This is policy is being revised after an internal audit finding prompted the addition of requirements for 1) a timeframe for installing security updates 2) a requirement that everyone uses an operating system that can receive security updates 3) a requirement to track and manage the University inventory of endpoint systems to improve our lifecycle management.