home | contact us | site index

• capabilities
• latest news
• case studies
• about us
• resources
• login

Capabilities

Compliance testing

Web Accessibility Initiative (WAI)

Q-Solution Ltd provide a one stop shop service that validates compliance of a clients website(s) based on WAI WCAG Guidelines (1.0) - level A to AAA.

The Web Accessibility Initiative (WAI) as defined by W3C, proposes a set of Web Content Accessibility Guidelines (WCAG). The principles around these guidelines are for responsible bodies to cater for disabled people when creating or re-designing their websites. For further information, please follow the external link www.w3.org/WAI.

UK Government states guidelines that "all department and agencies developing government websites will make all reasonable effort to comply with [WAI]". Specifically it states "All new or redesigned government websites [after May 2002] should comply with the Web Accessibility Initiative's (WAI’s) Level A recommendation for accessibility. This can be achieved by following the Priority 1 checkpoints of the Web Content Accessibility Guidelines. For example, alternatives should be provided to less accessible scripts or formats”.

For more information about how Q-Solution Ltd could help your organisation contact us

Security and Regulatory Compliance

With the increase in high profile security breaches (including data loss) throughout the media in recent months, company’s and government IT security has never been so important. As a result of many of these security breaches and the increased use of the web as a primary tool for a company to perform its business, regulatory standards are becoming far stricter. Indeed new standards are being created to address many of the security threats present on the web today.  Q-Solution provide a managed Quality Assurance Service that test a clients web based application against compliance to the following industry standards:

• OWASP Top 10 2007
• OWASP Top 10 2004
• SANS Top 20 V5
• SANS Top 20 V6
• WASC Threat Classification
• The Payment Card Industry Data Security Standard (PCI)
• NERC CIPC Electricity Sector Security Guidelines
• International Standard - ISO 17799
• International Standard - ISO 27001
• Visa Payment Application Best Practices

Over and above the industry standards, Q-Solution Ltd, can undertake a quality audit of compliance to a large number of regulatory requirements including those listed below.

• [CANADA] PIPED Act
• [CANADA] Freedom of Information and Protection of Privacy Act (FIPPA)
• [CANADA] Management of Information Security Technology (MITS)
• [EU] European Directive 1995/46/EC
• [EU] European Directive 2002/58/EC
• [JAPAN] Japan's Personal Information Protection Act
• [UK] Data Protection Act
• [US] California Assembly Bill No. 1950 and Senate Bill 1386
• [US] Children Online Privacy Protection Act (COPPA)
• [US] DCID 6/3 Availability Basic
• [US] DCID 6/3 Availability High
• [US] DCID 6/3 Availability Medium
• [US] DCID 6/3 Confidentiality Reqs Protection Level 1
• [US] DCID 6/3 Confidentiality Reqs Protection Level 2
• [US] DCID 6/3 Confidentiality Reqs Protection Level 3
• [US] DCID 6/3 Confidentiality Reqs Protection Level 4
• [US] DCID 6/3 Confidentiality Reqs Protection Level 5
• [US] DCID 6/3 Integrity Basic
• [US] DCID 6/3 Integrity High
• [US] DCID 6/3 Integrity Medium
• [US] DCID 6/3 Securing Advanced Technology IS
• [US] Electronic Funds and Transfer Act (EFTA)
• [US] Federal Information Security Mgmt. Act (FISMA)
• [US] Financial Services (GLBA)
• [US] Healthcare Services (HIPAA)
• [US] NERC Cyber Security Standards
• [US] Privacy Act of 1974
• [US] Safe Harbor
• [US] Sarbanes-Oxley Act (SOX)
• [US] The Securities Act
• [US] Title 21 Code of Federal Regulations
• [US] Family Education Rights and Privacy Act (FERPA)
• MasterCard SDP
• Visa CISP
• Basel II
• NIST Special Publication 800-53

For more information on these or any other services provided by Q-Solution Ltd, please contact us