Citation
National Institute of Standards and Technology, Guide to Enterprise Patch Management Technologies (Draft) (NIST Special Publication 800-40) (Draft) (Rev. 3) (Sept. 2012) (full-text).
Overview
The publication provides guidance for organizational security managers who are responsible for designing and implementing security patch and vulnerability management programs and for testing the effectiveness of the programs in reducing vulnerabilities. The guidance is also useful to system administrators and operations personnel who are responsible for applying and testing patches and for deploying solutions to vulnerability problems.