I have a border router which nat our extr internet ips to our internal network.
I have a access-list which allows access via the net to our internal fw ip which is
natted eg ip nat inside source static intr x.x.x.x outs global x.x.x.x

My question is should I use a access-list to allow access to specific ports to he internal and the ip nat inside command for better security

eg ip nat inside source static tcp x.x.x.x 80 x.x.x.x 80
acceess-list 101 permit tcp any x.x.x.x 80

or IF I just use

access-lists 101 permit ip any internal ip
ip nat inside source static tcp x.x.x.x 80 x.x.x.x 80

Either provides the same result and if I check my logs only the natted translated ports to the ip I allow is allowed so to have a access-list to a spefic port plus ip nat inside source static tcp command it is not needed ?
Any security risks here ?