8.19 Installation of Software on Operational Systems

Procedures and measures should be implemented to securely manage software installation on operational systems.

Installation of software on operational systems in information security refers to the process of adding new software programs or updates to existing software on a system that is currently in production or in use.

This process is important for several reasons:

• Keeping systems up-to-date: Installing software updates and patches is important to address known vulnerabilities and to fix bugs that could affect the security and stability of a system.
• Adding new functionality: Installing new software can add new features and capabilities to a system, which can improve productivity and efficiency.
• Compliance: Installing software updates and patches can help ensure that systems are in compliance with regulatory requirements and industry standards.
• managing software licenses: Installing software can also ensure that the organisation complies with software license agreements and has the appropriate number of licenses for the software being used. .
However, it is important to be cautious when installing software on operational systems, as it can introduce new vulnerabilities, cause compatibility issues with other software, or cause a system to malfunction. It is important to have a well-defined software installation plan in place and to ensure that the software being installed is from a trusted source and that it has been tested and approved for use in the organisation. Additionally, it is important to have a process for monitoring and managing the installed software, and to keep track of the software versions, licenses, vulnerabilities, and patches.