Measure: PatchAndChangeManagement


Implementation of a concept for the patch and change management in the IT environment. By following this concept, emerging security holes can be closed quickly and any (e.g. software) changes are monitored with regard to security issues. Thus the security of the IT systems of the company is ensured in general.


The concept should clearly define all responsabilites and procedures of the patch and changes management process. Furthermore, the handling of auto-updates that might be implemented in the used software should be regulated.

Event type

Risk reduction mechanism

Threat Types

Action characteristics

event_ measures

Event Consequences