Patch Management Policy

Ref/ID: NCAF031(21) V1.1

Download

The NCA NHS Group has a responsibility to protect the Confidentiality, Integrity and Availability of all data which it stores and processes, and the systems which are used to do so.

The purpose of this Policy is to ensure that all systems in scope are regularly updated with operating system and application vendor patches in order to minimise risks associated with known vulnerabilities.

All staff are responsible for protecting the information assets in their work area and for reporting any risks and incidents using the NCA NHS Group’s Cyber and Emergency Incident Response Procedures.

This policy outlines the NCA NHS Group’s requirements in line with Security and Information legislation and standards

Categories:

  • Finance and digital: Data, Security, Information governance

Published: 01/09/2021

Status: Up to date - due for review on 22/07/2026

Author: Mark.taylor@nca.nhs.uk

Owners:

  • Corporate: Informatics & Digital

Applicable to:

  • Bury Care Organisation
  • Oldham Care Organisation
  • Rochdale Care Organisation
  • Salford Care Organisation
  • Diagnostics & pharmacy
  • Northern Care Alliance (all)