
- Data management processes and controls
- Data architecture and ownership controls
- Information security controls applied to data
- Compliance requirements for data (i.e. regulated data)
- How data is classified within the environment
- User access controls applied to data
The data risk assessment applies to on-premises environments, cloud, hybrid, and SaaS services.

