SUMMARY
Based on the analysis of the interaction of the logical chain of the source of threats - threats - the implementation of threats (attacks) - vulnerabilities - objects - effects (loss) - countermeasures developed an ontological scheme for ensuring information security. It was established that the main objectives of the activity of ensuring information security are warnings, avoidance and elimination of threats to information security objects and minimization of possible losses caused by the implementation of these threats. A method of analyzing and assessing information threats is proposed to determine adequate measures to counter these threats. Within the above method, the risk assessment is carried out by assessing the feasibility of implementing security threats related to the vulnerabilities inherent in one or other information security objects.