1) WCAG Risk Defense Statements (High / Moderate / Low Context)
Use these as your “go-to” responses when panels ask why a specific success criterion is High/Moderate/Low in procurement.
1.3.1 – Info & Relationships (Level A)
“If 1.3.1 fails in a core workflow like registration, checkout, or invoice approval, screen reader users may not understand required fields or instructions — that prevents task completion and elevates it to High risk. If it affects secondary content only, it may be assessed as Moderate.”
2.1.1 – Keyboard (Level A)
“If 2.1.1 fails in a core workflow like invoice approval or account setup, keyboard-only users are completely blocked from operating the system — that is automatically High risk.”
4.1.2 – Name, Role, Value (Level A)
“If 4.1.2 fails and custom controls don’t expose proper name, role, or state, screen reader users cannot interpret or operate critical interface components — in transactional workflows, that becomes High risk. If it affects non-essential widgets, it may be Moderate.”
3.3.1 – Error Identification (Level A)
“If 3.3.1 fails and errors are only shown visually, blind users cannot detect or correct submission mistakes — in payment or approval workflows, that creates High risk. If the issue is minor and not blocking submission, it may be Moderate.”
2.4.7 – Focus Visible (Level AA)
“If 2.4.7 fails and keyboard focus is not visible, users navigating without a mouse may lose track of where they are — in multi-step workflows, that may escalate to High risk. If usability is degraded but completion is still possible, it is Moderate.”
1.4.3 – Contrast (Minimum) (Level AA)
“If 1.4.3 fails and contrast is insufficient on critical information like totals or warnings, low-vision users may misread important data — in financial workflows, that can elevate to High risk. If it affects secondary text only, it is typically Moderate or Low.”
1.4.10 – Reflow (Level AA)
“If 1.4.10 fails and users must scroll horizontally at 400% zoom, low-vision users may struggle to complete multi-field workflows — if it significantly impairs completion, it may be High risk. Otherwise, it is generally Moderate.”
2.4.11 – Focus Not Obscured (Minimum) (WCAG 2.2 AA)
“If 2.4.11 fails and keyboard focus is hidden behind sticky headers or overlays, users may activate unintended controls — in transactional workflows, that can escalate to High risk. If the obstruction is occasional and non-blocking, it may be Moderate.”
2.5.8 – Target Size (Minimum) (WCAG 2.2 AA)
“If 2.5.8 fails and interactive targets are too small, users with motor impairments may trigger incorrect actions — in approval or submission workflows, that may elevate to High risk. If it impacts minor controls only, it is Moderate.”
4.1.3 – Status Messages (Level AA)
“If 4.1.3 fails and status messages are not announced to assistive technologies, users may not know whether an action succeeded or failed — in transactions or submissions, that can create High risk. If it affects non-critical confirmations only, it is Moderate.”
Risk pattern to say out loud: Level A failures that block independence in a core workflow are typically High.
Level AA issues are often Moderate unless they materially affect transactions.
2) RAPID RISK CLASSIFICATION CHEAT SHEET (1-Page Memorize)
🔴 Automatic High Risk Triggers
If YES in a core workflow → High
| Category | WCAG SC | Why High |
|---|---|---|
| Keyboard blocked | 2.1.1 | User cannot operate the system |
| Forms unusable | 1.3.1 / 3.3.1 / 4.1.2 | Cannot submit required info |
| Custom controls not announced | 4.1.2 | AT users can’t interpret UI |
| Status not announced in transaction | 4.1.3 | Cannot confirm completion |
| VPAT missing evaluation methods | N/A | Credibility failure → risk unknown |
Interview line: “If it blocks independent completion of a core workflow, it’s High risk.”
🟠 Context-Driven (Usually Moderate → Can Escalate)
Escalates to High when it impacts financial/approval/submission workflows.
| WCAG SC | Default | Escalates to High When… |
|---|---|---|
| 1.4.3 Contrast | Moderate | Totals/warnings/actions unreadable |
| 2.4.7 Focus Visible | Moderate | User loses location in multi-step forms |
| 1.4.10 Reflow | Moderate | Zoom users can’t complete forms |
| 2.4.11 Focus Not Obscured (2.2) | Moderate | Sticky UI hides required controls/fields |
| 2.5.8 Target Size (2.2) | Moderate | Mis-taps cause transactional errors |
| 4.1.3 Status Messages | Moderate | Submission/confirmation isn’t announced |
Interview line: “If usability degradation affects critical transactions, I escalate to High.”
🟢 Typically Low (Unless Systemic)
- Minor contrast issues on secondary text (task still completable)
- Small non-essential icon/buttons (no workflow impact)
- Minor structure issues outside forms or core flows
Interview line: “If task completion is not materially impacted, I classify as Low.”
🧠 Workflow Impact Test (Mental Shortcut)
- Can the user complete the task independently?
- Does it affect money, approvals, submission, or legal acknowledgement?
- Is there an alternative accessible path?
- Is the VPAT/ACR credible (methods, AT, browsers, scope)?
Decision rule: ❌ cannot complete → High • ⚠ can complete but degraded → Moderate • ✅ minor friction → Low
🧨 VPAT Credibility Escalators
- All “Supports” with vague remarks
- No AT listed (or “screen readers used” only)
- No browsers/OS listed
- No remediation timeline
- Outdated report date vs product release cadence
Credibility note: Low credibility often forces a conditional decision or follow-up evidence request.
⚖️ Level-Based Weighting (Quick)
| Level | Typical Risk Weight |
|---|---|
| Level A failure | High potential (especially in core workflows) |
| Level AA failure | Moderate (context-driven) |
| WCAG 2.2 additions | Moderate → High if transactional impact |
| AAA | Rarely procurement-blocking |
20-Second Summary Script (Memorize)
“My classification framework is simple: If a Level A failure blocks independent task completion in a core workflow, it’s High risk. If functionality exists but usability is degraded, it’s Moderate. If issues are cosmetic and non-blocking, it’s Low. I also adjust based on VPAT credibility and legislative exposure.”