The document discusses data lifecycle risks and controls. It begins by defining data and discussing data classification. It then explains risks to data throughout its lifecycle before collection, during use, and after use. Some risks include breaches of confidentiality, integrity, and availability. The document recommends implementing information security programs and specific controls to mitigate risks. It also notes new risks emerging from technologies like big data and the need to consider ethics when managing data.