TWM646838U - Information asset management system for automatic software compliance analysis - Google Patents

Abstract

The present invention provides an information asset management system for automatic software compliance analysis, which includes a data management module, a compliance analysis module and an interface presentation module. The data management module is connected to the compliance analysis module via telecommunications. And the interface presentation module is electrically connected to the data management group and the compliance analysis module. The data management module is used to create at least one unit's basic data and one asset data corresponding to the unit's basic data. The compliance analysis module compiles and counts the amount of the asset data and then outputs an asset value summary table, and counts the ESG status of the hardware information of the asset data to form a first or second green procurement performance table; The copyright status of the software information of the asset data is adjusted to form an authorized acquisition data, and the deployment status of the software information is calculated to form an installation deployment data. Accordingly, a compliance comparison data is used to compare the authorized acquisition data and the installation. Deploy the product name and product version of each software information in the data to form a compliance analysis table for automatic compliance and management of software and hardware assets.

Description

Information asset management system for automatic software compliance analysis

The present invention relates to an information asset management system, particularly an information asset management system for automatic software compliance analysis.

Information compliance management (Compliance Management) includes internal and external rules, standards or obligations such as business licenses, green licenses, contractual obligations, industry standards and corporate articles of association to prevent and control the use of pirated software by entities such as enterprises or government organizations. Violations such as substandard goods or counterfeit assets can also avoid risks such as financial losses, loss of goodwill, or even cessation of practice due to violations. Traditionally, units such as enterprises or government organizations generally have their respective departments manage the information assets such as software and hardware they purchase and control the legal compliance, industry standards or contractual obligations required to operate their business. Therefore, it is common for various units to have inconsistent management systems and low overall compliance risk control effectiveness, which often leads to the use of non-copyrighted software by a certain department in the unit, causing the entire unit's information security defense line to collapse. In short, whether it is an enterprise or a government organization, the reason is that its governance or management does not fully understand the deployment status of the overall assets and the degree of compliance risk prevention and control, and fails to ensure that the regulations or standards followed by the unit's operations are all in compliance. It is the latest and correct version, so once the information security of a certain department is compromised, the entire organization can only make amends.

For this reason, global enterprises or government organizations are currently gradually tending to develop compliance management from a governance perspective to supervise the compliance of overall assets and operating businesses from top to bottom. However, the information asset management systems currently provided on the market do not have comprehensive and automatic compliance inspection procedures. This is because the system does not have built-in comparison data that meets the original certifications of Microsoft, Autodesk, Adobe, etc., and The system lacks systematic and logical data collection and calculation procedures, resulting in the system being unable to provide effective and accurate compliance control operations. In other words, although the company spends a large amount of money to build the information asset management system, it still needs to manually perform compliance operations such as regulatory compliance, contract review, procurement budget preparation and so on, which consumes a lot of manpower and cost for no reason. In the current era, it is difficult to implement Does not meet the needs of the unit's operational performance.

In view of this, how to provide an information asset management system with automatic compliance functions to ensure the compliance of unit operations and improve the shortcomings of the above-mentioned conventional technologies, and avoid suffering legal sanctions, regulatory penalties, major financial losses or due to violations. Risks such as reputational loss, and then externally displaying a good governance image, are the topics that this new model intends to explore.

In view of the above problems, the purpose of this new model is to provide an information asset management system with automatic software compliance analysis function, which systematically builds and maintains a product name comparison table, an inventory product comparison table and a product termination through the background Comparison table, and through the compliance analysis module, the asset deployment status and copyright status are logically integrated and calculated to achieve automatic and accurate system compliance functions, thereby helping an organization to fully understand the software and hardware including the physical end and the cloud. Real-time utilization of physical assets, thereby achieving the purpose of optimal procurement budget preparation.

