Compliance Sheriff Technical Note Checkpoints and ... · Web viewThe Correction principle states that Individuals should be provided with a timely means to dispute the accuracy

Technical note: Checkpoints and checkpoint groups

Compliance Sheriff V5.2 © 2016 Cryptzone North America Inc.


i Compliance Sheriff V5.2 © 2016 Cryptzone North America Inc.


Copyright information

Copyright © 2019 Cryptzone North America Inc. All rights reserved.

Information in this document is subject to change without notice and does not represent a commitment on the part of the vendor or its representatives. Permission to use, distribute, or copy not granted without written approval. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, without the written permission of Cryptzone North America Inc. Complying with all applicable copyright laws in the US and other countries is the responsibility of the user.

The Cyxtera logo, Compliance Sheriff, and Compliance Deputy are trademarks of Cryptzone North America Inc. Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries. All other product names mentioned herein are trademarks of their respective owners.

Technical supportFor licensing or technical support information, please submit your requests via the Cyxtera Help Center at http://support.cyxtera.com/. For more information, visit Compliance Sheriff and Deputy Support Terms

ii Compliance Sheriff V5.2 © 2016 Cryptzone North America Inc.

https://www.cyxtera.com/pdfs/legal/Compliance_Sheriff_Compliance_Deputy_Support_Terms.pdf

http://support.cyxtera.com/


Contents1. About this document............................................................................................................................................. 1

2. Checkpoint groups................................................................................................................................................. 2

Accessibility Module.......................................................................................................................................................2

Privacy Module...............................................................................................................................................................3

SiteQuality/SEO Module.................................................................................................................................................5

OpSec Module................................................................................................................................................................5

3. Checkpoints........................................................................................................................................................... 6

Accessibility Module.......................................................................................................................................................6

Privacy Module.............................................................................................................................................................27

SiteQuality/SEO Module...............................................................................................................................................40

OpSec Module..............................................................................................................................................................42

4. Compiled checkpoints.......................................................................................................................................... 44

iii Compliance Sheriff V5.2 © 2016 Cryptzone North America Inc.


1. About this documentCheckpoints are instructions that are used by Compliance Sheriff scans to check that web pages conform to certain predetermined rules or guidelines. The Compliance Sheriff checkpoints are defined and grouped based on the compliance modules available – Accessibility, Privacy, Site Quality/SEO and OpSec. These Out-Of-The-Box (OOTB) checkpoints can be modified to suit different environments. Compliance Sheriff also allows custom checkpoints to be created to meet the specific compliance requirements of any organization.

This document provides the OOTB checkpoint groups and checkpoints that are installed with Compliance Sheriff. The availability of these checkpoints and groups depend on the compliance modules you have licensed.

1 Compliance Sheriff V5.2 © 2016 Cryptzone North America Inc.


2. Checkpoint groupsThe tables below list the major checkpoint groups based on their compliance module. It does not list the subgroups referenced by the main groups. Note that groups can contain either checkpoints or subgroups, and subgroups can only contain checkpoints.

Accessibility Module

Checkpoint Group Contains Description

Web Content Accessibility Guidelines 2.1 Groups Main group for WCAG 2.1. Contains all related subgroups and is inclusive of WCAG 2.0 Guideline 1.1-4.1

Section 508 Groups Main Section 508 Checkpoint group. Checks if content conforms to Section 508 accessibility guidelines. Contains all subgroups: Section 508 – 1194.22(a)-(p).

Web Content Accessibility Guidelines 2.0 Groups Main group for WCAG 2.0. Contains all subgroups: WCAG 2.0 – Guideline 1.1 – 4.1.

WCAG 2.0 - Compliance Level A Groups The minimum WCAG 2.0 standard for accessibility.

WCAG 2.1 - Compliance Level A The minimum WCAG 2.1 standard for accessibility.

WCAG 2.0 - Compliance Level AA Groups The intermediate WCAG 2.0 standard for accessibility (must also pass level A).

WCAG 2.1 - Compliance Level AA Groups The intermediate WCAG 2.0 standard for accessibility (must also pass level A).

WCAG 2.0 - Compliance Level AAA Groups The highest WCAG 2.0 standard for accessibility (must also pass levels A and AA)

WCAG 2.1 - Compliance Level AAA Groups The highest WCAG 2.0 standard for accessibility (must also pass levels A and AA)

Web Content Accessibility Guidelines 1.0 Groups Accessibility standard for web content, now superseded by WCAG 2.0.

WCAG 1.0 Priority 1 Checkpoints Contain WCAG 1.0 Priority 1 checkpoints. A web content developer must satisfy this checkpoint. Otherwise, one or more groups will find it impossible to access information in the document. Satisfying this checkpoint is a basic requirement for some groups to be able to use web documents.

WCAG 1.0 Priority 2 Checkpoints Contain WCAG 1.0 Priority 2 checkpoints. A Web content developer should satisfy this checkpoint. Otherwise, one or more groups will find it difficult to access information in the document. Satisfying this checkpoint will remove significant barriers to accessing Web documents.




WCAG 1.0 Priority 3 Checkpoints Contain WCAG 1.0 Priority 3 checkpoints. A Web content developer may address this checkpoint. Otherwise, one or more groups will find it somewhat difficult to access information in the document. Satisfying this checkpoint will improve access to Web documents.

Alt Text Quality Report Checkpoints Allows users to validate content for proper quality as related to valid alt-text for images based on best practices. These checks include the validation of the alt-text value for the word "image", image file name extensions, length of alt-text, and repeated words.

Accessibility Statistics Checkpoints Allows various accessibility statistics to be shown in the summary section of the report. This summary contains information such as the Image summary, showing the total number of image elements found, the number of images with or without alt text, and so on.

Compliance Insight – Accessibility Groups Special group that binds other subgroups that provides a summary on Contrast Ratio, Images, Labels, Links and Tables. As this group uses a subgroup.

Mobile Web Accessibility Checkpoints Allows user to test mobile web sites against various checkpoints to validate image sizes, large graphics, access keys, caching, etc.

Privacy Module


Compliance Insight - Privacy Groups Privacy>3rd Party Linking Privacy>PIIPrivacy>Policy Compliance Privacy>Visitor Tracking

COPPA - Children's Online Privacy Protection Act

Groups Websites that collect information from children under the age of thirteen are required to comply with Federal Trade Commission ( FTC ) Children's Online Privacy Protection Act (COPPA).

Financial Information Privacy Monitoring Groups Checks if content conforms with corporate and federal privacy standards concerning financial information

FISMA - Federal Information Security Management Act

Groups FIP MonitoringHIP MonitoringPII Monitoring Privacy PolicySecure methods for data collectionTracking Technologies

Health Information Privacy Monitoring Groups Checks if content conforms with corporate and federal privacy standards concerning health information

HIPAA - Collection, Use and Disclosure Checkpoints The Collection, Use and Disclosure Limitation and




Limitations and Protections Protections principle states that individually identifiable health information should be collected, used, and/or disclosed only to the extent necessary to accomplish a specified purpose(s) and never to discriminate inappropriately.

