Specifications include, but are not limited to: Supplier shall provide managed services to reduce LCRA’s digital vulnerabilities: Prioritizing patches, testing patches, deploying patches, modifying settings, and confirming vulnerabilities have been remediated. Work with system owners to identify how applying a patch, installing upgrades, or modifying a configuration that may harm the system prior to work being performed Prior to implementing the change, the Supplier must understand how the remediation may negatively affect other systems and test the remediation prior to installation. Roll-back plans shall be created by the Supplier and once complete, remediation will be confirmed by the Cybersecurity Department.