In order to achieve the above purpose, the present invention discloses an information asset management system for automatic software compliance analysis, which is used to automatically comply with and control the software and hardware assets of a unit and is executed on a unit host and a backend server, which includes : A data management module for constructing at least one unit's basic information and one asset data corresponding to the unit's basic information, and the unit's basic information includes a green purchasing manufacturer information, a corporate social responsibility verification, and a first unit attribute Or a second unit attribute, and the setting of at least one unit contact person. The asset data includes a plurality of hardware information, a plurality of software information and a plurality of service information; among which, each of the hardware information, each of the software information and the The service information is respectively provided with at least one of a deployment status, a copyright status, and an ESG (Environmental, Social, Governance, Environmental Protection, Social Responsibility, Corporate Governance) status; a compliance analysis module, which stores a compliance comparison data The data management module is connected via telecommunications, and the compliance comparison data includes product name, product version, authorization plan, purchase quantity, valid authorization quantity and software deployment quantity; the compliance analysis module compiles and counts the asset data The amount is output to an asset value summary table, and at the same time, the ESG status of the hardware information is counted to form a first green procurement performance table based on the first unit attributes or a second green procurement based on the second unit attributes. Performance table; the compliance analysis module aggregates the copyright status of the software information to form an authorized acquisition data, and calculates the deployment status of the software information to form an installation deployment data, and uses the compliance data accordingly. The regulatory comparison data compares the product name and product version of each software information in the authorization acquisition data and the installation and deployment data to form a compliance analysis table for use in identifying software that does not meet legal compliance standards, is insufficiently authorized, or is falsely authorized. status to reduce information security risks; and an interface presentation module is provided with an information asset compliance dashboard, and the interface presentation module uses one side of the information asset compliance dashboard to display the asset value summary table and the other side of the information asset compliance dashboard. The first green procurement performance table or the second green procurement performance table is displayed on the side.

Among them, the compliance comparison information includes a product name comparison table, an inventory product comparison table and a product termination comparison table. The product name comparison table is the product category, corresponding name, product name, product A list of versions, authorized purchase plans, end-of-Support (EOS) and end-of-life (EOL) information; this inventory product comparison table will correspond to the inventory in an inventory tool A list of information on product name, product version, authorized version, number of valid licenses, and software deployment volume; the product termination comparison table is an information table of the name, model, end of support period, and end of life cycle of the hardware that will be used to load the software. Make lists. The compliance analysis module compares the product category, corresponding name, product name and product version of each software information in the authorization obtained data with the name corresponding to the product name comparison table; and compares the installation and deployment data The compliance analysis table is formed by checking whether the product name and product version of each software information in the software information are consistent with the names corresponding to the inventory product comparison table, and the compliance analysis table includes an authorized EOS copyright reminder table and an installed EOS copyright reminder table. surface.

The information asset management system further includes an authorization module and a backend management module. The authorization module is electrically connected to the data management module and the backend management module, and the backend management module is electrically connected to the compliance analysis module. ; The authorization module generates an activation key to the data management module for use as a certificate when the unit starts the information asset management system, and the backend management module is used to build and regularly maintain the compliance control Data for the compliance analysis module to download and regularly update the compliance comparison data. The asset value integration table includes the total amount of hardware assets of the unit, and the compliance analysis module calculates the ESG status of the hardware information to form the first or second green procurement performance table. The data of the unit's total green procurement amount, the green procurement amount of each project category and the reasons for non-green procurement projects are further calculated as a percentage of the total green procurement amount to the total amount of hardware assets to form a green procurement performance value, and in the first When the green procurement performance table has the first unit attribute, the information asset compliance dashboard uses the number of leaves of a five-leaf clover icon component and a first light component to display the percentage level of the unit's green procurement performance; when When the second green procurement performance table is provided with the second unit attribute, the compliance analysis module further evaluates the percentage with a specified ratio and outputs a rating to display the number of leaves of a four-leaf clover icon element. Along with the percentage grade of the unit's green procurement performance, a second light component is used to display the rating.

Moreover, the compliance analysis module collects and analyzes the asset data and obtains multiple duplicate data, compares the duplicate data and outputs a change message to the corresponding unit contact person to notify the unit contact person to correct the data. Duplicate data. The interface presentation module is provided with an overview page for displaying a plurality of overview information when the system is started, and the overview page is provided with a small helper component for self-adding at least one of a to-do item and at least one reminder item By. The data management module is provided with an object construction component and an information import component. The object construction component is used for the unit to build basic data of the unit. The information import component is used for the unit to import an existing equipment data and automatically The asset data is converted into data to assist the unit in quickly establishing the asset data.

