IT Architecture Review


An IT architecture review is performed to assess the fit of new IT solutions, services, or changes into the IT landscape of North Dakota Government. During the review process, the proposed solution or change is evaluated for alignment and compliance with the State's guiding IT Principles and IT Standards. The review process facilitates the management and execution of the statutory duties defined in North Dakota Century Code Chapter 54-59-09 and Chapter 54-59-22.

The review process must be completed for all IT Procurements, including RFPs, APs, and Request for Quotes. Agencies who intend to award a service or application to an external provider must first request an IT Architecture Review.

For procurements, the review and the processing of any resulting exemptions must be completed after the intent to award but before the contract is signed. 

For NDIT custom development efforts, the review and the processing of any resulting exemptions need to be completed before the SOW is signed.

Reviews may result in the need for a formal exemption to be processed if the intended solution does not comply with current IT Standards or Statutory Policy.  The CIO and OMB director make the final decision regarding if individual exemption requests are denied, approved, or approved with conditions.

Requesting an IT Architecture Review

The review process includes the following steps:

  1. The agency submits an IT Architecture Review Request or contacts the Business Architecture team @
  2. NDIT Business Architects will review the submission, assign to team member, and contact the Agency subject matter expert listed on the submission.
  3. If the NDIT Business Architect determines the need for a formal exemption from IT Standards or Statutory Policy
  4. The NDIT assigned Business Architect develops a recommendation for the Chief Information Officer to review (currently delegated to the Chief Technology Officer).
  5. NDIT assigned Business Architect submits its decision to the Office of Management and Budget (OMB) director for review.
  6. NDIT assigned Business Architect notifies the agency regarding the final decision from NDIT and OMB.
    • The standard exemption period is one year from the approval date, at which point the exemption will be reassessed.

Contact Information

The NDIT Business Architecture team facilitates the review and exemption processes.  Please feel free to contact them @


Review Process

  • Why do I need to go through the IT Architecture Review process?
    • To comply with North Dakota Century Code - NDCC 54-59-09 and NDCC 54-59-22 North Dakota Information Technology Department developed the IT Architecture Review process. 
  • Is it a waiver, exemption, or IT Architecture Review, I've seen references to all 3 names?
    • Over the years, the process has gone by a few names. We are working on updating the language to an Architecture Review. The reason for the most recent change is to better align with what is happening in the process. 
  • What is done in the IT Architecture Review process?
    • Evaluate solution against guiding IT Principles
    • Validate alignment with IT Standards
    • Awareness of IT solutions across the enterprise
    • Identify opportunities for reducing technical debt and promote reuse across TeamND. This has the potential to reduce costs and provide IT solutions quicker. 
    • Work with Office of Management and Budget to help facilitate the procurement process
    • Identify IT and business trends across TeamND
  • Are waivers just for hosting?
    • No, hosting is just one of the standards that a proposed solution is evaluated on. It is also the most common exception granted. 
  • Which standards does NDIT care about?
    • All of the standards communicate the desired state for IT in North Dakota State Government. Therefore, all standards are considered equal. 
  • There is a perception NDIT denies exemptions/waivers, is that true?
    • There are instances a request for an exception is denied. However, most of the time, working between the agencies and NDIT, remediation is put in place, or plans are established to fulfill the business needs.
  • Are there procurement thresholds that require exemptions?
    • The IT Architecture Review does not have any thresholds. All IT has an impact on the enterprise and needs to be evaluated regardless of costs. 


  • When should an agency start the IT Architecture Review process?
    • Early awareness is helpful to help ensure a smooth process. A final solution does not need to be selected to start the process. Ideally, knowledge of the business need before selecting a product is best. Doing so encourages early discussion and collaboration.
  • What can an agency get ready to help NDIT with an IT Architecture Review process?
  • What can an agency get ready to help NDIT with a waiver process?
    • Submitting an Architecture Request, Completing the IT Solution Questionnaire (outlined above), and any associated information. 

  • Why do some reviews and the completion of potential exemptions take longer than others?
    • We understand this process could add delays to the project if not started during the evaluation of the business need. Every architecture review is unique based on the data processed, technology, implementation, and resources. This introduces many variables to the timeline. Often most delays are due to waiting for additional information from vendors and the requesting agency.

Existing Exceptions 

  • How long is an exception valid?
    • Starting Exceptions are valid for one year. After this time, the renewal process does a quick review of past acceptance criteria and any changes to standards.
  • I have a previous exception and I am moving it to the cloud, adding a module, or doing an update do I need a new exception?
    • Yes, we will need to perform an architecture review. If the solution has already gone through the architecture review process, it should be quicker as we have a base of knowledge.