diff --git a/admin-compliance/components/sdk/Sidebar/SidebarModuleList.tsx b/admin-compliance/components/sdk/Sidebar/SidebarModuleList.tsx
index 76fd9dbe..9b0d2222 100644
--- a/admin-compliance/components/sdk/Sidebar/SidebarModuleList.tsx
+++ b/admin-compliance/components/sdk/Sidebar/SidebarModuleList.tsx
@@ -91,27 +91,18 @@ export function SidebarModuleList({ collapsed, projectId, pendingCRCount }: Side
       {/* KI-Compliance */}
       <div className="border-t border-gray-100 py-2">
         <SectionHeader label="KI-Compliance" collapsed={collapsed} />
-        {item('/sdk/advisory-board', I.clipboardCheck, 'Use Case Erfassung')}
         {item('/sdk/use-cases', I.list, 'Use Cases', true)}
-        {item('/sdk/ai-act', I.bolt, 'AI Act', true)}
         {item('/sdk/ai-registration', I.euReg, 'EU Registrierung', true)}
         {item('/sdk/compliance-optimizer', I.optimizer, 'Compliance Optimizer', true)}
         {item('/sdk/agent', I.chip, 'Compliance Agent', true)}
         {item('/sdk/benchmark', I.barChart, 'Branchen-Benchmark', true)}
       </div>
 
-      {/* Datenschutz (CMP) */}
+      {/* Cookie & Consent — Schnellzugriff (vollständiger Datenschutz-Flow = Pipeline Phase 3–5) */}
       <div className="border-t-2 border-purple-200 py-2 bg-purple-50/30">
-        <SectionHeader label="Datenschutz" collapsed={collapsed} tone="purple" />
-        {item('/sdk/cmp', I.grid, 'Dashboard')}
-        {item('/sdk/cookie-banner', I.shieldCheck, 'Cookie-Banner', true)}
-        {item('/sdk/cookie-banner/preview', I.eyeCircle, 'Live-Vorschau')}
-        {item('/sdk/einwilligungen', I.clipboardCheck, 'Consent-Records', true)}
-        {item('/sdk/consent-management', I.consent, 'Consent-Verwaltung')}
-        {item('/sdk/vendor-compliance', I.users, 'Vendor-Compliance', true)}
-        {item('/sdk/dsr', I.user, 'DSR Portal', true)}
-        {item('/sdk/loeschfristen', I.clock, 'Loeschfristen')}
-        {item('/sdk/email-templates', I.envelope, 'E-Mail-Templates')}
+        <SectionHeader label="Cookie & Consent" collapsed={collapsed} tone="purple" />
+        {item('/sdk/cmp', I.grid, 'Consent Dashboard')}
+        {item('/sdk/cookie-banner/preview', I.eyeCircle, 'Cookie Live-Vorschau')}
       </div>
 
       {/* Verträge & Audit */}
@@ -131,7 +122,6 @@ export function SidebarModuleList({ collapsed, projectId, pendingCRCount }: Side
       <div className="border-t border-gray-100 py-2">
         <SectionHeader label="Betrieb & Nachweise" collapsed={collapsed} />
         {item('/sdk/rollenkonzept', I.rolesUsers, 'Rollenkonzept', true)}
-        {item('/sdk/training', I.book, 'Schulung (Admin)')}
         {item('/sdk/training/learner', I.user, 'Schulung (Learner)')}
         {item('/sdk/security-backlog', I.warning, 'Security Backlog')}
         {item('/sdk/compliance-hub', I.barChart, 'Compliance Hub')}
@@ -145,7 +135,6 @@ export function SidebarModuleList({ collapsed, projectId, pendingCRCount }: Side
           <SectionHeader label="Intern · Entwicklung" collapsed={collapsed} tone="slate" />
           {item('/sdk/coverage', I.clipboardCheck, 'Abdeckung / Korpus', true)}
           {item('/sdk/catalog-manager', I.catalog, 'Kataloge / Templates')}
-          {item('/sdk/source-policy', I.globe, 'Quellen-Verwaltung', true)}
           {item('/sdk/rag', I.search, 'Legal RAG')}
           {item('/sdk/quality', I.checkCircle, 'AI Quality')}
           {item('/sdk/assertions', I.clipboardCheck, 'Assertions')}
diff --git a/docs-src/development/sdk-navigation-inventory.md b/docs-src/development/sdk-navigation-inventory.md
new file mode 100644
index 00000000..6c8df2c7
--- /dev/null
+++ b/docs-src/development/sdk-navigation-inventory.md
@@ -0,0 +1,148 @@
+# SDK-Navigations-Inventur (vollständig)
+
+> Zweck: **Kein Feature darf unsichtbar „verloren" gehen.** Diese Datei listet
+> JEDE `/sdk`-Route und wo sie in der Sidebar lebt. Stand 2026-06-16, nach der
+> Doppelungs-Auflösung (Step A1). Quelle: `lib/sdk/types/sdk-steps.ts` (Pipeline)
+> + `components/sdk/Sidebar/SidebarModuleList.tsx` (Module).
