Compliance Sheriff Technical Note Checkpoints and ...



-1179830-9226550028310257360920TECHNICAL NOTECheckpoints and checkpoint groupsVersion 6.000TECHNICAL NOTECheckpoints and checkpoint groupsVersion 6.0504804-85495000363791530759400026238203080067009144027432000??Copyright informationCopyright ? 2019?Cryptzone?North America Inc. All rights rmation in this document is subject to change without notice and does not represent a commitment on the part of the vendor or its representatives. Permission to use, distribute, or copy not granted without written approval. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, without the written permission of?Cryptzone?North America Inc. Complying with all applicable copyright laws in the US and other countries is the responsibility of the user.The Cyxtera logo, Compliance Sheriff, and Compliance Deputy are trademarks of?Cryptzone?North America Inc. Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries. All other product names mentioned herein are trademarks of their respective owners.Technical supportFor licensing or technical support information, please submit your requests via the Cyxtera Help Center at?. For more information, visit?Compliance Sheriff??and Deputy Support Terms??Contents TOC \o "1-3" \h \z \u 1.About this document PAGEREF _Toc458075010 \h 12.Checkpoint groups PAGEREF _Toc458075011 \h 2Accessibility Module PAGEREF _Toc458075012 \h 2Privacy Module PAGEREF _Toc458075013 \h 3SiteQuality/SEO Module PAGEREF _Toc458075014 \h 5OpSec Module PAGEREF _Toc458075015 \h 53.Checkpoints PAGEREF _Toc458075016 \h 6Accessibility Module PAGEREF _Toc458075017 \h 6Privacy Module PAGEREF _Toc458075018 \h 27SiteQuality/SEO Module PAGEREF _Toc458075019 \h 40OpSec Module PAGEREF _Toc458075020 \h piled checkpoints PAGEREF _Toc458075021 \h 44About this documentCheckpoints are instructions that are used by Compliance Sheriff scans to check that web pages conform to certain predetermined rules or guidelines. The Compliance Sheriff checkpoints are defined and grouped based on the compliance modules available – Accessibility, Privacy, Site Quality/SEO and OpSec. These Out-Of-The-Box (OOTB) checkpoints can be modified to suit different environments. Compliance Sheriff also allows custom checkpoints to be created to meet the specific compliance requirements of any organization.This document provides the OOTB checkpoint groups and checkpoints that are installed with Compliance Sheriff. The availability of these checkpoints and groups depend on the compliance modules you have licensed.Checkpoint groupsThe tables below list the major checkpoint groups based on their compliance module. It does not list the subgroups referenced by the main groups. Note that groups can contain either checkpoints or subgroups, and subgroups can only contain checkpoints.Accessibility ModuleCheckpoint GroupContainsDescriptionWeb Content Accessibility Guidelines 2.1GroupsMain group for WCAG 2.1. Contains all related subgroups and is inclusive of WCAG 2.0 Guideline 1.1-4.1Section 508GroupsMain Section 508 Checkpoint group. Checks if content conforms to Section 508 accessibility guidelines. Contains all subgroups: Section 508 – 1194.22(a)-(p).Web Content Accessibility Guidelines 2.0GroupsMain group for WCAG 2.0. Contains all subgroups: WCAG 2.0 – Guideline 1.1 – 4.1.WCAG 2.0 - Compliance Level AGroupsThe minimum WCAG 2.0 standard for accessibility.WCAG 2.1 - Compliance Level AThe minimum WCAG 2.1 standard for accessibility.WCAG 2.0 - Compliance Level AAGroupsThe intermediate WCAG 2.0 standard for accessibility (must also pass level A). WCAG 2.1 - Compliance Level AAGroupsThe intermediate WCAG 2.0 standard for accessibility (must also pass level A).WCAG 2.0 - Compliance Level AAAGroupsThe highest WCAG 2.0 standard for accessibility (must also pass levels A and AA)WCAG 2.1 - Compliance Level AAAGroupsThe highest WCAG 2.0 standard for accessibility (must also pass levels A and AA)Web Content Accessibility Guidelines 1.0GroupsAccessibility standard for web content, now superseded by WCAG 2.0.WCAG 1.0 Priority 1CheckpointsContain WCAG 1.0 Priority 1 checkpoints. A web content developer must satisfy this checkpoint. Otherwise, one or more groups will find it impossible to access information in the document. Satisfying this checkpoint is a basic requirement for some groups to be able to use web documents.WCAG 1.0 Priority 2CheckpointsContain WCAG 1.0 Priority 2 checkpoints. A Web content developer should satisfy this checkpoint. Otherwise, one or more groups will find it difficult to access information in the document. Satisfying this checkpoint will remove significant barriers to accessing Web documents.WCAG 1.0 Priority 3CheckpointsContain WCAG 1.0 Priority 3 checkpoints. A Web content developer may address this checkpoint. Otherwise, one or more groups will find it somewhat difficult to access information in the document. Satisfying this checkpoint will improve access to Web documents.Alt Text Quality ReportCheckpointsAllows users to validate content for proper quality as related to valid alt-text for images based on best practices. These checks include the validation of the alt-text value for the word "image", image file name extensions, length of alt-text, and repeated words.Accessibility StatisticsCheckpointsAllows various accessibility statistics to be shown in the summary section of the report. This summary contains information such as the Image summary, showing the total number of image elements found, the number of images with or without alt text, and so pliance Insight – AccessibilityGroupsSpecial group that binds other subgroups that provides a summary on Contrast Ratio, Images, Labels, Links and Tables. As this group uses a subgroup.Mobile Web AccessibilityCheckpointsAllows user to test mobile web sites against various checkpoints to validate image sizes, large graphics, access keys, caching, etc.Privacy ModuleCheckpoint GroupContainsDescriptionCompliance Insight - PrivacyGroupsPrivacy>3rd Party Linking Privacy>PIIPrivacy>Policy Compliance Privacy>Visitor TrackingCOPPA - Children's Online Privacy Protection ActGroupsWebsites that collect information from children under the age of thirteen are required to comply with Federal Trade Commission ( FTC ) Children's Online Privacy Protection Act (COPPA).Financial Information Privacy MonitoringGroupsChecks if content conforms with corporate and federal privacy standards concerning financial informationFISMA - Federal Information Security Management ActGroupsFIP MonitoringHIP MonitoringPII Monitoring Privacy PolicySecure methods for data collectionTracking TechnologiesHealth Information Privacy MonitoringGroupsChecks if content conforms with corporate and federal privacy standards concerning health informationHIPAA - Collection, Use and Disclosure Limitations and ProtectionsCheckpointsThe Collection, Use and Disclosure Limitation and Protections principle states that individually identifiable health information should be collected, used, and/or disclosed only to the extent necessary to accomplish a specified purpose(s) and never to discriminate inappropriately.HIPAA - Health Information SecurityCheckpointsThe Safeguards Principle states that individually identifiable health information should be protected with reasonable administrative, technical, and physical safeguards to ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use, or disclosure.HIPAA Health Insurance Portability and Accountability ActGroupsProvides coverage for Health Information Security, Openness and Transparency, Individual Choice, and Safeguards principles of the Health Information Portability and Accountability Act (HIPAA)HIPAA - Openness, Transparency and Individual ChoiceCheckpointsOpenness and Transparency and Individual Choice Principles overlap in what HiSoftware can do for them, so the principles will be combined into one report driven by the following check point GroupsMA 201 CMR 17.00GroupsPFI>Bank Account Indicators PFI>Credit Card