IAB Interactive Standardized Equipment List   return to main tree

Search Interactive SEL:



[05NP-00-SIEM] Prev [05SM-00-ITAM] Next
SEL Number: 05PM-00-PTCH
Title: System, Patch/Configuration Management


Last Updated: 8/20/2021 11:37:49 AM

Previous SEL Number: 05PM-00-PTCH

Description: System to manage the update and installation of patches, applications, and/or operating systems utilized by an organization in order to maintain current "version control."

This functionality may also be obtainable via subscription as a cloud-based service using a web browser interface, as opposed to purchasing software. However, special security considerations apply for data stored remotely. See 04AP-11-SAAS for further information.

ImportantFeatures: Record keeping of existing versions on different clients, date of last change, etc.
System automatically gathers current versions from assorted vendors for pushing out to clients.

Operating Considerations: May require the installation of client software on all managed devices (workstations, servers, etc.). This can be a significant task, and any required client software should be checked for compatibility with hardware/operating system/software suites in use prior to procurement.
Some products may track only operating system software. However, vulnerabilities in applications and network devices such as routers are also important and should be included in any patch management plan.
Regular third-party vulnerability assessments should also be performed.

Training Requirements: Core Training: Per Manufacturer's Specifications
Initial Training: Extensive (> 2 days)
Sustainment Training: Extensive (> 2 days)

Mandatory Standards:

Applicable Standards and References: