Patch Management Procedure Template
The patch management lifecycle involves a number of key steps.
Patch management procedure template. Although the practice sounds straightforward. Liaisons patch management policy and procedure provides the processes and guidelines necessary to. Policies and procedures shall be established and implemented for vulnerability and patch management. Patch management is simply the practice of updating software with new pieces of code most often to address vulnerabilities that could be exploited by hackers but also to address other problems in the existing program or add new functions to it.
In developing your patch management process you need to review your environment and use this assessment to develop appropriate strategies. Establish a patch management policy. Patch management policy v1 5 5. Industry standards for patch management.
11 all employees performing roles of system or application administrators managing university ict services and systems. All it systems as defined in section 3 either owned by the university of exeter or those in the process of being developed and supported by third parties must be manufacturer supported and have up to date and security patched operating systems and application software. A good patch management program includes elements of the following plans. Preparation vulnerability identification and patch acquisition risk assessment and prioritisation patch testing patch deployment and verification.
Stiu has an obligation to provide appropriate protection against malware threats such as viruses trojans and worms. Heres a sample policy you can modify for your organizations needs. The process shall ensure that application system and network device vulnerabilities are. Patch management policy rationale stamford international university stiu is responsible for ensuring the confidentiality integrity and availability its data and that of customer data stored on its systems.
This procedure also applies to contractors vendors and others managing university ict services and systems. Maintain the integrity of network systems and data by applying the latest operating system and application security updatespatches in a timely manner establish a baseline methodology and timeframe for patching. Configuration management plan patch management plan patch testing backuparchive plan incident response plan and disaster recovery plan. Information security patch management procedure a.
Patch management program management policies are codified as plans that direct company procedures. Evaluated regularly and responded to in a timely fashion. Given the current state of security patch management can easily become overwhelming which is why its a good idea to establish a patch management policy to define the necessary procedures and responsibilities.