HIPAA - Health Information Security Checkpoints The Safeguards Principle states that individually identifiable health information should be protected with reasonable administrative, technical, and physical safeguards to ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use, or disclosure.

HIPAA Health Insurance Portability and Accountability Act

Groups Provides coverage for Health Information Security, Openness and Transparency, Individual Choice, and Safeguards principles of the Health Information Portability and Accountability Act (HIPAA)

HIPAA - Openness, Transparency and Individual Choice

Checkpoints Openness and Transparency and Individual Choice Principles overlap in what HiSoftware can do for them, so the principles will be combined into one report driven by the following check point Groups

MA 201 CMR 17.00 Groups PFI>Bank Account Indicators PFI>Credit Card IndicatorsPII>Custom Number, Characteristic, and/or Code IndicatorsPII>Name IndicatorsPII>Social Security Number Indicators

OMB M-10-22 Groups Guidance for Online Use of Web Measurement and Customization Technologies

Personally Identifiable Information Monitoring

Groups

PFI Personal Financial Information Groups

PHI Protected Health Information Groups

PII Personally Identifiable Information Groups Checks if content contains personally identifiable information prohibited by privacy standards.

Privacy Policy Groups Privacy>P3P Usage Privacy>Policy Compliance

Privacy Groups

Secure methods for data collection Checkpoints

Sensitive Organizational Content (SOC) Groups Checks if content reveals sensitive information about your organization

Tracking Technologies Groups OMB M-10-22Privacy>Visitor TrackingWeb Tracking>Beacons




Web Tracking>Cookies

Web Tracking - Network Advertising Initiative Compliance

Checkpoints

Web Tracking Groups

SiteQuality/SEO Module


Compliance Insight - SEO Groups

Search Engine Optimization Checkpoints

Compliance Insight - SEO Groups

HIPAA - Data Quality, Integrity and Correction

The Correction principle states that Individuals should be provided with a timely means to dispute the accuracy or integrity of their individually identifiable health information, and to have erroneous information corrected or to have a dispute documented if their requests are denied.

Site Quality - Link Validation Checkpoints

Site Quality - Offensive Content Checkpoints

Site Quality - Page Load Time Checkpoints

Site Quality - Spell Check Checkpoints

OpSec Module


Compliance Insight - Data Security Checkpoints

Operational Security Checkpoints



3. CheckpointsThe tables below list the OOTB checkpoints used within various checkpoint groups that make up of Compliance Sheriff compliance modules. . Once you have reviewed this list, refer to the Compliance Sheriff Installation Guide for more information on how to apply these checkpoints and the above checkpoint groups.

Accessibility Module

Checkpoint Short Description Priority Group Subgroup

Section 508

a.1 All IMG elements are required to contain either the ALT or LONGDESC attribute.

1 Section 508 1194.22(a)

a.2 All APPLET elements are required to contain both element content and the ALT attribute.

1 Section 508 1194.22(a)

a.3 When EMBED elements are used, the NOEMBED element or ARIA attributes are required in the page.

1 Section 508 1194.22(a)

a.4 All OBJECT elements are required to contain element content.

1 Section 508 1194.22(a)

a.5 All SVG elements are required title or desc child element or ARIA attributes for providing description.

1 Section 508 1194.22(a)

a.6 All IFRAME elements which has non- text content, contains title or ARIA attribute for providing description.

1 Section 508 1194.22(a)

a.7 All Figure elements are required to have figcaption for describing purpose of element.

1 Section 508 1194.22(a)

b.1 Identify all OBJECT Elements that have a multimedia MIME type as the type attribute value

1 Section 508 1194.22(b)




b.2 Identify all OBJECT Elements that have a DATA attribute value with a multimedia file extension

1 Section 508 1194.22(b)

b.3 Identify all EMBED elements that have a SRC attribute value with a multimedia file extension

1 Section 508 1194.22(b)

b.4 Identify all links that have an HREF attribute value with a multimedia file extension

1 Section 508 1194.22(b)

b.5 Identify all VIDEO or AUDIO Elements that have a track child element with KIND attribute values subtitles, captions or descriptions.

1 Section 508 1194.22(b)

b.6 Identify all IFRAME elements that have a SRC attribute value with an external known webpage's video.

1 Section 508 1194.22(b)

c.1 Ensure that all information conveyed with color is also available without color, for example from context or markup

1 Section 508 1194.22(c)

d.1 Organize documents so they may be read without style sheets

1 Section 508 1194.22(d)

d.2 Ensure Color and background color may be specified at any level in the cascade of preceding selectors, by external stylesheets or through inheritance rules for all elements.

1 Section 508 1194.22(d)

d.3 Making the DOM order match the visual order

1 Section 508 1194.22(d)

e.1 Locate any IMG element that contains the ISMAP attribute

1 Section 508 1194.22(e)




e.2 No INPUT element should contain the USEMAP attribute

1 Section 508 1194.22(e)

f.1 All AREA elements are required to have the ALT attribute

1 Section 508 1194.22(f)

f.2 No IMG element should contain the ISMAP attribute

1 Section 508 1194.22(f)

f.3 No INPUT element should contain the ISMAP attribute

1 Section 508 1194.22(f)

g.1 For data tables, identify row and column headers

1 Section 508 1194.22(g)

h.1 For data tables that have two or more logical levels of row or column headers, use markup to associate data cells and header cells

1 Section 508 1194.22(h)

i.1 All IFRAME elements are required to contain element content

1 Section 508 1194.22(i)

i.2 All FRAME elements are required to contain the title attribute

1 Section 508 1194.22(i)

i.3 All FRAMESET elements will be checked for the NOFRAMES element

1 Section 508 1194.22(i)

j.1 Pages are required not to contain the BLINK element

1 Section 508 1194.22(j)

j.2 Until user agents allow users to control blinking, avoid causing content to blink

1 Section 508 1194.22(j)

k.1 Check for a 'Text Only Version' link that provides equivalent access to a page

1 Section 508 1194.22(k)

l.1 Verify information provided by scripts shall be identified with functional text that can be read by assistive technology.

1 Section 508 1194.22(l)




l.2 When SCRIPT elements are used, the NOSCRIPT element is required in the page

1 Section 508 1194.22(l)

l.3 Ensure that all anchor elements that use JavaScript in the link target describe purpose of the link through content or ALT attribute.

