Nitpicking on a Friday....Are we expected to take the examples on this list, write them on a piece of paper, indicate whether or not they would apply in our world, and, if yes, indicate the mitigating procedures etc. to prevent chance of ID theft OR we we to consider (think about, muse over) the list, maybe attach it to our risk assessment of our products/services and refer to it but not take the examples item by item and address each one in writing....

IMO, YOU SHOULD TAKE THESE AS WELL AS OTHER ISSUES YOU COME UP WITH AND DEVELOPE a risk assessment based on your unique situation. Some or all may need to be addressed and some may not be...and then you may have additional concerns not addressed in the examples given.