Organizational Requirements

No matter the size of your company or your support staff, you will have specific requirements for the staff to ensure a smooth operation. This section looks at requirements for the medium to large organization, as well as the small one-person shop.

Medium to Large Organization

In medium to larger organizations, organizational requirements for the patching process may involve outside parties (such as other company divisions) or clients (such as a telecom group). If a change occurs in the way things work, then your client base will be a downstream recipient of the changes. The changes applied might require a marketing person or training group in the event of a workflow change or new training requirements. Generally speaking, situations that require the interaction of marketing or training and patching are rare.

The patching group should be given the task and authority to conduct the following activities:

  • Track down and document a system-wide inventory that includes servers, desktops, mobile computers, network equipment, firewalls, your CMS, and other corporate information resources.
  • While collecting the inventory, the group should have the skill to identify the operating system version and settings, drivers installed, firmware of machines, and any physical configurations.
  • The person or group should be required to track down and monitor for updates, patches, workarounds, and other issues that could impact your security. The members of this organization ...

Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.