Enterprise ArchitectureZachman Framework
Zachman Why Column: Motivation and Strategy Architecture Explained
TT
TopicTrick Team
Zachman Why Column: Motivation and Strategy Architecture Explained
The "Why" interrogative forms the sixth and final column of the Zachman Framework matrix. It answers the fundamental question: "Why does the enterprise do things the way it does?" In other words, what are the business motivations, strategies, rules, and constraints that drive enterprise architecture decisions?
The Why column represents strategic and business rule architecture across all six perspectives - from the executive planner's business strategy down to the actual business rules and constraints embedded in systems. Understanding this column is essential for alignment between business and IT, strategic planning, and ensuring that enterprise architecture decisions support business objectives.
What Does the Why Column Address?
The Why column specifically focuses on:
- Business strategy: Why the enterprise exists, what it's trying to achieve
- Business objectives: Specific goals and metrics the enterprise pursues
- Constraints: Regulatory, competitive, resource, or technology constraints
- Business rules: Rules governing how business operates (e.g., "customers must be at least 18 years old")
- Policies: Organisational policies (privacy, security, ethical guidelines)
- Assumptions: Assumptions underlying the business model
The Why column is NOT about data (What), processes (How), locations (Where), people (Who), or timing (When). It focuses purely on "why decisions are made and what constraints and motivations drive them."
The Why Column Across Six Perspectives
Row 1 (Planner): Business Strategy / Vision
Question: Why does the enterprise exist and what is its strategy?
Artefacts:
- Mission statement (why the company exists)
- Vision statement (where the company wants to go)
- Strategic objectives (5-year goals)
- Competitive positioning (how the company differentiates)
Characteristics:
- Executive summary level - one to two pages
- Business terminology only, no technical jargon
- Stable but reviewed annually (strategic direction rarely changes month-to-month)
Example business strategy:
text
Mission Statement:
"To provide affordable, high-quality software tools that enable small
businesses to streamline operations and compete effectively."
Vision Statement:
"To become the leading cloud-based business software platform for
companies with 10-500 employees globally by 2030."
Strategic Objectives (5-year):
1. Achieve $100M annual recurring revenue (ARR)
2. Expand into 15 new international markets
3. Build a partner ecosystem with 500+ integration partners
4. Achieve 95%+ customer satisfaction rating
5. Become carbon-neutral by 2027
Competitive Positioning:
- Differentiation: Superior user experience, lowest total cost of ownership
- Target market: SMB (small/medium business) segment (underserved)
- Competitive advantage: Fast implementation, excellent customer success team
Strategic Priorities:
1. Product excellence (65% investment)
2. Market expansion (20% investment)
3. Operational efficiency (10% investment)
4. Innovation/R&D (5% investment)Why it matters: Ensures all enterprise architecture aligns with business strategy. If your architecture doesn't support these objectives, you're building the wrong thing.
Row 2 (Owner): Business Model / Operational Strategy
Question: What business model does the enterprise operate, and what are the key business rules?
Artefacts:
- Business model canvas (customer segments, value propositions, channels, revenue streams)
- Key business rules (constraints on operations)
- Policies and compliance requirements
- Operational constraints (what limits what we can do?)
