This short paper details a research in progress that presents a Multi-Objective Decision Model for assessing Information Systems Risks. The decision model is based on values and perceptions of stakeholders. It uses the Value Focused Thinking approach as opposed to the predominant Alternative Focused Thinking. The objectives serve as a basis for decision making pertaining to Information Systems risk management in complex managerial situations. In this paper the methodology used is presented, discussed and illustrated while developing a multi-objective decision model for Information Systems risks.