View
10
Download
0
Category
Preview:
Citation preview
Technical note: Checkpoints and checkpoint groups
Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
TECHNICAL NOTE
Checkpoints and checkpoint groups
Version 5.1.0
Technical note: Checkpoints and checkpoint groups
i Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Copyright information
Copyright © 2016 Cryptzone North America Inc. All rights reserved.
Information in this document is subject to change without notice and does not represent a commitment on the part of
the vendor or its representatives. Permission to use, distribute, or copy not granted without written approval. No part of
this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, without the written permission of Cryptzone North America Inc. Complying with all applicable copyright
laws in the US and other countries is the responsibility of the user.
The Cryptzone logo, Security Sheriff, Compliance Sheriff, and Compliance Deputy are trademarks of Cryptzone North
America Inc. Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries. All
other product names mentioned herein are trademarks of their respective owners.
Technical support
For licensing or technical support information, please submit your requests via the Cryptzone Help Center at
http://support.cryptzone.com using your Service Cloud account. For more information, visit www.cryptzone.com.
Technical note: Checkpoints and checkpoint groups
ii Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Contents
1. About this document ............................................................................................................................................. 1
2. Checkpoint groups ................................................................................................................................................. 2
Accessibility Module ........................................................................................................................................................ 2
Privacy Module ................................................................................................................................................................ 3
SiteQuality/SEO Module .................................................................................................................................................. 5
OpSec Module .................................................................................................................................................................. 5
3. Checkpoints ........................................................................................................................................................... 6
Accessibility Module ........................................................................................................................................................ 6
Privacy Module .............................................................................................................................................................. 27
SiteQuality/SEO Module ................................................................................................................................................ 40
OpSec Module ................................................................................................................................................................ 42
4. Compiled checkpoints ......................................................................................................................................... 44
Technical note: Checkpoints and checkpoint groups
1 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
1. About this document
Checkpoints are instructions that are used by Compliance Sheriff scans to check that web pages conform to certain
predetermined rules or guidelines. The Compliance Sheriff checkpoints are defined and grouped based on the compliance
modules available – Accessibility, Privacy, Site Quality/SEO and OpSec. These out-of-the-box (OOTB) checkpoints can be
modified to suit different environments. Compliance Sheriff also allows custom checkpoints to be created to meet the
specific compliance requirements of any organization.
This document provides the OOTB checkpoint groups and checkpoints that are installed with Compliance Sheriff. The
availability of these checkpoints and groups depend on the compliance modules you have licensed.
For licensing or technical support information, please submit your requests via the Cryptzone Help Center
(http://support.cryptzone.com) using your Service Cloud account. For more information, visit www.cryptzone.com.
Technical note: Checkpoints and checkpoint groups
2 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
2. Checkpoint groups
The tables below list the major checkpoint groups based on their compliance module. It does not list the subgroups
referenced by the main groups. Note that groups can contain either checkpoints or subgroups, and subgroups can only
contain checkpoints.
Accessibility Module
Checkpoint Group Contains Description
Section 508 Groups Main Section 508 Checkpoint group. Checks if content conforms to Section 508 accessibility guidelines. Contains all subgroups: Section 508 – 1194.22(a)-(p).
Web Content Accessibility Guidelines 2.0 Groups Main group for WCAG 2.0. Contains all subgroups: WCAG 2.0 – Guideline 1.1 – 4.1.
WCAG 2.0 - Compliance Level A Groups The minimum WCAG 2.0 standard for accessibility.
WCAG 2.0 - Compliance Level AA Groups The intermediate WCAG 2.0 standard for accessibility (must also pass level A).
WCAG 2.0 - Compliance Level AAA Groups The highest WCAG 2.0 standard for accessibility (must also pass levels A and AA)
Web Content Accessibility Guidelines 1.0 Groups Accessibility standard for web content, now superseded by WCAG 2.0.
WCAG 1.0 Priority 1 Checkpoints Contain WCAG 1.0 Priority 1 checkpoints. A web content developer must satisfy this checkpoint. Otherwise, one or more groups will find it impossible to access information in the document. Satisfying this checkpoint is a basic requirement for some groups to be able to use web documents.
WCAG 1.0 Priority 2 Checkpoints Contain WCAG 1.0 Priority 2 checkpoints. A Web content developer should satisfy this checkpoint. Otherwise, one or more groups will find it difficult to access information in the document. Satisfying this checkpoint will remove significant barriers to accessing Web documents.
WCAG 1.0 Priority 3 Checkpoints Contain WCAG 1.0 Priority 3 checkpoints. A Web content developer may address this checkpoint. Otherwise, one or more groups will find it somewhat difficult to access information in the document. Satisfying this checkpoint will improve access to Web documents.
Alt Text Quality Report Checkpoints Allows users to validate content for proper quality as related to valid alt-text for images based on best practices. These checks include the validation of the alt-text value for the word "image", image file name extensions, length of alt-text, and repeated words.
Technical note: Checkpoints and checkpoint groups
3 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Group Contains Description
Accessibility Statistics Checkpoints Allows various accessibility statistics to be shown in the summary section of the report. This summary contains information such as the Image summary, showing the total number of image elements found, the number of images with or without alt text, and so on.
Compliance Insight – Accessibility Groups Special group that binds other subgroups that provides a summary on Contrast Ratio, Images, Labels, Links and Tables. As this group uses a subgroup.
Mobile Web Accessibility Checkpoints Allows user to test mobile web sites against various checkpoints to validate image sizes, large graphics, access keys, caching, etc.
Privacy Module
Checkpoint Group Contains Description
Compliance Insight - Privacy Groups Privacy>3rd Party Linking Privacy>PII Privacy>Policy Compliance Privacy>Visitor Tracking
COPPA - Children's Online Privacy Protection Act
Groups Websites that collect information from children under the age of thirteen are required to comply with Federal Trade Commission ( FTC ) Children's Online Privacy Protection Act (COPPA).
Financial Information Privacy Monitoring Groups Checks if content conforms with corporate and federal privacy standards concerning financial information
FISMA - Federal Information Security Management Act
Groups FIP Monitoring HIP Monitoring PII Monitoring Privacy Policy Secure methods for data collection Tracking Technologies
Health Information Privacy Monitoring Groups Checks if content conforms with corporate and federal privacy standards concerning health information
HIPAA - Collection, Use and Disclosure Limitations and Protections
Checkpoints The Collection, Use and Disclosure Limitation and Protections principle states that individually identifiable health information should be collected, used, and/or disclosed only to the extent necessary to accomplish a specified purpose(s) and never to discriminate inappropriately.
HIPAA - Health Information Security Checkpoints The Safeguards Principle states that individually identifiable health information should be protected with reasonable administrative, technical, and physical safeguards to ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use, or disclosure.
Technical note: Checkpoints and checkpoint groups
4 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Group Contains Description
HIPAA Health Insurance Portability and Accountability Act
Groups Provides coverage for Health Information Security, Openness and Transparency, Individual Choice, and Safeguards principles of the Health Information Portability and Accountability Act (HIPAA)
HIPAA - Openness, Transparency and Individual Choice
Checkpoints Openness and Transparency and Individual Choice Principles overlap in what HiSoftware can do for them, so the principles will be combined into one report driven by the following check point Groups
MA 201 CMR 17.00 Groups PFI>Bank Account Indicators PFI>Credit Card Indicators PII>Custom Number, Characteristic, and/or Code Indicators PII>Name Indicators PII>Social Security Number Indicators
OMB M-10-22 Groups Guidance for Online Use of Web Measurement and Customization Technologies
Personally Identifiable Information Monitoring
Groups
PFI Personal Financial Information Groups
PHI Protected Health Information Groups
PII Personally Identifiable Information Groups Checks if content contains personally identifiable information prohibited by privacy standards.
Privacy Policy Groups Privacy>P3P Usage Privacy>Policy Compliance
Privacy Groups
Secure methods for data collection Checkpoints
Sensitive Organizational Content (SOC) Groups Checks if content reveals sensitive information about your organization
Tracking Technologies Groups OMB M-10-22 Privacy>Visitor Tracking Web Tracking>Beacons Web Tracking>Cookies
Web Tracking - Network Advertising Initiative Compliance
Checkpoints
Web Tracking Groups
Technical note: Checkpoints and checkpoint groups
5 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
SiteQuality/SEO Module
Checkpoint Group Contains Description
Compliance Insight - SEO Groups
Search Engine Optimization Checkpoints
Compliance Insight - SEO Groups
HIPAA - Data Quality, Integrity and Correction
The Correction principle states that Individuals should be provided with a timely means to dispute the accuracy or integrity of their individually identifiable health information, and to have erroneous information corrected or to have a dispute documented if their requests are denied.
