Originally posted here by sentme_mail
but i have an admin who insisted that patches are depolyed due to security flaws and therefore should be grouped under security admin. how will you response to him?
I see someone is trying to play pass the buck here. Try to explain to the admin, what I have tried to explain to you here. Yes, patches are released to fix security flaws, but they are internal to the OS or application and must be viewed as such. If they continue to play pass the buck, I would go to your boss and explain, because of the added work involved with patch management you are going to need 1,2,3 more people in security admin to deal with work the server group refuses to take responsibility for. (that should ruffle some feathers )

Cheers: