When to use this
Use this checklist before applying patches where testing, change approval, outage planning, or rollback is required.
Related controls
Checklist
- Patch applies to an identified vulnerability or vendor advisory.
- Affected assets are identified.
- Risk of delaying patch is assessed.
- Test environment or staged deployment considered.
- Compatibility and availability impact reviewed.
- Change approval recorded.
- Backup or restore point confirmed.
- Rollback procedure documented.
- Post-patch validation defined.
- Retest or vulnerability verification scheduled.
Patch record
| Patch/advisory | Assets | Test result | Change ID | Deployment date | Rollback available? | Retest result |
|---|---|---|---|---|---|---|
| TBD | TBD | Pass/fail/NA | TBD | TBD | Yes/No | TBD |
- Template
- Iso27001
- Technological controls
- Patch management
- Change control
Note Metadata
Aliases: Patch Rollback Checklist
Source: 90 Templates/Patch Testing and Rollback Checklist.md
Related Notes
- ISO 27001 A.5.37 - Documented Operating Procedures
- A.8.8 Audit Evidence Pack
- ISO 27001 A.8.8 - Management of Technical Vulnerabilities
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.8 Audit Checklist
- Templates MOC