Characteristics:
- 5-15 pages
- Business owner's view - understandable by operational staff and stakeholders
- Changes when business model or strategy changes
Example business model:
text
Business Model:
Customer Segments:
- Primary: SMBs (10-500 employees) in North America and Europe
- Secondary: Mid-market companies (500-2000 employees)
- Segment profitability: SMB (40% margin), Mid-market (35% margin)
Value Propositions:
- Ease of use: 50% faster implementation than competitors
- Cost: 30% lower total cost of ownership
- Support: 24/7 phone support included (competitors charge extra)
- Integration: 200+ pre-built integrations (most in class)
Revenue Model:
- SaaS subscription (primary): $99-$999/month based on usage
- Implementation services: $5,000-$50,000 per customer (20% margin)
- Professional services: $150/hour (25% margin)
- Mix: 70% SaaS, 20% implementation, 10% professional services
Unit Economics:
- Customer acquisition cost (CAC): $500 average
- Lifetime value (LTV): $12,000 average
- LTV/CAC ratio: 24:1 (excellent)
- Payback period: 2 months
Key Business Rules:
Pricing & Contracts:
- Monthly billing: $99-$999/month, autopay required
- Annual billing: 20% discount, 12-month commitment
- No contracts for monthly (auto-renewable)
- Price increases: Annual + 5% (notice: 30 days)
- Free trial: 14 days, credit card required
- Discounts: Max 20% (volume only, requires approval)
Customer Eligibility:
- Minimum company size: 3 employees
- Maximum company size: 5,000 employees
- Minimum order value: $99/month
- Credit check: Required for >$500/month
Data Protection:
- GDPR compliance: Mandatory for EU customers
- HIPAA compliance: Optional, $50/month premium
- SOC 2 Type II: Required for healthcare/finance customers
- Data retention: 90 days after cancellation, then delete
Operational Constraints:
- Support SLA: Critical (1hr), High (4hr), Normal (24hr)
- Maximum uptime SLA: 99.9% (27 minutes downtime/month acceptable)
- Data processing: Must complete processing within 24 hours
- Disaster recovery: RTO 4 hours, RPO 1 hour (max)Why it matters: Ensures business processes and operations align with how the business makes money.
Row 3 (Designer): System Requirements / Business Rules Architecture
Question: What system requirements and business rules drive architecture decisions?
Artefacts:
- Functional requirements (what the system must do)
- Non-functional requirements (performance, scalability, security, availability)
- Business rules (constraints on what can happen in the system)
- Architecture decision records (why did we choose this architecture?)
Characteristics:
- 15-40 pages depending on complexity
- Architect's view - technical but grounded in business requirements
- Detailed and comprehensive - specifies why each architectural choice was made
- Changes when business requirements change
Example system requirements:
text
Functional Requirements:
User Management:
- REQ-001: System must support user roles (Admin, Manager, User, Guest)
- REQ-002: System must support SSO integration (SAML, OAuth)
- REQ-003: System must support multi-tenancy (separate data per customer)
Financial:
- REQ-010: System must support multi-currency (USD, EUR, GBP, etc.)
- REQ-011: System must calculate taxes based on customer location
- REQ-012: System must support discounts up to 20%
- REQ-013: System must integrate with Stripe, PayPal, Square
Non-Functional Requirements:
Performance:
- REQ-100: Page load time < seconds (p95)
- REQ-101: API response time <00 ms (p95)
- REQ-102: Database query <00 ms (p95)
Scalability:
- REQ-110: Support 100,000 concurrent users
- REQ-111: Support 1 billion database records
- REQ-112: Support 10x growth without architecture changes
Availability:
- REQ-120: 99.9% uptime (27 minutes downtime per month)
- REQ-121: Automatic failover to backup system (< min)
- REQ-122: Zero data loss in failover
Security:
- REQ-130: All data encrypted at rest (AES-256)
- REQ-131: All data encrypted in transit (TLS 1.2+)
- REQ-132: GDPR compliance mandatory
- REQ-133: SOC 2 Type II certification required
- REQ-134: Penetration testing annually
Business Rules:
Pricing Rules:
- BR-001: Customers must be billed monthly on the 1st of the month
- BR-002: If payment fails, retry daily for 5 days, then suspend account
- BR-003: Discount codes must be applied before payment
- BR-004: Usage-based pricing must calculate hourly but bill monthly
Data Rules:
- BR-010: Customer data must never be visible to other customers
- BR-011: Deleted data must be permanently deleted within 90 days
- BR-012: All changes must be audited (who changed what when)
- BR-013: EU customer data must reside in EU data centres only
Order Rules:
- BR-020: Orders must include at least one line item
- BR-021: Orders must have valid payment method before processing
- BR-022: Large orders (>$10k) require manager approval
- BR-023: Expedited shipping available for orders before 2 PM
Architecture Decisions:
Decision: Microservices architecture
Rationale:
- REQ-110/111/112 require massive scalability
- Each service can scale independently
- Reduces deployment risk (update one service without full deployment)
Decision: Event-driven architecture
Rationale:
- BR-020/BR-023 require complex workflows
- Events decouple services (order service doesn't need to know about shipping service)
- Enables audit trail (every event is logged)
Decision: Multi-region deployment (US + EU)
Rationale:
- BR-013 requires EU data to stay in EU
- REQ-120 requires 100k concurrent users (single region can't handle)
- Improves performance (customers served from nearest region)Why it matters: Ensures system design is driven by business requirements, not by technology preference.
