Shifting the burden
General Accounting Office auditors found that for reasons such as limited budgets federal agencies don't always make use of the growing number of tools and services that automate the process of managing security patches.
Among the tools now available are ones that:
Create an inventory of hardware and software, including all patches that have been installed.
Create logical groupings of systems — by department, machine type or other categories — for the purpose of managing patches.
Evaluate PCs against preset criteria such as required system configurations.
Test patches to discover whether they cause programs to crash or produce other unintended consequences.
Source: General Accounting Office