Site Quality - Link Validation Checkpoints
Site Quality - Offensive Content Checkpoints
Site Quality - Page Load Time Checkpoints
Site Quality - Spell Check Checkpoints
OpSec Module
Checkpoint Group Contains Description
Compliance Insight - Data Security Checkpoints
Operational Security Checkpoints
Technical note: Checkpoints and checkpoint groups
6 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
3. Checkpoints
The tables below list the OOTB checkpoints used within various checkpoint groups that make up of Compliance Sheriff
compliance modules. It includes new and updated checkpoints delivered in version 4.3 or later. If you’re performing an
upgrade, these new/updated checkpoints (and the checkpoint groups and subgroups that they are defined in) are not
automatically put into production. Once you have reviewed this list, refer to the Compliance Sheriff Installation Guide for
more information on how to apply these checkpoints and the above checkpoint groups.
Accessibility Module
Checkpoint Short Description Priority Group Subgroup
Section 508
a.1 All IMG elements are required to contain either the ALT or LONGDESC attribute.
1 Section 508 1194.22(a)
a.2 All APPLET elements are required to contain both element content and the ALT attribute.
1 Section 508 1194.22(a)
a.3 When EMBED elements are used, the NOEMBED element or ARIA attributes are required in the page.
1 Section 508 1194.22(a)
a.4 All OBJECT elements are required to contain element content.
1 Section 508 1194.22(a)
a.5 All SVG elements are required title or desc child element or ARIA attributes for providing description.
1 Section 508 1194.22(a)
a.6 All IFRAME elements which has non- text content, contains title or ARIA attribute for providing description.
1 Section 508 1194.22(a)
a.7 All Figure elements are required to have figcaption for describing purpose of element.
1 Section 508 1194.22(a)
b.1 Identify all OBJECT Elements that have a multimedia MIME type as the type attribute value
1 Section 508 1194.22(b)
Technical note: Checkpoints and checkpoint groups
7 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
b.2 Identify all OBJECT Elements that have a DATA attribute value with a multimedia file extension
1 Section 508 1194.22(b)
b.3 Identify all EMBED elements that have a SRC attribute value with a multimedia file extension
1 Section 508 1194.22(b)
b.4 Identify all links that have an HREF attribute value with a multimedia file extension
1 Section 508 1194.22(b)
b.5 Identify all VIDEO or AUDIO Elements that have a track child element with KIND attribute values subtitles, captions or descriptions.
1 Section 508 1194.22(b)
b.6 Identify all IFRAME elements that have a SRC attribute value with an external known webpage's video.
1 Section 508 1194.22(b)
c.1 Ensure that all information conveyed with color is also available without color, for example from context or markup
1 Section 508 1194.22(c)
d.1 Organize documents so they may be read without style sheets
1 Section 508 1194.22(d)
d.2 Ensure Color and background color may be specified at any level in the cascade of preceding selectors, by external stylesheets or through inheritance rules for all elements.
1 Section 508 1194.22(d)
d.3 Making the DOM order match the visual order
1 Section 508 1194.22(d)
e.1 Locate any IMG element that contains the ISMAP attribute
1 Section 508 1194.22(e)
Technical note: Checkpoints and checkpoint groups
8 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
e.2 No INPUT element should contain the USEMAP attribute
1 Section 508 1194.22(e)
f.1 All AREA elements are required to have the ALT attribute
1 Section 508 1194.22(f)
f.2 No IMG element should contain the ISMAP attribute
1 Section 508 1194.22(f)
f.3 No INPUT element should contain the ISMAP attribute
1 Section 508 1194.22(f)
g.1 For data tables, identify row and column headers
1 Section 508 1194.22(g)
h.1 For data tables that have two or more logical levels of row or column headers, use markup to associate data cells and header cells
1 Section 508 1194.22(h)
i.1 All IFRAME elements are required to contain element content
1 Section 508 1194.22(i)
i.2 All FRAME elements are required to contain the title attribute
1 Section 508 1194.22(i)
i.3 All FRAMESET elements will be checked for the NOFRAMES element
1 Section 508 1194.22(i)
j.1 Pages are required not to contain the BLINK element
1 Section 508 1194.22(j)
j.2 Until user agents allow users to control blinking, avoid causing content to blink
1 Section 508 1194.22(j)
k.1 Check for a 'Text Only Version' link that provides equivalent access to a page
1 Section 508 1194.22(k)
l.1 Verify information provided by scripts shall be identified with functional text that can be read by assistive technology.
1 Section 508 1194.22(l)
Technical note: Checkpoints and checkpoint groups
9 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
l.2 When SCRIPT elements are used, the NOSCRIPT element is required in the page
1 Section 508 1194.22(l)
l.3 Ensure that all anchor elements that use JavaScript in the link target describe purpose of the link through content or ALT attribute.
1 Section 508 1194.22(l)
m.1 All pages that have links to files that require a special reader or plug-in are required to contain the specified text indicating a link to the reader or plug- in
1 Section 508 1194.22(m)
n.1 Identify all LABEL elements used within FORM elements
2 Section 508 1194.22(n)
n.2 All INPUT elements are required to contain the ALT or TITLE attribute, or use a LABEL
2 Section 508 1194.22(n)
n.3 Associate labels explicitly with their controls (SELECT elements)
2 Section 508 1194.22(n)
n.4 Associate labels explicitly with their controls (TEXTAREA elements)
2 Section 508 1194.22(n)
n.5 Ensure that all LABEL 'FOR' attributes match another control
2 Section 508 1194.22(n)
n.6 Ensure that Placeholder attribute should not be used as an alternative to a label for all input elements.
2 Section 508 1194.22(n)
n.7 Ensure that all elements with role=application use either aria- labelledby or aria-describedby attribute.
2 Section 508 1194.22(n)
n.8 Ensure that all elements with required attribute contains required, mandatory or * in content of label.
1 Section 508 1194.22(n)
Technical note: Checkpoints and checkpoint groups
10 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
n.9 All elements which has role attribute checkbox or radio, set value of aria- checked either in HTML page or JavaScript.
1 Section 508 1194.22(n)
o.1 Pages should contain a bookmark link to skip navigation
1 Section 508 1194.22(o)
p.1 Pages are required not to use the META element with the HTTP-EQUIV attribute value 'refresh
1 Section 508 1194.22(p)
p.2 Allow users to complete an activity without any time limit
1 Section 508 1194.22(p)
WCAG 2.0
Accessibility20 C12 Use percent, em, or named font size for font sizes
2 WCAG 2.0 AA Criterion 1.4.4
Accessibility20 C15 Use CSS to change the presentation of a user interface component when it receives focus
2 Not Assigned
Accessibility20 C17 Scaling form elements which contain text
2 WCAG 2.0 AA Criterion 1.4.4
Criterion 1.4.8
Accessibility20 C27 Making the DOM order match the visual order
2 WCAG 2.0 A Criterion 1.3.2
Criterion 2.4.3
Accessibility20 C30 Using CSS to replace text with images of text and providing user interface controls to switch
3 WCAG 2.0 AA Criterion 1.4.5
Criterion 1.4.9
Accessibility20 F10 Failure of Success Criterion 2.1.2 and Conformance Requirement 5 due to combining multiple content formats in a way that traps users inside one format type
1 WCAG 2.0 A Criterion 2.1.2
Accessibility20 F14 Failure of Success Criterion 1.3.3 due to identifying content only by its shape or location
1 WCAG 2.0 A Criterion 1.3.3
Technical note: Checkpoints and checkpoint groups
11 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility20 F24 Failure of Success Criterion 1.4.3, 1.4.6 and 1.4.8 due to specifying foreground (text) colors without specifying background colors or vice versa
2 WCAG 2.0 AA Criterion 1.4.3
Criterion 1.4.6
Criterion 1.4.8
Accessibility20 F3 Failure of Success Criterion 1.1.1 due to using CSS to include images that convey important information
1 WCAG 2.0 A Criterion 1.1.1
Accessibility20 F30 Failure of Success Criterion 1.1.1 and
1.2.1 due to using text alternatives that are not alternatives.
2 WCAG 2.0 A Criterion 1.1.1
Compliance Insight Accessibility
Images
Accessibility20 F4 Failure of Success Criterion 2.2.2 due to using text-decoration:blink without a mechanism to stop it in less than five seconds
1 WCAG 2.0 A Criterion 2.2.2
Accessibility20 F66 Failure of Success Criterion 3.2.3 due to presenting navigation links in a different relative order on different pages
2 WCAG 2.0 AA Criterion 3.2.3
Accessibility20 F67 Failure of Success Criterion 1.1.1 and
1.2.1 due to providing long description for non-text content that does not serve the same purpose or does not present the same information
2 WCAG 2.0 A Criterion 1.1.1
Accessibility20 F84 Failure of Success Criterion 2.4.9 due to using a non-specific link such as "click here" or "more" without a mechanism to change the link text to specific text.
