute to spend efficiency in investment decisions, and improve EA governance and decision-making.

Governance Note

The list above is not exhaustive. The entity can add to it with principles that fit its work in coordination with the relevant specialists, as long as every principle is recorded with its code, name, description, rationale, and implications the way the EA framework lays it out.

Related

Six EA Domains

EA Viewpoints

General Component Model

EA Principles | NORA | SAHM