Background
As accessibility auditors, Access2online comes across websites, online applications & documents needlessly purchased as inaccessible deliverables. Our experience is primarily in the public sector, but we've seen much the same in the private sector. The defect is built into the procurement process where the RFP requirements call for little more than that the deliverable must be accessible. Sometimes the requirements call out for compliance to the WCAG 2.0 standard, to Title II of the ADA, or to Section 508 of the Rehabilitation Act (federal).
The problem is that those standards and regulations are open to subjective interpretation, with vendors required to simply state that they are compliant in their opinion. Later, sometimes much later, the DoJ or the Office of Civil Rights darkens the door of such an agency with a judicial complaint and their interpretation of the above standards. Unfortunately, their interpretation holds the weight of administrative law. It is also a rather logical, well-considered, and practical interpretation -- hence pointless to challenge.
If the vendor is still around, they can point out that the agency was on the hook as part of their acceptance testing to counter the vendor's claim of accessibility, which the agency didn't do, typically because they had neither the experience nor credentials to take a stand. Also, the vendor can claim that their accessible deliverable was compromised by inaccessible staff content that was added after delivery.
The federal Office of Accessible Systems and Technology (OAST) launched the Trusted Tester Program to try to address this with certified Trusted Testers trained and able to make the compliance determination in line with the enforcement folks, but there are no regulations (FAR or otherwise) requiring the oversight of Trusted Testers or anyone else. The International Association of Accessibility Professionals (IAAP) established their Website Accessibility Specialist (WAS) certification for much the same purpose, but online accessibility is so new that agencies remain unclear how to bring such oversight into their RFPs.
When online security is important in a deliverable, agency RFPs routinely include a third-party audit as part of their acceptance criteria, with failure conditions clear enough that the vendor knows how to pass. Likewise, financial audits are routine.
The Initiative
This is a collaborative page to develop content to be integrated into agency RFPs (simple clip-and-paste) to assure that websites and online applications will be delivered in compliance to Title II of the ADA or Section 508 of the Rehabilitation Act.
This RFP boilerplate will be free to use and as vendor agnostic as can be made, particularly since third-party auditors would be involved. For that reason, we would prefer the leadership role in this initiative to pass to an organization without a vested interest, with Access2online and anyone like us contributing.
Boilerplate Draft
The website or online application to be delivered under this RFP must comply to Title II of the Americans with Disabilities Act (or Section 508 of the Rehabilitation Act). Agency acceptance testing will therefore include an accessibility audit by either staff or a third-party auditor with Trusted Testers certified by the Office of Accessible Systems and Technology and/or Web Accessibility Specialists certified by the International Association of Accessibility Professionals, auditors with at least two years of experience.
Vendor will receive full contact information to the accessibility auditor immediately after contract award. Vendor will be encouraged to communicate with the auditor throughout their development process at the vendor's discretion, such communication to include reviewing requirement documents, mockups, wireframe designs, integrated outside components, and any user interfaces subject to accessibility requirements. The auditor will supply vendor with all details regarding the acceptance audit to be performed against the WCAG 2.1 standard to a level AA rating (or a passing grade against the Section 508 standard), including written test procedures, sample violation spreadsheet, and documents containing the type of remediation suggestions to expect.
Vendor will not be charged for any predelivery interactions with the auditor related to this deliverable. This is to encourage passing of the acceptance audit on the first try. If the vendor doesn't pass the initial acceptance audit, vendor will hire the auditor at vendor's expense to reaudit their deliverable as often as necessary to meet the above acceptance criteria. Alternatively, vendor may submit a protest report to the agency detailing their exceptions to the auditor's violations. The agency may accept such a protest report in lieu of passing the audit at the agency's sole discretion.
Questions & Answers
Q1: Should we include words about how the agency selects the accessibility auditor(s)?
The first paragraph covers the essentials. A great many other considerations should come into play. Access2online prepared a somewhat self-serving Services Comparison Checklist similar to what other vendors use. A quick review of that should show such a comparison to be a complex and subjective decision beyond the scope of what we hope to accomplish here. Note that the first paragraph leaves open, rather encourages, the agency to build such auditing capabilities in-house.
Q2: Should we include words about what accessibility constitutes acceptance criteria?
The few tips we've seen in RFPs give the impression to both vendors and procurement officials that complying to such tips completes the acceptance criteria. This is misleading. The Trusted Tester Program, for example, takes about 6 months to complete with a one-week final the student is expected to pass with a 90% or higher showing a detailed mastery of the 81 specific failure conditions and their testing methodology. Including any semblance of that in an RFP would be unrealistic.