Not Required as Compliant

In various in built reports for security update, Why do MS calculate its compliance considering updates 'Not required' as 'Compliant'?

Eg: Patch compliance report of a particular patch ->

All updates which compliance is mentioned is calculated with (Install + Not Required) / Total

September 4th, 2015 8:48am

I would say that it's because the update doesn't needs to be installed, which automatically makes the device compliant to that specific update.
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 8:54am

Because you want to know for all of your clients what is your compliance for rate is. Thereby knowing what percent of your clients are a problem.

Assume you have 1000 Client, then assume that you have 10 client with Unknown State for KB1234567 and 5 clients with it installed and 985 that don't require that KB.

33.3% = Installed / (Installed + Unknown)

99% = (Installed + Not Required) / (Installed + Not Required + Unknown)

In both cases, you only have 10 problem clients but the second conveys that the problem is not that big of a deal as it only represent 1% of your total environment.

September 4th, 2015 9:07am

For Client point of view, where client is concerned with the patch compliance of a particular patch, they would more interested want to know the compliance on basis of total applicable updates. normally calculating compliance while including 'Not required' will always give a better % in overall compliance.
Free Windows Admin Tool Kit Click here and download it now
September 5th, 2015 1:16am

True. In that case you should either run the report against a more representive collection, or create a custom report that looks at your specific requirements.
September 5th, 2015 2:52am

For Client point of view, where client is concerned with the patch compliance of a particular patch, they would more interested want to know the compliance on basis of total applicable updates. normally calculating compliance while including 'Not required' will always give a better % in overall compliance.

Ok, you will need to create a custom report which doesnt follow standard KPIs.

Free Windows Admin Tool Kit Click here and download it now
September 5th, 2015 12:09pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics