2026-05-17 · 6 min read
How to Write a WCAG Remediation Plan That Satisfies DOJ Enforcement
# How to Write a WCAG Remediation Plan That Satisfies DOJ Enforcement
An audit tells you what is broken. A remediation plan tells you — and the DOJ — what you are going to do about it, who is responsible, and when it will be done.
Government agencies facing the April 2027 deadline often focus exclusively on the audit: get a report, understand the failures, start fixing things. What they underestimate is that DOJ enforcement — including any pre-enforcement inquiry, corrective action negotiation, or consent decree process — expects to see a documented remediation plan alongside the audit findings.
An audit without a remediation plan is evidence of a problem without evidence of a solution. That is not a defensible compliance posture.
This post explains what a DOJ-defensible remediation plan must contain and how to structure one that serves both your development team and your legal documentation needs.
Why Remediation Plans Matter for DOJ Enforcement
When the DOJ receives an accessibility complaint about a government website, its investigation typically proceeds in two phases. The first phase establishes whether there are substantive WCAG failures. The second phase, if failures are found, assesses whether the agency is taking reasonable corrective action.
Agencies that have a documented remediation plan — with identified responsible parties, prioritized findings, and specific timelines — are in a fundamentally different position than agencies that have not. DOJ consent decrees in web accessibility cases consistently require remediation plans, periodic progress reports, and re-audits after remediation.
Building your plan before enforcement finds you is cheaper, faster, and puts you in control of the timeline instead of a federal negotiated agreement.
Federal agencies subject to Section 508 are required to maintain corrective action plans for known accessibility failures — this is the precedent model. The expectation for state and local agencies under Title II is similar in structure, even if not yet identical in formal requirement.
The Six Components of a DOJ-Defensible Remediation Plan
1. Scope Statement
The plan must define what was audited. This includes:
- The URL scope: which pages, which subdomains, which applications
- The document scope: which file types, which libraries
- The audit date: when was the assessment conducted
- The auditor: who performed the assessment and using what methodology
Without a scope statement, the plan has no defined baseline. A DOJ reviewer cannot assess whether the remediation addresses the full compliance obligation without knowing what was reviewed.
2. Findings Inventory
Every identified failure should appear in the plan. For each finding, the plan should record:
- The WCAG success criterion violated (number and name)
- The pages or components affected (specific URLs or component types)
- A plain-language description of the failure
- A severity rating (critical / major / minor)
- A recommended fix or remediation approach
The findings inventory is the bridge between the audit report and the remediation work. If your audit report uses its own severity taxonomy, map it to a consistent schema here. A development team needs to be able to read this and know exactly what to fix.
3. Prioritization Framework
Not all failures are equal. The plan should sequence remediation by impact:
Critical — fix first. Level A failures that block access entirely: pages with no keyboard access, content that cannot be accessed by screen reader at all, forms with no labels. These represent barriers that prevent users with disabilities from accessing the service.
High — fix second. Level AA failures with broad impact: insufficient color contrast affecting all text on the site, missing focus indicators site-wide, document titles missing from all PDFs. These affect all assistive technology users on the affected pages.
Medium — fix in a planned sprint. Level AA failures affecting specific components or page types: form error handling on a specific application form, missing skip navigation link, autocomplete attributes missing from service request form fields.
Low — address in maintenance cycle. Minor failures with limited user impact or affecting infrequently accessed content.
The W3C WAI recommends this impact-based sequencing explicitly: prioritize by effect on people with disabilities and risk to the organization.
4. Owner and Timeline for Each Finding
Every item in the findings inventory needs two additional fields: a responsible party and a target completion date.
The responsible party should be specific — not "the web team" but the individual or team with authority and ability to fix the issue. For a finding in the CMS templates, that may be a different owner than a finding in a custom web application or a finding in the document library.
The target completion dates should work backward from the April 26, 2027 compliance deadline. A realistic schedule for a government IT shop with competing priorities:
- Critical findings: 60–90 days from audit completion
- High findings: 90–180 days
- Medium findings: 180–270 days
- Low findings: 270 days to deadline
Leave margin before the deadline for re-testing. Remediation introduces regressions. Plan for a re-audit 60 days before the deadline so there is time to address anything that was missed or newly introduced.