1 Section 508 1194.22(l)

m.1 All pages that have links to files that require a special reader or plug-in are required to contain the specified text indicating a link to the reader or plug- in

1 Section 508 1194.22(m)

n.1 Identify all LABEL elements used within FORM elements

2 Section 508 1194.22(n)

n.2 All INPUT elements are required to contain the ALT or TITLE attribute, or use a LABEL

2 Section 508 1194.22(n)

n.3 Associate labels explicitly with their controls (SELECT elements)

2 Section 508 1194.22(n)

n.4 Associate labels explicitly with their controls (TEXTAREA elements)

2 Section 508 1194.22(n)

n.5 Ensure that all LABEL 'FOR' attributes match another control

2 Section 508 1194.22(n)

n.6 Ensure that Placeholder attribute should not be used as an alternative to a label for all input elements.

2 Section 508 1194.22(n)

n.7 Ensure that all elements with role=application use either aria- labelledby or aria-describedby attribute.

2 Section 508 1194.22(n)

n.8 Ensure that all elements with required attribute contains required, mandatory or * in content of label.

1 Section 508 1194.22(n)




n.9 All elements which has role attribute checkbox or radio, set value of aria- checked either in HTML page or JavaScript.

1 Section 508 1194.22(n)

o.1 Pages should contain a bookmark link to skip navigation

1 Section 508 1194.22(o)

p.1 Pages are required not to use the META element with the HTTP-EQUIV attribute value 'refresh

1 Section 508 1194.22(p)

p.2 Allow users to complete an activity without any time limit

1 Section 508 1194.22(p)

WCAG 2.0 & 2.1

Accessibility 21 Pointer Gestures. Ensure that content can be operated using simple inputs on a wide range of pointing devices.

1 WCAG 2.1 A Criterion 2.5.1

Accessibility 21 Pointer Cancellation. Prevent accidental or erroneous pointer input.


Accessibility 21 For user interface components with labels that include text or images of text, the name contains the text that is presented visually.


Accessibility 21 Functionality that relies on device or user motion has alternatives or can be disabled


Accessibility 21 When character key shortcuts are available, they are scoped to an element that has focus, or can be disabled or remapped


Accessibility20 C12Accessibility21

Use percent, em, or named font size for font sizes

2 WCAG 2.0 AAWCAG 2.1

Criterion 1.4.4





Use CSS to change the presentation of a user interface component when it receives focus

2 Not Assigned


Scaling form elements which contain text


Criterion 1.4.4Criterion 1.4.8


Making the DOM order match the visual order

2 WCAG 2.0 AWCAG 2.1



Using CSS to replace text with images of text and providing user interface controls to switch



Accessibility20 F10Accessibility21

Failure of Success Criterion 2.1.2 and Conformance Requirement 5 due to combining multiple content formats in a way that traps users inside one format type


Criterion 2.1.2


Failure of Success Criterion 1.3.3 due to identifying content only by its shape or location


Criterion 1.3.3


Failure of Success Criterion 1.4.3, 1.4.6 and 1.4.8 due to specifying foreground (text) colors without specifying background colors or vice versa


Criterion 1.4.3Criterion 1.4.6Criterion 1.4.8


Failure of Success Criterion 1.1.1 due to using CSS to include images that convey important information


Criterion 1.1.1


Failure of Success Criterion 1.1.1 and1.2.1 due to using text alternatives that are not alternatives.


Compliance Insight AccessibilityWCAG 2.1

Images


Failure of Success Criterion 2.2.2 due to using text-decoration:blink without a mechanism to stop it in less than five seconds


Criterion 2.2.2





Failure of Success Criterion 3.2.3 due to presenting navigation links in a different relative order on different pages


Criterion 3.2.3


Failure of Success Criterion 1.1.1 and1.2.1 due to providing long description for non-text content that does not serve the same purpose or does not present the same information


Criterion 1.1.1


Failure of Success Criterion 2.4.9 due to using a non-specific link such as "click here" or "more" without a mechanism to change the link text to specific text.


Criterion 2.4.9

Accessibility20 G105Accessibility21

Save data so that it can be used after a user re-authenticates

3 WCAG 2.0 AAAWCAG 2.1

Criterion 2.2.5


Use "activate" rather than "focus" as a trigger for changes of context


Criterion 3.2.1


Provide descriptive headings


Criterion 2.4.6


Validate Web pages 1 WCAG 2.0 AWCAG 2.1

Criterion 4.1.1


Ensure that information conveyed by color differences is also available in text


Criterion 1.4.1


Organize a page using headings


Criterion 2.4.10


Ensuring that the Web Page contains another CAPTCHA serving the same purpose using a different modality


Criterion 1.1.1


Ensure that a contrast ratio of at least 3:1 exists






between text (and images of text) and background behind the text

Compliance Insight Accessibility

Contrast Ratio


Using user interface components that are highlighted by the user agent when they receive focus


Criterion 2.4.7


Provide a link to a text transcript of a prepared statement or script if the script is followed


Criterion 1.2.9


Provide a full text transcript for the audio


Criterion 1.2.1


Provide a full text transcript of the video content




Ensure that a contrast ratio of at least 7:1 exists between text (and images of text) and background behind the text

3 Compliance Insight Accessibility

Contrast Ratio

WCAG 2.0 AAAWCAG 2.1

Criterion 1.4.6


Ensuring that a contrast ratio of at least 4.5:1 exists between text (and images of text) and background behind the text


Contrast Ratio

WCAG 2.0 AAWCAG 2.1



Ensure that no component of the content flashes more than three times in any 1-second period




Using labels, names, and text alternatives consistently for content that has the same functionality


Criterion 3.2.4


Allow users to complete an activity without any time limit


Criterion 2.2.3


Include a sign language interpreter in the video stream


Criterion 1.2.6





Mix audio files so that non-speech sounds are at least 20 decibelslower than the speech audio content


Criterion 1.4.7


Ensure all autostart sounds turns off automatically within three seconds


Criterion 1.4.2


Provide a glossary 3 WCAG 2.0 AAAWCAG 2.1



Provide a full synchronized media text alternative including any interaction




Provide a help link on every Web page


Criterion 3.3.5


Provide a mechanism to postpone any updating of content


Criterion 2.2.4


Provide a sound track that includes audio description




Provide a spoken version of the text


Criterion 3.1.5


Create an extended audio description for the synchronized media content




Provide text descriptions to identify required fields that were not completed


Criterion 3.3.1


Provide closed captions 1 WCAG 2.0 AWCAG 2.1

Criterion 1.2.2


Provide expected data format and example




Create captions for live synchronized media


Criterion 1.2.4


Provide the ability for the user to review and correct answers before submitting






Accessibility20 H2Accessibility21

Combine adjacent image and text links for the same resource




Provide text alternatives for the area elements of image maps




Pages are required to use the TITLE element


Criterion 2.4.2


Provide text and non-text alternatives for object


Criterion 1.1.1


Provide definitions for abbreviations by using the abbr and acronym elements


Criterion 3.1.4


Providing link text that describes the purpose of a link for anchor elements




Provide submit buttons 1 WCAG 2.0 AWCAG 2.1

Criterion 3.2.2


Supplement link text with the title attribute




Provide text alternatives on applet elements


Criterion 1.1.1


Use alt attributes on images used as submit buttons


Criterion 1.1.1


Use alt attributes on img elements


Criterion 1.1.1


Images


Use caption elements to associate data table captions with data tables


Criterion 1.3.1


Tables


Create a logical tab order through links, form controls, and objects


Criterion 2.4.3


Use h1-h6 to identify headings


Criterion 1.3.1





Use id and headers attributes to associate data cells with header cells in data tables. Updated includes the addition of a new compiled checkpoint “Accessibility 12.4c”


