In the computers page, the SecFix agent already collects the operating system version. And the POL-02 ISMS policy template states that we regularly collect the time to patch. A useful combination of both the policy and the plattform would be to somehow know the most recent version of the OS and: a) compare to the installed versions --> who is current / not current b) Generate the number stated in POL-02, which would be an average number of days that employees need to update their OS systems.