The research presented in this paper is aimed at developing a holistic modelling method that comprehensively considers and integrates technical, organizational, behavioral and business aspects - all crucial to create and manage secure IT systems. Our method relies on Multi-perspective Enterprise Modeling (MEMO) and extends it to support security concepts. The focus of this paper is twofold: 1. identifying opportunities for using enterprise models for generating security related code; 2. defining requirements, which should be satisfied by the modelling method in order to support such security-related code generation. In order to identify opportunities for code generation, we apply a technique for developing domain specific modelling languages (DSML) that is chiefly based on a structured analysis of use scenarios including prototypical diagrams. It is supplemented by work found in literature and validated with practitioners. Our analysis results in the identification of three areas in which MEMO IT security models can be used for automatic creation of code: access control, report generation and encryption and in 9 corresponding requirements that the modelling language should satisfy.