2 WCAG 2.0 A Criterion 2.4.9
Accessibility20 G105 Save data so that it can be used after a user re-authenticates
3 WCAG 2.0 AAA Criterion 2.2.5
Accessibility20 G107 Use "activate" rather than "focus" as a trigger for changes of context
1 WCAG 2.0 A Criterion 3.2.1
Technical note: Checkpoints and checkpoint groups
12 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility20 G130 Provide descriptive headings
2 WCAG 2.0 AA Criterion 2.4.6
Accessibility20 G134 Validate Web pages 1 WCAG 2.0 A Criterion 4.1.1
Accessibility20 G14 Ensure that information conveyed by color differences is also available in text
1 WCAG 2.0 A Criterion 1.4.1
Accessibility20 G141 Organize a page using headings
3 WCAG 2.0 AAA Criterion 2.4.10
Accessibility20 G144 Ensuring that the Web Page contains another CAPTCHA serving the same purpose using a different modality
2 WCAG 2.0 A Criterion 1.1.1
Accessibility20 G145 Ensure that a contrast ratio of at least 3:1 exists between text (and images of text) and background behind the text
2 WCAG 2.0 AA Criterion 1.4.3
Criterion 1.4.6
Compliance Insight Accessibility
Contrast Ratio
Accessibility20 G149 Using user interface components that are highlighted by the user agent when they receive focus
2 WCAG 2.0 AA Criterion 2.4.7
Accessibility20 G151 Provide a link to a text transcript of a prepared statement or script if the script is followed
3 WCAG 2.0 AAA Criterion 1.2.9
Accessibility20 G158 Provide a full text transcript for the audio
1 WCAG 2.0 A Criterion 1.2.1
Accessibility20 G159 Provide a full text transcript of the video content
1 WCAG 2.0 A Criterion 1.2.1
Criterion 1.2.8
Accessibility20 G17 Ensure that a contrast ratio of at least 7:1 exists between text (and images of text) and background behind the text
3 Compliance Insight Accessibility
Contrast Ratio
WCAG 2.0 AAA Criterion 1.4.6
Accessibility20 G18 Ensuring that a contrast ratio of at least 4.5:1 exists between text (and images of text) and background behind the text
3 Compliance Insight Accessibility
Contrast Ratio
WCAG 2.0 AA Criterion 1.4.3
Criterion 1.4.6
Technical note: Checkpoints and checkpoint groups
13 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility20 G19 Ensure that no component of the content flashes more than three times in any 1-second period
3 WCAG 2.0 A Criterion 2.3.1
Criterion 2.3.2
Accessibility20 G197 Using labels, names, and text alternatives consistently for content that has the same functionality
2 WCAG 2.0 AA Criterion 3.2.4
Accessibility20 G5 Allow users to complete an activity without any time limit
3 WCAG 2.0 AAA Criterion 2.2.3
Accessibility20 G54 Include a sign language interpreter in the video stream
3 WCAG 2.0 AAA Criterion 1.2.6
Accessibility20 G56 Mix audio files so that non-speech sounds are at least 20 decibels
lower than the speech audio content
3 WCAG 2.0 AAA Criterion 1.4.7
Accessibility20 G60 Ensure all autostart sounds turns off automatically within three seconds
1 WCAG 2.0 A Criterion 1.4.2
Accessibility20 G62 Provide a glossary 3 WCAG 2.0 AAA Criterion 3.1.3
Criterion 3.1.4
Criterion 3.1.6
Accessibility20 G69 Provide a full synchronized media text alternative including any interaction
1 WCAG 2.0 A Criterion 1.2.3
Criterion 1.2.8
Accessibility20 G71 Provide a help link on every Web page
3 WCAG 2.0 AAA Criterion 3.3.5
Accessibility20 G75 Provide a mechanism to postpone any updating of content
3 WCAG 2.0 AAA Criterion 2.2.4
Accessibility20 G78 Provide a sound track that includes audio description
2 WCAG 2.0 A Criterion 1.2.3
Criterion 1.2.5
Accessibility20 G79 Provide a spoken version of the text
3 WCAG 2.0 AAA Criterion 3.1.5
Accessibility20 G8 Create an extended audio description for the synchronized media content
3 WCAG 2.0 A Criterion 1.2.3
Criterion 1.2.5
Criterion 1.2.7
Technical note: Checkpoints and checkpoint groups
14 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility20 G83 Provide text descriptions to identify required fields that were not completed
2 WCAG 2.0 A Criterion 3.3.1
Accessibility20 G87 Provide closed captions 1 WCAG 2.0 A Criterion 1.2.2
Accessibility20 G89 Provide expected data format and example
3 WCAG 2.0 A Criterion 3.3.2
Criterion 3.3.5
Accessibility20 G9 Create captions for live synchronized media
2 WCAG 2.0 AA Criterion 1.2.4
Accessibility20 G98 Provide the ability for the user to review and correct answers before submitting
2 WCAG 2.0 AA Criterion 3.3.4
Criterion 3.3.6
Accessibility20 H2 Combine adjacent image and text links for the same resource
1 WCAG 2.0 A Criterion 1.1.1
Criterion 2.4.9
Accessibility20 H24 Provide text alternatives for the area elements of image maps
1 WCAG 2.0 A Criterion 1.1.1
Criterion 2.4.4
Criterion 2.4.9
Accessibility20 H25 Pages are required to use the TITLE element
2 WCAG 2.0 A Criterion 2.4.2
Accessibility20 H27 Provide text and non-text alternatives for object
1 WCAG 2.0 A Criterion 1.1.1
Accessibility20 H28 Provide definitions for abbreviations by using the abbr and acronym elements
3 WCAG 2.0 AAA Criterion 3.1.4
Accessibility20 H30 Providing link text that describes the purpose of a link for anchor elements
2 WCAG 2.0 A Criterion 2.4.4
Criterion 2.4.9
Accessibility20 H32 Provide submit buttons 1 WCAG 2.0 A Criterion 3.2.2
Accessibility20 H33 Supplement link text with the title attribute
3 WCAG 2.0 A Criterion 2.4.4
Criterion 2.4.9
Accessibility20 H35 Provide text alternatives on applet elements
1 WCAG 2.0 A Criterion 1.1.1
Accessibility20 H36 Use alt attributes on images used as submit buttons
1 WCAG 2.0 A Criterion 1.1.1
Accessibility20 H37 Use alt attributes on img elements
1 WCAG 2.0 A Criterion 1.1.1
Compliance Insight Accessibility
Images
Accessibility20 H39 1 WCAG 2.0 A Criterion 1.3.1
Technical note: Checkpoints and checkpoint groups
15 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Use caption elements to associate data table captions with data tables
Compliance Insight Accessibility
Tables
Accessibility20 H4 Create a logical tab order through links, form controls, and objects
1 WCAG 2.0 A Criterion 2.4.3
Accessibility20 H42 Use h1-h6 to identify headings
1 WCAG 2.0 A Criterion 1.3.1
Accessibility20 H43 Use id and headers attributes to associate data cells with header cells in data tables. Updated includes the addition of a new compiled checkpoint “Accessibility 12.4c”
1 WCAG 2.0 A Criterion 1.3.1
Compliance Insight Accessibility
Tables
Accessibility20 H44 Use label elements to associate text labels with form controls
1 WCAG 2.0 A Criterion 1.1.1
Criterion 1.3.1
Criterion 3.3.2
Criterion 4.1.2
Compliance Insight Accessibility
Labels
Accessibility20 H45 Use longdesc 1 WCAG 2.0 A Criterion 1.1.1
Accessibility20 H46 When EMBED elements are used, the NOEMBED element is required in the page
1 WCAG 2.0 A Criterion 1.1.1
Criterion 1.2.8
Accessibility20 H51 Accessibility20 H51
Use table markup to present tabular information
1 WCAG 2.0 A Criterion 1.3.1
Use table markup to present tabular information
1 Compliance Insight Accessibility
Tables
Accessibility20 H53 Use the body of the object element
1 WCAG 2.0 A Criterion 1.1.1
Criterion 1.2.3
Criterion 1.2.8
Accessibility20 H56 Use the dir attribute on an inline element to resolve problems with nested directional runs
1 WCAG 2.0 A Criterion 1.3.2
Accessibility20 H57 Use language attributes on the html element
1 WCAG 2.0 A Criterion 3.1.1
Accessibility20 H58 Use language attributes to identify changes in the human language
2 WCAG 2.0 AA Criterion 3.1.2
Technical note: Checkpoints and checkpoint groups
16 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility20 H59 Use the link element and navigation tools
3 WCAG 2.0 AA Criterion 2.4.5
Criterion 2.4.8
Accessibility20 H60 Use the link element to link to a glossary
3 WCAG 2.0 AAA Criterion 3.1.3
Accessibility20 H63 Use the scope attribute to associate header cells and data cells in data tables
1 WCAG 2.0 A Criterion 1.3.1
Accessibility20 H64 Using the title attribute of the frame and iframe elements
1 WCAG 2.0 A Criterion 2.4.1
Criterion 4.1.2
Accessibility20 H65 Use the title attribute to identify form controls when the label element cannot be used
1 WCAG 2.0 A Criterion 1.1.1
Criterion 1.3.1
Criterion 3.3.2
Criterion 4.1.2
Compliance Insight Accessibility
