What is the BEST way to determine the level of risk associated with information assets processed by an IT application? 

Answer options:

A. Evaluate the potential value of information for an attacker
B. Calculate the business value of the information assets
C. Review the cost of acquiring the information assets for the business
D. Research compliance requirements associated with the information

B