Change & Patch Management Procedure
Document ID : Change & Patch Management Procedure ver1
Created on : 29-12-2020
Prepared By : Shaik
Approved By : Soundarrajan
    Change and Patch Procedure    
Internal 2 of 4
1. Scope
  Information Change and Patch Management procedure applies to all individuals that  install, operate or maintain Information Resources as per Change Management policy and  & Policy.
2. Definitions /   Acronyms 
PTR  Project Tracking and Reporting
AM  Account Manager
PM  : Project Manager
TM  : Technical Manager
3. Inputs
IT Helpdesk
Change Request Form
Audit Findings
ISMS Steering Committee suggestions.
Automated patch installation request through centralized server.
4. Entry Criteria
Change initiated due to technological changes/requirements
Change initiated due Client Requirements
Change initiated due to vulnerability
Change due to audit findings
Change due to Software Process Improvement Suggestions
Request for installation is thrown automatically through centralized server
5. Tasks
5.1. Change Control
Any change in the Network Architecture, Servers, Desktop is initiated through  Change Request Form / Email  Change Management Process.
A control number is allotted to each change by Change coordinators.
Approval for implementation is sought IT Head.
Business requirement for the change and its impact on other systems be analyzed. By  IT Team in with the respective AM/PM/IT Head
In case, piloting of change request is necessary, it is conducted actual operating  conditions.
Pilot results are analyzed a report is submitted concerned stakeholders for further  approval.
Once the pilot is analyzed then actual implementation of is initiated.
groups/ departments are informed about the changes and its impact.
    Change and Patch Management Procedure    
Internal 3 4
After successful implementation of changes, all results are documented for future  references.
Fig: Chart: Change Management
    Change and Management Procedure    
Internal 4 of 4
5.2. Patch Management
All security, critical patches, service packs other are directly downloaded at  server WSUS and from there it based groups to computer at  Information Dynamics.
Patches Approved on Server then downloaded it automatically to all  information systems and users are notified for further on PC. Patches are  installed automatically on user’s machines it needs a re- of the system, system  prompts for restart new critical and security patches are pushed to user’s machine  automatically from the Patch Management server. Critical and patches are 
installed on the servers automatically the servers are restarted by the system  administrator.
6. Review and Audits
Implementation Report
Change Request updated
Impact Analysis
7. Outputs
Impact Analysis Report
Implementation Report
8. Summary

Tasks

Responsibility  

Verification/ Validation  Mechanism 

Approval authority  

Initiate request change 

User

Periodic Review Meetings

--

Impact analysis 

Department Heads

Periodic Review Meetings

--

Final approval 

Head

Periodic Review Meetings

--



















9. References
Communications & Operations Management Policy