As I mentioned, I think it could be a matrix of both the contexts that are being used and the recognition of what a standard high-risk assessment would be.
Again, I would draw your attention to appendix C of the directive on automated decision-making systems, where that is broken down into four different types of impact, as we called it, but then different types of compliance requirements would be related to that.
I also think that the key word there is a “standard” for an impact assessment, to understand what that risk would actually be.