Criterion 1.3.1


Tables


Use label elements to associate text labels with form controls


Criterion 1.1.1Criterion 1.3.1Criterion 3.3.2Criterion 4.1.2


Labels


Use longdesc 1 WCAG 2.0 AWCAG 2.1

Criterion 1.1.1


When EMBED elements are used, the NOEMBED element is required in the page



Accessibility20 H51 Accessibility20 H51Accessibility21

Use table markup to present tabular information


Criterion 1.3.1

Use table markup to present tabular information


Tables


Use the body of the object element




Use the dir attribute on an inline element to resolve problems with nested directional runs


Criterion 1.3.2


Use language attributes on the html element


Criterion 3.1.1


Use language attributes to identify changes in the human language


Criterion 3.1.2


Use the link element and navigation tools




Use the link element to link to a glossary


Criterion 3.1.3





Use the scope attribute to associate header cells and data cells in data tables


Criterion 1.3.1


Using the title attribute of the frame and iframe elements




Use the title attribute to identify form controls when the label element cannot be used


Criterion 1.1.1Criterion 1.3.1Criterion 3.3.2Criterion 4.1.2


Labels


Use null alt text and no title attribute on img elements for images that AT should ignore


Criterion 1.1.1


Use the summary attribute of the table element to give an overview of data tables


Criterion 1.3.1


Use meta refresh to create an instant client-side redirect (copy)


Criterion 3.2.5


Identifying the purpose of a link in a data table using the link text combined with its enclosing table cell and associated table header cells


Criterion 2.4.4


Use the target attribute to open a new window on user request and indicating this in link text


Criterion 3.2.5


Use a button with a select element to perform an action


Criterion 3.2.2


Use OPTGROUP to group OPTION elements inside a SELECT


Criterion 1.3.1


Using the track element to provide captions


Criterion 1.2.2


Using the track element to provide audio descriptions


Criterion 1.2.1





Grouping related links using the nav element


Criterion 1.3.1

Accessibility20 HS2Accessibility21

Ensure images are not used instead of text except for specific cases


Criterion 1.4.5


Verification checkpoint for 1.4.6

2


DEMO: Verifying compliant toolbar


Criterion 4.1.2


All functionality of the content is operable through a keyboard interface without requiring specific timings for individual keystrokes.


Criterion 2.1.3

Accessibility20 SCR1Accessibility21

Allow the user to extend the default time limit


Criterion 2.2.1


Provide client-side validation and alert




Using redundant keyboard and mouse event handlers


Criterion 2.1.1


Use the target attribute to open a new window on user request and indicating this in link text


Criterion 3.2.5

WCAG 1.0

Accessibility 1.1.1 All IMG elements are required to contain either the ALT or LONGDESC attribute

1 WCAG 1.0 Guideline 1Priority 1

Accessibility 1.1.1a All IMG elements are required to contain either the ALT or LONGDESC attribute


Accessibility 1.1.2 All INPUT elements are required to contain the ALT or TITLE attribute, or use a LABEL





Accessibility 1.1.3 All OBJECT elements are required to contain element content


Accessibility 1.1.4 All APPLET elements are required to contain both element content and the ALT attribute


Accessibility 1.1.5 All FRAMESET elements will be checked for the NOFRAMES element


Accessibility 1.1.6 All IFRAME elements are required to contain element content


Accessibility 1.1.7 All AREA elements are required to have the ALT attribute


Accessibility 1.1.8 When EMBED elements are used, the NOEMBED element is required in the page


Accessibility 1.2.1 Locate any IMG element that contains the ISMAP attribute


Accessibility 1.2.2 Locate any INPUT element that contains the ISMAP attribute


Accessibility 1.3 Provide auditory description for multimedia presentations


Accessibility 1.4.1 Identify all OBJECT Elements that have a multimedia MIME type as the type attribute value


Accessibility 1.4.2 Identify all OBJECT Elements that have a DATA attribute value with a multimedia file extension


Accessibility 1.4.3 Identify all EMBED elements that have a SRC attribute value with a multimedia file extension





Accessibility 1.4.4 Identify all links that have an HREF attribute value with a multimedia file extension


Accessibility 1.5 Identify all MAP elements that use the AREA element


Accessibility 2.1 Ensure that all information conveyed with color is also available without color, for example from context or markup


Accessibility 2.2 Foreground and background color combinations provide sufficient contrast


Accessibility 3.1 Verify that elements do not need to be converted to an appropriate markup language


Accessibility 3.2 Pages are required to use the!DOCTYPE tag


Accessibility 3.3.1 Use style sheets to control layout and presentation


Accessibility 3.3.2 Identify the use of Bold and Italic elements within the page

2 WCAG 1.0 Guideline 3

Accessibility 3.4 Identify use of absolute units within elements and/or style sheets


Accessibility 3.5 Use header elements to convey document structure and use them according to specification


Accessibility 3.6 Identify the use of List elements (DL, UL, OL) within the page


Accessibility 3.7 Identify the use of Quote and BLOCKQUOTE elements within the page


Accessibility 4.1 Clearly identify changes in the natural language of a page's text and any text equivalents (e.g. captions)





Accessibility 4.2.1 Identify the use of ABBR elements within the page


Accessibility 4.2.2 Identify the use of ACRONYM elements within the page


Accessibility 4.3.1 Pages are required to use the META element with the NAME attribute value 'language' in the Head section


Accessibility 4.3.2 Identify the primary language of the page by the LANG attribute of HTML element or server headers


Accessibility 5.1 For data tables, identify row and column headers


Accessibility 5.2 For data tables that have two or more logical levels of row or column headers, use markup to associate data cells and header cells


Accessibility 5.3 Identify all layout tables 2 WCAG 1.0 Guideline 5Priority 2

Accessibility 5.4 If a TABLE is used for layout, do not use any structural markup


Accessibility 5.5 Provide summaries for tables


Accessibility 5.6 Provide abbreviations for header labels


Accessibility 6.1 Organize documents so they may be read without style sheets

1 WCAG 1.0 Guideline 6

Accessibility 6.2.1 FRAME sources: Ensure that equivalents for dynamic content are updated when the dynamic content changes





