Manage Learn to apply best practices and optimize your operations.

Approach patch management from a policy perspective

I am in charge of developing a patch management policy for our organization (about 450 users). Before I begin creating a patching framework specific to my environment, are there any specific factors I should take into consideration?
It's great that you are approaching the issue of patch management from a policy perspective first -- this is definitely one of the keys to success. For an organization of your size, I would not make the policy overly complicated. At a minimum, ensure the following issues are accounted for in your policy:
  • Proactively monitoring security issues and patch releases from key vendors

  • Prioritizing and scheduling patches in your environment

  • Testing patches in your environment before widespread rollout

  • Tracking changes and updates to your environment (change management)

  • Regularly auditing the environment to ensure compliance with general patch management guidelines

For further detail on these issues, see my white paper published on the patchmanagement.org site.

Other resources that should assist you with designing your policy include:

Dig Deeper on Windows applications

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.