feat(document-generator): 33 policy + module document templates

- Migration 071: 14 IT-Security policy templates (ISO 27001/BSI)
  information_security, access_control, password, encryption, logging,
  backup, incident_response, change_management, patch_management,
  asset_management, cloud_security, devsecops, secrets_management,
  vulnerability_management
- Migration 072: 15 Data/HR/Vendor/BCM policy templates
  data_protection, data_classification, data_retention, data_transfer,
  privacy_incident, employee_security, security_awareness, remote_work,
  offboarding, vendor_risk_management, third_party_security,
  supplier_security, business_continuity, disaster_recovery,
  crisis_management
- Migration 073: 4 module document reference templates
  vvt_register, tom_documentation, loeschkonzept, pflichtenregister
- TemplateType union: 17 → 61 types with German labels
- VALID_DOCUMENT_TYPES: +6 types (cybersecurity_policy, dsfa, 4 module docs)
- CATEGORIES: new "DSGVO-Dokumente" category for module documents

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

admin-compliance/app/sdk/document-generator/page.tsx

@@ -45,13 +45,15 @@ const CATEGORIES: { key: string; label: string; types: string[] | null }[] = [
   { key: 'misc', label: 'Weitere', types: ['community_guidelines', 'copyright_policy', 'data_usage_clause'] },
   { key: 'dsfa', label: 'DSFA', types: ['dsfa'] },
   // Sicherheitskonzepte (Migration 051)
-  { key: 'security', label: 'Sicherheitskonzepte', types: ['it_security_concept', 'data_protection_concept', 'backup_recovery_concept', 'logging_concept', 'incident_response_plan', 'access_control_concept', 'risk_management_concept'] },
-  // Policy-Bibliothek (Migration 054)
+  { key: 'security', label: 'Sicherheitskonzepte', types: ['it_security_concept', 'data_protection_concept', 'backup_recovery_concept', 'logging_concept', 'incident_response_plan', 'access_control_concept', 'risk_management_concept', 'cybersecurity_policy'] },
+  // Policy-Bibliothek (Migration 071/072)
   { key: 'it_security_policies', label: 'IT-Sicherheit Policies', types: ['information_security_policy', 'access_control_policy', 'password_policy', 'encryption_policy', 'logging_policy', 'backup_policy', 'incident_response_policy', 'change_management_policy', 'patch_management_policy', 'asset_management_policy', 'cloud_security_policy', 'devsecops_policy', 'secrets_management_policy', 'vulnerability_management_policy'] },
   { key: 'data_policies', label: 'Daten-Policies', types: ['data_protection_policy', 'data_classification_policy', 'data_retention_policy', 'data_transfer_policy', 'privacy_incident_policy'] },
   { key: 'hr_policies', label: 'Personal-Policies', types: ['employee_security_policy', 'security_awareness_policy', 'acceptable_use', 'remote_work_policy', 'offboarding_policy'] },
   { key: 'vendor_policies', label: 'Lieferanten-Policies', types: ['vendor_risk_management_policy', 'third_party_security_policy', 'supplier_security_policy'] },
   { key: 'bcm_policies', label: 'BCM/Notfall', types: ['business_continuity_policy', 'disaster_recovery_policy', 'crisis_management_policy'] },
+  // Modul-Dokumente (Migration 073)
+  { key: 'module_docs', label: 'DSGVO-Dokumente', types: ['vvt_register', 'tom_documentation', 'loeschkonzept', 'pflichtenregister'] },
 ]
 
 // =============================================================================