U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-40 Rev. 4

Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology

Date Published: April 2022

Supersedes: SP 800-40 Rev. 3 (07/22/2013)

Author(s)

Murugiah Souppaya (NIST), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Keywords

enterprise patch management; patch; risk management; update; upgrade; vulnerability management
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-40r4
Download URL

Supplemental Material:
None available

Document History:
11/17/21: SP 800-40 Rev. 4 (Draft)
04/06/22: SP 800-40 Rev. 4 (Final)

Topics

Security and Privacy

patch management, vulnerability management

Technologies

software & firmware

Applications

enterprise

Laws and Regulations

Executive Order 14028