The information asset management system further includes a project management module, which is connected by telecommunications to the data management module and the interface presentation module. The project management module is used to build at least one procurement project, and the procurement project has at least one procurement One or a combination of the hardware information, at least one piece of software information, at least one piece of service information, and at least one contract information, and the contract information has a contract start and end date, the number of contract periods and the acceptance conditions for each period; the The project management module compiles the corresponding asset data based on the contract information and checks the contract start and end dates, so as to output renewal information with the contract information when the contract is approaching the expiration date. The information asset management system further includes a report output module, a query processing module and a repair processing module. The report output module is electrically connected to the compliance analysis module and the interface presentation module. The query processing module The data management module and the interface presentation module are connected by telecommunications, and the repair processing module is connected by telecommunications to the data management module; the report output module parses the compliance analysis table to form an authorized EOS copyright reminder table and an installed EOS Copyright reminder table, at the same time, the asset value summary table, the green procurement performance table and the compliance analysis table are compiled and calculated to form an ESG-oriented report and a green procurement policy compliance report; the query processing module is for one use When the user inquires information according to the authority and wants to report the hardware information, the software information or the service information, the repair request processing module is used to output a repair request to the corresponding contact person of the unit to perform the online repair operation.

To sum up, the system of the present invention configures and regularly maintains the product name comparison table, the inventory product comparison table and the product termination comparison table through the backend management module, so as to store each software and each hardware corresponding to the original manufacturer. After the product name, product version, EOS and EOL and other information of the entity are compiled into a list, the compliance analysis module can compare the authorization acquisition data, the installation deployment data and the compliance comparison data to complete the analysis of whether it is loaded on the hard drive. Conduct copyright compliance operations on software in the system or placed on the cloud, thereby reducing information security risks while assisting the unit to fully control the actual use status of all tangible and intangible information assets, thereby formulating the most reasonable procurement strategy and improve overall unit operating performance. Moreover, this new model systematically collects the asset data corresponding to the contract information through the project management module, which can help the unit quickly and accurately perform contract archiving operations, so as to avoid the unit's time-consuming and labor-intensive search for contract-related matters in the future. At the same time, through the project management module, the action function of logically calculating the renewal date and renewal conditions corresponding to the contract information and automatically outputting the renewal information can assist the corresponding contact person of the unit. Efficiently control contractual obligations to reduce the exposure of the unit's operating activities, such as sales, production and services, to illegal risks due to the absence of contractual protection.

In order to enable those with ordinary knowledge in the field to clearly understand the contents of the present invention, the following description is accompanied by the drawings, please refer to them.

Please refer to Figure 1, which is a structural diagram of a preferred embodiment of the present invention. As shown in the figure, the automatic software compliance analysis information asset management system 1 includes a data management module 10, a compliance analysis module 12 and an interface presentation module 14 for automatic compliance and control of a unit. The software and hardware assets are executed on a host and a backend server. The data management module 10 is electrically connected to the compliance analysis module 12 and the interface presentation module 14, and the compliance analysis module 12 is electrically connected to the interface presentation module 14. The compliance analysis module 12 stores a Compliance comparison data 310 includes product name, product version, authorization plan, purchase quantity, valid authorization quantity and software deployment quantity. The data management module 10 is used to establish at least one unit basic data 1000 and one asset data 101 corresponding to the unit's basic data 1000, and the unit's basic data 1000 includes a green procurement manufacturer information, a corporate social responsibility verification, a first The unit attribute or a second unit attribute, and the setting of at least one unit contact person, the asset data 101 includes a plurality of hardware information, a plurality of software information and a plurality of service information; wherein, each of the hardware information, each of the software Information and each service information are respectively provided with at least one of a deployment status, a copyright status and an ESG (Environmental, Social, Governance, Environmental Protection, Social Responsibility, Corporate Governance) status.

The compliance analysis module 12 compiles and counts the amount of the asset data 101 and outputs an asset value summary table 120. At the same time, the compliance analysis module 12 counts the ESG status of the hardware information and based on the first The unit attributes form a first green procurement performance table 121 or a second green procurement performance table 122 is formed based on the second unit attributes. Moreover, the compliance analysis module 12 aggregates the copyright status of the software information to form an authorization acquisition data, and calculates the deployment status of the software information to form an installation deployment data, and uses the compliance comparison data accordingly. 310 Compare the product name and product version of each software information in the authorization acquisition data and the installation and deployment data to form a compliance analysis table 123 to learn the usage status of software that does not meet legal compliance standards, is insufficiently authorized, or is falsely authorized. This reduces information security risks and ensures the security of information use. Moreover, the interface presentation module 14 is provided with an information asset compliance dashboard 141 for use. One side of the information asset compliance dashboard 141 displays the asset value summary table 120, and the other side displays the first green Procurement performance table 121 or the second green procurement performance table 122.

