Abstract: This article discusses several core aspects of security system organization which are able to guarantee efficient protection of corporative resources. These resources could be stored in a common case as an internal sub-system. Recently many enterprises prefer to store them in data centres relying on cloud services. Nevertheless which one of these two approaches will be applied strong procedures for corporative information security and personal data protection must be defined. In order to investigate security procedures for accessing and using business information in a corporative system the article deals with formalization of the processes by using data flow diagram and modelling by Petri Nets (PN) apparatus (in the stochastic extension). An analytical evaluation of the results is carried out and calculated assessments for a case study are given.

Keywords: Information security, Modelling, Stochastic Petri Nets (SPN), Evaluation.