That's basically what I do.
I label all my hacks within the code, so when I'm using Beyond Compare, I can distinguish between my changes and Rick's changes. I've been using the following:
// DAVE MOD BEGIN
// 2003-05-26 Dave Lerner
// ... description of change ...
... changed code ...
// DAVE MOD END
For changes within HTML in templates, I use <!-- --> instead of // for the comments.
I also have a text file that describes each of my hacks, and lists the files that were changed or modified for that hack, and any database changes.
(That notation is bulky, so I've been experimenting with a more concise method: I'm marking changes with a single string #*#HACK#, where HACK is a unique keyword, e.g., #*#IIP#. I figured that combination of characters would be unlikely to occur anywhere else, so it's unambiguous, and easy to search for.)
I keep copies of all the .tar.gz releases, and keep an extracted copy for the version I have installed, e.g., 6-3-b4.
I put all my hacked files in a directory on my PC in the same structure as the distribution .tar.gz, e.g. 20030520_6-3-b4-hacks.
To upgrade, e.g. from 6.3b4 to 6.3b5:
1) Extract the distribution .tar.gz into a new directory 6-3-b5.
2) Use Beyond Compare to compare the directories 6-3-b4 and 6-3-b5 to create a directory containing the changed files: 6-3-b5-upg.
3) Make a copy of my hacks directory: 20030526_6-3-b5-hacks.
4) Ensure that 20030526_6-3-b5-hacks is current.
5) Use Beyond Compare on 6-3-b5 and 20030526_6-3-b5-hacks to merge Rick's changes into my hacks.
6) Use Beyond Compare to compare 20030520_6-3-b4-hacks with 20030526_6-3-b5-hacks and create a directory of changed hacked files: 6-3-b5-hacks-upg.
7) Close the board and do a backup of the files and the database.
8) Upload 6-3-b5-upg.
9) Upload 6-3-b5-hacks-upg.
Isn't that simple?