A model of a system of managing information security of automated data
processing systems of critical application is offered in the article. The model allows to
evaluate the level of risk for the information security and provides support of
decision-making on the counteraction to the unauthorized access to the information
circulating in the information systems.