Patch Management Strategy

Table of Contents

1 Introduction        

2 Strategy        

2.1 Detect        

Generate list        

2.2 Assess        

Retrieve collection of patches        

Filtering collection of patches        

Assessment for each patches for the impact of customer environment        

Agreement on the patches list with customer        

2.3 Test        

Testing        

2.4 Plan        

Agreement of patching list        

Change management process        

2.5 Deploy        

Patch deployment        

Verification        

2.6 Validate        

3 Appendices        

Appendix A – Windows 2003        

Appendix B – Windows 2008        

1 Introduction

This documentation is a standard patch management strategy for DSC MY.  Information described on this documentation can be used by the collaborative partnership team members to use as patch management strategy.

This strategy applied to every customer under DSC MY (unless there are some exclusion based on aggrement)

2 Strategy

Introduction : There are 6 phase in the strategy that will use as standard patch management. Below is the phase :

1. Detect
2. Assess
3. Test
4. Plan
5. Deploy
6. Validate

2.1 Detect

Introduction : The detection will be done manually by monthly OR quarterly basis and will trigger the patch management process.

Output : List of missing patches in customer environment / supported servers.

Process : Generate list

Generate list

List can be generate either from :

1. Using MBSA
2. List provided by customer

2.2 Assess

Introduction : Assessment will be determine the severity of the issue(s) addressed by the patch and the mitigating factors that may influence the decision. By balancing the severity of the issue and mitigating factors, it will determine if the vulnerabilities are a threat to current environment.