For compliance reasons, a Security Engineer must produce a weekly report that lists any instance that does not have the latest approved patches applied. TheEngi...

For compliance reasons, a Security Engineer must produce a weekly report that lists any instance that does not have the latest approved patches applied. TheEngineer must also ensure that no system goes more than 30 days without the latest approved updates being applied.
What would be the MOST efficient way to achieve these goals?