Thank you!!! Appreciate your response.
I have also read something on this on their A4 model guide:
After identifying the new updates that have been released since your prior rollout, the next step in the Assessment Phase is to understand the nature of the issues being addressed by those updates. This can only be done by reviewing the vendor security bulletins, security advisories and KB articles associated with the updates.
Since there is no unified mechanism for reviewing details about any particular update (each process is vender specific) we have included a URL to show an example of what one would look like:
http://www.oracle.com/technetwork/java/javase/7u17-relnotes-1915289.html
It is a best practice to research all potential updates before they are deployed to the population. This is not always feasible in every situation but it can eliminate a large number of problems up front.