Kevin McDonald writes for TechTarget SearchCompliance on Aligning IT and compliance procedures increasingly a business priority.
He says, “When I’ve asked IT pros about HIPAA Security Rule compliance within their organization, they’ve typically responded with, “That is the compliance officer’s realm” or “Risk handles compliance.” If you ask executives about the IT functions required under the Security Rule, you will very often get, “The IT folks assure us they follow industry security best practices.” Or “I have no idea what they do; it is all Greek to me.”
IT personnel — and executives — often have too much trust that someone else is taking care of compliance. They’re also often all too willing to remain ignorant of any IT-specific issue that might be even slightly outside their domain.”
Read the full story here – Aligning IT and compliance procedures increasingly a business priority.
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.