Labels
Accessibility20 H67 Use null alt text and no title attribute on img elements for images that AT should ignore
1 WCAG 2.0 A Criterion 1.1.1
Accessibility20 H73 Use the summary attribute of the table element to give an overview of data tables
1 WCAG 2.0 A Criterion 1.3.1
Accessibility20 H76 Use meta refresh to create an instant client-side redirect (copy)
3 WCAG 2.0 AAA Criterion 3.2.5
Accessibility20 H79 Identifying the purpose of a link in a data table using the link text combined with its enclosing table cell and associated table header cells
2 WCAG 2.0 A Criterion 2.4.4
Accessibility20 H83 Use the target attribute to open a new window on user request and indicating this in link text
3 WCAG 2.0 AAA Criterion 3.2.5
Accessibility20 H84 Use a button with a select element to perform an action
1 WCAG 2.0 A Criterion 3.2.2
Accessibility20 H85 Use OPTGROUP to group OPTION elements inside a SELECT
1 WCAG 2.0 A Criterion 1.3.1
Technical note: Checkpoints and checkpoint groups
17 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility20 H95 Using the track element to provide captions
1 WCAG 2.0 A Criterion 1.2.2
Accessibility20 H96 Using the track element to provide audio descriptions
1 WCAG 2.0 A Criterion 1.2.1
Accessibility20 H97 Grouping related links using the nav element
1 WCAG 2.0 A Criterion 1.3.1
Accessibility20 HS2 Ensure images are not used instead of text except for specific cases
2 WCAG 2.0 AA Criterion 1.4.5
Accessibility20 HS3 Verification checkpoint for 1.4.6
2
Accessibility20 HS4 DEMO: Verifying compliant toolbar
1 WCAG 2.0 A Criterion 4.1.2
Accessibility20 HS5 All functionality of the content is operable through a keyboard interface without requiring specific timings for individual keystrokes.
3 WCAG 2.0 AAA Criterion 2.1.3
Accessibility20 SCR1 Allow the user to extend the default time limit
1 WCAG 2.0 A Criterion 2.2.1
Accessibility20 SCR18 Provide client-side validation and alert
2 WCAG 2.0 A Criterion 3.3.1
Criterion 3.3.3
Criterion 3.3.4
Accessibility20 SCR2 Using redundant keyboard and mouse event handlers
1 WCAG 2.0 A Criterion 2.1.1
Accessibility20 SCR24 Use the target attribute to open a new window on user request and indicating this in link text
3 WCAG 2.0 AAA Criterion 3.2.5
WCAG 1.0
Accessibility 1.1.1 All IMG elements are required to contain either the ALT or LONGDESC attribute
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.1.1a All IMG elements are required to contain either the ALT or LONGDESC attribute
1 WCAG 1.0 Guideline 1
Priority 1
Technical note: Checkpoints and checkpoint groups
18 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 1.1.2 All INPUT elements are required to contain the ALT or TITLE attribute, or use a LABEL
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.1.3 All OBJECT elements are required to contain element content
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.1.4 All APPLET elements are required to contain both element content and the ALT attribute
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.1.5 All FRAMESET elements will be checked for the NOFRAMES element
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.1.6 All IFRAME elements are required to contain element content
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.1.7 All AREA elements are required to have the ALT attribute
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.1.8 When EMBED elements are used, the NOEMBED element is required in the page
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.2.1 Locate any IMG element that contains the ISMAP attribute
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.2.2 Locate any INPUT element that contains the ISMAP attribute
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.3 Provide auditory description for multimedia presentations
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.4.1 Identify all OBJECT Elements that have a multimedia MIME type as the type attribute value
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.4.2 Identify all OBJECT Elements that have a DATA attribute value with a multimedia file extension
1 WCAG 1.0 Guideline 1
Priority 1
Technical note: Checkpoints and checkpoint groups
19 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 1.4.3 Identify all EMBED elements that have a SRC attribute value with a multimedia file extension
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.4.4 Identify all links that have an HREF attribute value with a multimedia file extension
1 WCAG 1.0 Guideline 1
Priority 1
Accessibility 1.5 Identify all MAP elements that use the AREA element
3 WCAG 1.0 Guideline 1
Priority 3
Accessibility 2.1 Ensure that all information conveyed with color is also available without color, for example from context or markup
1 WCAG 1.0 Guideline 2
Priority 1
Accessibility 2.2 Foreground and background color combinations provide sufficient contrast
2 WCAG 1.0 Guideline 2
Priority 2
Accessibility 3.1 Verify that elements do not need to be converted to an appropriate markup language
2 WCAG 1.0 Guideline 3
Priority 2
Accessibility 3.2 Pages are required to use the
!DOCTYPE tag
2 WCAG 1.0 Guideline 3
Priority 2
Accessibility 3.3.1 Use style sheets to control layout and presentation
2 WCAG 1.0 Guideline 3
Priority 2
Accessibility 3.3.2 Identify the use of Bold and Italic elements within the page
2 WCAG 1.0 Guideline 3
Accessibility 3.4 Identify use of absolute units within elements and/or style sheets
2 WCAG 1.0 Guideline 3
Priority 2
Accessibility 3.5 Use header elements to convey document structure and use them according to specification
2 WCAG 1.0 Guideline 3
Priority 2
Accessibility 3.6 Identify the use of List elements (DL, UL, OL) within the page
2 WCAG 1.0 Guideline 3
Priority 2
Accessibility 3.7 Identify the use of Quote and BLOCKQUOTE elements within the page
2 WCAG 1.0 Guideline 3
Priority 2
Technical note: Checkpoints and checkpoint groups
20 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 4.1 Clearly identify changes in the natural language of a page's text and any text equivalents (e.g. captions)
1 WCAG 1.0 Guideline 4
Priority 1
Accessibility 4.2.1 Identify the use of ABBR elements within the page
3 WCAG 1.0 Guideline 4
Priority 3
Accessibility 4.2.2 Identify the use of ACRONYM elements within the page
3 WCAG 1.0 Guideline 4
Priority 3
Accessibility 4.3.1 Pages are required to use the META element with the NAME attribute value 'language' in the Head section
3 WCAG 1.0 Guideline 4
Priority 3
Accessibility 4.3.2 Identify the primary language of the page by the LANG attribute of HTML element or server headers
3 WCAG 1.0 Guideline 4
Priority 3
Accessibility 5.1 For data tables, identify row and column headers
1 WCAG 1.0 Guideline 5
Priority 1
Accessibility 5.2 For data tables that have two or more logical levels of row or column headers, use markup to associate data cells and header cells
1 WCAG 1.0 Guideline 5
Priority 1
Accessibility 5.3 Identify all layout tables 2 WCAG 1.0 Guideline 5
Priority 2
Accessibility 5.4 If a TABLE is used for layout, do not use any structural markup
2 WCAG 1.0 Guideline 5
Priority 2
Accessibility 5.5 Provide summaries for tables
3 WCAG 1.0 Guideline 5
Priority 3
Accessibility 5.6 Provide abbreviations for header labels
3 WCAG 1.0 Guideline 5
Priority 3
Accessibility 6.1 Organize documents so they may be read without style sheets
1 WCAG 1.0 Guideline 6
Accessibility 6.2.1 FRAME sources: Ensure that equivalents for dynamic content are updated when the dynamic content changes
1 WCAG 1.0 Guideline 6
Priority 1
Technical note: Checkpoints and checkpoint groups
21 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 6.2.2 Verify that equivalents of dynamic content are updated and available as often as the dynamic content
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.1 If any anchor elements use JavaScript in the link target, a NOSCRIPT tag should also be present
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.2 If any AREA elements use JavaScript in the link target, a NOSCRIPT tag should also be present
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.3 If any elements use HTML event handlers, a NOSCRIPT tag should also be present
