What makes an accessibility record defensible?

A record is defensible when it has four properties: completeness (every issue has a documented lifecycle), attribution (every action is tied to a specific person), immutability (records cannot be altered after the fact), and continuity (the record shows ongoing effort, not a one-time project).

Why is a defensible record different from a compliance certificate?

A compliance certificate is a point-in-time assertion, often from a vendor, that a website meets certain standards. A defensible record is the underlying evidence trail that shows how an organization identified, addressed, and monitored accessibility issues over time. Courts and regulators examine the process, not the certificate.

What Is a Defensible Accessibility Record?

Q: What is a defensible accessibility record?

A defensible accessibility record is a structured body of documentation that demonstrates an organization's ongoing effort to identify, track, remediate, and govern web accessibility issues. It is defensible because it can withstand examination by someone looking for gaps — an opposing counsel, a regulator, or an auditor — and still hold up.

Documentation that holds up when examined by someone who assumes you are wrong.

A defensible accessibility record is a structured body of documentation that demonstrates an organization's ongoing effort to identify, track, remediate, and govern web accessibility issues. It is called "defensible" because it can withstand examination by an adversarial party — opposing counsel, a regulator, or an auditor — and still hold up.

Unlike a scan report or a compliance certificate, a defensible record shows the process, not just the outcome.

What It Includes

A complete issue lifecycle for every finding: detection, acknowledgment, assignment, remediation, review, and closure
Attribution at every step — who did what, and when
Separation of duties between the person submitting evidence and the person reviewing it
Immutable records that cannot be retroactively altered
Continuity — evidence of ongoing monitoring, not a one-time project

What It Does Not Include

A defensible record is not a compliance certificate. It is not an accessibility statement. It is not a vendor report asserting that your site "passed."

These are assertions. A defensible record is the underlying evidence that makes assertions credible. Without the record, assertions are unsupported claims.

Why It Matters

Most organizations that do accessibility work have no defensible record of it. The work lives in Jira tickets, email threads, Slack messages, and spreadsheets that no one can reassemble into a coherent narrative under pressure.

When a demand letter arrives or a regulator asks questions, the organization discovers that years of genuine effort left behind nothing a third party will credit. The work happened. The evidence does not exist.

Common Misconceptions

"Our Jira board is our record." Project management tools track tasks. They do not enforce separation of duties, produce immutable evidence, or create attribution chains that survive legal scrutiny. Tickets get edited, reassigned, and deleted. That is not a record.

"We had an audit, so we have documentation." An audit is a snapshot. It tells you what an auditor found on a given date. It does not document what you did next, who was responsible, or whether the same issues recurred. A defensible record includes the response to the audit, not just the audit itself.

"We'll compile the record if we ever need it." Retroactive compilation is exactly what opposing counsel will challenge. A record is defensible precisely because it was created contemporaneously — at the time the work happened, not months or years later when litigation forced the question.

What This Means in Practice

A defensible record is built incrementally, as a byproduct of doing the work. Each time an issue is found, someone acknowledges it. Each time a fix is made, evidence is submitted. Each time evidence is reviewed, a decision is recorded.

Over time, this produces a body of documentation that answers the hard questions: Did you know? Did you act? Can you prove it? The distinction between testing and governance is the distinction between detecting problems and building this kind of record.

SiteRecord produces a defensible record as a natural output of accessibility work — every action attributed, timestamped, and cryptographically verifiable.