Quick Reference for Web Sustainability Guidelines (WSG)

This document provides a quick reference to the Web Sustainability Guidelines (WSG) specification. The content is laid out in a table, with Success Criteria, Impact, Effort, and GRI ratings noted for each guideline. Checkboxes are provided for those individuals or groups wishing to work through the list (note your progress will not be saved), and a print-friendly (PDF) version is also available to audit your work as part of an exercise.

Help improve this page by sharing your ideas, suggestions, or comments via GitHub issues.

User-Experience Design

2.1	Display any variables that have a negative impact on your project
	Success Criterion
	Any negative external variables affecting a product or service are displayed in a publicly available resource, identifying where your product's sustainable impact can be diminished (systemic design).
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
2.2	Understand visitor requirements or constraints, resolving barriers to access
	Success Criterion
	Primary and secondary target visitors are identified, and their needs are defined through quantitative or qualitative research, testing, or analytics, ensuring your visitors and affected communities remain a close part of the research and testing process.
	Potential visitor constraints like the device age, operating system version, browser, and connection speeds are accounted for when designing user-experiences.
	The team has researched and identified whether a technical, material, or human constraint might require an adapted version of the product or service that reduces barriers or improves access to content.
	Barriers to access (pain points or dark / deceptive design patterns) have been identified in the user-research with visitors for removal.
	All stakeholders including your visitors have been assigned an equitable role in the decision-making process when undertaking research, identifying needs, or conducting iterative design work.
	Impact & Effort	Medium	High
	GRI	Medium	Medium	Medium	Medium
2.3	Understand the impact of non-visitors
	Success Criterion
	A plan of action has been established for non-users and other stakeholders who might be passively impacted by a digital product or service, such as neighbors accepting parcels, traffic jams due to deliveries, etc. Research their needs and understand how they might be affected.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
2.4	Consider sustainability throughout the ideation process
	Success Criterion
	Wireframes, and rapid prototyping are utilized to quickly build consensus, reduce risk, and lower the number of resources needed to build features.
	Users are involved within the iteration and design process using participatory design, and when conducting user-testing reach out to your community to help improve your product by allowing them to apply their knowledge and experience to your product or service.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low
2.5	Brainstorm ways to resolve any stakeholder issues
	Success Criterion
	All stakeholders have been considered using a human-centered approach during the brainstorming process.
	The planetary needs and ecological boundaries of a project have been taken into account during the brainstorming process. This can include creating non-users, non-human (animal, planet) personas, or climate-specific user stories and sprints.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
2.6	Minimize non-essential content, interactivity, or journeys
	Success Criterion
	The path taken to access the service (the initial contact with the website or service) should be as efficient and as simple as possible (time required to complete an action displayed, reducing too much choice, ensuring visitors know what's required at the start of a complex set of steps, etc).
	The users journey (when browsing an accessed website or service) should be as smooth as possible. User-research is key, as is building on established design patterns that people already understand.
	Visitors can complete tasks without distractions or non-essential features getting in the way.
	Visitors see only information that is relevant to their experience, without non-essential information being displayed on the screen.
	Ensure that actionable information such as pop-up or modal windows can only be initiated by the visitor.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
2.7	Use decorative design with care
	Success Criterion
	Decorative design is used only when it improves the user-experience, and unnecessary assets or ones that fail to benefit the visitor or sustainability are removed (or rendered optional and disabled by default).
	Impact & Effort	High	Medium
	GRI	High	High	High	High
2.8	Ensure that navigation and way-finding are well-structured
	Success Criterion
	Provide an accessible, easy-to-use navigation menu with search features that help visitors easily find what they need.
	Implement an efficient (human-readable) sitemap that is organized and is regularly updated. This helps search engines better index website content, which helps visitors more quickly find what they are looking for.
	Implement a way for visitors to find out about new content and services.
	Impact & Effort	Low	Low
	GRI	Medium	Low	Medium	Low
2.9	Be attentive rather than distracting
	Success Criterion
	The visitor can easily control how (and when) they receive information to both improve attention and respect with the visitor.
	Features that don't distract people or unnecessarily lengthen the time they spend using the product or service have a higher priority than others.
	Avoid using infinite scroll or related attention-keeping tactics.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
2.10	Use established design patterns and appropriate components
	Success Criterion
	Provide only essential components visible at the time they are needed. Where appropriate, interfaces should deploy visual styles (patterns) that are easily recognized and used.