+
+Es gibt zwei Navigationsebenen:
+1. **Pipeline** — der geführte 5-Phasen-Flow (oben), immer sichtbar (Profil/Scope = Einstieg).
+2. **Module** — thematischer Direktzugriff (unten), inkl. gegateter Sektion „Intern · Entwicklung".
+
+---
+
+## 1. Pipeline (geführter Flow, immer sichtbar)
+
+### Phase 1 — Vorbereitung
+| Route | Label | Hinweis |
+|---|---|---|
+| /sdk/company-profile | Profil | Einstieg / Stammdaten |
+| /sdk/compliance-scope | Scope | Einstieg / Geltungsbereich |
+| /sdk/advisory-board | Anwendung | = „Use Case Erfassung" |
+| /sdk/import | Import | bedingt (`visibleWhen`) |
+| /sdk/ai-act | AI Act | |
+| /sdk/screening | Screening | |
+| /sdk/source-policy | Quellen | = „Quellen-Verwaltung" |
+
+### Phase 2 — Analyse
+| Route | Label |
+|---|---|
+| /sdk/requirements | Anforderungen |
+| /sdk/controls | Controls |
+| /sdk/risks | Risiken |
+| /sdk/audit-checklist | Checklist |
+| /sdk/audit-report | Report |
+
+### Phase 3 — Dokumentation
+| Route | Label | Hinweis |
+|---|---|---|
+| /sdk/obligations | Pflichten | |
+| /sdk/dsfa | DSFA | bedingt (`visibleWhen`) |
+| /sdk/tom | TOMs | |
+| /sdk/loeschfristen | Löschfristen | |
+| /sdk/vvt | VVT | |
+| /sdk/document-library | Library | |
+
+### Phase 4 — Rechtliche Texte
+| Route | Label | Hinweis |
+|---|---|---|
+| /sdk/einwilligungen | Consent-Records | |
+| /sdk/consent | Vorlagen | ≠ /sdk/consent-management |
+| /sdk/cookie-banner | Cookies | ≠ /sdk/cookie-banner/preview |
+| /sdk/document-generator | Generator | bedingt (`visibleWhen`); ≠ /sdk/catalog-manager |
+| /sdk/workflow | Workflow | |
+
+### Phase 5 — Betrieb
+| Route | Label | Hinweis |
+|---|---|---|
+| /sdk/evidence | Nachweise | |
+| /sdk/dsr | DSR | |
+| /sdk/escalations | Eskalationen | → CRA-Meldewesen (geplant #52) |
+| /sdk/vendor-compliance | Vendor | ≠ /sdk/vendor-assessment |
+| /sdk/consent-management | Consent Mgmt | |
+| /sdk/email-templates | E-Mails | |
+| /sdk/notfallplan | Notfallplan | → CRA-Meldewesen (geplant #52) |
+| /sdk/incidents | Incidents | → CRA-Meldewesen (geplant #52) |
+| /sdk/whistleblower | Whistleblower | |
+| /sdk/academy | Academy | |
+| /sdk/training | Training | = „Schulung (Admin)" |
+| /sdk/control-library | Controls (Library) | ≠ /sdk/coverage |
+| /sdk/master-controls | MCs | |
+| /sdk/control-provenance | Provenance | |
+| /sdk/template-rule-editor | Regeln | |
+
+---
+
+## 2. Module (thematischer Direktzugriff)
+
+### Kunde
+| Gruppe | Route | Label |
+|---|---|---|
+| Produkt-Compliance (CE & Cyber) | /sdk/gap-analysis | Gap-Analyse |
+| | /sdk/iace | Maschinensicherheit (CE) |
+| | /sdk/cra | Cyber Resilience (CRA) |
+| KI-Compliance | /sdk/use-cases | Use Cases |
+| | /sdk/ai-registration | EU Registrierung |
+| | /sdk/compliance-optimizer | Compliance Optimizer |
+| | /sdk/agent | Compliance Agent |
