A review of publications by Russian and foreign researchers on the issues of modeling the process of assessing the degree of security of individual components of an informatization object (automated system) is presented. The main factors influencing the level of security are analyzed. The types of objects of unauthorized influence are given. The choice of the “information carrier” as the main generalized object and the list of actual threats to it are substantiated, their brief analysis is given. As the output (dependent) variable of the developed regression model, the level of information carrier security is determined. The input (independent) variables are the degree of danger of threats: illegal access to protected information; unauthorized copying of protected information; overcoming physical protection; loss of carriers of information. The developed model has the form of a regression equation and can be used to predict the level of security of information carriers.

Keywords: information security, informatization object, automated system, information carriers, information security threats, security level, regression model, expert information, adequacy criteria