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.4 When SCRIPT elements are used, the NOSCRIPT element is required in the page
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.5 All OBJECT elements are required to contain element content
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.6 All APPLET elements are required to contain both element content and the ALT attribute
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.7 When EMBED elements are used, the NOEMBED element is required in the page
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.3.8 All pages that have links to files that require a special reader or plug-in are required to contain the specified text indicating a link to the reader or plug- in
1 WCAG 1.0 Guideline 6
Priority 1
Accessibility 6.4 Ensure that event handlers are input device-independent
2 WCAG 1.0 Guideline 6
Priority 2
Accessibility 7.1 Until user agents allow users to control flickering, avoid causing content to flicker
2 WCAG 1.0 Guideline 7
Priority 2
Technical note: Checkpoints and checkpoint groups
22 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 7.2.1 Pages are required not to contain the BLINK element
1 WCAG 1.0 Guideline 7
Priority 1
Accessibility 7.2.2 Until user agents allow users to control blinking, avoid causing content to blink
2 WCAG 1.0 Guideline 7
Priority 2
Accessibility 7.3.1 Pages are required not to contain the MARQUEE element
1 WCAG 1.0 Guideline 7
Priority 1
Accessibility 7.3.2 Until user agents allow users to freeze moving content, avoid movement in pages
2 WCAG 1.0 Guideline 7
Priority 2
Accessibility 7.4.1 Pages are required not to use the META element with the HTTP-EQUIV attribute value 'refresh
2 WCAG 1.0 Guideline 7
Priority 2
Accessibility 7.5 Do not use markup to redirect pages automatically
2 WCAG 1.0 Guideline 7
Priority 2
Accessibility 8.1 Make scripts and applets directly accessible or compatible with assistive technologies
2 WCAG 1.0 Guideline 8
Priority 2
Accessibility 9.1.1 No IMG element should contain the ISMAP attribute
1 WCAG 1.0 Guideline 9
Priority 1
Accessibility 9.1.2 No INPUT element should contain the ISMAP attribute
1 WCAG 1.0 Guideline 9
Priority 1
Accessibility 9.2 Element interface can be operated in a device-independent manner
2 WCAG 1.0 Guideline 9
Priority 2
Accessibility 9.3 Specify logical event handlers rather than device-dependent event handlers
2 WCAG 1.0 Guideline 9
Priority 2
Accessibility 9.4.1 All Anchor, AREA, BUTTON, INPUT, OBJECT, SELECT and TEXTAREA
elements are required to use the TABINDEX attribute
3 WCAG 1.0 Guideline 9
Priority 3
Technical note: Checkpoints and checkpoint groups
23 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 9.5.1 Accesskey attribute is required in at least one of A, AREA, BUTTON, INPUT, LABEL, LEGEND, and TEXTAREA
elements
3 WCAG 1.0 Guideline 9
Priority 3
Accessibility 10.1.1 Check A and AREA elements for valid TARGET attribute
2 WCAG 1.0 Guideline 10
Priority 2
Accessibility 10.1.2 Verify that scripts do not spawn new windows
2 WCAG 1.0 Guideline 10
Priority 2
Accessibility 10.2 Identify all LABEL elements used within FORM elements
2 WCAG 1.0 Guideline 10
Priority 2
Accessibility 10.3 Provide linear text alternative for all tables that lay out text
3 WCAG 1.0 Guideline 10
Priority 3
Accessibility 10.4.1 Include default, place-holding characters in edit boxes
3 WCAG 1.0 Guideline 10
Priority 3
Accessibility 10.4.2 Include default, place-holding characters in text areas (TEXTAREA)
3 WCAG 1.0 Guideline 10
Priority 3
Accessibility 10.5 All Anchor elements not surrounding images cannot be directly adjacent
3 WCAG 1.0 Guideline 10
Priority 3
Accessibility 11.1 Use W3C technologies when they are available and appropriate for a task
2 WCAG 1.0 Guideline 11
Priority 2
Accessibility 11.2.1 Identify the use of deprecated elements within the page
2 WCAG 1.0 Guideline 11
Priority 2
Accessibility 11.2.2 Identify the use of deprecated attributes within the page
2 WCAG 1.0 Guideline 11
Priority 2
Accessibility 11.3 Provide information to receive documents
3 WCAG 1.0 Guideline 11
Priority 3
Accessibility 11.4.1 Check for a 'Text Version' link within the page
1 WCAG 1.0 Guideline 11
Priority 1
Accessibility 11.4.2 Check for an 'Accessibility' link within the page
1 WCAG 1.0 Guideline 11
Priority 1
Technical note: Checkpoints and checkpoint groups
24 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 12.1 All FRAME elements are required to contain the title attribute
1 WCAG 1.0 Guideline 12
Priority 1
Accessibility 12.2 All FRAME elements are required to use the LONGDESC attribute
2 WCAG 1.0 Guideline 12
Priority 2
Accessibility 12.3 Divide large blocks of information into more manageable groups where natural and appropriate
2 WCAG 1.0 Guideline 12
Priority 2
Accessibility 12.4.1 Ensure that all LABEL 'FOR' attributes match another control
2 WCAG 1.0 Guideline 12
Priority 2
Accessibility 12.4.2 Associate labels explicitly with their controls (SELECT elements)
2 WCAG 1.0 Guideline 12
Priority 2
Accessibility 12.4.3 Associate labels explicitly with their controls (TEXTAREA elements)
2 WCAG 1.0 Guideline 12
Priority 2
Accessibility 13.1.1 Anchor elements are required not to use any of the defined link phrases in the link text
2 WCAG 1.0 Guideline 13
Priority 2
Compliance Insight Accessibility
Links
Accessibility 13.1.2 All Anchor elements are required not to use the same link text to refer to different resources
2 WCAG 1.0 Guideline 13
Priority 2
Compliance Insight Accessibility
Links
Accessibility 13.2.1 Pages are required to use the TITLE element
2 WCAG 1.0 Guideline 13
Priority 2
Accessibility 13.2.2 Provide metadata to add semantic information to pages and sites
2 WCAG 1.0 Guideline 13
Priority 2
Accessibility 13.3 Check for link to site map page within document
2 WCAG 1.0 Guideline 13
Priority 2
Accessibility 13.4 Use navigation mechanisms in a consistent manner
2 WCAG 1.0 Guideline 13
Priority 2
Accessibility 13.5 Provide navigation bars 3 WCAG 1.0 Guideline 13
Priority 3
Technical note: Checkpoints and checkpoint groups
25 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Accessibility 13.6 Pages should contain a bookmark link to skip navigation
3 WCAG 1.0 Guideline 13
Priority 3
Accessibility 13.7 Provide different types of searches for search functions
3 WCAG 1.0 Guideline 13
Priority 3
Accessibility 13.8 Provide information at the beginning of headings, paragraphs, lists
3 WCAG 1.0 Guideline 13
Priority 3
Accessibility 13.9 Page collection information 3 WCAG 1.0 Guideline 13
Priority 3
Accessibility 13.10 Method to skip over multi-line ASCII art
3 WCAG 1.0 Guideline 13
Priority 3
Accessibility 14.1 Use the clearest and simplest language appropriate for a site's content
1 WCAG 1.0 Guideline 14
Priority 1
Accessibility 14.2 Graphic or auditory presentations for Text
3 WCAG 1.0 Guideline 14
Priority 3
Accessibility 14.3 Consistent presentation style
3 WCAG 1.0 Guideline 14
Priority 3
AltQuality
AltQuality 1.1 Validate that the alt text does not use the word "Image”
2 AltText Quality Report
AltQuality 1.2 Validate that the alt text does not contain the text: .jpg, .gif, .bmp, .jpeg
2 AltText Quality Report
AltQuality 1.6 Validate that the alt text does not use the text "image”
2 AltText Quality Report
AltQuality 2.1 Validate that Alternative Text is greater than 7 and less than 81 characters in length.
2 AltText Quality Report
AltQuality 2.2 Validate that Alternative Text is not used to repeat words
2 AltText Quality Report
Statistics
Statistics 2.0 Identify tables with summaries and captions
1 Accessibility Statistics
Technical note: Checkpoints and checkpoint groups
26 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Statistics 5.1 Identify forms with unlabeled controls
1 Accessibility Statistics
Statistics 5.2 Identify forms not using TABINDEX attributes
1 Accessibility Statistics
Statistics 5.3 Identify forms not using ACCESSKEY attributes
1 Accessibility Statistics
Mobile
Mobile_ACCESS_KEYS.xcp Assign access keys to links in navigational menus and frequently accessed functionality.
2 Mobile Web Accessibility
Mobile_AVOID_FREE_TEXT.xcp Avoid free text entry where possible.
