Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Section 508 market research v2 (2016 03-01)
1. Section 508 Trade-Space Research
Exploring categories of products and the space
U.S. Department of Labor/OASAM/OCIO
Software Development/IT Engineering (SD/ITE) Team/AEG
1 March 2016
2. Outline
• Overview
• Products Reviewed
• Evaluation Method
• Evaluation Criteria
• Pricing Model Research
• Evaluation Results Summary
• Next Steps
1
3. Overview
• Section 508 testing has confused a lot of agencies with the distinction
between Inclusive Design and Web Content Accessibility Guidelines
(WCAG) standards
• Section 508 Standards are changing
- WCAG 1.0 vs 2.0
- Current NPRM with US Access Board
• Section 508 Tools Fall into 2 primary categories:
- Category 1: Testing Tools
- Category 2: Remediation Tools
2
4. CIO/OCIO Roles and Responsibilities
• OMB’s Strategic Plan for improving management of Section 508 of the Rehabilitation Act
requires that Head of agencies ensure that individuals involved in acquisition planning and
requirements generation specify needs, develop plans, specifications, etc. that address ICT
accessibility using standards issued in 36 CFR part 1194. Agency Chief Information Officer
(CIO)’s role and responsibilities as outlined by the OMB’s Strategic Plan include:
- Establish the agency Section 508 program, provide leadership of the program, and appoint the agency
Section 508 coordinator/manager.
- Ensure Section 508 accessibility considerations are incorporated into the planning, operation, and
management of any EIT that is developed, used, or maintained by the agency.
- In collaboration with agency CAO, ensure Section 508 is considered in EIT procured by the agency.
• CIO office staff may need to determine the current technical requirements for IT systems.
They may also need to participate in Section 508 testing, compliance monitoring, measurement,
and disclosure activities.
• CIO office may coordinate with the Requiring Official to:
- Identify applicability and accessibility technical requirements
- Determine testing, inspection and acceptance criteria for deliverables
- Determine proposal evaluation factors
- Participate in technical evaluation of proposal
• The CIO office may also coordinate with IT Testing/Specialists to conduct delivery inspection,
testing and acceptance
3
6. Evaluation Criteria
• Factor 1: Website WCAG Testing
- Ease of Use
- WCAG 2.0 Compliant
- Continuous Monitoring
- Client Side Code Scanning
- Full Site Scanning
- Mobility
• Factor 2: Website WCAG Remediation
- Remediate WCAG 2.0 HTML Issues for specific products
- Remediate WCAG 2.0 HTML Issues for any website by scripting
- Remediate WCAG 2.0 HTML Issues for any website without scripting
- Remediate WCAG 2.0 Mobile Responsive HTML Issues for any responsive website
• Factor Rating
- Each factor is ranked 1-3:
o 1) Very weak
o 2) Acceptable
o 3) Market Leader
• Cost Model
- Wherever possible, gather cost model information as related to component and functional breakdown to gather as
much information as possible for future project decision making by the Government.
5
7. Discover Technologies
6
• Three (3) Main Products:
- Accessible Smart Forms
o Accessible Forms within
SharePoint
- Discover Access
o Configure a 508 Compliant
SharePoint
- Discover Accessibility Scanner
o Code scanning tool
Feature Rating Notes
508 Testing Features
WCAG 2.0 Compliant 3
Ease of Use 2 Forms are reported to be easy,
SharePoint more complex
Continuous Monitoring 1.5 Continuous monitoring can be
setup but not native feature
Client Side Code Scanning 1 Minor
Full Site Scanning 1.5 Can scan SharePoint sites
Mobile Site Scanning N/A
Feature Rating Notes
508 Remediation Features
Specific Product Remediation 3 Specific products and features based on MS SharePoint
Scriptable Remediation N/A
Codeless Remediation 2 Configuration based (codeless) remediation for SharePoint
HTML 5 Remediation N/A
9. User1st Accessibility Suite
8
Feature Rating Notes
508 Testing Features
WCAG 2.0 Compliant 3
Ease of Use 2 Requires training for User1st Editor
Continuous Monitoring 3 Cloud based monitoring
Client Side Code Scanning 3
Full Site Scanning 2 Requires integration with test automation
frameworks like Selenium or HP Quality
Center
Mobile Site Scanning 3 Only responsive Mobile Site Scanner on the
market today
Feature Rating Notes
508 Remediation Features
Specific Product Remediation 2 Can remediate any HTML Based site, product specific templates available.
Scriptable Remediation 3 User1st offers script API for when code less remediation is not possible.
Codeless Remediation 3 User1st Editor allows codeless remediation
HTML 5 Remediation 3 User1st Mobile Editor available for HTML5 remediation
• 1 Suite – Three (3) Main
Products:
- User1st Detector
o Code Scanning Tool
- User1st Editor
o Wizard Driven Remediation
Tool
- User1st Front End
o Dynamic End User
Remediation
11. Compliance Sherriff
10
Feature Rating Notes
508 Testing Features
WCAG 2.0 Compliant 3
Ease of Use 2 Requires training to install server
Continuous Monitoring 3 Only available in server edition
Client Side Code Scanning 1 Scanning server side only
Full Site Scanning 2.5 Only available in server edition
Mobile Site Scanning 2 New mobile features still maturing
Feature Rating Notes
508 Remediation Features
Specific Product Remediation N/A No Remediation Features.
Scriptable Remediation N/A No Remediation Features.
Codeless Remediation N/A No Remediation Features.
HTML 5 Remediation N/A No Remediation Features.
• 1 Product: Compliance
Sherriff
• Focus on Website Overall
Legal Compliance (FISMA,
508, PII, etc)
13. Evaluation Method
• Research
- Leverage industry documents (Gartner and Forester) as well as industry
forums (blogs, lawsuits, etc).
- Product documentation (configuration guides, deployment guides, community
support forums)
• Informal Outreach
- Georgia Tech (User1st)
- FAA (Compliance Sherriff)
- Vendor (Discover Tech)
• Document and Demonstrate
- Tradespace
12
14. Cost Model
13
Product Model Notes
Discover 508 Site + Users Perpetual
CryptZone Per Core Perpetual Subscription available on
request
User1st Per User Traffic
Subscription
Perpetual Available for ELA
15. Evaluation Results Summary
14
• User1st
- Pro: Cost Effective, only codeless remediation tool on market, only complete
client side detector on market, only available cloud based tool on market for
remediation
- Con: No Fed-Ramp Certification for Cloud version.
• Discover 508
- Pro: Very complete solution for MS SharePoint.
- Con: Focus on SharePoint would prevent use on other application models.
• Compliance Sherriff
- Pro: Expansible tool for many compliance needs. Good full site scanner
- Con: Partial solution for testing (server side only). No remediation
functionality.