Specifications include, but are not limited to: LMS System must be compliant with Cyber Security, Disaster Recovery, and Standards-Based Compliance in the following requirements: A. Cyber Security and Disaster Recovery A.1 Provide a copy of your current security policy and/or a copy of your most recent SOC audit results. A.2 Provide a copy of your current disaster recovery plan. A.3 Describe your SLA for support, including support hours, average response time, and whether there are graduated or differentiated tiers of support for the application. A.4 Provide a description of your incident response plan, indicate if you are able to provide a copy of the plan when requested. A.5 Describe your cyber forensics support and response time frames in the event an incident occurs. A.6 Describe your cyber liability insurance coverage and name your provider and coverage limits. A.7 Describe your cyber and IT compliance framework and compliance reports that are developed and available for review. A.8 Describe your vulnerability management and penetration testing programs. Indicate if those reposts will be made available for review upon request. A.9 Describe your prohibited technologies policy. A.10 Describe your malware, and specifically your ransomware, protections for the system and for backups. A.11 In general terms, describe your production and non-production environments and the protections for each.