A model of a system of managing information security of automated data processing systems of critical application is offered in the article. The model allows to
evaluate the level of risk for the information security and provides support of decision-making on the counteraction to the unauthorized access to the information circulating in the information systems
