To maintain acceptable levels of security, organizations must manage their IT assets and related vulnerabilities. However, this can be a considerable burden because their resources are often limited. This paper introduces a technique and system architecture that monitor the vulnerability of the IT assets on an organization's administrative networks. We use open information and standardized, non-proprietary tools in order to bolster cybersecurity capability for a wide range of organizations. In the proposed system, an agent module installed on each IT asset sends information to its server, while the server also probes the network to collect information on agentless IT assets. The server then converts the information into standard identifiers, which are used to query open repositories to obtain vulnerability information. The system provides an alert when vulnerability information pertaining to the IT asset is identified. This paper also introduces a prototype system, with which we analyze and discuss the proposed technique and system and clarify issues to be solved in our future work.