Please guide me what improvements needed in System Security and Patch Policy of a small business . Case:

Please guide me what improvements needed in System Security and Patch Policy of a small business .

Case:-

Monitoring

Each computer is checked annually for the status of Windows, Microsoft products and antivirus software updates.

Review and evaluation

Once alerted to a new patch, IT support will download and review the new patch and categorise the criticality of the patch according to the following.

●     Critical Windows updates - targets a security vulnerability

●     Not Critical - a standard patch release update

●     Not applicable to the network environment.

Regardless of platform or criticality, all patch releases will follow a defined process for patch deployment that includes assessing the risk, testing, scheduling, installing, and verifying.

Risk assessment and testing

Whizbang Publicity's IT support will assess the effect of a patch to the infrastructure prior to its deployment, and assess the affected patch for criticality relevant to each platform (e.g. servers, desktops, printers, etc.)

If the patch is categorised as Critical, it is assumed that there is greater risk by not implementing the patch than waiting to test it before implementing.

Patches deemed Not Critical will undergo testing for each affected platform before release for implementation.

Implementation

Updates are installed once they have been approved following the annual check.