~3-page information security policy template on patching/updating computer software.
 
Patching and updating software involves balancing the associated risks and costs, and protecting the organisation’s interests through pre-release testing, backups, business continuity and management authorisation.
 
Failing or unnecessarily delaying security the deployment of patches leaves systems vulnerable.  The longer they are exposed to the threats, the more likely incidents will occur.
 
Conversely, deploying patches too quickly without adequate checks can disrupt production services, affecting the availability of information.
 
Supplied as an MS Word document, readily customised for your organisation's specific situation.