5. Interim Measures
For content or functionality that cannot be remediated within the planned timeline, the plan should document interim measures. The Title II Final Rule recognizes that agencies can provide accessible alternatives — such as offering to deliver content in an accessible format upon request — while full remediation is in progress.
Document these explicitly:
- Which content is covered by an interim measure
- What the interim measure is (e.g., "On request, staff will provide meeting agendas in accessible Word format via phone or email within 2 business days")
- The contact mechanism for requesting the alternative
- The timeline for full remediation
Interim measures do not substitute for compliance, but they demonstrate good faith effort and protect residents from being completely shut out while remediation proceeds.
6. Progress Reporting Cadence
The plan should specify how progress will be tracked and reported. For internal governance, quarterly progress reviews against the findings inventory are a minimum. Each review should update:
- Which items are complete (with verification evidence)
- Which items are in progress
- Any items that have been re-scoped, deferred, or newly identified
For a consent decree or DOJ corrective action agreement, this reporting cadence will be specified externally — typically quarterly or semi-annual reports submitted to the DOJ with supporting documentation.
Building the internal cadence now, before enforcement requires it, creates the documentation trail that makes compliance easier to prove.
Connecting the Plan to Your Accessibility Statement
The accessibility statement you are required to publish under the Title II Final Rule should reference your remediation plan. Specifically, the statement should:
- Acknowledge known limitations (drawn from the findings inventory)
- State that a remediation plan is in place
- Provide the date of the last audit
- Provide a contact mechanism for users who encounter accessibility barriers
A well-written accessibility statement and a documented remediation plan reinforce each other. The statement tells the public what you know and what you are doing. The plan tells the DOJ the same thing with more detail.
Getting the Audit That Supports a Real Remediation Plan
A remediation plan is only as useful as the audit it is based on. An automated scanner report is not sufficient as the audit foundation — it misses the 43% of WCAG failures that only manual testing can identify, and it does not produce the findings format that a remediation plan requires.
The Parallax WCAG audit from Morton Technology Consulting delivers a complete findings report organized by WCAG success criterion, with severity ratings, affected URLs, code examples, and recommended fixes — the exact format needed to build a remediation plan directly from the audit deliverable. The audit covers 200 representative pages with both automated tools and manual testing using NVDA and VoiceOver, and includes an accessibility statement draft.
The WCAG Pre-Audit Readiness Kit ($149) includes a remediation tracker pre-configured for all 50 WCAG 2.1 Level A and AA success criteria — designed to be used alongside an audit report as the basis for your remediation plan. It also includes a procurement guide for writing an RFP that produces audit deliverables in the right format for plan-building.
---
*Morton Technology Consulting LLC, Tallahassee, FL. WCAG 2.1 audits and remediation planning for Florida government agencies. [email protected]*
Sources
- [1] ADA.gov — DOJ Fact Sheet: New Rule on Accessibility of Web Content and Mobile Apps — "The rule establishes a clear standard for accessibility and gives state and local governments the information they need to understand how to comply"
- [2] W3C WAI — Planning and Managing Web Accessibility — "Prioritize issues based on their impact on people with disabilities and on the risk to your organization"
- [3] Section508.gov — Laws, Policies and Standards — "Agencies must track accessibility of ICT and resolve accessibility issues, maintaining plans to remediate non-conformant products and services"
- [4] W3C — Web Content Accessibility Guidelines (WCAG) 2.1 — "Web Content Accessibility Guidelines (WCAG) 2.1 covers a wide range of recommendations for making Web content more accessible"
- [5] Federal Register — Interim Final Rule extending Title II compliance dates (April 20, 2026) — "The compliance date for State and local government entities with a total population of 50,000 or more is extended from April 24, 2026, to April 26, 2027"
Morton Technology Consulting LLC — WCAG 2.1 AA audits for Florida government agencies. Parallax audit → · WCAG Readiness Kit → · All posts →