Methods & checklists
The website compliance checklist: what to verify on any site, in one pass
Why a checklist
Compliance advice usually arrives as fear or as a 40-page standard. Neither helps you check an actual site this afternoon. This is the one-pass checklist we run ourselves — usable with free tools, no account, no vendor required.
1. Accessibility signals (15 minutes)
- Run an automated WCAG checker (axe-core is the open-source standard) on the home page, one product/service page, and the contact or checkout form.
- Images: do meaningful images have text alternatives? Decorative ones marked so?
- Forms: does every field have a programmatic label (not just a placeholder)?
- Contrast: check the body text and the primary buttons against WCAG contrast ratios.
- Keyboard: can you tab through the main flow without a mouse, with a visible focus?
Automated checks don't catch everything — but they catch what complaints and demand letters cite first.
2. Consent posture (10 minutes)
- Load the site cold (private window) and watch the network tab: what fires BEFORE any consent?
- Is there a consent mechanism at all, and does it present a real choice?
- Does the privacy policy match what actually loads?
3. Broken links and SEO basics (10 minutes)
- Crawl or click the main navigation and footer: any 404s?
- Does every page have a title and a meta description?
- One
h1per page, headings in order, canonical tag present?
4. Evidence (the habit that makes it an audit)
- Screenshot or save the page state behind every finding. A finding without evidence is an opinion — and evidence is what turns a check into something a client, a lawyer, or a regulator can act on.
The honest shortcut
SiteComply runs this exact checklist as a product: one $29 audit — accessibility signals, consent posture, broken links, SEO basics — every finding linked to the exact page state we observed. The free scan on our homepage runs the first pass on any URL, no account. And whether you use us or not: the checklist above is yours.