What can be classified as a non-technical risk in cloud computing?

Compliance issues are classified as a non-technical risk in cloud computing because they pertain to the adherence to laws, regulations, and organizational policies, rather than technical vulnerabilities or failures. Compliance involves ensuring that cloud services meet legal and regulatory standards related to data protection, privacy, and security. Non-compliance can result in legal liabilities, fines, and reputational damage, which are significant risks to the organization that do not stem from technical factors but rather from governance and management practices.

In contrast, service unavailability, data breaches, and malicious attacks are considered technical risks. Service unavailability involves the potential downtime of cloud services, which can affect business operations and access to data. Data breaches refer to unauthorized access or leakage of sensitive information, highlighting vulnerabilities in technical defenses. Malicious attacks involve intentional efforts to compromise systems, underscoring security weaknesses. Each of these scenarios primarily relates to the technical environment of cloud computing rather than governance or compliance frameworks.