Process Library

Patch Management

A recurring process to apply security patches on a predictable cadence while expediting anything actively exploited.

IT & Security 6 steps
When to use

On a regular cadence, with a fast path for critical vulnerabilities.

Trigger
Runs when: Scheduled patch cycle or a critical vulnerability disclosure

The procedure

6 steps

  1. Inventory systems and the software versions they run.
  2. Track new vulnerabilities and rate them by severity and exposure.
  3. Test routine patches in a staging path before broad rollout.
  4. Roll out patches on the standard cadence and confirm they applied.
  5. Expedite anything critical or actively exploited outside the normal cycle.
  6. Record what was patched, when, and any system left unpatched with a reason.
Outputs
  • An updated patch status per system
  • Critical vulnerabilities expedited
  • A record of patched and exception systems
Tools
Patch management toolVulnerability feedAsset inventory
Note: Have a fast path for actively exploited bugs. The normal cadence is for hygiene; a vulnerability under attack does not wait for your calendar.
Download .md

Use this SOP in OrgTP

Don't just download it. Drop this SOP onto a seat in OrgTP and every AI agent under that seat inherits and runs it at runtime — with the trigger, steps, outputs, and tools already filled in.

Use in OTP → Browse more SOPs
Related searches
patch management sop vulnerability management process security update checklist patching cadence cve response

Related SOPs

IT & Security
Access Provisioning
6 steps
IT & Security
Access Review
6 steps
IT & Security
Security Incident
6 steps
IT & Security
Backup Test
6 steps
← Back to the Process Library