Please refer to Figures 2 to 7, which are respectively the architecture diagram, flow chart and schematic diagrams of the second preferred embodiment of the present invention. As shown in the figure, the automatic software compliance analysis information asset management system 1 is executed on a unit host 2 and a backend server 3 and includes a data management module 10, a project management module 11, and a compliance Analysis module 12, a report output module 13, an interface presentation module 14, a query processing module 15, a repair processing module 16, an authorization module 30 and a backend management module 31 for automatic integration Regulate the software assets and logical control of the unit's hardware assets, such as an enterprise or a government organization, and assist the unit's managers to clearly control the usage status of all hardware assets and the authorization status of the software assets, so as to avoid the unit's suffering The risk of damage to the company's image and interests due to hardware discontinuation, inability to provide follow-up services or misuse of pirated software. The data management module 10 is connected to the project management module 11, the compliance analysis module 12, the interface presentation module 14, the query processing module 15, the repair processing module 16 and the authorization module 30; The project management module 11 is electrically connected to the interface presentation module 14 and the query processing module 15; the compliance analysis module 12 is electrically connected to the report output module 13, the interface presentation module 14 and the backend management module 31; The interface presentation module 14 is electrically connected to the report output module 13 and the query processing module 15, and the authorization module 30 is electrically connected to the backend management module 31. The data management module 10 is provided with an object construction component 100 and an information import component 102. The interface presentation module 14 is provided with an overview page 140 and an information asset compliance dashboard 141. The overview page 140 is provided for system opening. A plurality of overview information is displayed at the same time, and the overview page 140 is provided with a small helper component 1400 for managers of the unit to add at least one of at least one to-do item and at least one reminder item. The query processing module 15 allows the unit's managers, unit liaisons, asset custodians or asset users to query data according to their authority, and the operation method of the information asset management system 1 may include the following steps.

The unit host 2 can be installed with an inventory tool, such as Lansweeper software. The authorization module 30 and the backend management module 31 can be installed in the backend server 3, and in step S1, the backend server 3 is managed The operator uses the backend management module 31 to build and regularly maintain a compliance comparison data 310 for the compliance analysis module 12 to download, store and regularly update. Among them, the compliance comparison data 310 may include a product name comparison table, an inventory product comparison table and a product termination comparison table. The product name comparison table is the product category, corresponding name, product name, A list of information such as product versions, authorized purchasing plans, End-of-Support (EOS) and End-of-Life (EOL); this inventory product comparison table will be compared to the corresponding inventory tool. For example, the Lansweeper software or manufacturer inventory form lists information such as product name, product version, authorized version, number of valid licenses, and software deployment volume; the product termination comparison table is the name, model, and number of the hardware that will be used to load the software. List of information such as EOS and EOL. Step S10, when the unit host 2 initializes the establishment of the information asset management system 1, the data management module 10 outputs a startup authorization request to the authorization module 30, causing the authorization module 30 to generate a corresponding startup fee. The key 300 is fed back to the data management module 10 for use as a certificate when the unit subsequently starts the information asset management system 1 . It is worth noting that the backend management module 31 can also connect to at least one original server device 4 by telecommunications and regularly scan original product information such as Microsoft, Autodesk and Adobe to check the product name comparison table and product termination. The accuracy of the comparison table ensures the operational accuracy of the system's compliance.

