The ability for authorized users to use the system in a manner defined in the policy ## Threats - failures (of hardware or software) - authorized user errors - deliberate attack ## Defense of availability - continuous power supply - redundant service systems - backups - antivirus control