As anyone who has read even a cursory CISSP study guide knows, the basic tenets of security as viewed by ISC2 are the CIA triad. These are broken down into Confidentiality, Integrity and Availability. I have seen far too often people focus on Confidentiality and Integrity at the expense of Availability.
In my experience, the situation where Availability most often breaks down is in regards to personnel. I have seen too many instances where there is one "architect" for an environment, a technology, or a software package. If that person were to die, win the lottery, or quit, there would be serious issues with replacing them. More consideration needs to be taken when planning staffing needs as to whether there needs to be redundancy in the position.
For example, if you have an administrator who designs and maintains your VPN environment for 10,000 remote users, you will want to consider that if that person were suddenly unavailable you would likely be in serious trouble. In a situation like this, the environment is complex enough that a person that functioned as their secondary backup would not be familiar enough with the environment to troubleshoot difficult break/fix situations efficiently.
More...