IT industries and banking sectors are incomplete without data centre for their day to day business but the growing threat and attacks create security issues. To protect the data centre from this security threat, vulnerability analysis and data centre patch management must be an integral part of the infrastructure. Even though many banks have patching practices but can’t achieve compliance requirements of security because of the lack of dedicated process. This paper presents the necessity of dedicated vulnerability analysis and data centre patch management process in the banking sector, Role and responsibility of the dedicated team and process outline. The paper focuses on asset protection by scanning vulnerability and mitigating those vulnerabilities. Even though Vulnerability analysis and Data Centre patching are two separates process but they must require work in coordination and cyclic order to continuously protect data centre from new security threats and to achieve compliance requirements.