In step S2, the management personnel of the unit use the object construction component 100 to build at least one unit basic information 1000, such as the basic information of the unit itself, manufacturers, customers, consultants, etc., and the unit basic information 1000 includes a green procurement manufacturer. Information, a corporate social responsibility verification, a first unit attribute or a second unit attribute, and the setting of at least one unit contact person, such as unit manager, asset custodian, manufacturer window, customer and consultant, and other contact information. Step S20, the manager uses the data management module 10 to manually create an asset data 101 corresponding to the unit's basic data 1000. The asset data 101 includes a plurality of hardware information, a plurality of software information and a plurality of service information, and Each of the hardware information, each of the software information and each of the service information respectively has at least one of a deployment status, a copyright status, an ESG status and a certificate information including physical settings and cloud settings; or, if the The unit already has existing equipment data, then in step S21, the manager uses the information import component 102 to import and automatically convert the existing equipment data to form the asset data 101 to assist the unit in quickly completing the establishment of the asset data 101. And significantly reduce the unnecessary consumption of manpower. Step S22, use the project management module 11 to create at least one procurement project, such as virtualization system equipment, software authorization and network equipment replacement and maintenance for one year, Microsoft authorization batch B or 3E procurement projects, etc. For a purchase event of software, hardware or services, the procurement project includes purchasing one or a combination of at least one of the hardware information, at least one of the software information, at least one of the service information and at least one of the contract information 110, and the Contract information 110, such as sales and purchase contracts, authorization contracts, and outsourcing contracts, respectively have contract start and end dates, number of contract periods, and acceptance conditions for each period. Then, the project management module 11 adds or updates each information in the procurement project to the asset data 101, thereby improving the comprehensiveness and system of the asset data 101 for subsequent use of the query processing module. When Group 15 queries asset information, it can obtain the corresponding procurement project and contract information together, and further obtain relevant information such as the purchasing personnel and contracting personnel who purchased this asset.

In step S3, the compliance analysis module 12 compiles and counts the amount of the asset data 101 and outputs an asset value integration table 120. The asset value integration table 120 includes the total amount of software and hardware assets and the total amount of hardware assets. , the total amount of software assets, the total amount of leases, hardware assets over N years, software assets over N years and other data, so that the unit can fully grasp all tangible and intangible hardware information, software information and service information. and other resource utilization status, thereby allowing the unit to use the most appropriate cost planning procurement strategy in the future. In step S4, the compliance analysis module 12 counts the ESG status of the hardware information to obtain the total green procurement amount of the unit, the green procurement amount of each project category, and the reasons for non-green procurement projects, and calculates the total green procurement amount. A green procurement performance value is formed as a percentage of the total amount of hardware assets, for use in step S40 to form a first green procurement performance table 121 based on the attributes of the first unit in the hardware information, such as the enterprise; or In step S41, a second green procurement performance table 122 is formed based on the attributes of the second unit, such as a government organization, and the compliance analysis module 12 further uses a specified ratio, such as the specified green procurement ratio announced by the government. The percentage is evaluated and a grade is output, such as excellent, first grade, second grade, and third grade.

Moreover, the information asset compliance dashboard 141 is provided with at least two templates corresponding to the first unit attribute and the second unit attribute, one of which is provided with a five-leaf clover icon component 1210 and a first light signal component 1211 , and another template is provided with a four-leaf clover icon component 1220 and a second light signal component 1221. In step S5, the interface presentation module 14 receives the asset value summary table 120 and uses one side of the information asset compliance dashboard 141 to display the total amount of software and hardware assets, the total amount of hardware assets, the total amount of software assets, The total amount of lease, hardware assets over N years, software assets over N years and other data, and in step S50, the interface presentation module 14 determines that the received green procurement performance table is the first green procurement performance table 121 or the second Green Procurement Performance Table 122? If the first green procurement performance table 121 is provided with the first unit attribute, in step S51, the information asset compliance dashboard 141 displays the green procurement performance value in the first green procurement performance table 121, as shown in Figure 6 The 88% value next to the five-leaf clover icon element is used, and the number of leaves of the five-leaf clover icon element 1210 and the first light signal element 1211 are used to display the percentage level of the unit's green procurement performance, so as to use the five-leaf clover The graphical component 1210 and the first light component 1211 graphically and visually present the green procurement performance of the unit. At the same time, they also display the reasons for non-green procurement projects, such as business execution needs, product specifications incompatible, and currently no environmentally friendly products, etc. to speed up the management. Personnel understanding of non-green procurement performance deficiencies. On the contrary, if the second green procurement performance table 122 is provided with the second unit attribute, in step S52, the information asset compliance dashboard 141 displays the green procurement performance value in the second green procurement performance table 122, such as The 96.4 value next to the four-leaf clover graphic component in Figure 7 uses the number of leaves of the four-leaf clover graphic component 1220 to display the percentage level of the unit's green procurement performance, and at the same time uses the second light component 1221 to display the evaluation. etc. Accordingly, the green procurement performance of the unit is graphically presented through the four-leaf clover graphic component 1220 and the second light component 1221. At the same time, the reasons for the non-green procurement projects are also displayed to accelerate the management personnel's assessment of the non-green procurement performance. Insufficient understanding. Of course, when the information asset compliance dashboard 141 presents the green procurement performance value, in addition to displaying values such as 88% or 96.4, it can also simultaneously display the rating or further integrate and display information such as the procurement performance level of the entire product category. No further examples will be given here.