IndicatorsPII>Custom Number, Characteristic, and/or Code IndicatorsPII>Name IndicatorsPII>Social Security Number IndicatorsOMB M-10-22GroupsGuidance for Online Use of Web Measurement and Customization TechnologiesPersonally Identifiable Information MonitoringGroupsPFI Personal Financial InformationGroupsPHI Protected Health InformationGroupsPII Personally Identifiable InformationGroupsChecks if content contains personally identifiable information prohibited by privacy standards.Privacy PolicyGroupsPrivacy>P3P Usage Privacy>Policy CompliancePrivacyGroupsSecure methods for data collectionCheckpointsSensitive Organizational Content (SOC)GroupsChecks if content reveals sensitive information about your organizationTracking TechnologiesGroupsOMB M-10-22Privacy>Visitor TrackingWeb Tracking>Beacons Web Tracking>CookiesWeb Tracking - Network Advertising Initiative ComplianceCheckpointsWeb TrackingGroupsSiteQuality/SEO ModuleCheckpoint GroupContainsDescriptionCompliance Insight - SEOGroupsSearch Engine OptimizationCheckpointsCompliance Insight - SEOGroupsHIPAA - Data Quality, Integrity and CorrectionThe Correction principle states that Individuals should be provided with a timely means to dispute the accuracy or integrity of their individually identifiable health information, and to have erroneous information corrected or to have a dispute documented if their requests are denied.Site Quality - Link ValidationCheckpointsSite Quality - Offensive ContentCheckpointsSite Quality - Page Load TimeCheckpointsSite Quality - Spell CheckCheckpointsOpSec ModuleCheckpoint GroupContainsDescriptionCompliance Insight - Data SecurityCheckpointsOperational SecurityCheckpointsCheckpointsThe tables below list the OOTB checkpoints used within various checkpoint groups that make up of Compliance Sheriff compliance modules. . Once you have reviewed this list, refer to the Compliance Sheriff Installation Guide for more information on how to apply these checkpoints and the above checkpoint groups.Accessibility ModuleCheckpointShort DescriptionPriorityGroupSubgroupSection 508a.1All IMG elements are required to contain either the ALT or LONGDESC attribute.1Section 5081194.22(a)a.2All APPLET elements are required to contain both element content and the ALT attribute.1Section 5081194.22(a)a.3When EMBED elements are used, the NOEMBED element or ARIA attributes are required in the page.1Section 5081194.22(a)a.4All OBJECT elements are required to contain element content.1Section 5081194.22(a)a.5All SVG elements are required title or desc child element or ARIA attributes for providing description.1Section 5081194.22(a)a.6All IFRAME elements which has non- text content, contains title or ARIA attribute for providing description.1Section 5081194.22(a)a.7All Figure elements are required to have figcaption for describing purpose of element.1Section 5081194.22(a)b.1Identify all OBJECT Elements that have a multimedia MIME type as the type attribute value1Section 5081194.22(b)b.2Identify all OBJECT Elements that have a DATA attribute value with a multimedia file extension1Section 5081194.22(b)b.3Identify all EMBED elements that have a SRC attribute value with a multimedia file extension1Section 5081194.22(b)b.4Identify all links that have an HREF attribute value with a multimedia file extension1Section 5081194.22(b)b.5Identify all VIDEO or AUDIO Elements that have a track child element with KIND attribute values subtitles, captions or descriptions.1Section 5081194.22(b)b.6Identify all IFRAME elements that have a SRC attribute value with an external known webpage's video.1Section 5081194.22(b)c.1Ensure that all information conveyed with color is also available without color, for example from context or markup1Section 5081194.22(c)d.1Organize documents so they may be read without style sheets1Section 5081194.22(d)d.2Ensure Color and background color may be specified at any level in the cascade of preceding selectors, by external stylesheets or through inheritance rules for all elements.1Section 5081194.22(d)d.3Making the DOM order match the visual order1Section 5081194.22(d)e.1Locate any IMG element that contains the ISMAP attribute1Section 5081194.22(e)e.2No INPUT element should contain the USEMAP attribute1Section 5081194.22(e)f.1All AREA elements are required to have the ALT attribute1Section 5081194.22(f)f.2No IMG element should contain the ISMAP attribute1Section 5081194.22(f)f.3No INPUT element should contain the ISMAP attribute1Section 5081194.22(f)g.1For data tables, identify row and column headers1Section 5081194.22(g)h.1For data tables that have two or more logical levels of row or column headers, use markup to associate data cells and header cells1Section 5081194.22(h)i.1All IFRAME elements are required to contain element content1Section 5081194.22(i)i.2All FRAME elements are required to contain the title attribute1Section 5081194.22(i)i.3All FRAMESET elements will be checked for the NOFRAMES element1Section 5081194.22(i)j.1Pages are required not to contain the BLINK element1Section 5081194.22(j)j.2Until user agents allow users to control blinking, avoid causing content to blink1Section 5081194.22(j)k.1Check for a 'Text Only Version' link that provides equivalent access to a page1Section 5081194.22(k)l.1Verify information provided by scripts shall be identified with functional text that can be read by assistive technology.1Section 5081194.22(l)l.2When SCRIPT elements are used, the NOSCRIPT element is required in the page1Section 5081194.22(l)l.3Ensure that all anchor elements that use JavaScript in the link target describe purpose of the link through content or ALT attribute.1Section 5081194.22(l)m.1All pages that have links to files that require a special reader or plug-in are required to contain the specified text indicating a link to the reader or plug- in1Section 5081194.22(m)n.1Identify all LABEL elements used within FORM elements2Section 5081194.22(n)n.2All INPUT elements are required to contain the ALT or TITLE attribute, or use a LABEL2Section 5081194.22(n)n.3Associate labels explicitly with their controls (SELECT elements)2Section 5081194.22(n)n.4Associate labels explicitly with their controls (TEXTAREA elements)2Section 5081194.22(n)n.5Ensure that all LABEL 'FOR' attributes match another control2Section 5081194.22(n)n.6Ensure that Placeholder attribute should not be used as an alternative to a label for all input elements.2Section 5081194.22(n)n.7Ensure that all elements with role=application use either aria- labelledby or aria-describedby attribute.2Section 5081194.22(n)n.8Ensure that all elements with required attribute contains required, mandatory or * in content of label.1Section 5081194.22(n)n.9All elements which has role attribute checkbox or radio, set value of aria- checked either in HTML page or JavaScript.1Section 5081194.22(n)o.1Pages should contain a bookmark link to skip navigation1Section 5081194.22(o)p.1Pages are required not to use the META element with the HTTP-EQUIV attribute value 'refresh1Section 5081194.22(p)p.2Allow users to complete an activity without any time limit1Section 5081194.22(p)WCAG 2.0 & 2.1Accessibility 21Pointer Gestures. Ensure that content can be operated using simple inputs on a wide range of pointing devices.1WCAG 2.1 ACriterion 2.5.1Accessibility 21Pointer Cancellation. Prevent accidental or erroneous pointer input.1WCAG 2.1 ACriterion 2.5.2Accessibility 21For user interface components with labels that include text or images of text, the name contains the text that is presented visually.1WCAG 2.1 ACriterion 2.5.3Accessibility 21Functionality that relies on device or user motion has alternatives or can be disabled1WCAG 2.1 ACriterion 2.5.4Accessibility 21When character key shortcuts are available, they are scoped to an element that has focus, or can be disabled or remapped1WCAG 2.1 ACriterion 2.1.4Accessibility20 C12Accessibility21 Use percent, em, or named font size for font sizes2WCAG 2.0 AAWCAG 2.1 Criterion 1.4.4Accessibility20 C15Accessibility21Use