How hard is it to test patches? Is this something you need IT training to do?

Before installing any patch, verify its source and integrity. This is typically done using a digital signature or some form of checksum. These verification techniques ensure the patch hasn't been modified since the signature was applied or since the checksum count was calculated. Signed patches also validate the patch's creator.
You can also use patch management program such as PatchQuest and HFNetChkPro