Organization Testing Control
AMP's concept of standards management at the Organization level is based around the concept of the Organization Testing Control, which gives administrators complete control over which standards the product is mapped to. In AMP, each organization has a single, centrally defined and controlled testing control that is enforced across all members of the organization. This is based on the most common successful approach for compliance testing SSB has experienced where a single, central compliance office defines the compliance requirements for the organization as a whole. This approach has a number of significant benefits including:
- Elimination of the need to interpret accessibility standards at all end points of the organization. The costly act of interpreting what is an appropriate level of compliance for the enterprise is concentrated into a small set of experts capable of weighing the trade-offs of any given compliance approach for the enterprise as a whole.
- Centralization of compliance claims with public standards. Compliance claims are centralized and normalized against a standard set of criteria defined by a single group ensuring consistency and reducing legal costs.
- Ability to quickly migrate between standards. Since the underlying public standards being tested for compliance are not exposed to the end points of the organization migrating between standards is a matter of a single set of updates to the organizations configuration.
This configuration is deployed and enforced in all points in AMP including AMP Test, AMP Reports, AMP Toolbars, and the Best Practices section This ensures that AMP users are only exposed to the set of requirements that their organization administrators are currently targeting for compliance and do not spend time addressing irrelevant requirements.
Editing the Organization Testing Control
In general the central compliance office determines and customizes the core set of requirements for the organization by choosing three categories of items in sequence. Organization Administrators can edit these settings by following the steps below:
- Log into AMP as an Organization Administrator
- Navigate to the Administration tab
- Select the Organization Testing Control Link from the Organization Administration section of the right-hand navigation bar. Check items to activate them, un-check them to remove them.
- Standards - The set of accessibility standards an organization wishes to conform to. As an example a common set of accessibility standards would include items such as Section 508, WCAG 1.0 P1, WCAG 2.0 A, WCAG 2.0 AA requirements.
- Technology Platforms - The set of development platforms the organization targets for accessibility.
- Best Practices - Specific best practices that the organization wishes to conform to.
Customizing the Organization Testing Control at the Report Level
Each report that is created in AMP contains a record of (i) the specific set of standards the report was tested against and (ii) the exact set of best practices that were tested for in the given report. This ensures that an audit trail is provided for each report so an accurate record of what was tested can be recalled at any point in time. This also provides for normalization of compliance claims over time as the underlying compliance targets for an organization change.
All information relating to the testing control for a specific report is inherited directly from the organizations testing control at the time of report creation. The exact testing control for a report can be edited only by System or Organization Administrator and cannot be changed by individual users in the organization. This allows for a specific report to be customized to test against an alternative set of requirements most commonly a subset of the rules in an organization. This editing is enabled only when no modules have been created for the report. Once a module has been created no users are able to edit the testing control for a report.
The most common scenario for this is that the organization as a whole tests for a superset of the requirements that are relevant for a specific report. As an example, consider that an organization as a general matter of business requires conformance with WCAG 2.0 A, AA and Section 508 requirements. However a specific site or application being audited is only relevant to the US Federal Government and the organization wishes to only test it for Section 508 compliance. In this case a report is created and automatically inherits the testing control settings for the organization as a whole. Prior to creating any modules in the report, a System or Organization Administrator can configure the specific report to test against a sub-set of the overall organizations requirements.