What is required regarding security patches as part of a baseline configuration under CIP-010 R1.1?

The requirement under CIP-010 R1.1 emphasizes the importance of maintaining a secure baseline configuration for systems that are part of the Bulk Electric System. It specifically states that all applied security patches must be documented. This documentation is crucial for several reasons:

1. Audit and Compliance: Keeping a record of all security patches applied ensures that there is a verified trail for auditors and compliance checks. It demonstrates adherence to established security policies and practices.

2. Change Management: Documentation of applied patches supports effective change management processes. In the event of a system failure or security incident, understanding which patches were applied can help identify if a particular patch caused issues or if gaps exist in security measures.

3. System Integrity: By monitoring and documenting patches, organizations can ensure that all systems remain up to date with the latest security defenses. This proactive approach helps mitigate vulnerabilities that could be exploited by malicious actors.

In this context, simply applying patches without documentation would not suffice for compliance with the standard, as the goal is not just to update software but to have a thorough record that supports overall cybersecurity governance.