10-12-2011 9:39 AM
While there are quite a number of security patches, some of them are even high levle. Has anybody any experience with implementing them with out doing a rgression test? As it stands now for a regression test to happen and thefinal implentation in production it takes us one year, So we think we are vunareble in the mean time, is there a way to dtermine if we stand no risk to implment certain patches without doing a regression test.
Any advice or experience in this area is wecome
regards
Auke Visser
10-12-2011 10:08 AM
Hi Auke,
The question is not really clear to me.
Are you talking about the SAP Security Notes popping up in the RSECNOTE tool (by the way: be aware that these are not all security notes that are created, check the SAP marketplace for the complete list) or are you talking about SAP Support packages?
In the case of the security notes coming from the RSECNOTE tool I personally favour the "no complaints, no problem" approach by implementing them into DEV / QAS and after some time move them to PRD. But I do personally check the contents of them to see the impact. In case of doubts I ask the functional team to test. But it really depends on the way you use your systems and what functionality you use.
Please also search within these forums as there are allready quite some questions raised on this topic.
Best regards,
Joris