1. Product/Service name and self-developed ingredient description

This product is mainly to provide the organization with the completeness and correctness of the inventory of information assets and how to manage and control the asset value and information security weaknesses. Under the concept of group classification of information assets, it can quickly assess weaknesses and threats and find solutions to plan for improvement can be proposed. Facing information security vulnerabilities ,our system can improve tracking quickly and manage with a more intuitive and precise approach.

The design and development of the entire product are designed in accordance with the guidelines of the ISO-27001 specification.

2. Product/Service function description

The development of the entire IARMS（Information Assets Risk Management System）is designed in accordance with the spirit of ISO27001/ISMS:

A. Initiate inventory work flexibly according to the organization's audit plan.

B. Multiple permissions (unit/role) settings for a single account.

C. Agent risk control settings.

D. Flexible self-built drop-down custom menu information.

E. Asset quick copy and file building function..

F. Asset transaction review mechanism and review process records.

G. Asset vulnerability and threat management mechanism by groups.

H. Automatically calculate asset risk.

I. Asset inventory creation and export function..

J. Multilingual interface (Chinese/English) for multinational enterprises.

3. Description of application scenarios of products/services

Explanation of suitable application fields: Due to the frequent occurrence of information security incidents, it often causes heavy losses to the organization. Whether it is the frequent fraud cases due to the leakage of customer information data, or the huge payment caused by the infiltration of blackmail virus, it will cause extreme troubles for the organization, such as trouble and unnecessary financial losses, or even affect the normal operation. Therefore, if there is a system that can effectively inventory and classify assets and can be updated at any time, and can flexibly follow the organization's information security requirements and specifications, it can timely verify the weaknesses and threats of assets such as hardware, software, data, and personnel within the organization to create a risk assessment report, and make improvements and tracking, so that protective measures can be taken.