Bruce Schneier, author of Beyond Fear, uses the following five step process to assess security:

1. What assets are you trying to protect?
2. What are the risks to these assets?
3. How well does the security solution mitigate those risks?
4. What other risks does the security solution cause?
5. What trade-offs does the security solution require?

Security is not mysterious, with these five steps and some imagination you can assess security and make better decisions about it. Everyone should read Beyond Fear. I recommend subscribing to his Crypto-Gram e-newsletter too.