Accessibility 6.2.2 Verify that equivalents of dynamic content are updated and available as often as the dynamic content


Accessibility 6.3.1 If any anchor elements use JavaScript in the link target, a NOSCRIPT tag should also be present


Accessibility 6.3.2 If any AREA elements use JavaScript in the link target, a NOSCRIPT tag should also be present


Accessibility 6.3.3 If any elements use HTML event handlers, a NOSCRIPT tag should also be present


Accessibility 6.3.4 When SCRIPT elements are used, the NOSCRIPT element is required in the page


Accessibility 6.3.5 All OBJECT elements are required to contain element content


Accessibility 6.3.6 All APPLET elements are required to contain both element content and the ALT attribute


Accessibility 6.3.7 When EMBED elements are used, the NOEMBED element is required in the page


Accessibility 6.3.8 All pages that have links to files that require a special reader or plug-in are required to contain the specified text indicating a link to the reader or plug- in


Accessibility 6.4 Ensure that event handlers are input device-independent


Accessibility 7.1 Until user agents allow users to control flickering, avoid causing content to flicker





Accessibility 7.2.1 Pages are required not to contain the BLINK element


Accessibility 7.2.2 Until user agents allow users to control blinking, avoid causing content to blink


Accessibility 7.3.1 Pages are required not to contain the MARQUEE element


Accessibility 7.3.2 Until user agents allow users to freeze moving content, avoid movement in pages


Accessibility 7.4.1 Pages are required not to use the META element with the HTTP-EQUIV attribute value 'refresh


Accessibility 7.5 Do not use markup to redirect pages automatically


Accessibility 8.1 Make scripts and applets directly accessible or compatible with assistive technologies


Accessibility 9.1.1 No IMG element should contain the ISMAP attribute


Accessibility 9.1.2 No INPUT element should contain the ISMAP attribute


Accessibility 9.2 Element interface can be operated in a device-independent manner


Accessibility 9.3 Specify logical event handlers rather than device-dependent event handlers


Accessibility 9.4.1 All Anchor, AREA, BUTTON, INPUT, OBJECT, SELECT and TEXTAREAelements are required to use the TABINDEX attribute





Accessibility 9.5.1 Accesskey attribute is required in at least one of A, AREA, BUTTON, INPUT, LABEL, LEGEND, and TEXTAREAelements


Accessibility 10.1.1 Check A and AREA elements for valid TARGET attribute


Accessibility 10.1.2 Verify that scripts do not spawn new windows


Accessibility 10.2 Identify all LABEL elements used within FORM elements


Accessibility 10.3 Provide linear text alternative for all tables that lay out text


Accessibility 10.4.1 Include default, place-holding characters in edit boxes


Accessibility 10.4.2 Include default, place-holding characters in text areas (TEXTAREA)


Accessibility 10.5 All Anchor elements not surrounding images cannot be directly adjacent


Accessibility 11.1 Use W3C technologies when they are available and appropriate for a task


Accessibility 11.2.1 Identify the use of deprecated elements within the page


Accessibility 11.2.2 Identify the use of deprecated attributes within the page


Accessibility 11.3 Provide information to receive documents


Accessibility 11.4.1 Check for a 'Text Version' link within the page


Accessibility 11.4.2 Check for an 'Accessibility' link within the page





Accessibility 12.1 All FRAME elements are required to contain the title attribute


Accessibility 12.2 All FRAME elements are required to use the LONGDESC attribute


Accessibility 12.3 Divide large blocks of information into more manageable groups where natural and appropriate


Accessibility 12.4.1 Ensure that all LABEL 'FOR' attributes match another control


Accessibility 12.4.2 Associate labels explicitly with their controls (SELECT elements)


Accessibility 12.4.3 Associate labels explicitly with their controls (TEXTAREA elements)


Accessibility 13.1.1 Anchor elements are required not to use any of the defined link phrases in the link text



Links

Accessibility 13.1.2 All Anchor elements are required not to use the same link text to refer to different resources



Links

Accessibility 13.2.1 Pages are required to use the TITLE element


Accessibility 13.2.2 Provide metadata to add semantic information to pages and sites


Accessibility 13.3 Check for link to site map page within document


Accessibility 13.4 Use navigation mechanisms in a consistent manner


Accessibility 13.5 Provide navigation bars 3 WCAG 1.0 Guideline 13Priority 3




Accessibility 13.6 Pages should contain a bookmark link to skip navigation


Accessibility 13.7 Provide different types of searches for search functions


Accessibility 13.8 Provide information at the beginning of headings, paragraphs, lists


Accessibility 13.9 Page collection information 3 WCAG 1.0 Guideline 13Priority 3

Accessibility 13.10 Method to skip over multi-line ASCII art


Accessibility 14.1 Use the clearest and simplest language appropriate for a site's content


Accessibility 14.2 Graphic or auditory presentations for Text


Accessibility 14.3 Consistent presentation style


AltQuality

AltQuality 1.1 Validate that the alt text does not use the word "Image”

2 AltText Quality Report

AltQuality 1.2 Validate that the alt text does not contain the text: .jpg, .gif, .bmp, .jpeg


AltQuality 1.6 Validate that the alt text does not use the text "image”


AltQuality 2.1 Validate that Alternative Text is greater than 7 and less than 81 characters in length.


AltQuality 2.2 Validate that Alternative Text is not used to repeat words


Statistics




Statistics 2.0 Identify tables with summaries and captions

1 Accessibility Statistics

Statistics 5.1 Identify forms with unlabeled controls


Statistics 5.2 Identify forms not using TABINDEX attributes


Statistics 5.3 Identify forms not using ACCESSKEY attributes


Mobile

Mobile_ACCESS_KEYS.xcp Assign access keys to links in navigational menus and frequently accessed functionality.

2 Mobile Web Accessibility

Mobile_AVOID_FREE_TEXT.xcp Avoid free text entry where possible.


Mobile_BALANCE.xcp Provide a balance between having a large number of navigation links on a page and the need to navigate multiple links to reach content.


Mobile_CACHING.xcp Provide caching information in HTTP responses.


Mobile_DEFAULT_INPUT_MODE.xcp Specify a default text entry mode, language and/or input format, if the device is known to support it.


Mobile_ENCODING_SUPPORT.xcp Ensure that content is encoded using a character encoding that is known to be supported by the device.


Mobile_ERROR_MESSAGES.xcp Provide informative error messages and a means of navigating away from an error message back to useful information.


Mobile_IMAGE_RESIZING.xcp Resize images at the server, if they have an intrinsic size.


Mobile_IMAGE_SPECIFY_SIZE.xcp Specify the size of images in markup, if they have an intrinsic size.





Mobile_LARGE_GRAPHICS.xcp Do not use images that cannot be rendered by the device. Avoid large or high resolution images except where critical information would otherwise be lost.


