������Ƶ

1. Cloud Security Assessment: Specific risk assessment for cloud-based components, used when the system includes cloud services

2. Personal Data Processing: Detailed GDPR compliance assessment, required when the system processes personal data

3. Third-Party Risk Assessment: Assessment of risks related to third-party vendors and service providers, needed when external parties are involved

4. Business Continuity Impact: Assessment of system criticality for business continuity, recommended for business-critical systems

5. Industry-Specific Compliance: Assessment against industry-specific requirements, needed for regulated sectors

6. Cross-Border Data Flows: Assessment of risks related to international data transfers, required when data crosses borders

1. Technical System Documentation: Detailed technical specifications and system architecture diagrams

2. Risk Assessment Matrix: Detailed risk scoring and evaluation matrices

3. Control Framework Mapping: Mapping of controls to relevant standards (ISO 27001, etc.)

4. Security Test Results: Results of security testing and vulnerability assessments

5. Data Flow Diagrams: Detailed diagrams showing data flows and processing activities

6. Incident Response Procedures: Procedures for responding to identified security incidents

7. Risk Treatment Plan: Detailed plan for implementing risk mitigation measures

8. Compliance Checklist: Checklist of relevant regulatory requirements and compliance status