practices within governmental units by clarifying methodologies for risk assessment and response strategies. It emphasizes the integration of risk management into organizational processes, the importance of awareness, and the need for continuous improvement. The guide outlines roles and responsibilities for management and IT departments, categorizes IT assets based on their importance, and establishes reporting mechanisms for effective communication with national authorities, ultimately focusing on regular reviews and updates to ensure robust risk management practices