2 Mobile Web Accessibility
Mobile_BALANCE.xcp Provide a balance between having a large number of navigation links on a page and the need to navigate multiple links to reach content.
2 Mobile Web Accessibility
Mobile_CACHING.xcp Provide caching information in HTTP responses.
2 Mobile Web Accessibility
Mobile_DEFAULT_INPUT_MODE.xcp Specify a default text entry mode, language and/or input format, if the device is known to support it.
2 Mobile Web Accessibility
Mobile_ENCODING_SUPPORT.xcp Ensure that content is encoded using a character encoding that is known to be supported by the device.
2 Mobile Web Accessibility
Mobile_ERROR_MESSAGES.xcp Provide informative error messages and a means of navigating away from an error message back to useful information.
2 Mobile Web Accessibility
Mobile_IMAGE_RESIZING.xcp Resize images at the server, if they have an intrinsic size.
2 Mobile Web Accessibility
Mobile_IMAGE_SPECIFY_SIZE.xcp Specify the size of images in markup, if they have an intrinsic size.
2 Mobile Web Accessibility
Technical note: Checkpoints and checkpoint groups
27 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Mobile_LARGE_GRAPHICS.xcp Do not use images that cannot be rendered by the device. Avoid large or high resolution images except where critical information would otherwise be lost.
2 Mobile Web Accessibility
Mobile_NO_FRAMES.xcp Do not use frames. 2 Mobile Web Accessibility
Mobile_PROVIDE_DEFAULTS.xcp Provide pre-selected default values where possible.
2 Mobile Web Accessibility
Mobile_SCROLLING.xcp Limit scrolling to one direction, unless secondary scrolling cannot be avoided.
2 Mobile Web Accessibility
Mobile_TABLES_NESTED.xcp Do not use nested tables. 2 Mobile Web Accessibility
Privacy Module
Checkpoint Short Description Priority Group Subgroup
Privacy EMP1 W2 Form 2 FIP
PFI Employment Indicators
Privacy EMP2 Resume Indicator 2 FIP
PFI Employment Indicators
Privacy MnA1 Mergers and Acquisitions Text Identifier 2 SOC Mergers and Acquisitions
Privacy MnA2 Mergers and Acquisitions Content Terms
2 SOC Mergers and Acquisitions
Privacy MnA3 Acquisition Company Identifier 2 SOC Mergers and Acquisitions
Privacy MnA4 Due Diligence Identifier 2 SOC Mergers and Acquisitions
Privacy OMB M-10-22 1.0 Ensure that pages that set 3rd party single session cookies include a link to an appropriate privacy policy link (Tier 1).
1 OMB M-10-22 Tier 1
Privacy OMB M-10-22 2.0 Ensure that your privacy policy indicates Tier 1 Cookies are set.
1 OMB M-10-22 Tier 1
Technical note: Checkpoints and checkpoint groups
28 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy OMB M-10-22 3.0 Ensure that pages not collecting PII that set 3rd party multi-session cookies have an appropriate Privacy Policy link (Tier 2).
1 OMB M-10-22 Tier 2
Privacy OMB M-10-22 4.0 Ensure that your privacy policy indicates Tier 2 Cookies are set.
1 OMB M-10-22 Tier 2
Privacy OMB M-10-22 5.0 Ensure that pages collecting PII that set 3rd party multi-session cookies have an opt-in option and Privacy Policy link (Tier 3).
1 OMB M-10-22 Tier 3
Privacy OMB M-10-22 6.0 Ensure that your privacy policy indicates Tier 3 Cookies are set.
1 OMB M-10-22 Tier 3
Privacy P1 Portfolio indicator 2 FIP
Privacy P1 Portfolio indicator 2 PFI Portfolio Indicators
Privacy PF1 Credit Card Indicator - AMEX 2 FIP
PFI Credit Card Indicators
Privacy PF10 Bank Account Indicator - Suntrust 2 FIP
PFI Bank Account Indicators
Privacy PF11 Bank Account Indicator - HSBC 2 FIP
PFI Bank Account Indicators
Privacy PF12 Bank Account Indicator - Keybank 2 FIP
PFI Bank Account Indicators
Privacy PF13 Bank Account Indicator - State Street 2 FIP
PFI Bank Account Indicators
Privacy PF14 American Currency Indicator 2 FIP
PFI Currency Indicators
Privacy PF15 European Currency Indicator 2 FIP
PFI Currency Indicators
Privacy PF16 British Currency Indicator 2 FIP
PFI Currency Indicators
Technical note: Checkpoints and checkpoint groups
29 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy PF17 Japanese Currency Indicator 2 FIP
PFI Currency Indicators
Privacy PF2 Credit Card Indicator - Visa 2 FIP
PFI Credit Card Indicators
Privacy PF3 Credit Card Indicator - MasterCard 2 FIP
PFI Credit Card Indicators
Privacy PF4 Credit Card Indicator - Discover 2 FIP
Privacy PF4 Credit Card Indicator - Discover 2 PFI Credit Card Indicators
Privacy PF5 Bank Account Indicator - Bank of America
2 FIP
PFI Bank Account Indicators
Privacy PF6 Bank Account Indicator - Chase 2 FIP
PFI Bank Account Indicators
Privacy PF7 Bank Account Indicator - Citigroup 2 FIP
PFI Bank Account Indicators
Privacy PF8 Bank Account Indicator - Wachovia 2 FIP
PFI Bank Account Indicators
Privacy PF9 Bank Account Indicator - Wells Fargo 2 FIP
PFI Bank Account Indicators
Privacy PH1 Medical Terms 1 HIPAA Health Information Security
PHI Medical Diagnosis
Privacy PH2 Medical Billing Terms 1 HIPAA Health Information Security
PHI Medical Billing
Technical note: Checkpoints and checkpoint groups
30 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy PH3 Medical Provisions 1 HIPAA Health Information Security
PHI Medical Provisions
Privacy PO1 Purchase Order Term Indicator 2 SOC Purchase Order Indicators
Privacy PO2 Purchase Order Number Indicator 2 SOC Purchase Order Indicators
Privacy SOW1 Statement of Work 1 SOC Statement of Work Identifiers
Privacy SOW10 Delivery schedule 1 SOC Statement of Work Identifiers
Privacy SOW11 Time and materials 1 SOC Statement of Work Identifiers
Privacy SOW12 Fixed Cost 1 SOC Statement of Work Identifiers
Privacy SOW13 Currency 1 SOC Statement of Work Identifiers
Privacy SOW2 Solicitation Number 2 SOC Statement of Work Identifiers
Privacy SOW3 NDA Short 1 SOC Statement of Work Identifiers
Privacy SOW4 NDA Full 1 SOC Statement of Work Identifiers
Privacy SOW5 Acceptance and authorization 1 SOC Statement of Work Identifiers
Privacy SOW6 Payment terms 1 SOC Statement of Work Identifiers
Privacy SOW7 Professional services agreement 1 SOC Statement of Work Identifiers
Privacy SOW8 Project name 1 SOC Statement of Work Identifiers
Privacy SOW9 Client name 1 SOC Statement of Work Identifiers
Privacy WT1 Find IMG SRC Beacon URL 1 Web Tracking Beacons
Privacy WT10 NAI Non-Compliant Third Party Tracker 1 Web Tracking Network Advertising Initiative Compliance
Technical note: Checkpoints and checkpoint groups
31 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy WT11 NAI Compliant Third Party Tracker Web Tracking Network Advertising Initiative Compliance
Privacy WT2 Find SCRIPT SRC Beacon URL 1 Web Tracking Beacons
Privacy WT3 Find IFRAME SRC Beacon URL 1 Web Tracking Beacons
Privacy WT4 Find JavaScript Source Text Beacon URL 1 Web Tracking Beacons
Privacy WT5 OBA Tag Search - Red List 2 Web Tracking Beacons
Privacy WT6 OBA Tag Search - Yellow List 2 Web Tracking Beacons
Privacy WT7 OBA Tag Search - Green List 2 Web Tracking Beacons
Privacy WT8 OBA Tag Search - Google Analytics 2 Web Tracking Beacons
Privacy WT9 OBA Tag Search - Sharethis 2 Web Tracking Beacons
Privacy 1.1 Identify pages that do not contain a privacy policy link
2 HIPAA Openness, Transparency and Individual Choice
Privacy Policy Compliance
Web Privacy
Privacy 1.2 Validate that pages with forms also have a privacy policy link
2 HIPAA Openness, Transparency and Individual Choice
Privacy Policy Compliance
Web Privacy
Privacy 1.2.1 Validate that pages with forms collecting personally identifiable information have a privacy policy link
1 HIPAA Openness, Transparency and Individual Choice
Privacy Policy Compliance
Web Privacy
Privacy 1.3 Validate that pages with mailto links also have a privacy policy link
1 HIPAA Openness, Transparency and Individual Choice
Privacy Policy Compliance
Technical note: Checkpoints and checkpoint groups
32 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Web Privacy
Privacy 1.4 Validate all pages have a link to the P3P policy reference file
2 Privacy P3P Usage
Web Privacy
Privacy 1.5 Validate that P3P policy reference file exists in the root of the tested page's site
1 Privacy P3P Usage
Web Privacy
Privacy 1.6 Identify that the server is setting HTTP P3P
2 Privacy P3P Usage
Web Privacy
Privacy 2.1 Identify pages that use forms 3 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 2.2 Identify pages that use forms with GET method
2 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 2.2.1 Identify pages that use forms collecting personally identifiable information with a GET method
2 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 2.3 Identify INPUT elements on a page 3 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Technical note: Checkpoints and checkpoint groups
33 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Web Privacy
Privacy 2.4 Identify TEXTAREA elements on a page 3 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 2.5 Identify SELECT elements on a page 3 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 3.1 Identify possible image element web beacons
2 Privacy Visitor Tracking
Web Privacy
Privacy 3.2 Identify image input element web beacons
2 Privacy Visitor Tracking
Web Privacy
Privacy 4.1 Identify all pages that set cookies 3 Privacy Visitor Tracking
Web Privacy
Web Tracking Cookies
Privacy 4.1a Validate that no 3rd party cookies are set
1 Web Privacy
Web Tracking Cookies
Privacy 4.1b Validate that all cookies are session cookies (no expiry date).
