摘要:This study outlines the system risk model of IT system oriented at the safety of the processes of sensitive data processing. The model constitutes a multi-dimensional approach to the analysis of IT system risk and IT processes implemented therein. The presented approach includes various categories of risk factors, resulting from both the architecture of the very IT system, IT security elements and security of the continued operations. The model described in this article may constitute a starting point for the development of the method for IT system risk analysis and appropriate IT security policy, which may in turn constitute input values for the methodology of IT system risk management.