(1) Vendor needs to provide website design, development, hosting, implementation, migration, maintenance and services using content management system.– The website must utilize responsive design, adapting seamlessly to various screen sizes and devices (desktop, tablet, mobile). – Implement mobile–first design principles to optimize performance on smaller devices. – Utilize a secure, modern content management system (CMS) such as Joomla (version 5.x or latest stable) or equivalent, with real–time frontend editing capabilities. – Ensure all frontend interactions are protected against cross–site scripting (XSS) and cross–site request forgery (CSRF) vulnerabilities. – Provide a customized CMS allowing staff to update pages, content, images, and blogs securely. – Enforce role–based access control (RBAC) with multi–factor authentication (MFA) for all administrative accounts. – Regularly update CMS and plugins to patch known vulnerabilities. – Integrate Google Fonts with secure HTTPS connections to ensure data integrity. – Implement Google Analytics with IP anonymization enabled to comply with data privacy regulations (e.g., GDPR/CCPA if applicable). – Use secure API keys for all third–party integrations, stored in environment variables or a secure vault. – Optimize website structure and content for search engines, including clean URLs, meta tags, and schema markup. – Protect blog comments against spam and malicious content using automated moderation tools. – The blog must support secure content creation with version control and moderation workflows. – Include secure social media sharing links, using HTTPS and avoiding deprecated APIs. – Archive the existing website securely, ensuring no sensitive data is exposed during the process. – Integrate Google Calendar feeds using secure API connections with OAuth 2.0 authentication. – Securely transfer all existing content, including 60+ menus, articles, and documents, from the current website. – Verify data integrity during migra