CSS to change the presentation of a user interface component when it receives focus2Not AssignedAccessibility20 C17Accessibility21Scaling form elements which contain text2WCAG 2.0 AAWCAG 2.1Criterion 1.4.4Criterion 1.4.8Accessibility20 C27Accessibility21Making the DOM order match the visual order2WCAG 2.0 AWCAG 2.1Criterion 1.3.2Criterion 2.4.3Accessibility20 C30Accessibility21Using CSS to replace text with images of text and providing user interface controls to switch3WCAG 2.0 AAWCAG 2.1Criterion 1.4.5Criterion 1.4.9Accessibility20 F10Accessibility21Failure of Success Criterion 2.1.2 and Conformance Requirement 5 due to combining multiple content formats in a way that traps users inside one format type1WCAG 2.0 AWCAG 2.1Criterion 2.1.2Accessibility20 F14Accessibility21Failure of Success Criterion 1.3.3 due to identifying content only by its shape or location1WCAG 2.0 AWCAG 2.1Criterion 1.3.3Accessibility20 F24Accessibility21Failure of Success Criterion 1.4.3, 1.4.6 and 1.4.8 due to specifying foreground (text) colors without specifying background colors or vice versa2WCAG 2.0 AAWCAG 2.1Criterion 1.4.3Criterion 1.4.6Criterion 1.4.8Accessibility20 F3Accessibility21Failure of Success Criterion 1.1.1 due to using CSS to include images that convey important information1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 F30Accessibility21Failure of Success Criterion 1.1.1 and1.2.1 due to using text alternatives that are not alternatives.2WCAG 2.0 ACriterion 1.1.1Compliance Insight AccessibilityWCAG 2.1ImagesAccessibility20 F4Accessibility21Failure of Success Criterion 2.2.2 due to using text-decoration:blink without a mechanism to stop it in less than five seconds1WCAG 2.0 AWCAG 2.1Criterion 2.2.2Accessibility20 F66Accessibility21Failure of Success Criterion 3.2.3 due to presenting navigation links in a different relative order on different pages2WCAG 2.0 AAWCAG 2.1Criterion 3.2.3Accessibility20 F67Accessibility21Failure of Success Criterion 1.1.1 and1.2.1 due to providing long description for non-text content that does not serve the same purpose or does not present the same information2WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 F84Accessibility21Failure of Success Criterion 2.4.9 due to using a non-specific link such as "click here" or "more" without a mechanism to change the link text to specific text.2WCAG 2.0 AWCAG 2.1Criterion 2.4.9Accessibility20 G105Accessibility21Save data so that it can be used after a user re-authenticates3WCAG 2.0 AAAWCAG 2.1Criterion 2.2.5Accessibility20 G107Accessibility21Use "activate" rather than "focus" as a trigger for changes of context1WCAG 2.0 AWCAG 2.1Criterion 3.2.1Accessibility20 G130Accessibility21Provide descriptive headings2WCAG 2.0 AAWCAG 2.1Criterion 2.4.6Accessibility20 G134Accessibility21Validate Web pages1WCAG 2.0 AWCAG 2.1Criterion 4.1.1Accessibility20 G14Accessibility21Ensure that information conveyed by color differences is also available in text1WCAG 2.0 AWCAG 2.1Criterion 1.4.1Accessibility20 G141Accessibility21Organize a page using headings3WCAG 2.0 AAAWCAG 2.1Criterion 2.4.10Accessibility20 G144Accessibility21Ensuring that the Web Page contains another CAPTCHA serving the same purpose using a different modality2WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 G145Accessibility21Ensure that a contrast ratio of at least 3:1 exists between text (and images of text) and background behind the text2WCAG 2.0 AAWCAG 2.1Criterion 1.4.3Criterion 1.4.6Compliance Insight AccessibilityContrast RatioAccessibility20 G149Accessibility21Using user interface components that are highlighted by the user agent when they receive focus2WCAG 2.0 AAWCAG 2.1Criterion 2.4.7Accessibility20 G151Accessibility21Provide a link to a text transcript of a prepared statement or script if the script is followed3WCAG 2.0 AAAWCAG 2.1Criterion 1.2.9Accessibility20 G158Accessibility21Provide a full text transcript for the audio1WCAG 2.0 AWCAG 2.1Criterion 1.2.1Accessibility20 G159Accessibility21Provide a full text transcript of the video content1WCAG 2.0 AWCAG 2.1Criterion 1.2.1Criterion 1.2.8Accessibility20 G17Accessibility21Ensure that a contrast ratio of at least 7:1 exists between text (and images of text) and background behind the text3Compliance Insight AccessibilityContrast RatioWCAG 2.0 AAAWCAG 2.1Criterion 1.4.6Accessibility20 G18Accessibility21Ensuring that a contrast ratio of at least 4.5:1 exists between text (and images of text) and background behind the text3Compliance Insight AccessibilityContrast RatioWCAG 2.0 AAWCAG 2.1Criterion 1.4.3Criterion 1.4.6Accessibility20 G19Accessibility21Ensure that no component of the content flashes more than three times in any 1-second period3WCAG 2.0 AWCAG 2.1Criterion 2.3.1Criterion 2.3.2Accessibility20 G197Accessibility21Using labels, names, and text alternatives consistently for content that has the same functionality2WCAG 2.0 AAWCAG 2.1Criterion 3.2.4Accessibility20 G5Accessibility21Allow users to complete an activity without any time limit3WCAG 2.0 AAAWCAG 2.1Criterion 2.2.3Accessibility20 G54Accessibility21Include a sign language interpreter in the video stream3WCAG 2.0 AAAWCAG 2.1Criterion 1.2.6Accessibility20 G56Accessibility21Mix audio files so that non-speech sounds are at least 20 decibelslower than the speech audio content3WCAG 2.0 AAAWCAG 2.1Criterion 1.4.7Accessibility20 G60Accessibility21Ensure all autostart sounds turns off automatically within three seconds1WCAG 2.0 AWCAG 2.1Criterion 1.4.2Accessibility20 G62Accessibility21Provide a glossary3WCAG 2.0 AAAWCAG 2.1Criterion 3.1.3Criterion 3.1.4Criterion 3.1.6Accessibility20 G69Accessibility21Provide a full synchronized media text alternative including any interaction1WCAG 2.0 AWCAG 2.1Criterion 1.2.3Criterion 1.2.8Accessibility20 G71Accessibility21Provide a help link on every Web page3WCAG 2.0 AAAWCAG 2.1Criterion 3.3.5Accessibility20 G75Accessibility21Provide a mechanism to postpone any updating of content3WCAG 2.0 AAAWCAG 2.1Criterion 2.2.4Accessibility20 G78Accessibility21Provide a sound track that includes audio description2WCAG 2.0 AWCAG 2.1Criterion 1.2.3Criterion 1.2.5Accessibility20 G79Accessibility21Provide a spoken version of the text3WCAG 2.0 AAAWCAG 2.1Criterion 3.1.5Accessibility20 G8Accessibility21Create an extended audio description for the synchronized media content3WCAG 2.0 AWCAG 2.1Criterion 1.2.3Criterion 1.2.5Criterion 1.2.7Accessibility20 G83Accessibility21Provide text descriptions to identify required fields that were not completed2WCAG 2.0 AWCAG 2.1Criterion 3.3.1Accessibility20 G87Accessibility21Provide closed captions1WCAG 2.0 AWCAG 2.1Criterion 1.2.2Accessibility20 G89Accessibility21Provide expected data format and example3WCAG 2.0 AWCAG 2.1Criterion 3.3.2Criterion 3.3.5Accessibility20 G9Accessibility21Create captions for live synchronized media2WCAG 2.0 AAWCAG 2.1Criterion 1.2.4Accessibility20 G98Accessibility21Provide the ability for the user to review and correct answers before submitting2WCAG 2.0 AAWCAG 2.1Criterion 3.3.4Criterion 3.3.6Accessibility20 H2Accessibility21Combine adjacent image and text links for the same resource1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Criterion 2.4.9Accessibility20 H24Accessibility21Provide text alternatives for the area elements of image maps1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Criterion 2.4.4Criterion 2.4.9Accessibility20 H25Accessibility21Pages are required to use the TITLE element2WCAG 2.0 AWCAG 2.1Criterion 2.4.2Accessibility20 H27Accessibility21Provide text and non-text alternatives for object1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 H28Accessibility21Provide definitions for abbreviations by using the abbr and acronym elements3WCAG 2.0 AAAWCAG 2.1Criterion 3.1.4Accessibility20 H30Accessibility21Providing link text that describes the purpose of a link for anchor elements2WCAG 2.0 AWCAG 2.1Criterion 2.4.4Criterion 2.4.9Accessibility20 H32Accessibility21Provide submit buttons1WCAG 2.0 AWCAG 2.1Criterion 3.2.2Accessibility20 