When integrating data from multiple external sources, uncleardata ownershipdirectly affects accountability for privacy, consent, retention, and lawful processing. This createsgaps in AI privacy compliance and accountability(option D), which is the greatest concern because violations can lead to regulatory sanctions, litigation, and serious reputational damage. AAIA’s governance and risk domain emphasizesprivacy and data governance programs, including clear roles, responsibilities, and ownership.
Option A is important but relates more to accuracy and performance validation, not the foundational legal and accountability issues. Option B (access permissions) is a control issue but usually easier to remediate once ownership and responsibilities are clarified. Option C (dependence on automated data collection/cleansing) can introduce quality risks but does not directly resolve or define who is accountable. Thus, the primary risk is the lack of clear privacy and accountability structures across external data sources.
[References:, ISACA,AAIA Exam Content Outline– Domain 1: Privacy and Data Governance Programs (data governance, privacy considerations)., ISACA guidance on AI governance, roles, responsibilities, and accountability for data use., ]
Submit