Framework
Functional requirements: What the system does Non-functional requirements: How well it does it
| NFR Type | Examples |
|---|---|
| Performance | Latency < 200ms, throughput > 1000 req/sec |
| Reliability | 99.9% uptime, recover from failures in < 5min |
| Scalability | Handle 10x traffic surge without degradation |
| Security | Encrypt all data in transit, no SQL injection |
| Usability | Accessible to color-blind users, intuitive UI |
| Compliance | GDPR-compliant, SOC 2 certified |
Most PMs focus on functional. Non-functional requirements differentiate.
Actionable Steps
1. List Non-Functional Requirements
For each major feature, specify performance, security, scalability requirements.
2. Define Acceptance
NFRs are testable. "Secure" isn't enough. "No unauthenticated access to user data" is.
3. Monitor Post-Launch
Track: Latency, uptime, security incidents. If trends degrade, fix.
Key Takeaways
- Non-functional requirements are often forgotten until they fail. Specify upfront.
- Test NFRs as rigorously as functional requirements. Load testing, security audits, etc.