Something else to note is that other things may become relevant only after certain patches are installed. Meaning, if you have a lot of patches missing, and you patch what those machines were applicable to, you may have another 10-20 new patches come up relevant after that baseline runs and you may have to create another baseline for those. This happened to me when I first stood up bigfix and was catching up on years of bogus patching methods. Only time will tell, particularly if your environment is not consistent and patching is all over the place.