H33Accessibility21Supplement link text with the title attribute3WCAG 2.0 AWCAG 2.1Criterion 2.4.4Criterion 2.4.9Accessibility20 H35Accessibility21Provide text alternatives on applet elements1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 H36Accessibility21Use alt attributes on images used as submit buttons1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 H37Accessibility21Use alt attributes on img elements1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Compliance Insight AccessibilityImagesAccessibility20 H39Accessibility21Use caption elements to associate data table captions with data tables1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Compliance Insight AccessibilityTablesAccessibility20 H4Accessibility21Create a logical tab order through links, form controls, and objects1WCAG 2.0 AWCAG 2.1Criterion 2.4.3Accessibility20 H42Accessibility21Use h1-h6 to identify headings1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Accessibility20 H43Accessibility21Use id and headers attributes to associate data cells with header cells in data tables. Updated includes the addition of a new compiled checkpoint “Accessibility 12.4c”1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Compliance Insight AccessibilityTablesAccessibility20 H44Accessibility21Use label elements to associate text labels with form controls1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Criterion 1.3.1Criterion 3.3.2Criterion 4.1.2Compliance Insight AccessibilityLabelsAccessibility20 H45Accessibility21Use longdesc1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 H46Accessibility21When EMBED elements are used, the NOEMBED element is required in the page1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Criterion 1.2.8Accessibility20 H51 Accessibility20 H51Accessibility21Use table markup to present tabular information1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Use table markup to present tabular information1Compliance Insight AccessibilityTablesAccessibility20 H53Accessibility21Use the body of the object element1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Criterion 1.2.3Criterion 1.2.8Accessibility20 H56Accessibility21Use the dir attribute on an inline element to resolve problems with nested directional runs1WCAG 2.0 AWCAG 2.1Criterion 1.3.2Accessibility20 H57Accessibility21Use language attributes on the html element1WCAG 2.0 AWCAG 2.1Criterion 3.1.1Accessibility20 H58Accessibility21Use language attributes to identify changes in the human language2WCAG 2.0 AAWCAG 2.1Criterion 3.1.2Accessibility20 H59Accessibility21Use the link element and navigation tools3WCAG 2.0 AAWCAG 2.1Criterion 2.4.5Criterion 2.4.8Accessibility20 H60Accessibility21Use the link element to link to a glossary3WCAG 2.0 AAAWCAG 2.1Criterion 3.1.3Accessibility20 H63Accessibility21Use the scope attribute to associate header cells and data cells in data tables1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Accessibility20 H64Accessibility21Using the title attribute of the frame and iframe elements1WCAG 2.0 AWCAG 2.1Criterion 2.4.1Criterion 4.1.2Accessibility20 H65Accessibility21Use the title attribute to identify form controls when the label element cannot be used1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Criterion 1.3.1Criterion 3.3.2Criterion 4.1.2Compliance Insight AccessibilityLabelsAccessibility20 H67Accessibility21Use null alt text and no title attribute on img elements for images that AT should ignore1WCAG 2.0 AWCAG 2.1Criterion 1.1.1Accessibility20 H73Accessibility21Use the summary attribute of the table element to give an overview of data tables1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Accessibility20 H76Accessibility21Use meta refresh to create an instant client-side redirect (copy)3WCAG 2.0 AAAWCAG 2.1Criterion 3.2.5Accessibility20 H79Accessibility21Identifying the purpose of a link in a data table using the link text combined with its enclosing table cell and associated table header cells2WCAG 2.0 AWCAG 2.1Criterion 2.4.4Accessibility20 H83Accessibility21Use the target attribute to open a new window on user request and indicating this in link text3WCAG 2.0 AAAWCAG 2.1Criterion 3.2.5Accessibility20 H84Accessibility21Use a button with a select element to perform an action1WCAG 2.0 AWCAG 2.1Criterion 3.2.2Accessibility20 H85Accessibility21Use OPTGROUP to group OPTION elements inside a SELECT1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Accessibility20 H95Accessibility21Using the track element to provide captions1WCAG 2.0 AWCAG 2.1Criterion 1.2.2Accessibility20 H96Accessibility21Using the track element to provide audio descriptions1WCAG 2.0 AWCAG 2.1Criterion 1.2.1Accessibility20 H97Accessibility21Grouping related links using the nav element1WCAG 2.0 AWCAG 2.1Criterion 1.3.1Accessibility20 HS2Accessibility21Ensure images are not used instead of text except for specific cases2WCAG 2.0 AAWCAG 2.1Criterion 1.4.5Accessibility20 HS3Accessibility21Verification checkpoint for 1.4.62Accessibility20 HS4Accessibility21DEMO: Verifying compliant toolbar1WCAG 2.0 AWCAG 2.1Criterion 4.1.2Accessibility20 HS5Accessibility21All functionality of the content is operable through a keyboard interface without requiring specific timings for individual keystrokes.3WCAG 2.0 AAAWCAG 2.1Criterion 2.1.3Accessibility20 SCR1Accessibility21Allow the user to extend the default time limit1WCAG 2.0 AWCAG 2.1Criterion 2.2.1Accessibility20 SCR18Accessibility21Provide client-side validation and alert2WCAG 2.0 AWCAG 2.1Criterion 3.3.1Criterion 3.3.3Criterion 3.3.4Accessibility20 SCR2Accessibility21Using redundant keyboard and mouse event handlers1WCAG 2.0 AWCAG 2.1Criterion 2.1.1Accessibility20 SCR24Accessibility21Use the target attribute to open a new window on user request and indicating this in link text3WCAG 2.0 AAAWCAG 2.1Criterion 3.2.5WCAG 1.0Accessibility 1.1.1All IMG elements are required to contain either the ALT or LONGDESC attribute1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.1aAll IMG elements are required to contain either the ALT or LONGDESC attribute1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.2All INPUT elements are required to contain the ALT or TITLE attribute, or use a LABEL1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.3All OBJECT elements are required to contain element content1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.4All APPLET elements are required to contain both element content and the ALT attribute1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.5All FRAMESET elements will be checked for the NOFRAMES element1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.6All IFRAME elements are required to contain element content1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.7All AREA elements are required to have the ALT attribute1WCAG 1.0Guideline 1Priority 1Accessibility 1.1.8When EMBED elements are used, the NOEMBED element is required in the page1WCAG 1.0Guideline 1Priority 1Accessibility 1.2.1Locate any IMG element that contains the ISMAP attribute1WCAG 1.0Guideline 1Priority 1Accessibility 1.2.2Locate any INPUT element that contains the ISMAP attribute1WCAG 1.0Guideline 1Priority 1Accessibility 1.3Provide auditory description for multimedia presentations1WCAG 1.0Guideline 1Priority 1Accessibility 1.4.1Identify all OBJECT Elements that have a multimedia MIME type as the type attribute value1WCAG 1.0Guideline 1Priority 1Accessibility 1.4.2Identify all OBJECT Elements that have a DATA attribute value with a multimedia file extension1WCAG 1.0Guideline 1Priority 1Accessibility 1.4.3Identify all EMBED elements that have a SRC attribute value with a multimedia file extension1WCAG 1.0Guideline 1Priority 1Accessibility 1.4.4Identify all links that have an HREF attribute value with a multimedia file extension1WCAG 1.0Guideline 1Priority 1Accessibility 1.5Identify all MAP elements that use the AREA element3WCAG 1.0Guideline 1Priority 3Accessibility 2.1Ensure that all information conveyed