Mobile_NO_FRAMES.xcp Do not use frames. 2 Mobile Web Accessibility

Mobile_PROVIDE_DEFAULTS.xcp Provide pre-selected default values where possible.


Mobile_SCROLLING.xcp Limit scrolling to one direction, unless secondary scrolling cannot be avoided.


Mobile_TABLES_NESTED.xcp Do not use nested tables. 2 Mobile Web Accessibility

Privacy Module


Privacy EMP1 W2 Form 2 FIP

PFI Employment Indicators

Privacy EMP2 Resume Indicator 2 FIP

PFI Employment Indicators

Privacy MnA1 Mergers and Acquisitions Text Identifier 2 SOC Mergers and Acquisitions

Privacy MnA2 Mergers and Acquisitions Content Terms 2 SOC Mergers and Acquisitions

Privacy MnA3 Acquisition Company Identifier 2 SOC Mergers and Acquisitions

Privacy MnA4 Due Diligence Identifier 2 SOC Mergers and Acquisitions

Privacy OMB M-10-22 1.0 Ensure that pages that set 3rd party single session cookies include a link to an appropriate privacy policy link (Tier 1).

1 OMB M-10-22 Tier 1

Privacy OMB M-10-22 2.0 Ensure that your privacy policy indicates Tier 1 Cookies are set.





Privacy OMB M-10-22 3.0 Ensure that pages not collecting PII that set 3rd party multi-session cookies have an appropriate Privacy Policy link (Tier 2).




Privacy OMB M-10-22 5.0 Ensure that pages collecting PII that set 3rd party multi-session cookies have an opt-in option and Privacy Policy link (Tier 3).




Privacy P1 Portfolio indicator 2 FIP

Privacy P1 Portfolio indicator 2 PFI Portfolio Indicators

Privacy PF1 Credit Card Indicator - AMEX 2 FIP

PFI Credit Card Indicators

Privacy PF10 Bank Account Indicator - Suntrust 2 FIP

PFI Bank Account Indicators

Privacy PF11 Bank Account Indicator - HSBC 2 FIP


Privacy PF12 Bank Account Indicator - Keybank 2 FIP


Privacy PF13 Bank Account Indicator - State Street 2 FIP


Privacy PF14 American Currency Indicator 2 FIP

PFI Currency Indicators

Privacy PF15 European Currency Indicator 2 FIP


Privacy PF16 British Currency Indicator 2 FIP





Privacy PF17 Japanese Currency Indicator 2 FIP


Privacy PF2 Credit Card Indicator - Visa 2 FIP


Privacy PF3 Credit Card Indicator - MasterCard 2 FIP


Privacy PF4 Credit Card Indicator - Discover 2 FIP

Privacy PF4 Credit Card Indicator - Discover 2 PFI Credit Card Indicators

Privacy PF5 Bank Account Indicator - Bank of America

2 FIP


Privacy PF6 Bank Account Indicator - Chase 2 FIP


Privacy PF7 Bank Account Indicator - Citigroup 2 FIP


Privacy PF8 Bank Account Indicator - Wachovia 2 FIP


Privacy PF9 Bank Account Indicator - Wells Fargo 2 FIP


Privacy PH1 Medical Terms 1 HIPAA Health Information Security

PHI Medical Diagnosis

Privacy PH2 Medical Billing Terms 1 HIPAA Health Information Security

PHI Medical Billing




Privacy PH3 Medical Provisions 1 HIPAA Health Information Security

PHI Medical Provisions

Privacy PO1 Purchase Order Term Indicator 2 SOC Purchase Order Indicators

Privacy PO2 Purchase Order Number Indicator 2 SOC Purchase Order Indicators

Privacy SOW1 Statement of Work 1 SOC Statement of Work Identifiers

Privacy SOW10 Delivery schedule 1 SOC Statement of Work Identifiers

Privacy SOW11 Time and materials 1 SOC Statement of Work Identifiers

Privacy SOW12 Fixed Cost 1 SOC Statement of Work Identifiers

Privacy SOW13 Currency 1 SOC Statement of Work Identifiers

Privacy SOW2 Solicitation Number 2 SOC Statement of Work Identifiers

Privacy SOW3 NDA Short 1 SOC Statement of Work Identifiers

Privacy SOW4 NDA Full 1 SOC Statement of Work Identifiers

Privacy SOW5 Acceptance and authorization 1 SOC Statement of Work Identifiers

Privacy SOW6 Payment terms 1 SOC Statement of Work Identifiers

Privacy SOW7 Professional services agreement 1 SOC Statement of Work Identifiers

Privacy SOW8 Project name 1 SOC Statement of Work Identifiers

Privacy SOW9 Client name 1 SOC Statement of Work Identifiers

Privacy WT1 Find IMG SRC Beacon URL 1 Web Tracking Beacons

Privacy WT10 NAI Non-Compliant Third Party Tracker 1 Web Tracking Network Advertising Initiative Compliance




Privacy WT11 NAI Compliant Third Party Tracker Web Tracking Network Advertising Initiative Compliance

Privacy WT2 Find SCRIPT SRC Beacon URL 1 Web Tracking Beacons

Privacy WT3 Find IFRAME SRC Beacon URL 1 Web Tracking Beacons

Privacy WT4 Find JavaScript Source Text Beacon URL 1 Web Tracking Beacons

Privacy WT5 OBA Tag Search - Red List 2 Web Tracking Beacons

Privacy WT6 OBA Tag Search - Yellow List 2 Web Tracking Beacons

Privacy WT7 OBA Tag Search - Green List 2 Web Tracking Beacons

Privacy WT8 OBA Tag Search - Google Analytics 2 Web Tracking Beacons

Privacy WT9 OBA Tag Search - Sharethis 2 Web Tracking Beacons

Privacy 1.1 Identify pages that do not contain a privacy policy link

2 HIPAA Openness, Transparency and Individual Choice

Privacy Policy Compliance

Web Privacy

Privacy 1.2 Validate that pages with forms also have a privacy policy link



Web Privacy

Privacy 1.2.1 Validate that pages with forms collecting personally identifiable information have a privacy policy link



Web Privacy

Privacy 1.3 Validate that pages with mailto links also have a privacy policy link






Web Privacy

Privacy 1.4 Validate all pages have a link to the P3P policy reference file

2 Privacy P3P Usage

Web Privacy

Privacy 1.5 Validate that P3P policy reference file exists in the root of the tested page's site

1 Privacy P3P Usage

Web Privacy

Privacy 1.6 Identify that the server is setting HTTP P3P

2 Privacy P3P Usage

Web Privacy

Privacy 2.1 Identify pages that use forms 3 HIPAA Collection, Use and Disclosure Limitations and Protections

Privacy Data Collection

Secure methods for data collection

Web Privacy

Privacy 2.2 Identify pages that use forms with GET method

2 HIPAA Collection, Use and Disclosure Limitations and Protections



Web Privacy

Privacy 2.2.1 Identify pages that use forms collecting personally identifiable information with a GET method




