It amazes me just how many people I see in infosec, and IT in general, that simply don’t test (or prove something functions correctly).  I would argue it is one of the most important aspects in our day-to-day activities and it just doesn’t get the attention it so deserves.  You should always test, re-test, re-re-test, then test again.