Technique of threats set formation for an information object

The problem of formation of actual threats list for an information object is considered in the paper. Quantitative estimations of threats of information security (probability of accomplishment; losses connected with threat accomplishment and time) and factors influencing their estimation are considered. The generalized structure scheme of threats model formation, consisting of three basic stages is shown: formation of a general database of threats; design of initial set of threats on the basis of knowledge of the information object; formation of the list of actual threats on the basis of expert methods. Criteria of experts selection are generated for an expert group, and estimations are resulted for the level of experts’ competence.