Windows update process suitable for my environment

view story

http://serverfault.com – I have a small AD domain, which consists of 14 servers - 2 DCs, file server, sharepoint 2010 server, sql server, etc. Of these, the DCs and file servers remain online 24/7. The other servers are a dev environment so can be off no problem. What I am wondering is what is the best way to patch these servers? The general consensus is to patch DCs manually, which makes sense. Some say add a test DC to a domain to roll out patches there to see if they break anything (A novel idea, despite the additional cost of course). So what is the best update strategy? This doesn't necessarily mean best softw (HowTos)