Watch this video on YouTube
How can the level of risk associated with information assets processed by an IT application be determined most effectively?