Findings: Testing and Remediation Outcomes

Key Takeaways

Testing and Remediation is the weakest accessibility implementation area, with agencies reporting an average outcome of 2.00 (Low), reflecting limited standardization, inconsistent execution, and weak governance controls.
Parent agencies reported an average outcome of 2.98 (Moderate) while components reported a slightly lower but still moderate outcome of 2.56, indicating similar challenges across organizational levels.
Testing and remediation vary significantly by ICT type, with hardware and intranet web pages receiving less consistent testing, documentation, and remediation despite their importance to employee access and mission operations.
Usability testing with people with disabilities is rare across all ICT types, with most agencies and components reporting that they do not conduct such testing prior to deployment or publication.
Mature testing practices, such as standardized testing processes, risk-based prioritization, defined remediation timelines, and systematic evidence tracking, are limited across agencies and components, constraining sustained improvement in conformance outcomes.
Agencies that establish clear remediation timelines and tracking mechanisms generally meet them, demonstrating that governance, not technical feasibility, is the primary constraint.

Assessment

The assessment examined how agencies test ICT for Section 508 conformance and remediate accessibility across ICT types, including hardware, software, public electronic documents, public web pages, and internal web pages. Specifically, the assessment addressed:

Use of standardized processes and documentation to test ICT for Section 508 conformance.
Application of risk-based approaches to prioritize accessibility testing and remediation.
Establishment and enforcement of timelines for remediating accessibility defects.
Use of manual and automated testing prior to publication or deployment.
Integration of usability testing with people with disabilities as part of testing practices.
Collection and maintenance of conformance evidence for hardware and software.

Components answered these questions only if they performed Section 508 testing independently or in addition to their parent agency. Sixty agencies and 106 components provided responses.

Note: A dependency in the collection tool failed to trigger for components who indicated they did not perform testing independently or in addition to the agency. Consequently, their selections for testing questions were excluded, despite their provided answers, if they stated they did not perform testing.

Findings

Section 508 testing and remediation are critical to ensuring federal digital products and services are accessible to all Americans. Without systematic testing, agencies cannot identify accessibility defects, and without remediation those defects persist. Sustained testing and remediation support compliance with federal law, reduce rework and cost, and enable equitable access to digital information and services.

Agencies reported an average Testing and Remediation factor outcome of 2.00 (Low) on a 5-point scale, with results ranging from 0 to 4.73. Among the 106 components from 10 agencies that perform Section 508 testing independently or in addition to the parent agency, the average outcome was 2.56 (Moderate) on a 5-point scale with results ranging from 0 to 5. The corresponding parent agencies reported a slightly higher Moderate average of 2.98.

Testing and remediation is the weakest area of Section 508 implementation across the federal enterprise and continues to constrain overall accessibility outcomes. While agencies that apply more systematic testing and remediation practices tend to achieve higher conformance for the ICT they test, most agencies do not test consistently across ICT types or stages of the lifecycle. Gaps are most pronounced for hardware and internal web content, and user-centered practices such as usability testing with people with disabilities are uncommon. Where agencies establish clearer remediation expectations, such as defined timelines or standardized processes, outcomes improve, but these practices are not widely adopted. The findings that follow illustrate how uneven testing coverage and limited remediation maturity continue to limit progress toward sustained, governmentwide Section 508 conformance.

Governance, Risk, and Compliance

Only 30% of agencies and 33% of components reported using a GRC tool to manage Section 508 compliance, though some components used GRC tools even when their parent agency did not. Agencies and components using GRC tools achieved significantly higher Testing and Remediation and overall Conformance outcomes than those without GRC tools.

Hardware and Software Accessibility Evidence Tracking

Only 30% of agencies systematically track Section 508 conformance evidence for hardware and 40% for software, with most agencies collecting evidence on an ad hoc or incomplete basis rather than through formal processes. Although agencies reported higher average evidence coverage for software (54%) than hardware (43%), wide ranges (0–100%) indicate inconsistent practices and uneven maturity, likely reflecting more established procurement and testing practices for software and greater familiarity with software accessibility risks compared to hardware.

Testing and Remediation Outcomes

There is a moderate positive correlation between Testing and Remediation outcomes and conformance outcomes, indicating that agencies with stronger testing and remediation practices achieved higher conformance for tested ICT.

Agencies do not consistently adopt standardized Section 508 testing practices across ICT types. While more than 70 percent of agencies reported standardized testing for electronic documents and public web pages, only about 50 percent reported standardized processes for software and internal web pages, and only 30 percent reported a standardized process for hardware.

As shown in Figure 10:

72% of agencies reported standardized testing for electronic documents and 70% for public web pages.
About 52% reported standardized testing for software and internal web pages.
Only 30% reported standardized testing for hardware.

Bar chart showing the percentage of agencies with a standardized Section 508 test process by ICT type. More agencies reported having a test process for electronic documents and web pages and fewer agencies had a test process for hardware. Data: Hardware: 30% yes and 70% no; software: 52% yes and 48% no; electronic documents: 72% yes, 28% no; public web pages: 70% yes and 30% no; internal web pages: 52% yes and 37% no.

Figure 10. Percentage of agencies with a standardized Section 508 test process by ICT Type.

Usability testing with people with disabilities is rare across all ICT types. Only between 12 percent and 17 percent of agencies reported conducting usability testing with users with disabilities prior to deployment, depending on ICT type. As a result, most agencies deploy ICT without validating real-world accessibility.

