---
title: "Why Architecture Over Enforcement Allows Small Teams to Scale Governance"
url: "/node/9847"
type: article
date: 2026-05-21
updated: 2026-05-21
---

# Why Architecture Over Enforcement Allows Small Teams to Scale Governance

Image

                ![Article graphic titled “Why Architecture Over Enforcement Allows Small Teams to Scale Governance” with the tagline “Build governance into the platform, not the process.” Blue background with bold typography focused on scalable state government digital governance.](/sites/default/files/styles/promo_medium/public/2026-05/Architecture%20Over%20Enforcement.png.webp?itok=jYUAeVDs) 

##  [Darren Petersen](/about/darren-petersen) 

 ![Darren Petersen wearing a blue button down shirt with white polka dots in front of a gray background](/sites/default/files/styles/square_120x120/public/2023-06/darren-petersen.jpg?itok=gkpt08k6)

VP of Projects

Director of Projects with expertise in enterprise-level Drupal projects.

Across your state's web ecosystem, you're likely dealing with these ongoing challenges: inconsistent branding from agency to agency, accessibility issues that create legal exposure, and quick-fixes, such as uploading PDFs where web pages should be. The result is an inconsistent, often inaccessible experience for the constituents these sites exist to serve.

Your websites don't get messy because agencies don’t care. They get messy because the people who own the sites are busy wearing multiple hats, and your central digital team lacks the capacity to oversee everything at scale.

Your digital services team sets standards, publishes guidelines, and reviews agency sites. This approach works for a while, but as the platform grows, the burden of oversight increases with it.

Eventually, your digital services team becomes a bottleneck, and agencies adapt by going around the system. They publish without approval, build ad hoc workarounds, and ignore the brand, accessibility, and governance standards in the process.

In response, your team ends up policing the platform instead of improving it—reviewing content, approving requests, and tracking down issues across agencies. It’s a model that only scales so far, and most state digital teams reach that limit sooner than expected.

## You can't hire your way to compliance

No central team can realistically review, approve, and monitor every agency site across a statewide platform. The math doesn’t work. Even if you had the budget to hire more reviewers, those resources would be better spent improving the platform and strengthening agency relationships. These things prevent non-compliance in the first place.

When something, such as a non-compliant page, an off-brand design, or an inaccessible form slips through, the response is often more oversight. More approvals, more audits, more sign-offs. Each one feels like a reasonable response to a specific failure, but together, they make the bottleneck even worse.

Meanwhile, agencies are dealing with their own priorities. For example, a benefits coordinator at the Department of Health isn't thinking about governance or publishing standards. She's trying to get information online for those who need it. When it takes five minutes to upload a PDF, but getting approval for a web update takes two weeks, the PDF is going up. That’s not agencies ignoring the rules. It’s people finding the fastest way to get their job done.

The bigger problem is that enforcement kicks in only after something goes wrong, rather than acting as a preventive measure. And as long as this cycle continues, governance remains a reactive game of whack-a-mole for teams already stretched too thinly.

## The solution: architecture that governs when no one is watching

The fix isn't to hire a larger team of reviewers; it’s to build governance into the platform so the right decisions happen by default. Architectural governance works through four interconnected layers:

- A design system that makes non-compliance structurally difficult
- Content tooling and training that covers what the platform can't
- Dashboards that surface issues without requiring agencies to report them
- A decision-making process that keeps new requests from piling back up on your desk.

Each layer works together to replace the manual compliance cop with an automated system that governs by default.

### The design system: make non-compliance hard to build

A shared design system is the foundation of architectural governance.

When Iowa's Division of Information Technology (DoIT) [consolidated over 80 agency websites onto a single DX platform](https://www.lullabot.com/our-work/state-iowa-marketing), it faced a challenge every state digital team eventually encounters: maintaining consistent standards across agencies with wildly different needs and staff capacities.

To solve the problem, they invested in a platform-wide design system. Agencies working within the platform have access to a library of approved components they can arrange and populate with content. What they can't do is crack open the code and override the design. The components handle contrast ratios, heading hierarchy, and semantic markup before any editor logs in.

With a design system in place, a two-person office in a state public defender's office can publish content that meets the same accessibility and visual standards as a department of transportation's flagship site. The platform’s architecture makes it impossible to do it wrong.

There is a trade-off, however. When agencies lose access to the code, they let you know about it. But what the platform offers in return is time—time that would have gone to custom builds and compliance fixes rather than to the work those agencies exist to do.

