Would you buy a product or service that did not include some type of warranty? If the manufacturer or reseller does not explicitly set the expectations, then you will form them for yourself. It is the same with the customers of your IT services. Either IT clearly sets the expectations, or end-users will develop them on their own. Best practice tells us that during the negotiation and acceptance of Service Level Agreements, IT commits that services not only meet business and customer outcomes but also that they will meet requirements for availability, capacity, continuity and security. Ok… that is good. Best practice tells us to include these so called “non-functional” requirements early in the lifecycle of a service. In reality these warranty requirements are often considered somewhat in the Strategy/Design stage but more often than we would like to admit the majority of the work and effort for security and availability are performed reactively in the Service Operation lifec