In a system where a management application sends commands to a remotely-located agent over a network, the agent maintains a security specification table defining the security level for each combination of the cipher and authentication algorithms of the communication path to/from the management application and a required security level table defining the minimum security level required for the execution of each command. Upon receiving a command from the management application, the agent obtains, by referencing these tables, the operational security level of the communication path and the required security level for the command, and executes the command only if the former is greater than or equal to the latter. This mechanism ensures high security in system management by preventing a malicious intruder from executing potent commands that can cause a down of a computer system, without unreasonably limiting the use of the management application by the system administrator.