with color is also available without color, for example from context or markup1WCAG 1.0Guideline 2Priority 1Accessibility 2.2Foreground and background color combinations provide sufficient contrast2WCAG 1.0Guideline 2Priority 2Accessibility 3.1Verify that elements do not need to be converted to an appropriate markup language2WCAG 1.0Guideline 3Priority 2Accessibility 3.2Pages are required to use the!DOCTYPE tag2WCAG 1.0Guideline 3Priority 2Accessibility 3.3.1Use style sheets to control layout and presentation2WCAG 1.0Guideline 3Priority 2Accessibility 3.3.2Identify the use of Bold and Italic elements within the page2WCAG 1.0Guideline 3Accessibility 3.4Identify use of absolute units within elements and/or style sheets2WCAG 1.0Guideline 3Priority 2Accessibility 3.5Use header elements to convey document structure and use them according to specification2WCAG 1.0Guideline 3Priority 2Accessibility 3.6Identify the use of List elements (DL, UL, OL) within the page2WCAG 1.0Guideline 3Priority 2Accessibility 3.7Identify the use of Quote and BLOCKQUOTE elements within the page2WCAG 1.0Guideline 3Priority 2Accessibility 4.1Clearly identify changes in the natural language of a page's text and any text equivalents (e.g. captions)1WCAG 1.0Guideline 4Priority 1Accessibility 4.2.1Identify the use of ABBR elements within the page3WCAG 1.0Guideline 4Priority 3Accessibility 4.2.2Identify the use of ACRONYM elements within the page3WCAG 1.0Guideline 4Priority 3Accessibility 4.3.1Pages are required to use the META element with the NAME attribute value 'language' in the Head section3WCAG 1.0Guideline 4Priority 3Accessibility 4.3.2Identify the primary language of the page by the LANG attribute of HTML element or server headers3WCAG 1.0Guideline 4Priority 3Accessibility 5.1For data tables, identify row and column headers1WCAG 1.0Guideline 5Priority 1Accessibility 5.2For data tables that have two or more logical levels of row or column headers, use markup to associate data cells and header cells1WCAG 1.0Guideline 5Priority 1Accessibility 5.3Identify all layout tables2WCAG 1.0Guideline 5Priority 2Accessibility 5.4If a TABLE is used for layout, do not use any structural markup2WCAG 1.0Guideline 5Priority 2Accessibility 5.5Provide summaries for tables3WCAG 1.0Guideline 5Priority 3Accessibility 5.6Provide abbreviations for header labels3WCAG 1.0Guideline 5Priority 3Accessibility 6.1Organize documents so they may be read without style sheets1WCAG 1.0Guideline 6Accessibility 6.2.1FRAME sources: Ensure that equivalents for dynamic content are updated when the dynamic content changes1WCAG 1.0Guideline 6Priority 1Accessibility 6.2.2Verify that equivalents of dynamic content are updated and available as often as the dynamic content1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.1If any anchor elements use JavaScript in the link target, a NOSCRIPT tag should also be present1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.2If any AREA elements use JavaScript in the link target, a NOSCRIPT tag should also be present1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.3If any elements use HTML event handlers, a NOSCRIPT tag should also be present1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.4When SCRIPT elements are used, the NOSCRIPT element is required in the page1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.5All OBJECT elements are required to contain element content1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.6All APPLET elements are required to contain both element content and the ALT attribute1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.7When EMBED elements are used, the NOEMBED element is required in the page1WCAG 1.0Guideline 6Priority 1Accessibility 6.3.8All pages that have links to files that require a special reader or plug-in are required to contain the specified text indicating a link to the reader or plug- in1WCAG 1.0Guideline 6Priority 1Accessibility 6.4Ensure that event handlers are input device-independent2WCAG 1.0Guideline 6Priority 2Accessibility 7.1Until user agents allow users to control flickering, avoid causing content to flicker2WCAG 1.0Guideline 7Priority 2Accessibility 7.2.1Pages are required not to contain the BLINK element1WCAG 1.0Guideline 7Priority 1Accessibility 7.2.2Until user agents allow users to control blinking, avoid causing content to blink2WCAG 1.0Guideline 7Priority 2Accessibility 7.3.1Pages are required not to contain the MARQUEE element1WCAG 1.0Guideline 7Priority 1Accessibility 7.3.2Until user agents allow users to freeze moving content, avoid movement in pages2WCAG 1.0Guideline 7Priority 2Accessibility 7.4.1Pages are required not to use the META element with the HTTP-EQUIV attribute value 'refresh2WCAG 1.0Guideline 7Priority 2Accessibility 7.5Do not use markup to redirect pages automatically2WCAG 1.0Guideline 7Priority 2Accessibility 8.1Make scripts and applets directly accessible or compatible with assistive technologies2WCAG 1.0Guideline 8Priority 2Accessibility 9.1.1No IMG element should contain the ISMAP attribute1WCAG 1.0Guideline 9Priority 1Accessibility 9.1.2No INPUT element should contain the ISMAP attribute1WCAG 1.0Guideline 9Priority 1Accessibility 9.2Element interface can be operated in a device-independent manner2WCAG 1.0Guideline 9Priority 2Accessibility 9.3Specify logical event handlers rather than device-dependent event handlers2WCAG 1.0Guideline 9Priority 2Accessibility 9.4.1All Anchor, AREA, BUTTON, INPUT, OBJECT, SELECT and TEXTAREAelements are required to use the TABINDEX attribute3WCAG 1.0Guideline 9Priority 3Accessibility 9.5.1Accesskey attribute is required in at least one of A, AREA, BUTTON, INPUT, LABEL, LEGEND, and TEXTAREAelements3WCAG 1.0Guideline 9Priority 3Accessibility 10.1.1Check A and AREA elements for valid TARGET attribute2WCAG 1.0Guideline 10Priority 2Accessibility 10.1.2Verify that scripts do not spawn new windows2WCAG 1.0Guideline 10Priority 2Accessibility 10.2Identify all LABEL elements used within FORM elements2WCAG 1.0Guideline 10Priority 2Accessibility 10.3Provide linear text alternative for all tables that lay out text3WCAG 1.0Guideline 10Priority 3Accessibility 10.4.1Include default, place-holding characters in edit boxes3WCAG 1.0Guideline 10Priority 3Accessibility 10.4.2Include default, place-holding characters in text areas (TEXTAREA)3WCAG 1.0Guideline 10Priority 3Accessibility 10.5All Anchor elements not surrounding images cannot be directly adjacent3WCAG 1.0Guideline 10Priority 3Accessibility 11.1Use W3C technologies when they are available and appropriate for a task2WCAG 1.0Guideline 11Priority 2Accessibility 11.2.1Identify the use of deprecated elements within the page2WCAG 1.0Guideline 11Priority 2Accessibility 11.2.2Identify the use of deprecated attributes within the page2WCAG 1.0Guideline 11Priority 2Accessibility 11.3Provide information to receive documents3WCAG 1.0Guideline 11Priority 3Accessibility 11.4.1Check for a 'Text Version' link within the page1WCAG 1.0Guideline 11Priority 1Accessibility 11.4.2Check for an 'Accessibility' link within the page1WCAG 1.0Guideline 11Priority 1Accessibility 12.1All FRAME elements are required to contain the title attribute1WCAG 1.0Guideline 12Priority 1Accessibility 12.2All FRAME elements are required to use the LONGDESC attribute2WCAG 1.0Guideline 12Priority 2Accessibility 12.3Divide large blocks of information into more manageable groups where natural and appropriate2WCAG 1.0Guideline 12Priority 2Accessibility 12.4.1Ensure that all LABEL 'FOR' attributes match another control2WCAG 1.0Guideline 12Priority 2Accessibility 12.4.2Associate labels explicitly with their controls (SELECT elements)2WCAG 1.0Guideline 12Priority 2Accessibility 12.4.3Associate labels explicitly with their controls (TEXTAREA elements)2WCAG 1.0Guideline 12Priority 2Accessibility 13.1.1Anchor elements are required not to use any of the defined link phrases in the link text2WCAG 1.0Guideline 13Priority 2Compliance Insight AccessibilityLinksAccessibility 