Patch Management Strategy
Table of Contents1 Introduction 2 Strategy 2.1 Detect Generate list 2.2 Assess Retrieve collection of patches Filtering collection of patches Assessment for each patches for the impact of customer environment Agreement on the patches list with customer 2.3 Test Testing 2.4 Plan Agreement of patching list Change management process 2.5 Deploy Patch deployment Verification
2.6 Validate 3 Appendices Appendix A – Windows 2003 Appendix B – Windows 2008 1 IntroductionThis documentation is a standard patch management strategy for DSC MY. Information described on this documentation can be used by the collaborative partnership team members to use as patch management strategy.This strategy applied to every customer under DSC MY (unless there are some exclusion based on aggrement)2 StrategyIntroduction : There are 6 phase in the strategy that will use as standard patch management. Below is the phase :DetectAssessTestPlanDeployValidate2.1 DetectIntroduction : The detection will be done manually by monthly OR quarterly basis and will trigger the patch management process. Output : List of missing patches in customer environment / supported servers. Process : Generate listGenerate listList can be generate either from :Using MBSAList provided by customer2.2 AssessIntroduction : Assessment will be determine the severity of the issue(s) addressed by the patch and the mitigating factors that may influence the decision. By balancing the severity of the issue and mitigating factors, it will determine if the vulnerabilities are a threat to current environment.