Impact And Risk Assessment; Assessing A Package's Impact - Symantec SOFTWARE MANAGER 8.0 - REFERENCE FOR WISE PACKAGE STUDIO V1.0 Reference

Impact and Risk Assessment

Assessing a Package's Impact

Software Manager Reference
The Impact Assessment and Risk Assessment features let you identify problems that
might occur as a result of installing hotfixes or patches.
Impact Assessment
Use this feature to quickly assess the potential impact of installing a package (usually a
hotfix or security patch) without taking the time to perform extensive testing. Do this by
viewing the existing packages that have dependencies on files that are updated by that
package. Then you can decide whether to deploy the package immediately or wait until
you can perform further testing.
When you import a package into Software Manager, executable files (.EXE, .DLL, and
.OCX) within the package are scanned for dependencies on files that are outside the
package. (Example: An executable in the package uses the file user32.dll, which is a
system file.) Impact Assessment uses this information to help you find problems that
might occur if you install a package that updates the dependency files.
How is this different from conflict detection? Conflict detection focuses on files that are
installed by the package. Impact assessment focuses on files that are not installed by
the package but are used by files in the package.
Example: You receive a critical security patch for Microsoft Internet Explorer. You
perform an impact assessment to determine which files that are updated by the patch
are used by other packages. If the patch has little or no impact on existing packages,
you might decide to install the patch immediately without performing time-consuming
testing. Conversely, if it appears that the patch affects many existing packages, you
might decide to disallow Internet use while you test the patch further.
See Assessing a Package's Impact
Risk Assessment
Use this feature to determine which isolated files are at risk of being missed by an
update or patch and ensure that they are updated.
Example: A patch updates the file sample.dll. In an existing package, you have isolated
that file, which means it is installed to a location other than where the patch looks for it.
Normally, when you install the patch, the isolated file is not updated because the patch
can't find it. In the Impact and Risk Assessment dialog box, you can view the isolated
files that will not be updated by the patch. Then, you can create a WiseScript-based
.EXE that updates the isolated file with the version from the patch.
See Assessing and Mitigating the Risk of Failing to Update Isolated Files
Often, patches and hotfixes update system files that are not installed by other packages,
but are used by executables within other packages. Use Impact Assessment to view the
packages that have dependencies on files that are updated by another package. Then
you can decide whether to deploy the package immediately or wait until you can
perform further testing.
To assess a package's impact
1. Import the hotfix or patch into the Software Manager database.
2. Do one of the following:
Preparing Packages for Deployment
on page 125.
on page 126.
125