What is meant by “Matching Level of Assurance with Level of Risk”?

Matching level of assurance with level of risk means that the level of detail and information requested increases as the sourcing or supplier risk level increases. In the context of the CFSP, if a SOR only sources from non-conflict-affected or high-risk areas (i.e., Level 1 countries), the level of due diligence conducted, documentation collected/provided, and validation review is reduced compared to those attributes for SORs that identify higher risks in their supply chains due (e.g., sourcing from a conflict-affected and high-risk area).