The Federal Information Technology Acquisition Reform Act (FITARA), enacted in 2014, provides a framework for agencies to improve the acquisition, management, and performance of federal IT. The law emphasizes accountability for the cost and schedule of IT investments alongside oversight provided by FITARA scorecards and CIO reporting. FITARA makes federal IT smarter, faster, and more accountable by improving federal agency Chief Information Officer (CIO) involvement in IT investments and management of IT investments across government, saving the federal government money by reducing wasteful buying practices.
By incorporating Section 508 compliance into FITARA oversight, agencies can:
How to Integrate Section 508 into FITARA Processes
Agencies can embed Section 508 into FITARA governance by aligning existing ICT accessibility requirements with FITARA’s investment management lifecycle:
- Portfolio Review
- Include Section 508 compliance status as part of agency IT Portfolio review, performance tracking, and strategic resource management.
- Ensure acquisition strategies and project plans include ICT accessibility testing and remediation milestones.
- Acquisition and Contracting
- Incorporate requirements for Section 508 conformant deliverables and Section 508 acceptance criteria, including testing methodologies.
- Use the Accessibility Requirements Tool (ART) or the Solicitation Review Tool (SRT) to generate Section 508 standards to include in solicitations.
- Investment Reviews and Scorecards
- Add Section 508 compliance as a standing metric in FITARA scorecard reporting.
- Track Section 508 conformance outcomes at the same frequency as cost, schedule, and risk updates.
- Governance and Oversight
- Assign accountability for Section 508 compliance to program managers, investment leads, or other relevant stakeholders.
- Ensure the CIO has visibility into Section 508 compliance data across all major IT investments.
Tip:
- Plan for Section 508 conformance and testing early in the acquisition or development lifecycle to avoid last-minute delays or expensive fixes.
- Ensure acquisition, development, and program teams understand ICT accessibility requirements and how to meet them.
Implementation in Action at a Federal Department
Some agencies have begun to integrate IT accessibility into the FITARA acquisition, contract, and evaluation process.
The agency Section 508 program provides Section 508 status information for contracts under FITARA review. If delivered products are non-compliant, the agency Section 508 program team meets with the vendor and product owner to discuss conformance. Conformance is determined by the Section 508 program team by auditing the product using a test process, tools, and a report. The report includes severity ratings of “critical”, “high”, “medium”, and “low.” Defects categorized as “critical” and “high” are considered “show stoppers” and must be remediated. “Medium” and “low” defects are included in the corrective action plan and are prioritized accordingly.
Once defects are categorized and documented, a corrective action plan is developed to fix non-conformant content. A letter of concern is sent, warning that the product is not compliant and a “get well” date is agreed upon. If the remediation does not occur according to the scheduled plan, a “Cure Notice” is sent. This notifies the vendor that the contract will not be renewed. Internally, a Cure Notice is the equivalent of a “black flag” on the product or vendor warning against future federal use.
Below are the steps, roles, and responsibilities as outlined by the Department Section 508 Program Team:
- A letter of concern is issued to the vendor after agreeing on a “get well” date, not to exceed one year to remediate and a copy of the most recent Section 508 test report is attached.
- The product owner briefs the Program and Acquisition Review Council, where all IT Senior Executives are in attendance, quarterly on the remediation status of the product.
- If the product is not made compliant by the agreed upon “get well” date, a Cure Notice is issued.
In short, risk must be assessed, a remediation opportunity must be granted, and a consequence must result for the vendor. Without assessment, remediation, and consequence, the contract team is unable to hold vendors accountable for inaccessible products prior to, during, or after acquisition. Acquisition professionals must have a process for determining the accessibility of IT prior to product acceptance.
Relevant Memos and Legislation:
- 49.607 Delinquency notices (Federal Acquisition Regulation)
- Federal Information Technology Acquisition Reform Act (FITARA)
- Federal Information Security Modernization Act of 2014 (FISMA)
- Management and Oversight of Federal Information Technology (M-15-14)
- The Clinger Cohen Act
Related Resources
- Buy Accessible Products and Services
- Define Accessibility Criteria in Contracts
- Determining ICT Exceptions
- Introduction to the Accessibility Requirements Tool (ART)
- Introduction to the Solicitation Requirements Tool (SRT)
- Key Performance Indicators
- Micro-Purchases and Section 508 Requirements
- Procuring Section 508 Conformant ICT Products and Services
- Section 508 Exceptions Request and Approval Process
- Soliciting and Evaluating Accessibility Conformance Reports in Federal ICT Procurement
- Technology Accessibility Playbook - Play 8: Integrate Accessibility Needs into Market Research and Acquisition Processes
- Testing Lifecycle Overview
Reviewed/Updated: September 2025