	Impact & Effort	Medium	Low
	GRI	Medium	Low	Medium	Low
2.11	Avoid being manipulative or deceptive
	Success Criterion
	Avoid what are commonly known as dark patterns, deceptive design, or unethical coding techniques, which manipulate visitors into taking actions not necessarily in their best interest (anti-right click, no-copy, requiring an account to purchase, etc).
	Advertisements and sponsorships are both ethical and clearly identified with the product or service, only presenting them when they provide real economic and ethical value and don't diminish a visitor's experience.
	Remove unused and unconsented page tracking.
	Optimization for search engines, social networks, and third-party services are organically led with good coding practices with user-experience the focus, not manipulating the services to gain greater priority through obfuscating content, pages, websites, or applications with redundancy or non-useful and optimized (to the visitor) material.
	Impact & Effort	High	Medium
	GRI	Low	Low	Low	Low
2.12	Enable others to understand and reuse your deliverables
	Success Criterion
	The deliverables output, including documentation, are used upstream of the project and produced in ways that will allow it to be reused in subsequent projects.
	Design functionality and technical specifications are documented so that deliverables are comprehensible by the project team and transferable to the development team.
	Developers have access to code comments and other View Source affordances which can reduce the burden to access, understand, maintain, and utilize production-ready code as this will reduce redundancy and foster an open source culture.
	Impact & Effort	Medium	High
	GRI	Medium	Medium	Medium	Medium
2.13	Use a design system to prioritize interface consistency
	Success Criterion
	A design system is employed based on web standards and recognizable patterns to mutualize interface components and provide a consistent experience for visitors.
	Impact & Effort	Low	Medium
	GRI	Medium	Low	Medium	Low
2.14	Write with purpose, in an accessible, easy-to-understand format
	Success Criterion
	Content is written clearly, using plain, inclusive language delivered at an easy-to-understand reading level considering accessibility and internationalization inclusions as required (for example, dyslexia).
	Content is formatted to support how people read online, including a clear document structure, visual hierarchy, headings, bulleted lists, line spacing, and so on.
	SEO has been prioritized from the early design stages and throughout a product or service's lifecycle to improve content findability.
	Impact & Effort	Low	Low
	GRI	Medium	Low	Medium	Low
2.15	All images must be optimized for sustainability
	Success Criterion
	The need for images has been determined considering the quantity, format, and size necessary for implementation.
	Resize, optimize, and compress each image (outside the browser), offering different sizes (for each image) for different screen resolutions.
	Provide Lazy Loading to ensure image assets only load when they are required.
	Let the visitor select the display size, and provide the option to deactivate images.
	Set up a media management and use policy to reduce the overall impact of images, with criteria for media compression and file formats.
	Impact & Effort	High	Low
	GRI	High	High	High	High
2.16	All audio or video must be optimized for sustainability
	Success Criterion
	The need for video or sound (when it adds visitor value, for example, to enhance accessibility) has been determined, and non-informative media (background media), including autoplaying functionality, has been banned or removed.
	Compress the media according to the visitor's requirements, select the appropriate format, ensure it works across browsers, and avoid embedded player plugins.
	Any media requiring a lot of data to be downloaded on the client side (including the media itself) has been loaded behind a facade (a non-functional, static, representational element).
	Let the visitor control media deactivation, giving a choice of resolutions; all while providing alternative resolutions and formats. Also increase visitor awareness by informing them of the length, format, and weight of the media.
	Set up a media management and use policy to reduce the overall impact of audio and video, with criteria for media compression and file formats.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
2.17	Animation must be proportionate and easy to control
	Success Criterion
	Use animation only when it adds value to a visitor's experience, and not for decorative elements.
	Progressively display an appropriate number of animations to avoid overburden the visitor or diminish expected device behavior. This includes setting a maximum number of replays (iterations).
	Allow visitors to start, stop, pause, or otherwise control animated content.
	Impact & Effort	Medium	Low
	GRI	High	High	High	High
2.18	Web typography must be highly optimized and appropriate
	Success Criterion
	Use standard system-level (web-safe / pre-installed) fonts as much as possible.
	The number of fonts, and the variants within typefaces (such as weight and characters) are limited within a project, using the most performant file format available.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
2.19	Suitable alternatives to any provided format must be offered
	Success Criterion
	All proprietary file formats (such as PDF) are offered in HTML for accessibility and to ensure future availability.
	All custom typefaces (using font-display) are subsetted and offered as part of a font stack with a system font as a backup.
	All images provide meaningful alternative text for screen reader users (or when images fail to load) accessibility.
	Audio provides text transcripts of conversations as an alternative to playing the media.