+| | /sdk/benchmark | Branchen-Benchmark |
+| Cookie & Consent | /sdk/cmp | Consent Dashboard |
+| | /sdk/cookie-banner/preview | Cookie Live-Vorschau |
+| Verträge & Audit | /sdk/vendor-assessment | Vertragsprüfung |
+| | /sdk/audit-timeline | Audit Timeline |
+| Payment / Terminal | /sdk/payment-compliance | Payment Compliance |
+| Betrieb & Nachweise | /sdk/rollenkonzept | Rollenkonzept |
+| | /sdk/training/learner | Schulung (Learner) |
+| | /sdk/security-backlog | Security Backlog |
+| | /sdk/compliance-hub | Compliance Hub |
+| | /sdk/isms | ISMS Readiness |
+| | /sdk/wiki | Compliance Wiki |
+
+### Intern · Entwicklung (gegated via `useInternalUI`, Kunden sehen es nie)
+| Route | Label |
+|---|---|
+| /sdk/coverage | Abdeckung / Korpus |
+| /sdk/catalog-manager | Kataloge / Templates |
+| /sdk/rag | Legal RAG |
+| /sdk/quality | AI Quality |
+| /sdk/assertions | Assertions |
+| /sdk/dsms | DSMS |
+| /sdk/sdk-flow | SDK Flow |
+| /sdk/architecture | Architektur |
+| /sdk/agents | Agenten |
+| /sdk/workshop | Workshop |
+| /sdk/portfolio | Portfolio |
+| /sdk/roadmap | Roadmap |
+| /sdk/audit-llm | LLM Audit |
+| /sdk/rbac | RBAC Admin |
+| /sdk/api-docs | API-Referenz |
+| /sdk/change-requests | Änderungsanfragen (Badge) |
+| (extern) macmini:3006 | Developer Portal |
+| (extern) macmini:8011 | SDK Dokumentation |
+
+---
+
+## 3. Aufgelöste Doppelungen (Step A1, 2026-06-16)
+
+Diese 11 Routen waren **doppelt** (Pipeline + Modul). Die Modul-Zeile wurde
+entfernt; **Heimat ist jetzt die immer-sichtbare Pipeline** — kein Verlust:
+
+| Route | Heimat (bleibt) | entfernte Modul-Zeile |
+|---|---|---|
+| /sdk/advisory-board | Vorbereitung → Anwendung | KI → Use Case Erfassung |
+| /sdk/ai-act | Vorbereitung → AI Act | KI → AI Act |
+| /sdk/source-policy | Vorbereitung → Quellen | Intern → Quellen-Verwaltung |
+| /sdk/loeschfristen | Dokumentation → Löschfristen | Datenschutz → Loeschfristen |
+| /sdk/einwilligungen | Rechtl. Texte → Consent-Records | Datenschutz → Consent-Records |
+| /sdk/cookie-banner | Rechtl. Texte → Cookies | Datenschutz → Cookie-Banner |
+| /sdk/dsr | Betrieb → DSR | Datenschutz → DSR Portal |
+| /sdk/vendor-compliance | Betrieb → Vendor | Datenschutz → Vendor-Compliance |
+| /sdk/consent-management | Betrieb → Consent Mgmt | Datenschutz → Consent-Verwaltung |
+| /sdk/email-templates | Betrieb → E-Mails | Datenschutz → E-Mail-Templates |
+| /sdk/training | Betrieb → Training | Betrieb & Nachweise → Schulung (Admin) |
+
+**Bewusst NICHT zusammengelegt** (ähnliches Label, aber andere Seite):
+`/sdk/document-generator` ≠ `/sdk/catalog-manager` · `/sdk/control-library` ≠
+`/sdk/coverage` · `/sdk/consent` ≠ `/sdk/consent-management` ·
+`/sdk/cookie-banner` ≠ `/sdk/cookie-banner/preview` · `/sdk/vendor-compliance` ≠
+`/sdk/vendor-assessment`.