Row 4 (Builder): Constraints and Trade-offs
Question: What specific constraints and trade-offs guide implementation decisions?
Artefacts:
- Technology constraints (e.g., must run on Java 11+, must use PostgreSQL)
- Budget constraints (e.g., $50k/month infrastructure budget)
- Timeline constraints (e.g., must launch in 6 months)
- Compliance constraints (GDPR, HIPAA, SOC 2)
- Performance trade-offs (cost vs. latency, consistency vs. availability)
Characteristics:
- 10-25 pages depending on complexity
- Technical and specific to implementation
- Guides concrete implementation decisions
- Changes when constraints or priorities change
Example constraints and trade-offs:
text
Technology Constraints:
Must Use:
- Java 11+ (company standard, 10+ years of expertise)
- PostgreSQL (open source, widespread expertise)
- Kubernetes (container orchestration standard)
- AWS (already invested in platform)
Avoid:
- Proprietary databases (vendor lock-in)
- Legacy frameworks (hard to hire)
- Node.js frontend (requires C# backend for consistency)
Budget Constraints:
Infrastructure Budget: $50k/month maximum
- Compute: $30k/month (current: $28k/month) [90% utilised]
- Data storage: $10k/month (current: $8k/month) [80% utilised]
- CDN/networking: $5k/month (current: $4k/month) [80% utilised]
- Contingency: $5k/month (current: 0)
Tool & SaaS Budget: $20k/month
- CI/CD: $3k/month (current: Jenkins/GitLab self-hosted = $0)
- Monitoring: $4k/month (current: DataDog = $3.5k)
- APM: $5k/month (current: AppDynamics = $4.8k)
- Cloud vendor services: $8k/month (current: AWS RDS, S3, SQS)
Timeline Constraints:
Roadmap (next 12 months):
Q1-Q2: Core Platform (Jan-Jun)
- User management ✓
- Multi-tenancy ✓
- Basic reporting ✓
- Timeline: 6 months (18 developer-months = 3 developers)
Q2-Q3: Advanced Features (Apr-Sep)
- Advanced reporting / BI
- Integration platform
- Timeline: 4 months (12 developer-months = 3 developers)
Q3-Q4: Scaling & Polish (Jul-Dec)
- Performance optimisation
- Security hardening
- Timeline: 4 months (10 developer-months = 2.5 developers)
Launch Date: June 1, 2026 (fixed deadline)
- Q1 features must be complete by May 15 (2-week buffer)
- No feature delays acceptable (would miss market window)
Compliance Constraints:
GDPR (Required for EU customers):
- Data subject rights: Access, correction, deletion within 30 days
- Consent: Explicit opt-in required for marketing
- Breach notification: Within 72 hours
- Cost: 2 FTE legal/compliance + $50k/month legal retainer
HIPAA (Optional, +$50/month per customer):
- Encryption at rest & transit
- Access controls
- Audit logging
- BAA (Business Associate Agreement) required
- Annual risk assessment
- Cost: 1 FTE compliance officer
SOC 2 Type II (Required for enterprise customers):
- Annual audit: $80k
- Ongoing compliance: 1 FTE
- Cost: ~$150k/year total
Performance Trade-offs:
Consistency vs. Availability:
- Choice: Prefer availability (async replication)
- Rationale: SMB customers will tolerate 1-minute data lag; won't tolerate downtime
- Trade-off: Possible brief inconsistency (max 1 minute)
Cost vs. Latency:
- Choice: Use cheaper storage (S3) for historical data, fast cache (Redis) for recent
- Rationale: 80% of queries are on recent data; historical queries can be slower
- Trade-off: Some queries slower (but cheaper infrastructure overall)
Normalisation vs. Performance:
- Choice: De-normalise reporting database (separate from transactional)
- Rationale: Reporting queries don't affect production performance
- Trade-off: More ETL complexity, eventual consistencyWhy it matters: Guides implementation teams on what's possible within constraints.