13.1.2All Anchor elements are required not to use the same link text to refer to different resources2WCAG 1.0Guideline 13Priority 2Compliance Insight AccessibilityLinksAccessibility 13.2.1Pages are required to use the TITLE element2WCAG 1.0Guideline 13Priority 2Accessibility 13.2.2Provide metadata to add semantic information to pages and sites2WCAG 1.0Guideline 13Priority 2Accessibility 13.3Check for link to site map page within document2WCAG 1.0Guideline 13Priority 2Accessibility 13.4Use navigation mechanisms in a consistent manner2WCAG 1.0Guideline 13Priority 2Accessibility 13.5Provide navigation bars3WCAG 1.0Guideline 13Priority 3Accessibility 13.6Pages should contain a bookmark link to skip navigation3WCAG 1.0Guideline 13Priority 3Accessibility 13.7Provide different types of searches for search functions3WCAG 1.0Guideline 13Priority 3Accessibility 13.8Provide information at the beginning of headings, paragraphs, lists3WCAG 1.0Guideline 13Priority 3Accessibility 13.9Page collection information3WCAG 1.0Guideline 13Priority 3Accessibility 13.10Method to skip over multi-line ASCII art3WCAG 1.0Guideline 13Priority 3Accessibility 14.1Use the clearest and simplest language appropriate for a site's content1WCAG 1.0Guideline 14Priority 1Accessibility 14.2Graphic or auditory presentations for Text3WCAG 1.0Guideline 14Priority 3Accessibility 14.3Consistent presentation style3WCAG 1.0Guideline 14Priority 3AltQualityAltQuality 1.1Validate that the alt text does not use the word "Image”2AltText Quality ReportAltQuality 1.2Validate that the alt text does not contain the text: .jpg, .gif, .bmp, .jpeg2AltText Quality ReportAltQuality 1.6Validate that the alt text does not use the text "image”2AltText Quality ReportAltQuality 2.1Validate that Alternative Text is greater than 7 and less than 81 characters in length.2AltText Quality ReportAltQuality 2.2Validate that Alternative Text is not used to repeat words2AltText Quality ReportStatisticsStatistics 2.0Identify tables with summaries and captions1Accessibility StatisticsStatistics 5.1Identify forms with unlabeled controls1Accessibility StatisticsStatistics 5.2Identify forms not using TABINDEX attributes1Accessibility StatisticsStatistics 5.3Identify forms not using ACCESSKEY attributes1Accessibility StatisticsMobileMobile_ACCESS_KEYS.xcpAssign access keys to links in navigational menus and frequently accessed functionality. 2Mobile Web AccessibilityMobile_AVOID_FREE_TEXT.xcpAvoid free text entry where possible. 2Mobile Web AccessibilityMobile_BALANCE.xcpProvide a balance between having a large number of navigation links on a page and the need to navigate multiple links to reach content. 2Mobile Web AccessibilityMobile_CACHING.xcpProvide caching information in HTTP responses. 2Mobile Web AccessibilityMobile_DEFAULT_INPUT_MODE.xcpSpecify a default text entry mode, language and/or input format, if the device is known to support it. 2Mobile Web AccessibilityMobile_ENCODING_SUPPORT.xcpEnsure that content is encoded using a character encoding that is known to be supported by the device.2Mobile Web AccessibilityMobile_ERROR_MESSAGES.xcpProvide informative error messages and a means of navigating away from an error message back to useful information.2Mobile Web AccessibilityMobile_IMAGE_RESIZING.xcpResize images at the server, if they have an intrinsic size.2Mobile Web AccessibilityMobile_IMAGE_SPECIFY_SIZE.xcpSpecify the size of images in markup, if they have an intrinsic size.2Mobile Web AccessibilityMobile_LARGE_GRAPHICS.xcpDo not use images that cannot be rendered by the device. Avoid large or high resolution images except where critical information would otherwise be lost.2Mobile Web AccessibilityMobile_NO_FRAMES.xcpDo not use frames.2Mobile Web AccessibilityMobile_PROVIDE_DEFAULTS.xcpProvide pre-selected default values where possible.2Mobile Web AccessibilityMobile_SCROLLING.xcpLimit scrolling to one direction, unless secondary scrolling cannot be avoided.2Mobile Web AccessibilityMobile_TABLES_NESTED.xcpDo not use nested tables.2Mobile Web AccessibilityPrivacy ModuleCheckpointShort DescriptionPriorityGroupSubgroupPrivacy EMP1W2 Form2FIPPFIEmployment IndicatorsPrivacy EMP2Resume Indicator2FIPPFIEmployment IndicatorsPrivacy MnA1Mergers and Acquisitions Text Identifier2SOCMergers and AcquisitionsPrivacy MnA2Mergers and Acquisitions Content Terms2SOCMergers and AcquisitionsPrivacy MnA3Acquisition Company Identifier2SOCMergers and AcquisitionsPrivacy MnA4Due Diligence Identifier2SOCMergers and AcquisitionsPrivacy OMB M-10-22 1.0Ensure that pages that set 3rd party single session cookies include a link to an appropriate privacy policy link (Tier 1).1OMB M-10-22Tier 1Privacy OMB M-10-22 2.0Ensure that your privacy policy indicates Tier 1 Cookies are set.1OMB M-10-22Tier 1Privacy OMB M-10-22 3.0Ensure that pages not collecting PII that set 3rd party multi-session cookies have an appropriate Privacy Policy link (Tier 2).1OMB M-10-22Tier 2Privacy OMB M-10-22 4.0Ensure that your privacy policy indicates Tier 2 Cookies are set.1OMB M-10-22Tier 2Privacy OMB M-10-22 5.0Ensure that pages collecting PII that set 3rd party multi-session cookies have an opt-in option and Privacy Policy link (Tier 3).1OMB M-10-22Tier 3Privacy OMB M-10-22 6.0Ensure that your privacy policy indicates Tier 3 Cookies are set.1OMB M-10-22Tier 3Privacy P1Portfolio indicator2FIPPrivacy P1Portfolio indicator2PFIPortfolio IndicatorsPrivacy PF1Credit Card Indicator - AMEX2FIPPFICredit Card IndicatorsPrivacy PF10Bank Account Indicator - Suntrust2FIPPFIBank Account IndicatorsPrivacy PF11Bank Account Indicator - HSBC2FIPPFIBank Account IndicatorsPrivacy PF12Bank Account Indicator - Keybank2FIPPFIBank Account IndicatorsPrivacy PF13Bank Account Indicator - State Street2FIPPFIBank Account IndicatorsPrivacy PF14American Currency Indicator2FIPPFICurrency IndicatorsPrivacy PF15European Currency Indicator2FIPPFICurrency IndicatorsPrivacy PF16British Currency Indicator2FIPPFICurrency IndicatorsPrivacy PF17Japanese Currency Indicator2FIPPFICurrency IndicatorsPrivacy PF2Credit Card Indicator - Visa2FIPPFICredit Card IndicatorsPrivacy PF3Credit Card Indicator - MasterCard2FIPPFICredit Card IndicatorsPrivacy PF4Credit Card Indicator - Discover2FIPPrivacy PF4Credit Card Indicator - Discover2PFICredit Card IndicatorsPrivacy PF5Bank Account Indicator - Bank of America2FIPPFIBank Account IndicatorsPrivacy PF6Bank Account Indicator - Chase2FIPPFIBank Account IndicatorsPrivacy PF7Bank Account Indicator - Citigroup2FIPPFIBank Account IndicatorsPrivacy PF8Bank Account Indicator - Wachovia2FIPPFIBank Account IndicatorsPrivacy PF9Bank Account Indicator - Wells Fargo2FIPPFIBank Account IndicatorsPrivacy PH1Medical Terms1HIPAAHealth Information SecurityPHIMedical DiagnosisPrivacy PH2Medical Billing Terms1HIPAAHealth Information SecurityPHIMedical BillingPrivacy PH3Medical Provisions1HIPAAHealth Information SecurityPHIMedical ProvisionsPrivacy PO1Purchase Order Term Indicator2SOCPurchase Order IndicatorsPrivacy PO2Purchase Order Number Indicator2SOCPurchase Order IndicatorsPrivacy SOW1Statement of Work1SOCStatement of Work IdentifiersPrivacy SOW10Delivery schedule1SOCStatement of Work IdentifiersPrivacy SOW11Time and materials1SOCStatement of Work IdentifiersPrivacy SOW12Fixed Cost1SOCStatement of Work IdentifiersPrivacy SOW13Currency1SOCStatement of Work IdentifiersPrivacy SOW2Solicitation Number2SOCStatement of Work IdentifiersPrivacy SOW3NDA Short1SOCStatement of Work IdentifiersPrivacy SOW4NDA Full1SOCStatement of Work IdentifiersPrivacy SOW5Acceptance and authorization1SOCStatement of Work IdentifiersPrivacy SOW6Payment terms1SOCStatement of Work IdentifiersPrivacy SOW7Professional services agreement1SOCStatement of Work IdentifiersPrivacy SOW8Project name1SOCStatement of Work IdentifiersPrivacy SOW9Client name1SOCStatement of Work IdentifiersPrivacy WT1Find IMG SRC Beacon URL1Web TrackingBeaconsPrivacy WT10NAI Non-Compliant Third Party Tracker1Web TrackingNetwork Advertising Initiative