Documentation
HECVAT Full v3.0.6
Change Management
CHNG-10

Question CHNG-10

Do you have policy and procedure, currently implemented, managing how critical patches are applied to all systems and applications?

Weight20
High RiskNo
RequiredYes
Compliant AnswerYes

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

State your plans to implement policy and procedure(s) to manage how critical patches are applied to systems and applications.

Answering "YES"

Summarize the policy and procedure(s) managing how critical patches are applied to systems and applications.

Reason for Question

Answers to this question will reveal the vendor’s knowledge of their IT assets and their ability to respond to notifications about their systems and software.

Follow-Up Inquiries

Follow-up inquiries for the vendor’s patching practices will be institution/implementation specific.

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]

CHNG-09CHNG-11