Change & Patch Management Procedure
Document ID : Change & Patch Management Procedure ver1
Created on : 29-12-2020
Prepared By : Shaik
Approved By : Soundarrajan
Change and Patch Procedure
Internal 2 of 4
1. Scope
Information Change and Patch Management procedure applies to all individuals that install, operate or maintain Information Resources as per Change Management policy and & Policy.
2. Definitions / Acronyms
• PTR : Project Tracking and Reporting
• AM : Account Manager
• PM : Project Manager
• TM : Technical Manager
3. Inputs
• IT Helpdesk
• Change Request Form
• Audit Findings
• ISMS Steering Committee suggestions.
• Automated patch installation request through centralized server.
4. Entry Criteria
• Change initiated due to technological changes/requirements
• Change initiated due Client Requirements
• Change initiated due to vulnerability
• Change due to audit findings
• Change due to Software Process Improvement Suggestions
• Request for installation is thrown automatically through centralized server
5. Tasks
5.1. Change Control
• Any change in the Network Architecture, Servers, Desktop is initiated through Change Request Form / Email / Change Management Process.
• A control number is allotted to each change by Change coordinators.
• Approval for implementation is sought IT Head.
• Business requirement for the change and its impact on other systems be analyzed. By IT Team in with the respective AM/PM/IT Head
• In case, piloting of change request is necessary, it is conducted actual operating conditions.
• Pilot results are analyzed a report is submitted concerned stakeholders for further approval.
• Once the pilot is analyzed then actual implementation of is initiated.
• groups/ departments are informed about the changes and its impact.
Change and Patch Management Procedure
Internal 3 4
• After successful implementation of changes, all results are documented for future references.
Fig: Chart: Change Management
Change and Management Procedure
Internal 4 of 4
5.2. Patch Management
• All security, critical patches, service packs other are directly downloaded at server WSUS and from there it based groups to computer at Information Dynamics.
• Patches Approved on Server then downloaded it automatically to all information systems and users are notified for further on PC. Patches are installed automatically on user’s machines it needs a re- of the system, system prompts for restart new critical and security patches are pushed to user’s machine automatically from the Patch Management server. Critical and patches are
installed on the servers automatically the servers are restarted by the system administrator.
6. Review and Audits
• Implementation Report
• Change Request updated
• Impact Analysis
7. Outputs
• Impact Analysis Report
• Implementation Report
8. Summary
Verification/ Validation Mechanism
9. References
• Communications & Operations Management Policy
