Sparx EA Repository Governance Checklist
A well-governed Sparx EA repository has 20 essential governance elements. Most repositories have 8-12. The gap between where you are and where you need to be is not a documentation problem — it is a structural one. And it is exactly where AI integration either works or doesn’t. This checklist is a diagnostic tool. Use it to score your current repository, identify the gaps, and determine whether your practice is ready for EA GraphLink and AI integration.
Key Takeaways
- Most Sparx EA repositories have 8-12 of the 20 essential governance elements — AI readiness requires 16+
- The four governance categories are: MDG/Metamodel, Element Quality, Access and Ownership, and AI Readiness
- MDG completeness is the single most impactful governance item — it governs everything else
- A score below 10 indicates governance work is needed before any AI integration is attempted
- Kernaro Assist’s event agents can support ongoing governance enforcement once the foundation is in place
Category 1: MDG / Metamodel Governance
1. Active MDG profiles for all frameworks in use Every framework used in the repository (ArchiMate, BPMN, SysML, DoDAF, TOGAF) has a correctly configured MDG profile active in the repository. Custom element types are used only where the standard profile genuinely does not meet the need.
2. Element type restrictions enforced MDG profiles restrict which element types can be created in which packages — preventing ArchiMate elements from appearing in UML design packages, BPMN elements from appearing in ArchiMate business packages, and so on. Type pollution is one of the most common quality problems in large repositories.
3. Mandatory tagged values enforced Critical tagged values (lifecycle status, owner, domain classification, health score for applications) are configured as mandatory in the MDG profile — not just documented as required, but technically enforced so that no element can be saved without them.
4. Enumeration constraints on controlled tagged values Tagged values that should come from a controlled list (Lifecycle Status, Business Criticality, Review Status) use enumeration constraints in the MDG profile rather than free-text fields. This ensures consistent values that can be filtered and queried reliably.
5. Relationship validation rules active MDG relationship constraints prevent invalid relationships — for example, preventing Application Component from being connected to a Business Actor via an Association when the correct relationship is Serving. Relationship validation is what separates a governed model from a governed-looking one.
Category 2: Element Quality
6. Naming conventions documented and enforced A naming convention document exists for every element type in use. Names follow the convention consistently (enforced by MDG quicklinks or validated by script). Naming conventions are the most human-visible quality indicator in a repository.
7. Element descriptions populated Every element with a public-facing purpose (capabilities, applications, business processes, data objects) has a description that a non-architect can read. Empty description fields are the primary cause of AI-generated answers being technically correct but contextually useless.
8. Diagram-to-element traceability maintained Elements appear on at least one diagram, and diagrams are linked to the packages whose elements they represent. Orphan elements (elements not on any diagram) and ghost diagrams (diagrams referencing deleted elements) are regularly cleaned.
9. No duplicate elements The repository does not contain duplicate elements representing the same real-world concept. Duplicates arise when architects create elements without checking whether they already exist. MDG quicklinks and a structured search process prevent new duplicates; periodic audits identify existing ones.
10. Baseline architecture versions maintained Approved baseline architecture states are locked (Sparx EA’s baseline capability) so that current-state and target-state models can be compared. Without baselines, gap analysis is informal and AI queries cannot distinguish current from future state.
Category 3: Access and Ownership
11. Role-based access control configured Sparx EA’s user security is configured with roles appropriate to the team structure: read-only for stakeholders, contributor for domain architects, administrator for lead architects and repository managers. Default “everyone is admin” configurations are the single largest repository integrity risk.
12. Package ownership assigned Every top-level package has an assigned owner — the architect responsible for the content of that package, its quality, and its maintenance. Packages without owners accumulate technical debt at the highest rate.
13. Architecture review process documented and active A formal process exists for reviewing and approving changes to baseline architecture content. New architecture models go through review before being baselined. The process is documented, not just understood by the team.
14. Change log maintained Significant changes to architecture content are logged — what changed, who changed it, why, and when. Sparx EA’s audit log (or an equivalent process) provides the record. Without a change log, architecture decisions cannot be reconstructed.
