System software patching 842
ugogirl last edited by
What has been your experience in testing the controls for system software patching?
Are you finding any of the following?
- evaluation of patch to be applied
- patches installed in test environment
- test plan document
- testing conducted
- test results recorded
- chg mgt procedures being followed
- mgt approval to apply to production
I’d be interested in hearing your experiences and what you are finding.
ForensicComputerExaminer last edited by
My experience is that IT staff tend to do whatever they want. Therefore, it is important that management advertise support for ‘the new S-OX controls’ ina software shop. And, hold staff accountable when they don’t follow the ‘new’ rules.