In step S6, the compliance analysis module 12 aggregates the copyright status of the software information to form an authorized acquisition data, and regardless of whether the unit host 2 is equipped with the inventory tool, the compliance analysis module 12 calculates the The deployment status of the software information forms an installation deployment data, and the installation deployment data includes the usage status of each software information installed in the hardware information or placed in the cloud network, thereby achieving a comprehensive Asset compliance operations significantly improve the level of information security prevention. Step S60, the compliance analysis module 12 compares the product category, corresponding name, product name and product version of each software information in the authorization acquisition data with the name corresponding to the product name comparison table; and compares the Are the product names and product versions of the software information in the installation and deployment data consistent with the names corresponding to the inventory product comparison table? If so, in step S61, a compliance analysis table 123 is formed so that the unit can learn the usage status of the software that does not meet legal compliance standards, is insufficiently authorized or has false authorization, thereby achieving the effect of significantly reducing information security risks.

Step S7, the report output module 13 parses the compliance analysis table 123 to form an authorized EOS copyright reminder table and an installed EOS copyright reminder table, and at the same time, compiles the asset value integration table 120, the first or second green After the procurement performance table 121 or 122 and the compliance analysis table 123 are automatically calculated to form an ESG-oriented report and a green procurement policy compliance report, these reports are regularly sent to the corresponding management personnel or the corresponding management personnel through e-mail or instant messaging. Unit contact person, among which, the ESG-oriented report can include green procurement project classification and supplier analysis data presented using bar charts as shown in Figures 6 and 7, and the green procurement government compliance report can include Figures 6 and 7 The reasons for non-green procurement projects and the analysis data of Shuxing governance are presented using bar charts. Further, as shown in FIG. 5 , the report output module 13 automatically uses the interface presentation module 14 to display the corresponding authorized EOS copyright reminder table or the installed EOS copyright reminder in the overview page 140 presented when the system is started. Table 1 Reminder Signal 130. By the way, when receiving any of the above reports, the manager or the contact person of the unit can use the helper component 1400 to add a to-do item or a reminder item in the form of an attachment at any time to assist Easily perform information asset management operations to improve operational efficiency and management effectiveness.

In this embodiment, in step S8, the compliance analysis module 12 compiles and analyzes the asset data 101 and learns that there are a plurality of duplicate data corresponding to the hardware information record, and compares the duplicate data and outputs a change. Send a message to the corresponding contact person of the unit to immediately notify the contact person of the unit to confirm the abnormal component movement in the hardware information and obtain the effect of correcting the duplicate data as soon as possible, thus reducing the data error rate and improving the accuracy of asset management. sex. In step S9, the project management module 11 compiles the corresponding asset data based on the contract information 110 and checks the contract start and end dates, so as to output the renewal information 111 with the contract information when the contract is approaching the end date, so that through the The interface displays the module display and notifies the corresponding contact person of the unit to perform the contract renewal operation. When the manager, the unit contact person, the asset custodian or the asset user wants to report the hardware information, the software information or the service information, step S10 uses the repair processing module 16 to output a repair request 160 Conduct online repair reports to the corresponding contact person of the unit, so as to provide correct and sufficient repair request information at one time and improve asset maintenance efficiency.

Among them, when the query management module 15 is used to query data, the system can arbitrarily check the usage status, deployment status and contract status of relevant assets based on asset information, project information, contract information, unit contacts, asset custodians, asset users, etc. Regulation status, etc., and the report output module can also automatically output customized analysis reports according to the different needs of the unit. The data query and information presentation methods available for the system are extremely complicated and will not be elaborated here. . Moreover, the modules described in this model are implemented through hardware or software supplemented by hardware, such as the data management module 10, the project management module 11, the compliance analysis module 12, and the report The definitions of the output module 13, the interface presentation module 14, the query processing module 15, the repair processing module 16, the authorization module 30 and the background management module 31 essentially refer to components such as CPU, micro The integration of various hardware devices such as processors, memories, signal transmitters or display processors, and the technical characteristics of implementation with software programs.

