refactor(controls): Remove hardcoded controlTemplates fallback data

Replaced mock fallback (6 hardcoded controls + loadFromTemplates())
with clean empty state. Page now shows only real API data — freigabefähig.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

admin-compliance/app/sdk/controls/page.tsx

@@ -55,97 +55,6 @@ function mapStatusToDisplay(status: ImplementationStatus): DisplayStatus {
   }
 }
 
-// =============================================================================
-// FALLBACK TEMPLATES
-// =============================================================================
-
-interface ControlTemplate {
-  id: string
-  code: string
-  name: string
-  description: string
-  type: ControlType
-  displayType: DisplayControlType
-  displayCategory: DisplayCategory
-  category: string
-  owner: string
-  linkedRequirements: string[]
-}
-
-const controlTemplates: ControlTemplate[] = [
-  {
-    id: 'ctrl-tom-001',
-    code: 'TOM-001',
-    name: 'Zugriffskontrolle',
-    description: 'Rollenbasierte Zugriffskontrolle (RBAC) fuer alle Systeme',
-    type: 'TECHNICAL',
-    displayType: 'preventive',
-    displayCategory: 'technical',
-    category: 'Zutrittskontrolle',
-    owner: 'IT Security',
-    linkedRequirements: ['req-gdpr-32'],
-  },
-  {
-    id: 'ctrl-tom-002',
-    code: 'TOM-002',
-    name: 'Verschluesselung',
-    description: 'Verschluesselung von Daten at rest und in transit',
-    type: 'TECHNICAL',
-    displayType: 'preventive',
-    displayCategory: 'technical',
-    category: 'Weitergabekontrolle',
-    owner: 'IT Security',
-    linkedRequirements: ['req-gdpr-32'],
-  },
-  {
-    id: 'ctrl-org-001',
-    code: 'ORG-001',
-    name: 'Datenschutzschulung',
-    description: 'Jaehrliche Datenschutzschulung fuer alle Mitarbeiter',
-    type: 'ORGANIZATIONAL',
-    displayType: 'preventive',
-    displayCategory: 'organizational',
-    category: 'Schulung',
-    owner: 'HR',
-    linkedRequirements: ['req-gdpr-6', 'req-gdpr-32'],
-  },
-  {
-    id: 'ctrl-det-001',
-    code: 'DET-001',
-    name: 'Logging und Monitoring',
-    description: 'Umfassendes Logging aller Datenzugriffe',
-    type: 'TECHNICAL',
-    displayType: 'detective',
-    displayCategory: 'technical',
-    category: 'Eingabekontrolle',
-    owner: 'IT Operations',
-    linkedRequirements: ['req-gdpr-32', 'req-nis2-21'],
-  },
-  {
-    id: 'ctrl-cor-001',
-    code: 'COR-001',
-    name: 'Incident Response',
-    description: 'Prozess zur Behandlung von Datenschutzvorfaellen',
-    type: 'ORGANIZATIONAL',
-    displayType: 'corrective',
-    displayCategory: 'organizational',
-    category: 'Incident Management',
-    owner: 'CISO',
-    linkedRequirements: ['req-gdpr-32', 'req-nis2-21'],
-  },
-  {
-    id: 'ctrl-ai-001',
-    code: 'AI-001',
-    name: 'KI-Risikomonitoring',
-    description: 'Kontinuierliche Ueberwachung von KI-Systemrisiken',
-    type: 'TECHNICAL',
-    displayType: 'detective',
-    displayCategory: 'technical',
-    category: 'KI-Governance',
-    owner: 'AI Team',
-    linkedRequirements: ['req-ai-act-9', 'req-ai-act-13'],
-  },
-]
 
 // =============================================================================
 // COMPONENTS
@@ -523,45 +432,18 @@ export default function ControlsPage() {
             return
           }
         }
-        loadFromTemplates()
       } catch {
-        loadFromTemplates()
+        // API not available — show empty state
       } finally {
         setLoading(false)
       }
     }
 
-    const loadFromTemplates = () => {
-      if (state.controls.length > 0) return
-      if (state.requirements.length === 0) return
-
-      const relevantControls = controlTemplates.filter(c =>
-        c.linkedRequirements.some(reqId => state.requirements.some(r => r.id === reqId))
-      )
-
-      relevantControls.forEach(ctrl => {
-        const sdkControl: SDKControl = {
-          id: ctrl.id,
-          name: ctrl.name,
-          description: ctrl.description,
-          type: ctrl.type,
-          category: ctrl.category,
-          implementationStatus: 'NOT_IMPLEMENTED',
-          effectiveness: 'LOW',
-          evidence: [],
-          owner: ctrl.owner,
-          dueDate: null,
-        }
-        dispatch({ type: 'ADD_CONTROL', payload: sdkControl })
-      })
-    }
-
     fetchControls()
   }, []) // eslint-disable-line react-hooks/exhaustive-deps
 
   // Convert SDK controls to display controls
   const displayControls: DisplayControl[] = state.controls.map(ctrl => {
-    const template = controlTemplates.find(t => t.id === ctrl.id)
     const effectivenessPercent = effectivenessMap[ctrl.id] ??
       (ctrl.implementationStatus === 'IMPLEMENTED' ? 85 :
        ctrl.implementationStatus === 'PARTIAL' ? 50 : 0)
@@ -576,12 +458,12 @@ export default function ControlsPage() {
       evidence: ctrl.evidence,
       owner: ctrl.owner,
       dueDate: ctrl.dueDate,
-      code: template?.code || ctrl.id,
+      code: ctrl.id,
-      displayType: template?.displayType || 'preventive',
+      displayType: 'preventive' as DisplayControlType,
       displayCategory: mapControlTypeToDisplay(ctrl.type),
       displayStatus: mapStatusToDisplay(ctrl.implementationStatus),
       effectivenessPercent,
-      linkedRequirements: template?.linkedRequirements || [],
+      linkedRequirements: [],
       linkedEvidence: evidenceMap[ctrl.id] || [],
       lastReview: new Date(),
     }