2 Privacy Visitor Tracking
Web Privacy
Web Tracking Cookies
Privacy 4.2 Identify all pages with JavaScript that accesses or modifies cookies
2 Privacy Visitor Tracking
Web Privacy
Web Tracking Cookies
Privacy 4.3 Identify all input elements with an ONCLICK event that access or modify cookies
2 Privacy Visitor Tracking
Web Privacy
Web Tracking Cookies
Technical note: Checkpoints and checkpoint groups
34 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy 4.4 Identify all pages with an ONLOAD event that access or modify cookies
2 Privacy Visitor Tracking
Web Privacy
Web Tracking Cookies
Privacy 5.1 Identify External Links 2 Privacy 3rd Party Linking
Web Privacy
Privacy 7.1 Validate that forms collecting personally identifiable information are secure
1 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 7.1.1 Identify pages that use non-secure forms
1 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 7.2 Identify forms that are collecting personally identifiable information
2 HIPAA Collection, Use and Disclosure Limitations and Protections
Privacy Data Collection
Secure methods for data collection
Web Privacy
Privacy 7.3 Validate that pages with forms also have an opt-out link
3 HIPAA Openness, Transparency and Individual Choice
Privacy Policy Compliance
Web Privacy
Technical note: Checkpoints and checkpoint groups
35 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy 7.3.1 Validate that forms collecting personally identifiable information also have an opt-out link
2 HIPAA Openness, Transparency and Individual Choice
Privacy Policy Compliance
Web Privacy
Privacy 7.4 Validate that pages with mailto links also have an opt-out link
2 HIPAA Openness, Transparency and Individual Choice
Privacy Policy Compliance
Web Privacy
Privacy 8.1 Identify possible inclusion of Social Security numbers on a page
1 COPPA
General Privacy
HIPAA Collection, Use and Disclosure Limitations and Protections
HIPAA Health Information Security
PII Social Security Number Indicators
Privacy Data Collection
Privacy PII
Technical note: Checkpoints and checkpoint groups
36 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy 8.2 Identify possible inclusion of Credit Card numbers on a page
1 General Privacy
HIPAA Collection, Use and Disclosure Limitations and Protections
HIPAA Health Information Security
PHI Medical Billing
PII Credit Card Indicators
Privacy Data Collection
Privacy PII
Privacy 9.1 Name 2 COPPA
General Privacy
HIPAA Health Information Security
PII Name Indicators
Privacy 9.2 Gender 2
Privacy 9.3 Email Address 2 COPPA
Privacy 9.4 Veteran Status 2
Privacy 9.5 Family Relationship Information 2
Privacy 9.6 Physical Address (US) 2 COPPA
General Privacy
HIPAA Health Information Security
PII Geography Indicators
Privacy PII
Privacy 9.7 Citizenship Status 2
Technical note: Checkpoints and checkpoint groups
37 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy 9.8 Telephone Number (US) 2 COPPA
General Privacy
HIPAA Health Information Security
PII Name Indicators
Privacy PII
Privacy 9.9 Criminal History 2
Privacy 9.10 Birth Date 2 COPPA
General Privacy
HIPAA Health Information Security
PII Age Indicators
PII Date Indicators
Privacy 9.11 Professional Licenses 2
Privacy 9.12 Marital Status 2
Privacy 9.13 Social Security Number (US) 1
Privacy 9.14 Social Insurance Number (Canada) 2
Privacy 9.15 National ID Card Number 2
Privacy 9.16 Issuing Country 2
Privacy 9.17 Driver’s License Number 2
Privacy 9.18 Passport Number 2
Privacy 9.19 Financial Information 2
Privacy 9.20 IP Address 2
Privacy 9.21 Zip Code (US) 2 COPPA
General Privacy
HIPAA Health Information Security
PII Geography Indicators
Technical note: Checkpoints and checkpoint groups
38 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy 9.22 Age 2 COPPA
General Privacy
HIPAA Health Information Security
PII Age Indicators
Privacy 9.23 Race 2
Privacy 9.24 Email Text 2 COPPA
General Privacy
PII Email Indicators
Privacy 9.25 Last Name 2 COPPA
General Privacy
HIPAA Health Information Security
PII Name Indicators
Privacy 9.26 First Name 2 COPPA
General Privacy
HIPAA Health Information Security
PII Name Indicators
Privacy 9.27 Middle Name or Initial 2 COPPA
General Privacy
HIPAA Health Information Security
PII Name Indicators
PII Email Indicators
Privacy PII
Privacy 9.28 Date of Admission 2
Privacy 9.29 Date of Discharge 2
Privacy 9.30 Date of Death 2 General Privacy
PII Date Indicators
Technical note: Checkpoints and checkpoint groups
39 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy 9.38 Month 2 General Privacy
PII Date Indicators
Privacy 9.39 Day of Week 2 General Privacy
PII Date Indicators
Privacy 9.40 Date Format Month Day Year 2 General Privacy
PII Date Indicators
Privacy 9.41 Date Format Day Month Year 2 General Privacy
PII Date Indicators
Privacy 9.42 Social Security Number Text 1 COPPA
General Privacy
HIPAA Health Information Security
PII Social Security Number Indicators
Privacy 9.43 US State Text 2 COPPA
General Privacy
HIPAA Health Information Security
PII Geography Indicators
Privacy 9.44 US State Abbreviation Text 2 COPPA
General Privacy
HIPAA Health Information Security
PII Geography Indicators
Technical note: Checkpoints and checkpoint groups
40 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
Privacy 9.45 ID Badge Number 2 COPPA
General Privacy
HIPAA Health Information Security
PII Custom Number, Characteristic, and/or Code Indicators
Privacy 9.46 Date Format mm-dd-yyyy 2
Privacy 9.47 Date Format dd-mm-yyyy 2
Privacy 9.48 Date Format dd-mm-yyyy or mm-dd- yyyy
2
Privacy 9.49 Phone Number Text 1 COPPA
General Privacy
HIPAA Health Information Security
PII Name Indicators
Privacy 9.50 Zip Code (US) 2
SiteQuality/SEO Module
Checkpoint Short Description Priority Group Subgroup
SiteQuality 1.0 Validate all links 1 Compliance Insight Site Quality
HIPAA Data Quality, Integrity and Correction
Site Quality Link Validation
Site Quality Offensive Content
Technical note: Checkpoints and checkpoint groups
41 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
SiteQuality 2.0 Verify that page is available 1 Compliance Insight Site Quality
HIPAA Data Quality, Integrity and Correction
Site Quality Page Load Time
SiteQuality 3.0 Verify that page has not changed 1
SiteQuality 4.0 Verify that no resources on page have changed
1
SiteQuality 5.0 Verify that page has no spelling errors 1 Compliance Insight Site Quality
HIPAA Data Quality, Integrity and Correction
Site Quality Spell Check
SiteQuality 6.0 Verify that page does not contain any offensive words
1 Compliance Insight Site Quality
HIPAA Data Quality, Integrity and Correction
SEO 1.1 Validate minimum keywords length 1 SEO
SEO 1.2 Validate maximum keywords length 1 SEO
SEO 2.1 Validate minimum description length 1 SEO
SEO 2.2 Validate maximum description length 1 SEO
SEO 3.1 Validate that author tag is used 1 SEO
SEO 4.1 Validate that http-equiv="keywords" meta tag is NOT used
1 SEO
SEO 4.2 Validate that http-equiv="description" meta tag is NOT used
1 SEO
SEO 4.3 Validate that http-equiv="refresh" meta tag is NOT used
1 SEO
SEO 4.4 Validate that image alt text for images is being used properly
1 SEO
SEO 4.5 Validate keyword tag is not being used incorrectly
1 Compliance Insight SEO
Keywords
SEO 4.5 Validate keyword tag is not being used incorrectly
1 SEO
SEO 4.6 Validate the description tag is not being incorrectly
1 Compliance Insight SEO
Description
Technical note: Checkpoints and checkpoint groups
42 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
SEO 4.6 Validate the description tag is not being incorrectly
1 SEO
SEO 5.1 Validate that title element exists and that it has valid content
1 Compliance Insight SEO
Title
SEO 5.1 Validate that title element exists and that it has valid content
1 SEO