However, the above are only preferred embodiments of the present invention and are not intended to limit the scope of implementation of the present invention; therefore, equal changes and modifications made without departing from the spirit and scope of the present invention should be included in Within the patent scope of this new model.

1: Information asset management system

10:Data management module

100:Object construction component

1000: Basic information of the unit

101:Asset information

102:Information import component

11:Project management module

110:Contract information

111:Contract renewal information

12: Compliance analysis module

120: Asset value summary table

121:First Green Procurement Performance Table

1210: Five-leaf clover icon component

1211: The first signal component

122:Second Green Procurement Performance Table

1220: Four-leaf clover icon component

1221: Second light component

123: Compliance Analysis Form

13: Report output module

130: Reminder signal

14:Interface rendering module

140:Overview page

1400: little helper component

141: Information Asset Compliance Dashboard

15: Query processing module

16:Repair processing module

160:Repair request

2: Unit host

3:Backend server

30: Authorized module

300:Startup key

31:Backend management module

310: Compliance control information

4:Original servo equipment

S1～S9, S90: steps

Figure 1 is a structural diagram of a preferred embodiment of the present invention. Figure 2 is a structural diagram of the second preferred embodiment of the present invention. Figure 3 is a schematic diagram of the system architecture of the second preferred embodiment of the present invention. Figures 4A, 4B, 4C, 4D, and 4E are flow charts of the second preferred embodiment of the present invention. Figure 5 is a schematic diagram of the overview page of the second preferred embodiment of the present invention. Figure 6 is a schematic diagram of the information asset compliance dashboard of the second preferred embodiment of the present invention. Figure 7 is a schematic diagram of the four-leaf clover graphic element of the second preferred embodiment of the present invention. Figure 8 is a schematic diagram of a repair request according to the second preferred embodiment of the present invention.

1: Information asset management system

10:Data management module

1000: Basic information of the unit

101:Asset information

12: Compliance analysis module

120: Asset value summary table

121:First Green Procurement Performance Table

122:Second Green Procurement Performance Table

123: Compliance Analysis Form

14:Interface rendering module

141: Information Asset Compliance Dashboard

310: Compliance control information

Claims (10)

