Client & Context
An accessibility audit and VPAT together answer two different questions: “what is broken?” and “what can we claim?” Between October and December 2025, client Sam Donnelly engaged HalfAccessible across three consecutive contracts to answer both for a web application — and then to fix what the audit found.
The Challenge
The sequence matters. A VPAT written before remediation documents failure; remediation without re-testing leaves claims unproven. The engagement needed a full audit first, an honest conformance report second, and code-level fixes third — finishing with a landing page redesign that applied the same accessibility standards to the marketing surface.
Audit, Document, Remediate
The audit covered the application’s core flows with manual testing: NVDA, JAWS, and VoiceOver passes, complete keyboard-only journeys, and review of forms, modals, and dynamic content against WCAG success criteria. Findings shipped severity-ranked with exact locations and fix guidance.
The VPAT was authored from those verified results — conservative claims, documented exceptions. Then, rather than handing the report over a wall, we executed the remediation ourselves on an hourly basis: semantics, ARIA states, focus management, and contrast, re-testing each fix against the original finding before closing it.
The Results
- Full accessibility audit and VPAT delivered for the web application
- Findings remediated at code level by the same team that reported them
- Accessible landing page redesign completing the engagement
- All three contracts rated 5.0 out of 5.0 on Upwork
One accountable partner across audit, documentation, and fixes removes the most expensive failure mode in accessibility work: findings that never become fixes.
Why the Order of Operations Matters
Teams that buy a VPAT before auditing get a document that catalogues their failures for procurement to read. Teams that remediate before auditing fix what they guess is broken instead of what is. The sequence that works is unglamorous: audit, then remediate, then document — each step feeding verified evidence into the next.
The audit produced the findings backlog. Remediation worked that backlog at code level. And because the same specialists held both phases, nothing was lost in translation between report and repair — the issue numbering, the test contexts, even the screen reader versions stayed consistent end to end.
What Each Deliverable Contained
- Audit report: severity-ranked findings with WCAG mapping, exact locations, reproduction steps, and code-level fix guidance
- VPAT/ACR: per-criterion conformance levels with testing-based remarks and documented exceptions
- Remediation log: each finding closed with its fix, re-test result, and date — an audit trail for future buyers
- Landing page redesign: accessible-by-default marketing surface matching the application standard
The remediation log deserves special mention: when the next enterprise buyer asks “how do you handle accessibility?”, a dated record of found-fixed-verified issues answers more convincingly than any policy statement. It demonstrates process, not intention — and process is what procurement is actually evaluating.
Frequently Asked Questions
Should the audit team also do the remediation? It is often faster and cheaper — context transfers perfectly — provided the final verification pass is honest and evidence-based, as it was here.
How long does the full audit-remediate-document cycle take? This engagement ran about six weeks end to end; complexity of the application and availability of staging access are the main variables.
Is the VPAT written before or after fixes? After. A VPAT authored from the remediated, re-tested state is the only version worth handing to procurement — anything earlier documents problems you have already paid to remove, and undersells the product to every buyer who reads it.
Want the Full Cycle Handled?
If you need an accessibility audit and VPAT — and a team that can also do the fixing — see our services overview, VPAT documentation, or get a free assessment.
