Patch Management Policy

Objective

The purpose of this policy is to define the way in which FundApps manages patching of its Information System.

Scope

The policy applies to all FundApps managed Information Systems.

Policy

End user computers

End user computers must receive system patches automatically. Users must not be able to defer patching for more than 30 days.

Servers

Proxy servers

Proxy servers must be cycled at least on a monthly basis, and must be built using an image including the latest system patches.

Web servers

Web servers must receive system patches automatically every month.

Other servers

Other servers must receive system patches at least every 3 months.

PreviousData Retention PolicyNextCryptographic Policy

Last updated

Was this helpful?