Hello VaishnavK1993​,  Has your organization attempted installation of certs and encountering errors when applying the updates?  Secure Boot Update task logs error events in System event log indicating why update could not be applied.   In most cases device may be in known block list

If your organization have not yet initiated update process, Microsoft recommend testing on few similar machines that represent your environment before applying the policy broadly.  For devices that have known issues, have been blocked and you will see an error 1802 under TPM-WMI source in System event log indicating update could not be installed due to known issue.   For most issues, OEMs may already have firmware updates available.  If OEM has new firmware update available, recommended to install the latest available firmware updates to unblock the certificate updates.