Web Team Policies and Procedures
The following document defines clear practices and polices for routine development, support and maintenance of ME web sites and applications. This document should be reviewed as guidance for web developers within the ME division. To help us establish our policies for ME web sites, we extracted some information from the ICGI Recommendations for Federal Websites.
1) Homepage
• The purpose of the homepage is to help the public get to the content they need and want most
• Homepages must be designed to feature the most requested information and services
Exceptions: There are no exceptions to this requirement.
2) Current Content Must be Dated
Every homepage, navigational page and document must have a date showing that it is current, that it has been reviewed within the past 12 months or that it is a historical document.
Exceptions:
• If a document is reproduced from another entity and cannot be altered to add a posting date or notification that it is an historical document, it is exempt
• Existing documents (not homepages or navigations pages) are grand-fathered; however as time and resources permit, organizations should date those documents also
Implementation guidance:
• If the document or page has been posted within the past year, the “date posted” is adequate
• For documents older than one year, revert to the last reviewed date to indicate content is current.
• PDF documents should either be dated or the date should appear in the link to the PDF
Implementation for posting:
• PM’s must submit the following information when requesting posting of documents online:
o Title of Document: (ie. CIO Council Meeting Guidelines)
o Title of Agency from which the document originated: (ie. GSA, OMB)
o Document or Reference Number if applicable: (ie. Exec Order 154-259)
o Date of the Document origination: (ie. November 9, 2004)
3) ME Websites Must Follow GSA Standard Security Practices
• Web applications, site pages, databases and other features must be developed using methods that secure the integrity of data.
• SSL certificates must be used to provide secure encryption to log in areas.
• Web sites must reside on server boxes that are GSA certified and have undergone GSA Security measures, such as server hardening, security updates and patches.
• All federal public websites must comply with Section 207(f)(1)(b)(iv) of the E-Gov Act of 2002, which requires organizations to have security protocols to protect information.
• Refer to the NIST recommended Guidelines for Securing Public Web Servers.
4) ME Websites Must Have Security Protocols to Protect Information
All federal public web sites must comply with Section 207(f)(1)(b)(iv) of the E-Gov Act of 2002, which requires organizations to have security protocols to protect information.
• E-Gov Act of 2002, Section 207(f)(1)(b)(iv):
http://www.archives.gov/about_us/basic_laws_and_authorities/egov_act_section_207.html
5) ME Websites Must Link to FirstGov.gov
Every website must link from its homepage and major entry points to the homepage of FirstGov.gov (www.firstgov.gov).
Exceptions: There are no exceptions to this requirement.
Implementation Guidance
• A graphic link: an icon provided by FirstGov.gov with alt text "FirstGov: U.S. Government Homepage." Instructions for adding the FirstGov icon can be found at: http://www.firstgov.gov/About/FirstGov_Logos.shtml
,br> • A text link: “U.S. Government Homepage” (if it fits, use "FirstGov: The U.S. Government Homepage")
6) ME Websites Must Comply with Privacy Requirements
All ME websites must comply with existing laws and directives to protect the privacy of the American people when they interact with their government. Some key requirements for websites include:
(a) Conducting privacy impact assessments;
(b) Posting privacy policies on each website;
(c) Posting a “Privacy Act Statement” that tells visitors the organization’s legal authority for collecting personal data and how the data will be used; and
(d) Translating privacy policies into a standardized machine-readable format
7) ME Web Sites Must Be Written in Plain Language
Web site managers must ensure that homepages, all major entry points, and navigational elements of websites are written in plain language. Plain language is language the website’s typical visitor can understand in one reading.
8) ME Web Content Should Avoid Duplication
Avoid duplicating or recreating content that already exists on a federal public website. Before creating new information on a particular topic, organizations should determine if that same—or comparable—information already exists on their website or on another federal public website, including on a government-wide portal.
Implementation Guidance
• Before creating new content, organizations should use inventories of their own websites’ content (as required in Section 207(f)(2) of the E-Gov Act) to determine if comparable content already exists.
• To determine whether content already exists on another federal public website, use FirstGov.gov, the official portal of the U.S. government.
• When existing content is the same or comparable within organizations or across organizations, consult with these organizations to find ways to share or coordinate content and to mitigate duplication.
9) ME Websites Must Have Consistent Navigation
To promote ease-of-use for all citizens, ME websites must have a navigation scheme that is used consistently across the website.
Exceptions: There are no exceptions to this requirement.
10) Use Standard Metadata
Include the following metadata on the homepage and all major entry points:
• Title (this is different from the HTML title tag)
• Description
• Creator (the content owner; this should be the name of the organization)
• Creation Date (original creation date)
• Last Reviewed Date
• Language
Exceptions: There are no exceptions to this requirement.
11) Inform Audiences of Website Changes
• When significant changes occur, such as a website redesign, the organization must provide information to the public about the changes.
• When changes are made to an organization’s root domain name (for example, www.irs.gov or www.publicdebt.treas.gov), they must notify staff at FirstGov.gov so the new domain name is correctly identified on FirstGov, including the government-wide domain directory and search index.
12) ME Web Sites Should Provide Access to Documents in Appropriate File Formats
• provide access to documents using open, industry standard web formats or using alternative formats that do not impose an unnecessary burden on the intended audience.
Implementation Guidance
• Industry standard formats (HTML and XML are current examples) provide the greatest flexibility for visitors and should be the primary formats for documents on federal public websites, especially those that are most frequently accessed by the public.
• Portable Document Formats (PDF), such as Adobe Acrobat, should be used only as an alternate format to industry standard formats and when there is a clear business need to use this format. For example, PDF format is an appropriate format when it is important to retain the original formatting of a document, such as forms or brochures. When using PDF files, organizations must provide a link to the downloadable free viewer. To ensure maximum accessibility, organizations should also provide a version of the document in an industry standard format, such as HTML, whenever feasible.
• Organizations should avoid making documents available only in proprietary formats that require purchase or licensing of commercial software (for example, MS Word, MS PowerPoint). If organizations must use these formats, they must include a text description of the document, including the name, file type, file size, and effective date. This will ensure that visitors have a reasonable understanding of what to expect when they view the material and that search engines can easily find it.
• In most cases, large or complex documents (generally, more than 10-15 pages), whether in an industry standard format or alternative format, should be organized into sections or chapters and linked together. A contact person shall be identified on the page to provide access to an accessible document if document is too large and would constitute an undue burden to do link together.
• Provide a link to download the entire document since some readers may prefer to print the entire document for later reading.
13) Use Standard Metadata
Include the following metadata on the homepage and all major entry points:
• Title (this is different from the HTML title tag)
• Description
• Creator (the content owner; this should be the name of the organization)
• Creation Date (original creation date)
• Last Reviewed Date
• Language
Exceptions: There are no exceptions to this requirement
14) ME Web Sites Must Provide Common Access
ME websites must be designed, developed and tested for a broad range of visitors, including those with lower-end hardware and software capabilities.
Exceptions: There are no exceptions to this policy.
Implementation Guidance
• Web sites should be designed, developed, and tested for multiple browsers and versions of browsers
• operating systems, connection speeds, and screen resolutions, based on an analysis of an organization’s web site visitors.
• Developers should balance the needs of visitors who use lower-end technologies with the need to pursue more advanced technologies and the added functionality those technologies may provide.
• To accommodate visitors with low connection speeds, federal public websites should minimize page download times for their visitors. In most cases, HTML pages should not exceed 100 KB.
