Skip to content
contact us | home | accessibility


Google Custom Search
good practice and innovation
about us infoKits Tools & Techniques Publications Events
You are here: Home » infoKits » System Implementation infoKit » Conducting a System Implementation » Go-Live and Beyond » Software Support: Patch Management

Patch Management

The software supplier will regularly provide interim software releases to resolve problems raised by any of its customers and eradicate 'bugs' found during investigation of those problems. These interim software releases are called patches and are often numerous, particularly if a new module has recently been introduced or the system is immature and, consequently, not as robust as a fully developed product. Suppliers often request customers to install patches soon after they have been released, and this can be particularly annoying because it demands very careful version control, is not always an easy or inexpensive exercise and the patches do not necessarily cover the parts of the software that the institution is using.

Suppliers also regularly provide new versions of the software called upgrades and these contain both bug fixes and enhancements to improve or extend the functionality of the system. Suppliers usually dictate that upgrades must be installed within 6 or 12 months of their release along with all patches previously issued since the last upgrade.

Patch management is the process of deploying those patches and upgrades into the live running system and maintaining them thereafter, and is usually the responsibility of TSP. Patch management can be onerous at times, but if it is done properly, it enables the institution to maintain operational efficiency and effectiveness, overcome security vulnerabilities, maintain the stability of the system and entitles the institution to receive full support from the supplier. Unfortunately, suppliers sometimes refuse to investigate problems if the latest patch has not been utilised, even though the patch may not be entirely relevant to the cause of the problem.

A number of products are available to assist organisations by automating the patch management tasks, but they can prove expensive and must be carefully evaluated to ensure that they provide the required facilities and services. It may be preferable for an institution to contract with the supplier for patch management and rely on them to select an appropriate product.
Bookmark and Share
Link to the JISC Website

© 2012 Northumbria University, on behalf of JISC Advance
JISC infoNet is a JISC Advance service
This website is powered by Plone

Creative Commons

 JISC Advance logo
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)