The problem of developing the architecture of a dynamic information security management system for an enterprise information system, based on the hierarchical organization of the management system, analysis of the state of the computer system in the information space, analysis of the spread of risk flow, as well as multi-agent organization of the processes of collecting, analyzing data and making decisions is considered.

Keywords: information protection, enterprise information system, security policy, information security management, risk analysis, zero trust architecture, multi-agent technologies, neural network forecasting