With the widespread utilization of computers and computer networks, it is common for an organization to have hundreds of workstations connected by computer networks and to get connected to the Internet. Without appropriate administration effort, such an environment is vulnerable to network security problems and intrusion events since a single vulnerability on any one of the workstations may be exploit and become a threat to the entire network environment. Besides employing security measures to defend against intruders, a permanent solution is to update the vulnerable software immediately after the patch has released. However, it is a very complex and difficult routine for an administrator managing an environment with a large number of workstations each in term with hundreds of software packages. We propose an information assurance management framework (IAMF) to assist administrators on the timely update of vulnerable packages to avoid unnecessary damages. In considering scaling effect and the extensibility of our framework, we adopted an agent-based architecture and the standard SNMP protocol. The agents collect information of installed-packages on their hosts. The monitor inspects information reported by agents to identify the existence of vulnerabilities. The backend database gathers software information and vulnerability information from Internet repositories to provide the necessary data for information assurance. An implementation of the IAMF framework was done. It is demonstrated that the IAMF framework improves the reliability and security of an environment.