CompliancePrivacy WT11NAI Compliant Third Party TrackerWeb TrackingNetwork Advertising Initiative CompliancePrivacy WT2Find SCRIPT SRC Beacon URL1Web TrackingBeaconsPrivacy WT3Find IFRAME SRC Beacon URL1Web TrackingBeaconsPrivacy WT4Find JavaScript Source Text Beacon URL1Web TrackingBeaconsPrivacy WT5OBA Tag Search - Red List2Web TrackingBeaconsPrivacy WT6OBA Tag Search - Yellow List2Web TrackingBeaconsPrivacy WT7OBA Tag Search - Green List2Web TrackingBeaconsPrivacy WT8OBA Tag Search - Google Analytics2Web TrackingBeaconsPrivacy WT9OBA Tag Search - Sharethis2Web TrackingBeaconsPrivacy 1.1Identify pages that do not contain a privacy policy link2HIPAAOpenness, Transparency and Individual ChoicePrivacyPolicy ComplianceWeb PrivacyPrivacy 1.2Validate that pages with forms also have a privacy policy link2HIPAAOpenness, Transparency and Individual ChoicePrivacyPolicy ComplianceWeb PrivacyPrivacy 1.2.1Validate that pages with forms collecting personally identifiable information have a privacy policy link1HIPAAOpenness, Transparency and Individual ChoicePrivacyPolicy ComplianceWeb PrivacyPrivacy 1.3Validate that pages with mailto links also have a privacy policy link1HIPAAOpenness, Transparency and Individual ChoicePrivacyPolicy ComplianceWeb PrivacyPrivacy 1.4Validate all pages have a link to the P3P policy reference file2PrivacyP3P UsageWeb PrivacyPrivacy 1.5Validate that P3P policy reference file exists in the root of the tested page's site1PrivacyP3P UsageWeb PrivacyPrivacy 1.6Identify that the server is setting HTTP P3P2PrivacyP3P UsageWeb PrivacyPrivacy 2.1Identify pages that use forms3HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 2.2Identify pages that use forms with GET method2HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 2.2.1Identify pages that use forms collecting personally identifiable information with a GET method2HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 2.3Identify INPUT elements on a page3HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 2.4Identify TEXTAREA elements on a page3HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 2.5Identify SELECT elements on a page3HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 3.1Identify possible image element web beacons2PrivacyVisitor TrackingWeb PrivacyPrivacy 3.2Identify image input element web beacons2PrivacyVisitor TrackingWeb PrivacyPrivacy 4.1Identify all pages that set cookies3PrivacyVisitor TrackingWeb PrivacyWeb TrackingCookiesPrivacy 4.1aValidate that no 3rd party cookies are set1Web PrivacyWeb TrackingCookiesPrivacy 4.1bValidate that all cookies are session cookies (no expiry date).2PrivacyVisitor TrackingWeb PrivacyWeb TrackingCookiesPrivacy 4.2Identify all pages with JavaScript that accesses or modifies cookies2PrivacyVisitor TrackingWeb PrivacyWeb TrackingCookiesPrivacy 4.3Identify all input elements with an ONCLICK event that access or modify cookies2PrivacyVisitor TrackingWeb PrivacyWeb TrackingCookiesPrivacy 4.4Identify all pages with an ONLOAD event that access or modify cookies2PrivacyVisitor TrackingWeb PrivacyWeb TrackingCookiesPrivacy 5.1Identify External Links2Privacy3rd Party LinkingWeb PrivacyPrivacy 7.1Validate that forms collecting personally identifiable information are secure1HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 7.1.1Identify pages that use non-secure forms1HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 7.2Identify forms that are collecting personally identifiable information2HIPAACollection, Use and Disclosure Limitations and ProtectionsPrivacyData CollectionSecure methods for data collectionWeb PrivacyPrivacy 7.3Validate that pages with forms also have an opt-out link3HIPAAOpenness, Transparency and Individual ChoicePrivacyPolicy ComplianceWeb PrivacyPrivacy 7.3.1Validate that forms collecting personally identifiable information also have an opt-out link2HIPAAOpenness, Transparency and Individual ChoicePrivacyPolicy ComplianceWeb PrivacyPrivacy 7.4Validate that pages with mailto links also have an opt-out link2HIPAAOpenness, Transparency and Individual ChoicePrivacyPolicy ComplianceWeb PrivacyPrivacy 8.1Identify possible inclusion of Social Security numbers on a page1COPPAGeneral PrivacyHIPAACollection, Use and Disclosure Limitations and ProtectionsHIPAAHealth Information SecurityPIISocial Security Number IndicatorsPrivacyData CollectionPrivacyPIIPrivacy 8.2Identify possible inclusion of Credit Card numbers on a page1General PrivacyHIPAACollection, Use and Disclosure Limitations and ProtectionsHIPAAHealth Information SecurityPHIMedical BillingPIICredit Card IndicatorsPrivacyData CollectionPrivacyPIIPrivacy 9.1Name2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIName IndicatorsPrivacy 9.2Gender2Privacy 9.3Email Address2COPPAPrivacy 9.4Veteran Status2Privacy 9.5Family Relationship Information2Privacy 9.6Physical Address (US)2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIGeography IndicatorsPrivacyPIIPrivacy 9.7Citizenship Status2Privacy 9.8Telephone Number (US)2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIName IndicatorsPrivacyPIIPrivacy 9.9Criminal History2Privacy 9.10Birth Date2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIAge IndicatorsPIIDate IndicatorsPrivacy 9.11Professional Licenses2Privacy 9.12Marital Status2Privacy 9.13Social Security Number (US)1Privacy 9.14Social Insurance Number (Canada)2Privacy 9.15National ID Card Number2Privacy 9.16Issuing Country2Privacy 9.17Driver’s License Number2Privacy 9.18Passport Number2Privacy 9.19Financial Information2Privacy 9.20IP Address2Privacy 9.21Zip Code (US)2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIGeography IndicatorsPrivacy 9.22Age2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIAge IndicatorsPrivacy 9.23Race2Privacy 9.24Email Text2COPPAGeneral PrivacyPIIEmail IndicatorsPrivacy 9.25Last Name2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIName IndicatorsPrivacy 9.26First Name2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIName IndicatorsPrivacy 9.27Middle Name or Initial2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIName IndicatorsPIIEmail IndicatorsPrivacyPIIPrivacy 9.28Date of Admission2Privacy 9.29Date of Discharge2Privacy 9.30Date of Death2General PrivacyPIIDate IndicatorsPrivacy 9.38Month2General PrivacyPIIDate IndicatorsPrivacy 9.39Day of Week2General PrivacyPIIDate IndicatorsPrivacy 9.40Date Format Month Day Year2General PrivacyPIIDate IndicatorsPrivacy 9.41Date Format Day Month Year2General PrivacyPIIDate IndicatorsPrivacy 9.42Social Security Number Text1COPPAGeneral PrivacyHIPAAHealth Information SecurityPIISocial Security Number IndicatorsPrivacy 9.43US State Text2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIGeography IndicatorsPrivacy 9.44US State Abbreviation Text2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIGeography IndicatorsPrivacy 9.45ID Badge Number2COPPAGeneral PrivacyHIPAAHealth Information SecurityPIICustom Number, Characteristic, and/or Code IndicatorsPrivacy 9.46Date Format mm-dd-yyyy2Privacy 9.47Date Format dd-mm-yyyy2Privacy 9.48Date Format dd-mm-yyyy or mm-dd- yyyy2Privacy 9.49Phone Number Text1COPPAGeneral PrivacyHIPAAHealth Information SecurityPIIName IndicatorsPrivacy 9.50Zip Code (US)2SiteQuality/SEO ModuleCheckpointShort DescriptionPriorityGroupSubgroupSiteQuality 1.0Validate all links1Compliance Insight Site QualityHIPAAData Quality, Integrity and CorrectionSite QualityLink ValidationSite QualityOffensive ContentSiteQuality 2.0Verify that page is available1Compliance Insight Site QualityHIPAAData Quality, Integrity and CorrectionSite QualityPage Load TimeSiteQuality 3.0Verify that page has not changed1SiteQuality 4.0Verify that no resources on page have changed1SiteQuality 5.0Verify that page has no spelling errors1Compliance Insight Site QualityHIPAAData Quality, Integrity and CorrectionSite QualitySpell CheckSiteQuality 6.0Verify that page does not contain any offensive words1Compliance Insight Site QualityHIPAAData Quality, Integrity and CorrectionSEO 