Project Quant: Clean Up Phase

We might need to adjust the name for this phase, since we also have "clean up" as part of the deploy phase, but I think it does a reasonable job of representing the issues around redeploying failed updates. This isn't just a time to push out failed updates again, but to figure out why an update failed and any changes required to achieve a successful patch. Back in my operational days this was one of the more frustrating aspects of patch deployment. Most of the time patching went fairly smoothly, but those exceptions could double the amount of time we spent getting any particular update out to the entire organization.

I'm also curious as to what failure rate people see in the reports from their patch management tools. As you'll see when I load up some of the preliminary survey results, most organizations confirm successful patch deployment based on reports from the patch management tool. But in my humble experience, not all tools are completely accurate in confirming a successful deployment -- actually, most have some sort of error rate. Without some additional tool, such as vulnerability management, this could lead to 'stealth' unpatched systems.

Anyway, more on that later, and here's my first stab at detailing out the clean up phase:

—Rich