Patch management should be a crucial part of those ICT security policies and procedures that, through testing and deployment in a controlled environment, are to resolve identified vulnerabilitiesmeans a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited; and to prevent disruptions from the installation of patches.