Download presentation
Presentation is loading. Please wait.
Published byJade Patterson Modified over 9 years ago
1
Models for Monitoring Digital Accessibility Compliance Tim Springer Tammy Cosseboom
2
Agenda Compliance Programs Monitoring Plans Process Monitoring and Auditing Asset Monitoring Asset Audits
3
Compliance Programs
4
What is Compliance? Conforming to the controls and procedures imposed on your organization by appropriate laws or rulings
5
Compliance Elements Seven Elements of Effective Compliance Programs 1.Policies, Procedures and Controls 2.Compliance and Ethics Oversight 3.Exercise Due Diligence 4.Educate Employees 5.Monitor and Audit Compliance 6.Consistent Enforcement and Discipline 7.Respond Appropriately
6
Conceptual Framework Accessibility program maturity is measured along ten key dimensions: Governance, Risk Management, and Compliance Communications Policy and Standards Legal Fiscal Management Development Lifecycle Testing and Validation Support and Documentation Procurement Training
7
Risk Prioritization Not all technology is warrants the same level of scrutiny Worry more about technology that: –Is necessary for completion of core functionality –Pertains specifically to users with disabilities –Receives the highest amount of traffic –Concerns job postings / applications –Utilizes third party vendors –Contains maps or other extensive graphics Higher Risk = Higher Priority
8
Risk Management Prioritization Levels Enterprise Asset Best Practice Risk Model Identify core factors for each level Weight core factors Rank
9
Legal Research Legal research is a continuous compliance process Must be executed at many levels: –Federal –State –Local New laws/regulations should be immediately analyzed for impact and tracked Know your rulemaking process Know your OIRA
10
Compliance Cross-Pollination Compliance processes can be executed the “hard” way or the “easy” way Integrating accessibility into the existing compliance program gets you on the path to the “easy way”
11
Reporting, Metrics, Trends Center of the feedback loop Risk Management, Risk Assessment, Legal Research and Compliance Cross-Pollination feed the data Produce actionable summaries which can be turned into compliance process improvement programs
12
Monitoring Plans
13
It All Starts with a Monitoring Plan Who is involved? What is being monitored? What resources are required? When is plan to be executed? Which compliance plan is monitoring associated with? What types of test methods are being utilized?
14
Monitoring Plan Goals Ensure that the program policies are being followed Periodically evaluate the effectiveness of the program Have and publicize a system to report violations
15
Monitoring Plan – Ad Hoc or Formal? Issues with Ad-hoc plans Sample size not consistent or risk- assessed Testing staff lacks knowledge to identify key work flow structures False negatives or positives if not utilizing users with disabilities Doesn’t leverage automatic testing Doesn’t provide metrics
16
Monitoring Types Process monitoring – operations are conforming to the accessibility policy in practice Asset monitoring – ICT being produced or utilized is accessible –Monitoring = High level ongoing tests –Auditing = Detailed point in time tests Some concepts apply to both types –Monitoring Plan Creation –Risk Prioritization –Risk Management
17
Process Monitoring and Auditing
18
Process Monitoring Approach Roughly: Define Train Measure, Manage, Coach Report Bulletproofing Automate that which can be automated Use software Setup notifications Define process variance tolerances
19
Process Auditing Methodology Process Walkthrough Artifact Review Operations Review Analysis Draft Findings Review Primary Draft Development Primary Draft Review Secondary Changes Delivery
20
Asset Monitoring
21
Accessibility Monitoring Test Types Automated Tests Global Tests Manual Tests Manual Tests with AT
22
Accessibility Compliance Levels - Minimum Automated ICT scan only Pages are rendered in a browser and tested directly against the DOM Results in roughly 25% testing coverage
23
Accessibility Compliance Levels - Baseline Extends minimum level to include manual tests of sample portions of the site Sample tests are extrapolated to remainder of the site Results in roughly 85% testing coverage
24
Accessibility Compliance Levels - Complete Extends base level to include functional use case testing by individuals with disabilities using assistive technology Focuses on key transaction paths in the system Increases compliance coverage to as close to 100% as possible
25
Asset Audits
26
Is My ICT Accessible? Three components need to be reviewed to answer this question: Technical Compliance Functional Compliance Support Compliance
27
Technical Requirements Does the technology conform to the coding requirements in the relevant standards? Requires up-to-date standards Requires the ICT be substantially conformant with standards Requirements are assessed for risk and divided between those that can be tested: ˗ Automatically (24.8%) ˗ Manually (48.3%) ˗ Globally (26.9%)
28
Functional Requirements Can people with disabilities use the application to complete its core tasks? Requires system be usable to people with disabilities using current AT Technical requirements focus on the trees – functional requirements on the forest
29
Support Requirements Is the deployment context of the ICT accessible? Is the ICT documentation accessible? Can the organization provide accessible support for the ICT to its employees and the public? (TTY/TDD, accessible online chat) Is the ICT training accessible? Does the organization have a periodic audit program which assesses the compliance and ethics program?
30
Questions?
31
Thank You Contact Us Tim Springer tim.springer@ssbbartgroup.com Tammy Cosseboom tammyc@ssbbartgroup.com Download Slide Deck Info.ssbbartgroup.com/CSUN2015 Follow Us @SSBBARTGroup linkedin.com/company/ SSB-BART-Group facebook.com/ SSBBARTGroup SSBBARTGroup.com/blog
32
About SSB BART Group Unmatched Experience Focus on Accessibility Solutions That Manage Risk Real-World Strategy Organizational Strength and Continuity Dynamic, Forward-Thinking Intelligence Fourteen hundred organizations (1445) Fifteen hundred individual accessibility best practices (1595) Twenty-two core technology platforms (22) Fifty-five thousand audits (55,930) One hundred fifty million accessibility violations (152,351,725) Three hundred sixty-six thousand human validated accessibility violations (366,096)
33
Appendix A – Compliance Programs
34
Policies, Procedures and Controls Publish an accessibility statement Modify existing policies (HR, Customer Support) Set internal controls –Protect resources –Ensure accuracy and reliability –Secure compliance with policies –Evaluate performance
35
Oversight Visibility, knowledge, and oversight High-level sponsorship Roles and responsibilities clearly identified Clearly assigned responsibilities Day-to-day operations have resources, authority and access to governing authority –Resources == budgets –Authority == compliance can tell other departments what to do In accessibility? Really? –Direct access to the governing authority == if compliance thinks there is a problem, but their leadership is stonewalling them, they can do an end run straight to the BoD
36
RACI Matrix
37
Educate Employees on Programs Communicate policies, standards and procedures of compliance and ethics program Conduct effective training programs Disseminate information appropriate to respective roles
38
Consistent Enforcement and Discipline Policies, Procedures, and Controls need to include disciplinary steps for all levels of employees/agents If retraining is an option: –Maintain metrics on improvement after retraining –Document all training If termination is potential outcome, update contracts to define penalties
39
Respond to/Prevent Future Incidents Two elements must be implemented: Accessibility Issue Resolution Policy / Procedures –Reasonable Accommodation must be provided –Why did the accessibility violation get overlooked? Root Cause Analysis –Why did the accessibility violation get overlooked? –What improvements can be made to procedures?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.