1, software and hardware
2. Information security system (in fact, 1 can also be considered within the scope of 2, where system construction refers to system documents and system processes).
The core of information security is to protect the three characteristics of information, namely CIA (confidentiality, integrity and availability). All products used to protect these features are regarded as information security products. The software and hardware products purchased for this purpose can also be counted as products (various reports, table records, ISMS documents, etc. generated by ISMS operation). ) produced by consulting company.
I don't know if I made myself clear.