Web Privacy

Privacy 2.3 Identify INPUT elements on a page 3 HIPAA Collection, Use and Disclosure Limitations and Protections






Web Privacy

Privacy 2.4 Identify TEXTAREA elements on a page 3 HIPAA Collection, Use and Disclosure Limitations and Protections



Web Privacy

Privacy 2.5 Identify SELECT elements on a page 3 HIPAA Collection, Use and Disclosure Limitations and Protections



Web Privacy

Privacy 3.1 Identify possible image element web beacons

2 Privacy Visitor Tracking

Web Privacy

Privacy 3.2 Identify image input element web beacons


Web Privacy

Privacy 4.1 Identify all pages that set cookies 3 Privacy Visitor Tracking

Web Privacy

Web Tracking Cookies

Privacy 4.1a Validate that no 3rd party cookies are set

1 Web Privacy


Privacy 4.1b Validate that all cookies are session cookies (no expiry date).


Web Privacy


Privacy 4.2 Identify all pages with JavaScript that accesses or modifies cookies


Web Privacy


Privacy 4.3 Identify all input elements with an ONCLICK event that access or modify cookies


Web Privacy





Privacy 4.4 Identify all pages with an ONLOAD event that access or modify cookies


Web Privacy


Privacy 5.1 Identify External Links 2 Privacy 3rd Party Linking

Web Privacy

Privacy 7.1 Validate that forms collecting personally identifiable information are secure




Web Privacy

Privacy 7.1.1 Identify pages that use non-secure forms




Web Privacy

Privacy 7.2 Identify forms that are collecting personally identifiable information




Web Privacy

Privacy 7.3 Validate that pages with forms also have an opt-out link



Web Privacy




Privacy 7.3.1 Validate that forms collecting personally identifiable information also have an opt-out link



Web Privacy

Privacy 7.4 Validate that pages with mailto links also have an opt-out link



Web Privacy

Privacy 8.1 Identify possible inclusion of Social Security numbers on a page

1 COPPA

General Privacy

HIPAA Collection, Use and Disclosure Limitations and Protections

HIPAA Health Information Security

PII Social Security Number Indicators


Privacy PII




Privacy 8.2 Identify possible inclusion of Credit Card numbers on a page

1 General Privacy

HIPAA Collection, Use and Disclosure Limitations and Protections


PHI Medical Billing

PII Credit Card Indicators


Privacy PII

Privacy 9.1 Name 2 COPPA

General Privacy


PII Name Indicators

Privacy 9.2 Gender 2

Privacy 9.3 Email Address 2 COPPA

Privacy 9.4 Veteran Status 2

Privacy 9.5 Family Relationship Information 2

Privacy 9.6 Physical Address (US) 2 COPPA

General Privacy


PII Geography Indicators

Privacy PII

Privacy 9.7 Citizenship Status 2




Privacy 9.8 Telephone Number (US) 2 COPPA

General Privacy


PII Name Indicators

Privacy PII

Privacy 9.9 Criminal History 2

Privacy 9.10 Birth Date 2 COPPA

General Privacy


PII Age Indicators

PII Date Indicators

Privacy 9.11 Professional Licenses 2

Privacy 9.12 Marital Status 2

Privacy 9.13 Social Security Number (US) 1

Privacy 9.14 Social Insurance Number (Canada) 2

Privacy 9.15 National ID Card Number 2

Privacy 9.16 Issuing Country 2

Privacy 9.17 Driver’s License Number 2

Privacy 9.18 Passport Number 2

Privacy 9.19 Financial Information 2

Privacy 9.20 IP Address 2

Privacy 9.21 Zip Code (US) 2 COPPA

General Privacy






Privacy 9.22 Age 2 COPPA

General Privacy


PII Age Indicators

Privacy 9.23 Race 2

Privacy 9.24 Email Text 2 COPPA

General Privacy

PII Email Indicators

Privacy 9.25 Last Name 2 COPPA

General Privacy


PII Name Indicators

Privacy 9.26 First Name 2 COPPA

General Privacy


PII Name Indicators

Privacy 9.27 Middle Name or Initial 2 COPPA

General Privacy


PII Name Indicators

PII Email Indicators

Privacy PII

Privacy 9.28 Date of Admission 2

Privacy 9.29 Date of Discharge 2

Privacy 9.30 Date of Death 2 General Privacy

PII Date Indicators

Privacy 9.38 Month 2 General Privacy

PII Date Indicators




Privacy 9.39 Day of Week 2 General Privacy

PII Date Indicators

Privacy 9.40 Date Format Month Day Year 2 General Privacy

PII Date Indicators

Privacy 9.41 Date Format Day Month Year 2 General Privacy

PII Date Indicators

Privacy 9.42 Social Security Number Text 1 COPPA

General Privacy


PII Social Security Number Indicators

Privacy 9.43 US State Text 2 COPPA

General Privacy



Privacy 9.44 US State Abbreviation Text 2 COPPA

General Privacy



Privacy 9.45 ID Badge Number 2 COPPA

General Privacy


PII Custom Number, Characteristic, and/or Code Indicators




Privacy 9.46 Date Format mm-dd-yyyy 2

Privacy 9.47 Date Format dd-mm-yyyy 2

Privacy 9.48 Date Format dd-mm-yyyy or mm-dd- yyyy

2

Privacy 9.49 Phone Number Text 1 COPPA

General Privacy


PII Name Indicators

Privacy 9.50 Zip Code (US) 2

SiteQuality/SEO Module


SiteQuality 1.0 Validate all links 1 Compliance Insight Site Quality

HIPAA Data Quality, Integrity and Correction

Site Quality Link Validation

Site Quality Offensive Content

SiteQuality 2.0 Verify that page is available 1 Compliance Insight Site Quality


Site Quality Page Load Time

SiteQuality 3.0 Verify that page has not changed 1

SiteQuality 4.0 Verify that no resources on page have changed

1

SiteQuality 5.0 Verify that page has no spelling errors 1 Compliance Insight Site Quality


