Recently I became aware of the "Security Technical Implementation Guide". The Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents.
Advertising
In the following tweet, Thorsten E. refers to this "Security Technical Implementation Guide", which is available on this website. Perhaps the information is useful for one or the other administrator.
Please be aware that the STIG Viewer website is a third-party website, maintained by a for-profit organization, and while their work is incredibly useful, it can sometime lag behind the state of the art on STIGs.
The official STIG document library is here: https://public.cyber.mil/stigs/downloads/
At time of writing, the latest Windows 11 STIG is version 1.5, dated 2023-10-30: https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_11_V1R5_STIG.zip
In the notes, they mention you have to reinstall the OS if you want to convert from a legacy mode to GPT to enable UEFI. Are they not aware of the MBR2GPT tool that will allow you to do this without reinstalling the OS?
https://learn.microsoft.com/en-us/windows/deployment/mbr-to-gpt