ITAC-10

Do you have documentation to support the accessibility features of your solution?

Explanation

This question is asking whether your organization provides documentation that explains the accessibility features of your solution and how to use them. Accessibility features are those that make your product usable by people with disabilities, including visual, auditory, physical, speech, cognitive, language, learning, and neurological disabilities. Why this is asked in a security assessment: 1. Regulatory compliance: Many organizations must comply with accessibility laws like the Americans with Disabilities Act (ADA), Section 508 of the Rehabilitation Act, or similar international standards. 2. Risk management: Lack of accessibility documentation can create legal and reputational risks. 3. Inclusivity: Security frameworks increasingly recognize that secure systems must be usable by all potential users, including those with disabilities. The guidance specifically asks whether you provide instructions for both administrators and end users on how to configure and use accessibility features. This might include how to enable screen reader compatibility, keyboard navigation, color contrast settings, caption features, etc. To best answer this question: 1. Identify all accessibility documentation you have 2. Specify where this documentation is available (user guides, admin portals, websites) 3. Mention any specific accessibility standards you follow (WCAG 2.1, Section 508, etc.) 4. Describe how the documentation addresses both admin configuration and end-user usage 5. If you have accessibility testing reports or certifications, mention those as well

Guidance

If specific configurations, settings, themes, author guides, or instructions are needed to ensure accessibility, are instructions on how to do so provided for administrators and end users?

Example Responses

Example Response 1

Yes, our solution includes comprehensive accessibility documentation We maintain a dedicated accessibility guide that covers all features designed for users with disabilities This documentation includes: (1) An administrator guide explaining how to configure high-contrast themes, enable keyboard navigation shortcuts, and set up screen reader compatibility; (2) An end-user manual with instructions for using keyboard shortcuts, voice commands, and adjusting font sizes; (3) Video tutorials with captions demonstrating accessibility features All documentation is available in our online knowledge base, and we provide PDF versions that are optimized for screen readers Our solution is regularly tested for WCAG 2.1 AA compliance, and the test results are included in our documentation.

Example Response 2

Yes, we provide extensive accessibility documentation for our solution Our product was designed with WCAG 2.1 AA standards in mind, and we maintain detailed documentation on our accessibility portal (access.ourproduct.com) For administrators, we provide configuration guides for enabling accessibility features across the organization, including instructions for setting default accessibility profiles, enabling third-party assistive technology integrations, and configuring authentication methods that support various accessibility needs For end users, we offer an in-application help section dedicated to accessibility, covering topics such as keyboard navigation, screen reader usage, voice control options, and display customization We also conduct quarterly accessibility webinars where we demonstrate these features and answer questions from users.

Example Response 3

No, we currently do not have comprehensive documentation specifically focused on accessibility features While our product does have some basic accessibility capabilities like keyboard shortcuts and the ability to resize text, we have not developed dedicated guides for administrators or end users on how to configure or use these features We recognize this is a gap in our documentation and are planning to develop accessibility guides in the next quarter In the meantime, our general user manual does briefly mention some accessibility features, but it lacks detailed instructions for configuration and usage We are currently working with an accessibility consultant to improve both our product's accessibility and the supporting documentation.

Context

Tab
IT Accessibility
Category
IT Accessibility

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron