This is a far from trivial question but the very first question to ask yourself is : How do you know that your machine is performing well?". Many times very subtle errors creep in and remain hidden until long past time for an reasonable recovery - especially those that corrupt small bits of data under unusual circumstances.
If you look at the patches, you will find that a fairly high fraction of them are marked 'Critical' - indicating that problems have been observed or at least there is a known serious defect in the software.
I can tell you that I have not had a second of unplanned downtime in any of my HP servers in almost 4 fours now and that I regularly apply the patchsets as part of periodic maintenance.
I actually move the patchsets through three levels (and this is really the safest method though a little expensive):
1) Apply the periodic patchset to a 'sandbox'; this is a machine that is only used to test new OS releases, patches, new database releases and patches, or any new or untried scripts. Anything goes on this box. An old server or one acquired on the used market does very nicely for this.
2) If no problems were observed in the sandbox environment, install the patchset in the test environment. This is the box that developers work on.
3) Finally (usually about 2 weeks later) with no problems observed install in production during scheduled downtime.
-----------------------------------------
A Plan B method used my many admins I know is to delay the deployment of the patchsets by one release and wait fore any recalls or notices; this may be a good compromise if you don't have an environment that allows for fairly extensive pre-testing - but still be aware of those marked critical.
Food for thought, Clay
If it ain't broke, I can fix that.
