Add risk assessment reference, fix link
This MR moves the risk identification and assessment required by the DPIA to GitLab's security risk assessment process. It implements changes discussed and agreed by myself, @cciresi, and @MFarber. The MR also fixes a broken hyperlink tag.
Replaces !28176 (closed), which failed due to lint error and had merge conflicts WebIDE couldn't resolve.