Row 5 (Sub-Contractor): Business Rules in Code
Question: How are business rules implemented in code?
Artefacts:
- Business rule engine rules
- Validation code
- Conditional logic for business rules
- Configuration files (pricing, discounts, rules)
Characteristics:
- Hundreds to thousands of lines of code
- Fully executable and version-controlled
- Highly volatile (business rules change frequently)
- "Out of context" without explanation - requires deep domain knowledge
Example business rules in code:
python
# Discount validation business rule
def validate_discount(discount_code, customer_segment, order_amount):
"""
Business Rule: Discount codes must follow specific rules
- Max discount: 20%
- Only applicable to certain segments
- Volume discounts only (minimum order amount)
"""
# Look up discount code
discount = get_discount_code(discount_code)
if not discount:
raise InvalidDiscountCode(f"Discount code '{discount_code}' not found")
# Check expiration
if discount['expiration_date'] < today():
raise ExpiredDiscountCode(f"Discount code expired on {discount['expiration_date']}")
# Check customer segment eligibility
if discount['eligible_segments']:
if customer_segment not in discount['eligible_segments']:
raise IneligibleCustomer(f"Discount not valid for segment '{customer_segment}'")
# Check minimum order amount
if discount.get('min_order_amount', 0) > order_amount:
raise MinimumOrderNotMet(f"Minimum order ${discount['min_order_amount']} required")
# Calculate discount amount
discount_percent = min(discount['percent'], 20) # BR: Max 20% discount
discount_amount = order_amount * (discount_percent / 100)
return {
'valid': True,
'discount_percent': discount_percent,
'discount_amount': discount_amount,
'new_total': order_amount - discount_amount
}
# Billing rule - calculate taxes
def calculate_taxes(order_amount, customer_location):
"""
Business Rule: Calculate taxes based on customer location
- US: Based on state sales tax
- EU: Based on VAT (Value Added Tax)
- Other: No tax
"""
if customer_location['country'] == 'US':
state = customer_location['state']
tax_rate = get_sales_tax_rate(state)
tax_amount = order_amount * tax_rate
return {'tax': tax_amount, 'rate': tax_rate}
elif customer_location['country'] in EU_COUNTRIES:
vat_rate = get_vat_rate(customer_location['country'])
vat_amount = order_amount * vat_rate
return {'tax': vat_amount, 'rate': vat_rate}
else:
return {'tax': 0, 'rate': 0}
# Payment rule - retry logic on failure
def process_payment_with_retry(customer_id, amount, payment_method):
"""
Business Rule: If payment fails, retry daily for 5 days, then suspend
"""
max_retries = 5
retry_count = 0
while retry_count < max_retries:
try:
result = charge_payment_gateway(
payment_method=payment_method,
amount=amount
)
if result['success']:
# Payment succeeded
log_payment_success(customer_id, amount)
return {'status': 'SUCCESS', 'transaction_id': result['transaction_id']}
else:
# Payment declined
raise PaymentDeclined(result.get('reason', 'Unknown reason'))
except (PaymentDeclined, PaymentGatewayError, TimeoutError) as e:
retry_count += 1
if retry_count < max_retries:
# Schedule retry for next day
schedule_retry(
customer_id=customer_id,
retry_number=retry_count,
scheduled_time=tomorrow()
)
log_payment_retry(customer_id, retry_count, str(e))
return {'status': 'RETRYING', 'next_retry': tomorrow()}
else:
# Max retries reached - suspend account
suspend_customer_account(customer_id, reason='Payment failure')
send_notification(customer_id, 'Account suspended due to payment failure')
return {'status': 'SUSPENDED', 'reason': 'Payment failure after 5 retries'}Why it matters: Makes business rules executable, testable, and version-controlled.