SEO 6.1 Verify Page Has Google Analytics Script 1 Compliance Insight SEO
Analytics
SEO 6.2 Verify Page Has Correct Tracking Code 1 Compliance Insight SEO
Analytics
OpSec Module
Checkpoint Short Description Priority Group Subgroup
OpSec 1.1 Identify if there is a website purpose statement link
1 Operational Security
OpSec 1.2 Verify that all pages have a title, enabling title searching
1 Operational Security
OpSec 2.1 Privacy Policy Notice 1 Operational Security
OpSec 2.2 Security Practices/Policy Notice 1 Operational Security
OpSec 3.1 External Link Disclaimer 1 Operational Security
OpSec 3.2 Identify External Links 1 Operational Security
OpSec 4.1 All Web Pages should be free of third party content or advertising
1 Operational Security
OpSec 4.2 All Web Pages should be free of third party content or advertising - Links
1 Operational Security
OpSec 5.1 Operational Information - Lessons Learned Audit
1 Operational Security
OpSec 5.2 Operational Information - Military Information Audit
1 Operational Security
OpSec 5.3 Operational Information - Social Security Audit
1 Operational Security
OpSec 5.4 Operational Information - Date of Birth Audit
1 Operational Security
OpSec 5.5 Operational Information - Address Audit 1 Operational Security
OpSec 5.6 Operational Information - Telephone number Audit
1 Operational Security
OpSec 6.1 Technology Data - Schematic Audit 1 Operational Security
Technical note: Checkpoints and checkpoint groups
43 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Checkpoint Short Description Priority Group Subgroup
OpSec 6.2 Technology Data - Diagrams Audit 1 Operational Security
OpSec 6.3 Technology Data - Frequency Audit 1 Operational Security
OpSec 7.1 Relevant Information - Deployment Schedule Audit
1 Operational Security
OpSec 7.2 Relevant Information - Exercise Plan Audit
1 Operational Security
OpSec 7.3 Relevant Information - Contingency Plans Audit
1 Operational Security
OpSec 7.4 Relevant Information - Training Plans Audit
1 Operational Security
OpSec 7.5 Relevant Information - Inspection Results Audit
1 Operational Security
OpSec 7.6 Relevant Information - Biographies Audit
1 Operational Security
OpSec 7.7 Relevant Information - Family Support Activities Audit
1 Operational Security
OpSec 7.8 Relevant Information - Phone Directories Audit
1 Operational Security
OpSec 8.1 Confidential Information 1 Compliance Insight - Data Security
OpSec 8.2 Copywritten Information 1 Compliance Insight - Data Security
OpSec 8.3 Copyright Symbol 1 Compliance Insight - Data Security
OpSec 8.4 Salary Information 1 Compliance Insight - Data Security
OpSec 8.5 Password Information 1 Compliance Insight - Data Security
OpSec 8.6 Confidential Keywords 1 Compliance Insight - Data Security
Technical note: Checkpoints and checkpoint groups
44 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
4. Compiled checkpoints
Compiled checkpoints are programs built into the main library (HISCLIB.DLL) used by Compliance Sheriff’s
scanning engine.
These programs are created to deliver complex checks that cannot be easily performed using X-path or
regular expressions in checkpoint definitions.
The compiled checkpoint is activated within a normal checkpoint (using the function
“IfPagePassesCompiledCheck”) with its result (pass/fail) being used to determine the overall result of a
checkpoint.
For example, the definition for the checkpoint: Accessibility 12.4.1:
The table below lists the compiled accessibility checkpoints in Compliance Sheriff.
Note. Unless noted in the Short Description, the name of the compiled checkpoint is the Checkpoint where it is currently used.
Compiled Checkpoint
Short Description Priority Group Subgroup
Accessibility 12.4a Checks that the FOR attribute for each LABEL element, if it exists, matches the ID of a control on the page.
Used in checkpoint Accessibility 12.4.1
2 WCAG 1.0 Guideline 12
Priority 2
Accessibility 12.4b Checks that no two controls (INPUT, SELECT and TEXTAREA elements) share the same ID.
Used in checkpoint Accessibility 12.4.1
2 WCAG 1.0 Guideline 12
Priority 2
Accessibility 12.4c Look for headers (TD/TH element) and if headers are available try to find the id’s associated to header in TH element.
New compiled checkpoint that is added into the existing WCAG 2.0 checkpoint Accessibility20 H43.
1 WCAG 2.0 A Criterion 1.3.1
Compliance Insight Accessibility
Tables
Accessibility 13.1.2 Checks that no two links that point to different resources use the same link text. All Anchor elements are required not to use the same link text to refer to different resources.
2 WCAG 1.0 Guideline 13
Priority 2
Compliance Insight Accessibility
Links
Technical note: Checkpoints and checkpoint groups
45 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Compiled Checkpoint
Short Description Priority Group Subgroup
Accessibility 3.5 Checks that heading elements are used correctly, i.e. that no levels are skipped, and that first header on page is highest level.
Use header elements to convey document structure and use them according to specification
2 WCAG 1.0 Guideline 3
Priority 2
Accessibility20 G145 Ensure that a contrast ratio of at least 3:1 exists between text (and images of text) and background behind the text.
The objective of this technique is to make sure that users can read text that is presented over a background. This technique relaxes the 5:1 contrast ratio requirement for text that is at least 18 point (if not bold) or at least 14 point (if bold).
2 WCAG 2.0 AA Criterion 1.4.3
Criterion 1.4.6
Compliance Insight Accessibility
Contrast Ratio
Accessibility20 G17 Ensure that a contrast ratio of at least 7:1 exists between text (and images of text) and background behind the text
The objective of this technique is to make sure that users can read text that is presented over a background. This technique goes beyond the 5:1 contrast technique to provide a higher level of contrast to make it easier for people with low vision to read.
3 Compliance Insight Accessibility
Contrast Ratio
WCAG 2.0 AAA Criterion 1.4.6
Accessibility20 G18 Ensuring that a contrast ratio of at least 4.5:1 exists between text (and images of text) and background behind the text.
The objective of this technique is to make sure that users can read text that is presented over a background. For Success Criterion 1.4.3, this technique describes the minimum contrast ratio for text that is less than 18 point (if not bold) and less than 14 point (if bold). For Success Criterion 1.4.5, this technique relaxes the 7:1 contrast ratio requirement for text that is at least 18 point (if not bold) or at least 14 point (if bold).
If the background is a solid color (or all black or all white) then the relative luminance of the text can be maintained by making sure that each of the text letters have 4.5:1 contrast ratio with the background.
3 Compliance Insight Accessibility
Contrast Ratio
WCAG 2.0 AA Criterion 1.4.3
Criterion 1.4.6
Technical note: Checkpoints and checkpoint groups
46 Compliance Sheriff V5.1.0 © 2016 Cryptzone North America Inc.
Compiled Checkpoint
Short Description Priority Group Subgroup
Accessibility20 H2 Combine adjacent image and text links for the same resource
This objective of this technique is to avoid unnecessary duplication that occurs when adjacent text and iconic versions of a link are contained in a document.
1 WCAG 2.0 A Criterion 1.1.1
Criterion 2.4.9
Mobile IMAGES_RESIZING
Resize images at the server, if they have an intrinsic size.
Images such as bitmaps have an intrinsic size. Telling the browser in advance what the size is avoids it having to re-flow the page when it receives it. Resizing images at the server reduces the amount of data transferred and the amount of processing the device has to carry out to scale the image.
2 Mobile Web Accessibility
Recommended