This guideline provides a systematic framework for the security classification of data and information systems based on both local and international standards. It aims to enhance the confidentiality, integrity, and availability of information. The document defines key terms, risk management approaches, security classifications, and outlines the potential impact of information loss. It includes mechanisms to identify data types, conduct impact analysis, and assign appropriate security levels for both data and systems, supported by real-world examples. The annex presents a comprehensive mapping of data domains across all sectors of government.