Begin Main Content Area

L&I, Office of Information Technology Procedure


Name: Standard System Patching
Effective Date: May 2017
Category: System Management
Version: 1.1

1. Scope:

This procedure applies to all Department of Labor & Industry (L&I) employees and business partners (hereinafter referred to collectively as “L&I Users”).

2. Procedure:

The procedure is implemented by Office of Information Technology (OIT) personnel in various bureaus, and L&I Users.

  1. Procedure to apply system & security patches:

    Step Responsibility Action
    1. OIT Establish scheduled scans for malicious code during setup.
    2. OIT Monitor for new vulnerabilities and verify applicability to IT Equipment and systems.
    3. OIT Use automated tools to deploy system and security patches to all IT Equipment.

  2. Procedure to apply system & security patches for L&I Users who work remotely:

    Step Responsibility Action
    1. L&I User Connect to the L&I network (either directly or via VPN) at least every two weeks or ten working days.
    2. L&I User Maintain the connection to the L&I network for no less than two hours or until system updates and patches are completely applied.
    3. L&I User Run system scans for viruses and malicious code at least weekly.

3. References

L&I Policy Definitions Document
SEC-011 - Remote Access to the Commonwealth Network
SYM-004 - System Maintenance Policy

4. Version Control

Version Date Purpose
1.1 05/2017 Base Document