New versions of the NERC CIP requirements will come into effect on Apr 1, 2016, and I am looking for some guidance on using LEM to satisfy the following requirement:
Develop a baseline configuration, individually or by group, which shall include the following items:
1.1.1. Operating system(s) (including version) or firmware where no independent operating system exists;
1.1.2. Any commercially available or open‐source application software (including version) intentionally installed;
1.1.3. Any custom software installed;
1.1.4. Any logical network accessible ports; and
1.1.5. Any security patches applied.
Can anyone give some advice on whether or not LEM can assist meeting some or all of this
requirement? Also, does LEM have a standard report that will specify installed software?