1.1Validate minimum keywords length1SEOSEO 1.2Validate maximum keywords length1SEOSEO 2.1Validate minimum description length1SEOSEO 2.2Validate maximum description length1SEOSEO 3.1Validate that author tag is used1SEOSEO 4.1Validate that http-equiv="keywords" meta tag is NOT used1SEOSEO 4.2Validate that http-equiv="description" meta tag is NOT used1SEOSEO 4.3Validate that http-equiv="refresh" meta tag is NOT used1SEOSEO 4.4Validate that image alt text for images is being used properly1SEOSEO 4.5Validate keyword tag is not being used incorrectly1Compliance Insight SEOKeywordsSEO 4.5Validate keyword tag is not being used incorrectly1SEOSEO 4.6Validate the description tag is not being incorrectly1Compliance Insight SEODescriptionSEO 4.6Validate the description tag is not being incorrectly1SEOSEO 5.1Validate that title element exists and that it has valid content1Compliance Insight SEOTitleSEO 5.1Validate that title element exists and that it has valid content1SEOSEO 6.1Verify Page Has Google Analytics Script1Compliance Insight SEOAnalyticsSEO 6.2Verify Page Has Correct Tracking Code1Compliance Insight SEOAnalyticsOpSec ModuleCheckpointShort DescriptionPriorityGroupSubgroupOpSec 1.1Identify if there is a website purpose statement link1Operational SecurityOpSec 1.2Verify that all pages have a title, enabling title searching1Operational SecurityOpSec 2.1Privacy Policy Notice1Operational SecurityOpSec 2.2Security Practices/Policy Notice1Operational SecurityOpSec 3.1External Link Disclaimer1Operational SecurityOpSec 3.2Identify External Links1Operational SecurityOpSec 4.1All Web Pages should be free of third party content or advertising1Operational SecurityOpSec 4.2All Web Pages should be free of third party content or advertising - Links1Operational SecurityOpSec 5.1Operational Information - Lessons Learned Audit1Operational SecurityOpSec 5.2Operational Information - Military Information Audit1Operational SecurityOpSec 5.3Operational Information - Social Security Audit1Operational SecurityOpSec 5.4Operational Information - Date of Birth Audit1Operational SecurityOpSec 5.5Operational Information - Address Audit1Operational SecurityOpSec 5.6Operational Information - Telephone number Audit1Operational SecurityOpSec 6.1Technology Data - Schematic Audit1Operational SecurityOpSec 6.2Technology Data - Diagrams Audit1Operational SecurityOpSec 6.3Technology Data - Frequency Audit1Operational SecurityOpSec 7.1Relevant Information - Deployment Schedule Audit1Operational SecurityOpSec 7.2Relevant Information - Exercise Plan Audit1Operational SecurityOpSec 7.3Relevant Information - Contingency Plans Audit1Operational SecurityOpSec 7.4Relevant Information - Training Plans Audit1Operational SecurityOpSec 7.5Relevant Information - Inspection Results Audit1Operational SecurityOpSec 7.6Relevant Information - Biographies Audit1Operational SecurityOpSec 7.7Relevant Information - Family Support Activities Audit1Operational SecurityOpSec 7.8Relevant Information - Phone Directories Audit1Operational SecurityOpSec 8.1Confidential Information1Compliance Insight - Data SecurityOpSec 8.2Copywritten Information1Compliance Insight - Data SecurityOpSec 8.3Copyright Symbol1Compliance Insight - Data SecurityOpSec 8.4Salary Information1Compliance Insight - Data SecurityOpSec 8.5Password Information1Compliance Insight - Data SecurityOpSec 8.6Confidential Keywords1Compliance Insight - Data SecurityCompiled checkpointsCompiled checkpoints are programs built into the main library (HISCLIB.DLL) used by Compliance Sheriff’s scanning engine.These programs are created to deliver complex checks that cannot be easily performed using X-path or regular expressions in checkpoint definitions.The compiled checkpoint is activated within a normal checkpoint (using the function “IfPagePassesCompiledCheck”) with its result (pass/fail) being used to determine the overall result of a checkpoint.For example, the definition for the checkpoint: Accessibility 12.4.1:76454011811000The table below lists the compiled accessibility checkpoints in Compliance Sheriff.Note. Unless noted in the Short Description, the name of the compiled checkpoint is the Checkpoint where it is currently piled CheckpointShort DescriptionPriorityGroupSubgroupAccessibility 12.4aChecks that the FOR attribute for each LABEL element, if it exists, matches the ID of a control on the page.Used in checkpoint Accessibility 12.4.12WCAG 1.0Guideline 12Priority 2Accessibility 12.4bChecks that no two controls (INPUT, SELECT and TEXTAREA elements) share the same ID.Used in checkpoint Accessibility 12.4.12WCAG 1.0Guideline 12Priority 2Accessibility 12.4cLook for headers (TD/TH element) and if headers are available try to find the id’s associated to header in TH element.New compiled checkpoint that is added into the existing WCAG 2.0 checkpoint Accessibility20 H43.1WCAG 2.0 ACriterion 1.3.1Compliance Insight AccessibilityTablesAccessibility 13.1.2Checks that no two links that point to different resources use the same link text. All Anchor elements are required not to use the same link text to refer to different resources.2WCAG 1.0Guideline 13Priority 2Compliance Insight AccessibilityLinksAccessibility 3.5Checks that heading elements are used correctly, i.e. that no levels are skipped, and that first header on page is highest level.Use header elements to convey document structure and use them according to specification2WCAG 1.0Guideline 3Priority 2Accessibility20 G145Ensure that a contrast ratio of at least 3:1 exists between text (and images of text) and background behind the text.The objective of this technique is to make sure that users can read text that is presented over a background. This technique relaxes the 5:1 contrast ratio requirement for text that is at least 18 point (if not bold) or at least 14 point (if bold).2WCAG 2.0 AACriterion 1.4.3Criterion 1.4.6Compliance Insight AccessibilityContrast RatioAccessibility20 G17Ensure that a contrast ratio of at least 7:1 exists between text (and images of text) and background behind the textThe objective of this technique is to make sure that users can read text that is presented over a background. This technique goes beyond the 5:1 contrast technique to provide a higher level of contrast to make it easier for people with low vision to read.3Compliance Insight AccessibilityContrast RatioWCAG 2.0 AAACriterion 1.4.6Accessibility20 G18Ensuring that a contrast ratio of at least 4.5:1 exists between text (and images of text) and background behind the text.The objective of this technique is to make sure that users can read text that is presented over a background. For Success Criterion 1.4.3, this technique describes the minimum contrast ratio for text that is less than 18 point (if not bold) and less than 14 point (if bold). For Success Criterion 1.4.5, this technique relaxes the 7:1 contrast ratio requirement for text that is at least 18 point (if not bold) or at least 14 point (if bold).If the background is a solid color (or all black or all white) then the relative luminance of the text can be maintained by making sure that each of the text letters have 4.5:1 contrast ratio with the background.3Compliance Insight AccessibilityContrast RatioWCAG 2.0 AACriterion 1.4.3Criterion 1.4.6Accessibility20 H2Combine adjacent image and text links for the same resourceThis objective of this technique is to avoid unnecessary duplication that occurs when adjacent text and iconic versions of a link are contained in a document.1WCAG 2.0 ACriterion 1.1.1Criterion 2.4.9Mobile IMAGES_RESIZINGResize images at the server, if they have an intrinsic size.Images such as bitmaps have an intrinsic size. Telling the browser in advance what the size is avoids it having to re-flow the page when it receives it. Resizing images at the server reduces the amount of data transferred and the amount of processing the device has to carry out to scale the image.2Mobile Web Accessibility ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download