Agencies also show limited user-centered accessibility verification beyond formal testing. Only 28 percent of agencies reported a process for consulting with individuals with disabilities or disability organizations, while most do not. Components reported higher consultation rates, but of the 106 components that perform any Section 508 testing, nearly half still lack such a process.

Bar chart showing at least 75% of agencies do not conduct usability testing with people with disabilities prior to publication of any ICT: Hardware: 13% yes and 87% no; Software: 15% yes and 85% no; Electronic Documents: 12% yes and 82% no; Public Web Pages: 17% yes and 83% no; Internal Web Pages: 13% yes and 75% no.

Figure 11. Agency responses to conducting usability testing on ICT with people with disabilities prior to publication or deployment.

Agencies apply risk-based approaches unevenly, with hardware and internal web pages showing the weakest adoption. Many agencies either prioritize remediation without a formal, documented framework or fail to prioritize it altogether. Figure 12 shows:

Fewer than half of agencies use a risk-based approach overall.
For hardware, only 38% of agencies use a risk-based framework, the lowest rate among ICT types.
Software has a lower rate of using a risk-based approach, with only 47% of agencies noting using an approach or framework.
Only 55% of agencies report using a risk-based approach for public web pages and electronic documents.
Only 47% of agencies use a risk-based framework for internal web pages.

Bar chart showing percentage of agencies that use risk-based approach to prioritize remediation by ICT type. Hardware: 38% yes vs 62% no; Software: 47% yes vs53% no; Electronic Documents: 55% yes vs 45% no; Public Web Pages 55% yes vs 45% no; Internal Web Pages: 47% yes vs 42% no.

Figure 12. Percentage of agencies that use a risk-based approach or framework to prioritize remediation by ICT type.

Most agencies do not require remediation timelines; however, agencies that establish timelines generally meet them, demonstrating that clear remediation expectations significantly improve accessibility outcomes. Approximately 70 percent of agencies reported no required timelines across ICT types. Where timelines exist, 80 percent to 90 percent of agencies reported remediating within those timelines.

Stacked bar chart showing how frequently agency defects are remediated within specific timelines by ICT type. For Hardware, 7% report testing rarely, 40% often, 40% almost always, and 13% provided no response. Software testing is reported as 50% almost always, 39% often, 6% sometimes, and 6% no response. Electronic Documents are tested almost always by 65%, often by 25%, sometimes by 5%, with 5% no response. Public Web Pages are tested almost always by 60%, often by 30%, sometimes by 5%, with 5% no response. Internal Web Pages are tested almost always by 50%, often by 43%, and 7% provided no response. Rarely reported testing is minimal across all categories.

Figure 13. How often defects are remediated within specific timelines by ICT type.

Agencies most consistently apply manual Section 508 testing to public-facing web pages, where testing “often” or “almost always” is most common, reflecting prioritization of systems with high public visibility and compliance risk. In contrast, hardware receives the least manual testing attention, with a large share of agencies reporting they “never” or “rarely” test hardware prior to deployment, indicating that Section 508 conformance validation for hardware frequently does not occur. Manual testing of software, electronic documents, and internal web pages falls between these extremes, with substantial portions of agencies reporting only occasional or inconsistent testing. Overall, submitted data show that manual testing practices remain uneven across ICT types, with agencies prioritizing public-facing content while under-testing hardware and internal systems, limiting confidence in accessibility outcomes across the full ICT lifecycle.

Automated testing follows a similar pattern, with lower and inconsistent use on internal web content and electronic documents. These patterns indicate that many agencies lack standardized, enterprise-wide testing prior to deployment. Overall, testing and remediation practices remain uneven and underdeveloped, constraining improvements in Section 508 conformance across the federal ICT portfolio.

Best Practices and Remaining Challenges

Over the past year, several agencies strengthened their Section 508 programs by embedding accessibility more consistently into governance, development, and testing workflows. Agencies improved the efficiency and consistency of accessibility evaluations by automated and hybrid testing approaches and aligning defect tracking with enterprise inventory systems. Many agencies embedded accessibility earlier in the ICT lifecycle by integrating Section 508 requirements into software development processes, establishing standardized templates, and requiring accessibility review of documents and applications prior to release. Collaboration between accessibility teams and developers further strengthened lifecycle integration by embedding conformance checks into common tools and platforms.

Agencies also strengthened remediation and maintenance processes and expanded the evaluation of online training materials. Several agencies increased scalability through internal tools that support conformance reporting, tracking, and remediation. Training initiatives expanded, with some agencies training more than 1,000 personnel and participating in regular accessibility communities of practice.

Despite this progress, significant structural challenges continue to limit consistent Section 508 implementation. Limited staffing, constrained resources, and gaps in specialized expertise hinder agencies’ ability to sustain comprehensive testing, evidence tracking and remediation at scale. Agencies report that vendor-provided accessibility conformance reports remain inconsistent or unreliable, increasing the burden on agencies to independently validate conformance. Programs also report challenges integrating accessibility early in development and deploying automated testing tools within secure enterprise environments.

Agencies continue to face challenges maintaining enterprise-wide visibility into ICT assets, enforcing consistent practices across offices and components, and ensuring content owners understand and meet accessibility requirements.

Taken together, these findings show that while targeted investments and improved practices are yielding progress, sustainable Section 508 compliance will require stronger governance, earlier lifecycle integration, improved vendor accountability, and continued investment in workforce capacity and testing infrastructure.

< Previous

Reviewed/Updated: March 2026