Informatization construction is an important focal point of the modern enterprise development, while the problem of information security risk weakens the important role of information technology. From the hacker attack, the internal control management, application system security and other aspects, this article analyzes the information security risk in modern enterprises, and on this basis, expounds the control strategy. This paper aims to strengthen the understanding of enterprise information security risk, and provide certain references for enterprise to construct the information security system, deepening the informationzation construction of modern enterprises.