Dell White Paper Sample

Policies and procedures provide the framework to successfully implement and maintain organizational actions -- specific to information system vulnerabilities and security patching, effective policies and procedures provide this framework to support initiatives and actions to secure and keep secure affected systems. The process under which these actions occur is called patch management.

Timely patching of every organization’s information technology systems is critical to maintaining the operational availability, confidentiality, and integrity of information assets. Failure to keep operating system and application software patched increases the potential risk of serious financial, legal and reputation losses due to information compromise. Losses may result if such assets are compromised as a result of a Internet worm, virus outbreak, or a hacker gaining access through exploitation of unpatched (or otherwise poorly-protected) system vulnerabilities.

For an organization to succeed at effectively managing its system patching, executive management, working with security managers who operate the program, must initiate and support an organizationwide Security Vulnerability and Patch Management Program. This document presents the essential elements for an effective Security Vulnerability and Patch Management Program.