The primary aim of maritime security assessment models is to assess the level of security within and across the maritime network. When managing risk through legislation, regulatory assessment models are used to assess risk levels and examine the impact of policy options, usually in terms of the costs and benefits of a regulatory proposal. This paper reviews the development, application and adequacy of existing risk assessment and management models to maritime and port security. In particular, we examine the problematical issues of security perception, value and impact, and discuss the limitations of the current regulatory framework in providing an integrated and effective approach to risk assessment and management, including for supply chain security.