Would suggest to split up a Windows guide into different parts. For example one for privacy, one for security, intersections of security and privacy, and maybe a setup guide (how to make an installer, which edition to choose, showing differences, driver best practices and so on). Stick to official guidelines and baselines as much as possible with little reliance on third-party tools.
Start with privacy, because that’s the most important part for PrivacyGuides and also the most difficult. It will be a big part. Show how to apply Windows Restricted Traffic Limited Functionality Baseline. Show which things must be patched afterwards (preferably provide a ready-to-use patch policy), for example to make Updates (Windows, Defender, Certificates), Store and a few more, which are needed for a secure and working distro. Show which can optionally be patched. Show privacy consequences and considerations (for example some users might want to be able to use XBOX services while others don’t). Show differences between Enterprise editions and Pro (e.g. which settings won’t take effect and whether there are other ways to achieve it). Explain considerations between privacy and security (e.g. Defender cloud protection, SAC, ISG). Show which built-in apps can be used in a privacy respecting way, whether settings are necessary to adjust and when it’s better to simply delete the app. Show which services and apps can or should be disabled/deleted. Show blocking of network communication with DNS filters and solutions like Simplewall to whitelist apps and which apps need to be whitelisted to keep the system secure and working.
Then you can start with security (or different people working on it in parallel), but the privacy guide should be worked on with higher priority, because it will also be needed for security vs privacy considerations. Security baselines, WDAC, Applocker, bitlocker, ISG, SAC, ASR-Rules, exploit protection rules and so on. All solutions have different consequences for privacy, security and usability, so a lot of explanation is needed (e.g. for which use cases is metadata transmitted for ISG acceptable). Explain why to apply privacy settings after security baselines, if users prefer privacy over security.
That’s just what quickly comes to mind. As you see this will be a long guide.