Umm Al-Qura University

Umm Al-Qura University

System Maintenance and Upgrading Policy

- 2019/04/09

System Maintenance and Upgrading Policy:

Proper and timely maintenance and upgrading of programs is critical to ensuring the continuity of the operation of all technical resources at the university.


This service covers all servers, computers, networks, operating systems, applications and other information bases to which programmatic, security and operational updates are provided by their manufacturers.


Ensuring the continuity of all systems operating at the university.



  1. To ensure the security of the university's network and the protection of its data, all computers and network devices and applications must be maintained according to the levels of support provided by the vendor, and all important security updates must be installed.
  2. Vendor-supplied patch documents will be reviewed to ensure full compatibility with all system components before implementation.
  3. Successful backups of systems with sensitive information must be checked (and tested for functionality) before installing any updates/patches.
  4. Patches will be applied within the framework of a certified maintenance program, if the patch application process will cause a lack of system service.
  5. Patches will be prioritized and applied according to the degree of importance.

Operational Policies and Procedures:

  1. System administrators will use automated tools, where available, to create a detailed list of all programs installed on workstations, servers, and other networked devices. Manual scans will be conducted on any systems or devices for which automated tools are not available.
  2. Systems and software will be evaluated to verify currency of patch and update levels, complete with an analysis of vulnerabilities.
  3. Automated tools will scan for available patches and patch levels, in order to review them.
  4. Manual scans and reviews will be conducted on systems for which automated tools are not available.
  5. Patches will be successfully tested on experimental systems installed with the majority of critical applications and services, prior to being loaded on production systems.
  6. Logs will be maintained for all system categories (servers, desktops, switches, etc.) indicating which devices have been patched. These logs help clarify the status of systems and maintain work continuity among administrators. Recorded information will include, for example (work date, administrator’s name, installed patches and patch numbers, problems encountered, and the system administrator’s notes).
  7. If the system data must be restored, all relevant data will be recorded on the current operating system and the patch level. The system must be brought back to the patch level in effect before reloading.