Row 6 (Enterprise): Live Business Metrics / Strategy Execution
Question: Is the enterprise achieving its strategic objectives?
Artefacts:
- Business metrics dashboards (revenue, customer count, churn)
- Strategy execution metrics (progress toward strategic objectives)
- Constraint violation alerts (are we exceeding budget? missing SLAs?)
- Business rule violation alerts (are customers following the rules?)
Characteristics:
- Continuously changing (metrics updated daily/hourly)
- Measured and observable
- The source of truth for "are we winning?"
- Monitored for strategy execution and course correction
Example operational metrics:
text
Strategy Execution Dashboard:
Strategic Objective 1: Achieve $100M annual recurring revenue (ARR)
Current ARR: $48.2M (48% progress)
Monthly growth: 3.2% (on track for $95M by end of year)
Cohort analysis:
- Year 1 cohort: $28.3M ARR (95% retention)
- Year 2 cohort: $14.2M ARR (92% retention)
- Year 3 cohort: $5.7M ARR (87% retention) [early, trending down]
Status: ON TRACK with stretch required
Strategic Objective 2: Expand into 15 new international markets
Current markets: 8 (53% progress)
New market launches (Q1): 2 (UK, France)
New market launches (Q2): 1 (Japan)
In pilot: 2 (Germany, Australia)
Status: SLIGHTLY BEHIND (planned 5 by now, at 4)
Strategic Objective 3: Build partner ecosystem with 500+ partners
Current partners: 312 (62% progress)
Active partners: 248 (80% actively integrated)
Integration requests pending: 34 (average 2 weeks to integrate)
Status: ON TRACK
Strategic Objective 4: Achieve 95%+ customer satisfaction rating
Current NPS (Net Promoter Score): 52 (target: 60+)
CSAT (Customer Satisfaction): 88% (target: 95%)
Churn rate: 2.1% monthly (target: <.5%)
Status: AT RISK
Strategic Objective 5: Become carbon-neutral by 2027
Current emissions: 45,000 MT CO2e (baseline: 50,000 MT)
Reduction: 10% (on track for 85% by 2027)
Status: ON TRACK
Business Rule Violations:
Pricing Rules:
- Customers paying wrong rate: 12 (0.28% of customers)
- Discount violations: 4 (code applied incorrectly by support team)
- Status: Expected minor violations
Financial Rules:
- Customers with accounts >30 days past due: 89 (2.1%)
- Accounts suspended (payment failure): 23
- Status: Within acceptable bounds
Data Rules:
- Cross-customer data exposure incidents: 0
- Data deletion requests delayed: 3 (under 90-day SLA)
- Status: COMPLIANT
Budget Status:
Infrastructure Spending: $28.2k/month (vs. $30k budget)
- Current spend: 94% of budget
- 6-month trend: Steady (good cost controls)
Tools & SaaS Spending: $19.8k/month (vs. $20k budget)
- Current spend: 99% of budget
- 6-month trend: Increasing (need to optimize)
Total Spending: $48k/month (vs. $50k budget)
- Current spend: 96% of budget
- Within tolerance
Performance Constraint Compliance:
Uptime: 99.92% (SLA: 99.9%)
- Status: ✓ COMPLIANT
- Last incident: 1 hour, Mar 15 (update issue)
Response Time (p95): 485ms (requirement: <00ms)
- Status: ✓ COMPLIANT
- 6-month trend: Stable
Compliance Status:
GDPR:
- Data subject access requests: 89 (avg 18 days response)
- SLA: 30 days ✓ COMPLIANT
HIPAA:
- Covered entities using platform: 34
- Compliance audits: 1 (passed)
- Status: ✓ COMPLIANT
SOC 2 Type II:
- Last audit: 2025-04-01 (PASSED)
- Next audit: 2026-04-01 (in 11 days, preparation underway)
- Status: ✓ ON TRACKWhy it matters: Validates that enterprise architecture is enabling business strategy and objectives are being achieved.
Strategy Alignment: Using the Why Column
The Why column enables comprehensive strategy alignment:
- Row 1 alignment: Business and IT agree on strategic objectives.
- Row 2 design: Business model and operational rules defined.
- Row 3 architecture: System requirements flow from business model.
- Row 4 implementation: Constraints and trade-offs guide implementation.
- Row 5 deployment: Business rules are encoded in systems.
- Row 6 monitoring: Metrics track progress toward strategic objectives.
This ensures enterprise architecture is driven by business strategy, not technology preferences.
Common Mistakes in the Why Column
-
No strategy: Not defining why the enterprise exists or what it's trying to achieve. Result: Enterprise wanders aimlessly.
-
Strategy-IT misalignment: IT building architecture that doesn't support business strategy. Result: $millions spent on wrong initiatives.
-
Undocumented business rules: Business rules are "in someone's head" rather than documented. Result: Inconsistent implementation and failures.
-
No business rule enforcement: Business rules defined but not enforced in systems. Result: Customers violate rules with no consequences.
-
Ignoring Row 6 metrics: Never measuring whether strategy is being executed. Result: Course corrections happen too late.
Why Column vs Other Columns
- Why vs What: Why is "motivation," What is "data." We track customer data (What) because we need to improve retention (Why).
- Why vs How: Why is "motivation," How is "process." We automate billing (How) because it reduces costs (Why).
- Why vs Where: Why is "motivation," Where is "location." We replicate to EU (Where) because GDPR requires it (Why).
- Why vs Who: Why is "motivation," Who is "people." We have security team (Who) because data protection is business critical (Why).
- Why vs When: Why is "motivation," When is "timing." We process orders nightly (When) because it's cost-effective (Why).
Industry Examples: The Why Column
Banking
- Strategy: Provide trusted financial services to underserved communities
- Business Rules: Know Your Customer (KYC), Anti-Money Laundering (AML), regulatory capital ratios
- Constraints: Regulatory (Fed, OCC, FDIC), compliance (Dodd-Frank), risk limits
Healthcare
- Strategy: Improve patient outcomes and reduce healthcare costs
- Business Rules: HIPAA privacy, informed consent, medical protocols
- Constraints: Regulatory (FDA, CMS), malpractice liability, insurance limits
Retail
- Strategy: Provide convenient, affordable shopping experience
- Business Rules: Price matching, return policies, inventory thresholds
- Constraints: Competitive pressure, seasonal demand, supplier contracts
Strategy & Rules Best Practices
-
Document strategy explicitly: Written mission, vision, strategic objectives. Not just in someone's head.
-
Cascade strategy to architecture: Ensure enterprise architecture supports strategic objectives. Use TOGAF or similar frameworks.
-
Encode business rules in systems: Don't rely on humans to enforce rules. Automate what you can.
-
Monitor strategy execution: Track progress toward strategic objectives. Adjust course quarterly.
-
Review business rules regularly: Business rules change (e.g., regulatory changes). Review and update at least annually.
Key Takeaways
-
The Why column describes strategy and business rules: It answers "why do we do things this way and what constraints apply?"
-
Six perspectives provide a complete strategy view: From business vision to live metric execution.
-
Strategy must drive architecture: If architecture doesn't support strategy, change the architecture (or the strategy).
-
Business rules must be documented and enforced: Not just guidelines; actual rules enforced by systems.
-
Monitor strategy execution: Regular reviews ensure enterprise is progressing toward objectives and course-correcting when needed.
Next Steps
- Review Complete Zachman Matrix Overview to see all six interrogatives together.
- Read Practical Application: Strategic Alignment for real-world examples.
- Explore TOGAF and Zachman Integration to see how frameworks work together.
The Why column is the foundation of strategic alignment and business-IT integration. Master it, and you master the art of linking enterprise architecture to business success.
Meta Keywords: Zachman Why column, business strategy, business rules, constraints, objectives, strategic alignment, enterprise architecture.