An information asset management system for automatic software compliance analysis, which is used for automatic compliance and management of a unit's software and hardware assets and is executed on a unit's host computer and a backend server. It includes: a data management module for Create at least one unit basic information and one asset data corresponding to the unit's basic information, and the unit's basic information includes a green procurement manufacturer information, a corporate social responsibility verification, a first unit attribute or a second unit attribute, and at least For the setting of a unit contact person, the asset data includes a plurality of hardware information, a plurality of software information, and a plurality of service information; among which, each hardware information, each software information, and each service information have a deployment status, At least one of a copyright status and an ESG status; a compliance analysis module that stores a compliance comparison data and is connected to the data management module via telecommunications, and the compliance comparison data is provided with product name, product version, authorization plan, purchase quantity, valid authorization quantity and software deployment quantity; the compliance analysis module compiles and counts the amount of the asset data and outputs an asset value summary table, and at the same time, counts the ESG status of the hardware information based on The first unit attribute forms a first green procurement performance table or a second green procurement performance table is formed based on the second unit attribute; the compliance analysis module aggregates the copyright status of the software information to form an authorized acquisition data , and calculate the deployment status of the software information to form an installation deployment data, and use the compliance comparison data to compare the authorization acquisition data with the product name and product version of each software information in the installation deployment data. a compliance analysis table for understanding the usage status of software that does not meet legal compliance standards, insufficient authorization or false authorization to reduce information security risks; and an interface presentation module that is a telecommunications connection between the data management module and the compliance analysis The module also has an information asset compliance dashboard, and the interface presents the module using one of the side displays of the information asset compliance dashboard. The asset value summary table is displayed and the other side displays the first green procurement performance table or the second green procurement performance table. The information asset management system for automatic software compliance analysis as described in request item 1, wherein the compliance comparison data includes a product name comparison table, an inventory product comparison table and a product termination comparison table, and the product name comparison table It is a list of the product category, corresponding name, product name, product version, authorized purchase plan, end of support cycle and end of life cycle of each software from the original manufacturer; the inventory product comparison table will correspond to the information in an inventory tool A list of information on product name, product version, authorized version, number of valid licenses, and software deployment volume; the product termination comparison table is an information table of the name, model, end of support period, and end of life cycle of the hardware that will be used to load the software. Make lists. An information asset management system for automatic software compliance analysis as described in request item 2, wherein the compliance analysis module compares the product category, corresponding name, product name and product version of each software information in the authorized data. Whether the name corresponding to the product name comparison table is consistent; and whether the product name and product version of each software information in the installation and deployment data are consistent with the name corresponding to the inventory product comparison table to form the compliance analysis table , and the compliance analysis table includes an authorized EOS copyright reminder table and an installed EOS copyright reminder table. An information asset management system for automatic software compliance analysis as described in request item 1, wherein the asset value integration table contains the total amount of hardware assets of the unit, and the compliance analysis module counts the hardware information When forming the first or second green procurement performance table according to the ESG status of the unit, the data on the total amount of green procurement, the amount of green procurement of each project category, and the reasons for non-green procurement items are obtained, and the proportion of the total amount of green procurement to the total amount is further calculated. A green procurement performance value is formed as a percentage of the total amount of hardware assets, and when the first green procurement performance table is provided with the first unit attribute, the information asset compliance dashboard uses the leaves of a five-leaf clover icon element The quantity and a first light element show the unit green The percentage level of procurement performance; when the second green procurement performance table is provided with the second unit attribute, the compliance analysis module further evaluates the percentage with a specified ratio and outputs a rating to utilize a four-leaf The number of blades of the sketch display component displays the percentage level of the unit's green procurement performance, and at the same time, a second light component is used to display the rating. The information asset management system for automatic software compliance analysis as described in request item 1, wherein the compliance analysis module collects and analyzes the asset data and learns that there are multiple pieces of duplicate data corresponding to the hardware information record. For the duplicate data, a change message is output to the corresponding contact person of the unit, so as to immediately notify the contact person of the unit to confirm the abnormal status of component changes in the hardware information and obtain the effect of correcting the duplicate data as soon as possible. An information asset management system for automatic software compliance analysis as described in request item 1, wherein the interface presentation module is provided with an overview page for displaying a plurality of overview information when the system is started, and the overview page is provided with a small The helper component is used to add at least one of a to-do item and at least one reminder item by oneself. The information asset management system for automatic software compliance analysis as described in request item 1, wherein the data management module is provided with an object construction component and an information import component, and the object construction component is used by the unit to build the Basic data of the unit. This information import component allows the unit to import an existing equipment data and automatically convert it into the asset data to help the unit quickly build the asset data. The information asset management system for automatic software compliance analysis as described in claim 1 further includes a project management module that is connected to the data management module and the interface presentation module via telecommunications. The project management module is used to build at least A procurement project, the procurement project includes one or a combination of at least one of the hardware information, at least one of the software information, at least one of the service information and at least one of the contract information, and the contract information has a contract starting point Expiry date, number of contract phases and acceptance conditions for each phase; the project management module is based on The contract information compiles the corresponding asset data and checks the contract start and end dates, so as to output renewal information with the contract information when the contract is approaching the expiration date. The information asset management system for automatic software compliance analysis as described in claim 1 further includes a report output module, a query processing module and a repair processing module. The report output module is connected to the compliance analysis module via telecommunications. The group and the interface presentation module are electrically connected to the data management module and the interface presentation module, and the repair processing module is electrically connected to the data management module; the report output module parses the compliance The analysis table forms an authorized EOS copyright reminder table and an installed EOS copyright reminder table. At the same time, the asset value summary table, the green procurement performance table and the compliance analysis table are compiled and calculated to form an ESG-oriented report and a green procurement Policy compliance report; the query processing module allows a user to query data according to authority, and when he wants to report the hardware information, the software information or the service information, the repair processing module is used to output a repair request to the corresponding user. Contact the unit to conduct online repair reporting. The information asset management system for automatic software compliance analysis as described in request item 1 further includes an authorization module and a backend management module, the authorization module is electrically connected to the data management module and the backend management module, and The backend management module is connected to the compliance analysis module via telecommunications; the authorization module generates an activation key to the data management module for use as a certificate when the unit activates the information asset management system, and the backend management The module is used to build and regularly maintain the compliance comparison data, so that the compliance analysis module can download and regularly update the compliance comparison data.