DOI: 10.22184/2070-8963.2021.94.2.22.27

Nowadays, the activities of any enterprise are associated with the processing and large information amount storage in various, often decentralized information systems. Constantly appear new types of threats to unauthorized access to confidential information. The aim of the work is to reduce the risks of information security of the enterprise by creating the subsystem of automated management of users’ access rights to the enterprise information resources. The proposed models are built using a structural analysis and design approach adapted to solve information protection tasks, and are the basis for designing the subsystem of automated management of users’ access rights to information resources of the enterprise.