Non-Functional Requirement Examples

1.1 Performance
Characterized by the amount of useful work accomplished by a computer system compared to the
time and resources used. Considerations:

 Data throughput, volume, compression, transmission

 Response time for transactions (real, perceived, expected)
 System capacity
 Speed and accuracy of processing
 Network latency (local, national, and international usage)
 Line speed
 Load distribution based on activities, events, dates, transactions, or users
 Load distribution over time (hourly, daily, weekly, monthly, or yearly cycles)
 Average, spikes, peaks
 Server load
 Multiple applications running simultaneously or shared components of the system (web server,
application server, db server)
 Utilization
 High availability
 Bandwidth

1.2 Scalability
A desirable property of a system, a network, or a process, which indicates its ability to either
handle growing amounts of work in a graceful manner or its ability to be enlarged. Considerations:

 Ability to accommodate product releases

 Change in throughput
 Change in number of users
 Change in number of transactions
 Change in level of support
 Change in memory requirements
 Horizontal scalability (adding similar components)
 Vertical scalability (adding capacity to existing components)

1.3 Capacity
Consideration of system load at any given time. Considerations:

 Memory
  Database size
 Number of users
 Number of transactions processed
 Rate of growth

1.4 Availability
Defines when the product is available. Considerations:

 System up-time
 Defined maintenance window
 Dependence on other systems
 Restore and reactivate procedures
 Alternative processes and fail-over plans
 Cost of unavailability (cost of impact to client)

1.5 Reliability
Addresses the acceptable defect rate or failure rate of the delivered product. Considerations:

 Degree to which the product performs to expectations

 Anticipated frequency or timing of failures
 Expected cause of failures
 Acceptable recovery time (downtime)
 Mechanism for recording and tracking faults and failures

1.6 Recoverability
Addresses the ability to recover from unexpected interruptions such as power failure, product
failure, lost data, sabotage, and acts of nature, war, terrorism or vandalism. Considerations:

 Acceptable response time to recover

 Mission criticality of products
 Responsibilities
 Organizational practices and standards
 Disaster recovery drills
 System backup and restore procedures
 Data and system level recovery
 Alternative practices and fail—over plans
  Back-out procedures for a mid-transaction crash
 Penalties for failure to recover in acceptable time

1.7 Maintainability / Serviceability

Addresses the ease with which the product accepts repairs or adapts to new functionality. This
establishes the process by which problems are reported and resolved. Considerations:

 Defined maintenance window, possibly across time zones

 Procedure for emergency fixes
 Meantime to repair
 Support logistics (on-site, remote help desk)
 3rd party service contracts
 Support responsibilities

1.8 Security
Addresses the degree need for protection against danger, damage, loss, and criminal activity.
Security, as a form of protection, is structures and processes that provide or improve security as a
condition.

Data - Addresses data security in terms of access restrictions placed on users and other systems.
Considerations:

 Privacy
 Industry standards
 Data, screen, or application level controls
 Data transmission protocols
 Encryption
 Remote access
 Multi-system access
 Password control (including constraints for password content, re-use, and frequency of change)
 Export compliance
Software - Addresses software security from unauthorized access and modification to programs.
Considerations:

 Client processes or methods

 Valassis processes or methods
 Project change control process
 Coding standards
Authorization - Addresses how authorization is assigned. Considerations:
  Who assigns authorizations
 Who designates alternate authorized users
 How access is assigned (named individuals, group ids, roles, job function)
 Procedure of obtaining temporary access
 Procedures for changing passwords

1.9 Legal / Regulatory

Addresses legal or regulatory constraints that are not covered in the functional requirements.
Considerations:

 Laws
 Government regulations and standards
 Labor contracts
 Supplier contracts
 Intellectual property protection
 Copyrights
 Patents
 Export compliance

1.10 Data Integrity

Addresses the integrity of the data. Considerations:

 Timeliness (how current must information be)

 Database replication
 Process sequencing
 Language translation
 Accuracy (specific values, free text)
 Data quality
 Referential integrity
 Content
 Format
 Robustness
1.11 Usability
Addresses the ease with which a person uses the product. Considerations:

 Productivity level of the end user (anticipated error rate)

 User’s experience level (novice or highly trained)
 Diversity in user skills
 Minimum / maximum level of training or support required
 Frequency of product use
 Compatibility or consistency with other client products
 Aesthetics (volume, brightness, color schemes)
 Type of user interaction (real-time, one-way, visual, audible)
 System response to errors and invalid data data entry
 Assistance (on-line help, remote help, problem escalation)
 Degree of user interaction (close monitoring, periodic inspection)
 Multilingual capabilities (for displays, manuals, on-line help, fonts, translation)
 Navigation
 Instructions (format, content)
 Physical limitations of the user
 Interoperability with existing workflows and user processes

1.12 Interoperability
Addresses the need for the product to interface with other applications or systems without
interfering with the operation of those other applications or systems. Considerations:

 Named applications or systems with which to interface

 Messaging format, medium and content
 Compatibility with products from different vendors
 Conversion requirements for hardware, applications or data
 Middleware architecture
 Messaging and transmission protocols
 Frequency
 Multiple time zones
 Process timing and sequencing