15. External stakeholder access governed If stakeholders access the repository directly (read-only) or via reports, their access is governed: access is granted by role, reviewed periodically, and revoked when no longer needed. Ungoverned stakeholder access is both a security risk and a quality risk.
Category 4: AI Readiness
16. Element types consistent with EA GraphLink expectations The element types in the repository match the types that EA GraphLink can identify and index. For ArchiMate, this means using standard ArchiMate element types from the MDG profile, not custom types that EA GraphLink cannot classify. This is a technical prerequisite for any AI integration.
17. Relationship structure queryable Relationships between elements are correctly typed and traversable. EA GraphLink queries the repository by traversing relationships — a Serving relationship between Application Component and Business Service produces different intelligence than an informal Association. Relationship type discipline is what makes architecture traversal meaningful.
18. Package structure supports AI query scope The top-level package structure organizes content by architecture domain (Business, Application, Technology, Data) and architecture phase (Baseline, Target) in a way that allows AI queries to be scoped. “Show me all applications in the Finance domain” requires that Finance domain is a recognizable package scope in the repository.
19. Data freshness process active A process exists to ensure that tagged values — particularly lifecycle status, health scores, and owner — are reviewed and updated on a defined cycle (quarterly for application portfolio, annually for capability models). Stale data in a repository connected to AI tools produces confidently wrong answers.
20. EA GraphLink configuration validated EA GraphLink has been deployed, configured for the repository’s element types and package structure, and validated with test queries. The validation confirms that AI queries return architecture-grounded answers, not empty results or fabricated responses.
Scoring Guide
Score 0-10: Significant governance work needed The repository lacks the structural governance for reliable AI integration. Start with Category 1 (MDG/Metamodel) — getting the first five items in place will have the most impact on all subsequent work. A Discover engagement is the right starting point.
Score 11-15: Partial governance — targeted remediation needed The repository has functional governance but with significant gaps. Identify which categories are weakest and address those specifically. A Deploy engagement can establish the governance infrastructure and address the gaps systematically.
Score 16-20: AI-ready governance The repository has the governance foundation for EA GraphLink integration and AI-augmented architecture practice. Connect and Kernaro AI Hub planning are appropriate next steps.
FAQ
What is the most important governance item in Sparx EA? Active, correctly configured MDG profiles (item 1) are the highest-leverage governance element. MDG governs element types, relationship validity, mandatory tagged values, and enumeration constraints — all of which flow from the MDG configuration. A repository without effective MDG governance cannot be reliably governed by any other means.
How do I assess my current MDG maturity? Review each MDG profile active in the repository and check: are element type restrictions configured? Are any tagged values marked mandatory? Are enumeration lists configured for controlled values? Are relationship constraints active? A Sparx Services Discover engagement includes a structured MDG maturity assessment as a core deliverable.
What does “AI-ready repository” mean? An AI-ready repository is one that EA GraphLink can index and query reliably: element types are MDG-governed, relationships are correctly typed, tagged values are consistently populated, and the package structure supports scoped queries. AI-ready does not mean perfect — it means structured and consistent enough that AI queries produce architecture-grounded, trustworthy answers.
How often should I audit repository governance? Governance audits should be quarterly for fast-changing content (application portfolio, technology standards) and annual for slower-changing content (capability models, business architecture). A lightweight monthly check on MDG compliance (using Sparx EA’s search and model validation features) catches drift before it accumulates.
What score triggers a Deploy engagement? A score below 13 typically indicates that the governance infrastructure needs professional attention rather than incremental self-improvement. Deploy engagements establish MDG profiles, package structure, access controls, and governance processes in a defined timeframe — the activities that move a repository from the 8-12 range to the 16+ range.
How do Kernaro Assist event agents help with governance? Kernaro Assist (currently in Beta) includes event agents that can be configured to respond to repository events — for example, triggering a notification when an Application Component is created without a mandatory tagged value, or when a baseline package is modified outside the review window. Event agents provide governance reinforcement at the point of repository activity, reducing governance debt accumulation between audit cycles.
Close the Gap Before You Connect
The Sparx Services Deploy engagement establishes the governance infrastructure that moves repositories from the 8-12 range to AI-ready. If you want to understand your current score before committing, Discover provides the assessment.
