EN
Referring to the growing significance of infomation security, the issues of requirements specification as a basic aspect of implementation of certain protection solutions are presented. The authoress describes a standard process of requirements engineering. The place of requirements specification in the information security life cycle is indicated. Risk estimation as a method supporting decisions concerning introduction of particular securities is discussed.