Even the most skeptical agency directors usually come around once they see the time savings in action. But the design system only goes so far on its own. It governs structure and visual consistency. It can't govern the copy on the page.

### Tooling and training: govern what the platform can't

Alt text, reading level, and heading structures depend on what editors write, not how components are configured. For example, a benefits eligibility page can meet every structural standard but still contain language that's difficult for constituents to understand.

That gap is closed by using a combination of tooling and training. Tooling allows the CMS to surface accessibility alerts in real time as editors work, catching content-level issues before anything gets published. Training covers what tooling can't.

Most agency contributors aren’t web professionals and never will be, but they still need the ability to publish content that people can find, read, and act on. An editor who understands the *why* of compliance, working in a platform built to support them, will consistently outperform a skilled editor fighting a system that offers no guidance.

Even with the right tools and training in place, problems will still surface after publication. That's where monitoring comes in.

### Dashboards: monitor without asking

Your team's job shifts from auditing to monitoring. Auditing is reactive. You look at the finished work and try to catch what went wrong. Monitoring, on the other hand, is proactive. You watch patterns across the whole platform and flag what needs attention before it becomes a problem. And you don’t have to tap agencies on the shoulder to ask for a report.

[Georgia's GovHub platform](https://www.lullabot.com/our-work/govhub-building-georgias-digital-future) put this concept into practice. The platform aggregates accessibility and performance scores across the state’s digital ecosystem into a single dashboard view, powered by SiteImprove. Every agency can see how they score relative to other agencies. There's a leaderboard quality that motivates action more reliably than any directive from your office.

Image

   

   

 ![Screenshot of the Georgia Analytics Program (GAP) Site Performance Score dashboard showing state government website performance metrics for accessibility, quality assurance, and SEO. The table highlights Georgia agency websites with high GAP scores, including the Department of Juvenile Justice, Department of Banking and Finance, Georgia Secretary of State, Veterans Services, and Georgia Data Analytics Center, with most agencies scoring above 90 and earning an “A” rating.](/sites/default/files/styles/wide_xs/public/2026-05/Screenshot%202026-05-21%20at%201.34.35%E2%80%AFPM.png.webp?itok=ZUU1qEFa)

Design your monitoring with agency capacity in mind. Larger agencies can dig into their traffic data and act on it. Smaller offices need automated flags that tell them when something's wrong and what to fix. Build for both.

### A governance model: distribute decisions before they pile up

Even the best platforms generate requests, from new feature needs and edge cases not covered by the design system to uncommon agency use cases. Without a process for handling them, they all flow back to your team. Before you know it, your team is the bottleneck again.

However, a steering committee addresses this directly. When the platform doesn't meet an agency's needs, the first step is to create a cross-agency committee. This committee evaluates the request against shared criteria:

- How many agencies need this?
- Where does it fit in the roadmap?
- What's the level of effort?

The committee distributes decisions and produces better ones. Needs that seem unique often turn out to be shared. Developers get prioritized direction, while agencies get a chance to advocate for themselves and a rationale for the decision.

For instance, Iowa's Department of Natural Resources needed a searchable fish-finder database, a one-off request unique to this particular agency. The committee's answer was to set up a dedicated subdomain application outside the shared platform. The agency got a specialized tool without having to pull it into a system built for something else.

## Build the system. Get out of the queue.

When the system works, the central team's role changes fundamentally. The platform, along with its tooling and training, prevents most compliance issues before they occur. Dashboards surface what they can't. And the steering committee handles requests that need a decision. Your job becomes building and maintaining the system rather than manually managing everything that flows through it.

Getting there isn't always comfortable. Agency web directors may start as skeptics. [Building trust and buy-in is as important as building the architecture](https://www.lullabot.com/articles/state-government-digital-ecosystem-governance-without-mandate).

Iowa built systems before expecting statewide compliance. Georgia built relationships before building mandates. In both cases, the central team stopped trying to be everywhere at once and built something that could govern at scale.

Scaling governance starts with understanding your current position: which processes could be automated, which platforms need consolidation, and where a small team can do the most without adding headcount.

Our Digital Ecosystem Maturity Assessment helps state digital teams figure out exactly that.[ Learn more about our assessment.](https://www.lullabot.com/services/digital-ecosystem-maturity-assessment)

[Digital & Content Strategy](/topics/content-strategy)

Most state digital teams can’t scale governance through approvals and oversight alone. Learn how platform architecture and design systems reduce bottlenecks and improve consistency.