Your approach sounds very reasonable. In most cases, a restart is required when an update to the Linux kernel has been installed, which usually contains security updates and only come into effect after a reboot. So restarting is good practice, you just need to determine the best time for doing this.
To determine what's being updated (and as such the urgency of reboot), you could always run cat /var/run/reboot-required.pkgs
. Apart from being notified of a required restart when you SSH into the server, you can also check for the existence of the reboot-require file by running ls /var/run/reboot-required
.
To add to your approach, you may also want to stop any background tasks that will be connecting to your database when you restart it.