I am responsible for annual maintenance at several companies.
In this context, security support is important and we take care of it.
Especially with WordPress, it is recommended to keep updates manual and switch maintenance releases and security releases to automatic updates.
Minor fixes to plugins and the main body may be CSS or bugfixes, and for more urgent security, the update may be applied sooner than the person in charge notices.
However, for large corporate websites, I update everything manually.
I expect very few maintenance and security releases to bring the site down, but there is always the possibility that something could be impacted on the site as a result of the update.
Make a backup before and after each update so that you can always revert to the original state. This way, you can deal with which plugin caused the problem and, worst case scenario, you can revert back to the original state and have no masters in operation.
When automatically updating, there is a possibility of errors occurring and it is difficult to identify the cause of the error. It is therefore recommended to make regular backups.
Official website.
Translated with DeepL.com (free version)

If you manage your own WordPress, the larger your company, the more important it becomes to maintain your site.
For corporate sites, for example, it is recommended to use Sass to rely on security and management.
Sass if you want to save time and administration costs.
If you want long-term operation and flexibility, go for WordPress.
Speaking of which…
There is a service called microCMS, which is very good! but the price has recently been revised.
If you use Sass, you run the risk of having to swallow a monthly fee increase, and also the risk of having to move to a new location.
Translated with DeepL.com (free version)