Audit and Assessment
Regular audit and assessment helps gauge the success and extent of patch management efforts. In this phase of the patch management program, you are essentially trying to answer two questions:
- What systems need to be patched for any given vulnerability or bug?
- Are the systems that are supposed to be updated actually patched?
The audit and assessment component will help answer these questions, but there are dependencies. Two critical success factors are accurate and effective asset and host management. Often, these related goals of asset and host management are addressed by a single product, such as with Tivoli, Unicenter, or SMS. The major requirement for any asset management system is the ability to accurately track deployed hardware and software throughout the enterprise, including remote users and office locations. Ideally, host management software will allow the administrator to generate reports (e.g. all clients without a given hot fix, all versions of particular applications) that will be used to drive the effort toward consistent installation of patches and updates across the organisation.
System discovery and auditing are also components of the audit and assessment process. While asset and host management systems can help you administer and report on known systems, there are likely a number of systems that have been either unknowingly or intentionally excluded from inventory databases and management infrastructures. System discovery tools can help uncover these systems and assist in bringing them under the umbrella of formal system management and patch compliance. Organsations typically use either their own discovery and assessment mechanisms or one of the various managed vulnerability assessment tools. Regardless of the tools used, the goal is to discover unknown systems within your environment and assess their compliance with organisation update and configuration guidelines.