Site Quality Spell Check




SiteQuality 6.0 Verify that page does not contain any offensive words

1 Compliance Insight Site Quality


SEO 1.1 Validate minimum keywords length 1 SEO

SEO 1.2 Validate maximum keywords length 1 SEO

SEO 2.1 Validate minimum description length 1 SEO

SEO 2.2 Validate maximum description length 1 SEO

SEO 3.1 Validate that author tag is used 1 SEO

SEO 4.1 Validate that http-equiv="keywords" meta tag is NOT used

1 SEO

SEO 4.2 Validate that http-equiv="description" meta tag is NOT used

1 SEO

SEO 4.3 Validate that http-equiv="refresh" meta tag is NOT used

1 SEO

SEO 4.4 Validate that image alt text for images is being used properly

1 SEO

SEO 4.5 Validate keyword tag is not being used incorrectly

1 Compliance Insight SEO

Keywords

SEO 4.5 Validate keyword tag is not being used incorrectly

1 SEO

SEO 4.6 Validate the description tag is not being incorrectly


Description

SEO 4.6 Validate the description tag is not being incorrectly

1 SEO

SEO 5.1 Validate that title element exists and that it has valid content


Title

SEO 5.1 Validate that title element exists and that it has valid content

1 SEO

SEO 6.1 Verify Page Has Google Analytics Script 1 Compliance Insight SEO

Analytics

SEO 6.2 Verify Page Has Correct Tracking Code 1 Compliance Insight SEO

Analytics



OpSec Module


OpSec 1.1 Identify if there is a website purpose statement link

1 Operational Security

OpSec 1.2 Verify that all pages have a title, enabling title searching


OpSec 2.1 Privacy Policy Notice 1 Operational Security

OpSec 2.2 Security Practices/Policy Notice 1 Operational Security

OpSec 3.1 External Link Disclaimer 1 Operational Security

OpSec 3.2 Identify External Links 1 Operational Security

OpSec 4.1 All Web Pages should be free of third party content or advertising


OpSec 4.2 All Web Pages should be free of third party content or advertising - Links


OpSec 5.1 Operational Information - Lessons Learned Audit


OpSec 5.2 Operational Information - Military Information Audit


OpSec 5.3 Operational Information - Social Security Audit


OpSec 5.4 Operational Information - Date of Birth Audit


OpSec 5.5 Operational Information - Address Audit 1 Operational Security

OpSec 5.6 Operational Information - Telephone number Audit


OpSec 6.1 Technology Data - Schematic Audit 1 Operational Security

OpSec 6.2 Technology Data - Diagrams Audit 1 Operational Security

OpSec 6.3 Technology Data - Frequency Audit 1 Operational Security

OpSec 7.1 Relevant Information - Deployment Schedule Audit


OpSec 7.2 Relevant Information - Exercise Plan Audit


OpSec 7.3 Relevant Information - Contingency Plans Audit


OpSec 7.4 Relevant Information - Training Plans Audit


OpSec 7.5 Relevant Information - Inspection Results Audit





OpSec 7.6 Relevant Information - Biographies Audit


OpSec 7.7 Relevant Information - Family Support Activities Audit


OpSec 7.8 Relevant Information - Phone Directories Audit


OpSec 8.1 Confidential Information 1 Compliance Insight - Data Security

OpSec 8.2 Copywritten Information 1 Compliance Insight - Data Security

OpSec 8.3 Copyright Symbol 1 Compliance Insight - Data Security

OpSec 8.4 Salary Information 1 Compliance Insight - Data Security

OpSec 8.5 Password Information 1 Compliance Insight - Data Security

OpSec 8.6 Confidential Keywords 1 Compliance Insight - Data Security



4. Compiled checkpointsCompiled checkpoints are programs built into the main library (HISCLIB.DLL) used by Compliance Sheriff’s scanning engine.

These programs are created to deliver complex checks that cannot be easily performed using X-path or regular expressions in checkpoint definitions.

The compiled checkpoint is activated within a normal checkpoint (using the function “IfPagePassesCompiledCheck”) with its result (pass/fail) being used to determine the overall result of a checkpoint.

For example, the definition for the checkpoint: Accessibility 12.4.1:

The table below lists the compiled accessibility checkpoints in Compliance Sheriff.

Note. Unless noted in the Short Description, the name of the compiled checkpoint is the Checkpoint where it is currently used.

Compiled Checkpoint

Short Description Priority Group Subgroup

Accessibility 12.4a Checks that the FOR attribute for each LABEL element, if it exists, matches the ID of a control on the page.Used in checkpoint Accessibility 12.4.1


Accessibility 12.4b Checks that no two controls (INPUT, SELECT and TEXTAREA elements) share the same ID.Used in checkpoint Accessibility 12.4.1


Accessibility 12.4c Look for headers (TD/TH element) and if headers are available try to find the id’s associated to header in TH element.New compiled checkpoint that is added into the existing WCAG 2.0 checkpoint Accessibility20 H43.



Tables

Accessibility 13.1.2 Checks that no two links that point to different resources use the same link text. All




Compiled Checkpoint


Anchor elements are required not to use the same link text to refer to different resources.


Links

Accessibility 3.5 Checks that heading elements are used correctly, i.e. that no levels are skipped, and that first header on page is highest level.Use header elements to convey document structure and use them according to specification


Accessibility20 G145 Ensure that a contrast ratio of at least 3:1 exists between text (and images of text) and background behind the text.The objective of this technique is to make sure that users can read text that is presented over a background. This technique relaxes the 5:1 contrast ratio requirement for text that is at least 18 point (if not bold) or at least 14 point (if bold).

2 WCAG 2.0 AA Criterion 1.4.3Criterion 1.4.6


Contrast Ratio

Accessibility20 G17 Ensure that a contrast ratio of at least 7:1 exists between text (and images of text) and background behind the textThe objective of this technique is to make sure that users can read text that is presented over a background. This technique goes beyond the 5:1 contrast technique to provide a higher level of contrast to make it easier for people with low vision to read.


Contrast Ratio

WCAG 2.0 AAA Criterion 1.4.6

Accessibility20 G18 Ensuring that a contrast ratio of at least 4.5:1 exists between text (and images of text) and background behind the text.The objective of this technique is to make sure that users can read text that is presented over a background. For Success Criterion 1.4.3, this technique describes the minimum contrast ratio for text that is less than 18 point (if not bold) and less than 14 point (if bold). For Success Criterion 1.4.5, this technique relaxes the 7:1 contrast ratio requirement for text that is at least 18 point (if not bold) or at least 14 point (if bold).If the background is a solid color (or all black or all white) then the relative luminance of the text can be maintained by making sure that each of the text letters have 4.5:1 contrast ratio with the background.


Contrast Ratio

WCAG 2.0 AA Criterion 1.4.3Criterion 1.4.6



Compiled Checkpoint


Accessibility20 H2 Combine adjacent image and text links for the same resourceThis objective of this technique is to avoid unnecessary duplication that occurs when adjacent text and iconic versions of a link are contained in a document.

1 WCAG 2.0 A Criterion 1.1.1Criterion 2.4.9

Mobile IMAGES_RESIZING

Resize images at the server, if they have an intrinsic size.Images such as bitmaps have an intrinsic size. Telling the browser in advance what the size is avoids it having to re-flow the page when it receives it. Resizing images at the server reduces the amount of data transferred and the amount of processing the device has to carry out to scale the image.



Documents

Compliance Sheriff Technical Note Checkpoints and ... · Web viewThe Correction principle states that Individuals should be provided with a timely means to dispute the accuracy