	Video provides text transcripts (at minimum), subtitles (using WebVTT), and for accessibility best practice, offer closed captions and sign language options.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
2.20	Provide accessible, usable, minimal web forms
	Success Criterion
	Remove unnecessary forms and reduce form content to the bare minimum necessary to meet the visitor's needs and the organization's business goals. Clearly communicate why a form is necessary, what its value proposition is, how many steps it will take to complete, and what an organization will do with collected data (informed consent).
	Avoid auto-completion / auto-suggest if it would prove unhelpful (to conserve bandwidth) whilst allowing autofill for ease of repeat entry (including the use of helpful tooling such as password managers).
	Impact & Effort	Low	Low
	GRI	Medium	Low	Medium	Low
2.21	Consider the impact of visitors using non-visual browsers
	Success Criterion
	Support speech browsing and other non-graphical ways to interact with content that provide alternatives to a visual interface.
	Impact & Effort	Low	Medium
	GRI	Medium	Low	Medium	Low
2.22	Provide useful notifications to improve the visitor's journey
	Success Criterion
	Remove non-essential notifications while justifying and reducing the practice of e-mailing or text messaging to what is strictly necessary. Useful notifications (such as alerts for new content) should be used with care and restraint.
	Let the visitor control notifications (for example through the browser, SMS, or by email) and adjust messaging preferences, and the option to unsubscribe, logout, and close an account should be available and visible.
	Clearly explain the result of a potential input through helpful prompts and messages that explain errors, next steps, and so on. This will help manage their expectations.
	Impact & Effort	Low	Low
	GRI	Medium	Low	Medium	Low
2.23	Reduce the impact of downloadable or physical documents
	Success Criterion
	If the production of paper documents is essential, it should be designed to limit its impact to the lowest possible. Create a CSS Print stylesheet and test it with different types of content. Ensure PDF printing is encouraged over paper-based storage.
	Provide all downloadable documents in a state of being optimized, compressed, and in a variety of accessible file formats.
	If a document is likely to be re-used, generate the document once on the server-side (preferably on a cookie-free domain) rather than forcing the effort to be duplicated.
	Clearly display the document name, a summary, the file size, and the format, allowing the visitor a choice if possible of both the format, and the language (if not the same as the web page). Furthermore, be sure to avoid embedding the document within Web pages (provide a direct link to download or view within the browser instead).
	Impact & Effort	Medium	Low
	GRI	Medium	Low	Medium	Low
2.24	Policies and processes must exist to get stakeholders invested
	Success Criterion
	The organization has outlined processes it uses to prototype and test new features, product ideas, and user-interface components when applicable with real users who represent various stakeholder perspectives, including people with slow connection, with disabilities, with difficulties using digital services, and so on.
	The organization has appropriately resourced these processes to support its long-term product viability.
	The organization has training materials to onboard new product team members to these practices.
	The organization regularly conducts extensive testing and user interviews to validate whether the released features are meeting both business goals and visitor needs.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
2.25	Audit and test for bugs or issues that require resolving
	Success Criterion
	The codebase has been checked for bugs, performance issues hav been identified, and accessibility or security problems have been accounted for at either monthly or quarterly timeframes (depending on your scheduling allowance).
	Non-regression tests are implemented for all important functionality.
	Regression testing has been incorporated into each release cycle to ensure that new features don't introduce bugs or otherwise conflict with existing software functionality.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
2.26	Measure and test for performance
	Success Criterion
	The performance of a website or application, to identify and resolve bottlenecks or issues in the underlying code or infrastructure which could ultimately impact the sustainability of a website or application, are regularly measured with each release-cycle (using tooling or through research and auditing).
	Only data required to provide a streamlined and effective user-journey, put policies in place to ensure strict adherence, and comply with relevant accessibility policies and privacy laws, such as the General Data Protection Regulation (GDPR) are collected.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
2.27	Ensure features provide maximum value for their impact
	Success Criterion
	Visitor feedback, adoption, and churn rates are monitored of product or service features and their insights incorporated into future releases.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
2.28	Verify that real-world users can successfully use your work
	Success Criterion
	Usability testing has been incorporated into product cycles and the impact of these tests is routinely measured for future releases.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
2.29	Check for compatibility or platform-specific issues
	Success Criterion
	A compatibility policy with obsolete devices and software versions, listing the supported devices brands, operating systems, and browsers (including versions) has been established.
	Planned obsolescence in software updates is routinely avoided, striving to maintain compatibility for as long as possible and clearly communicating whether an update is evolutionary (large updates that can significantly reduce performance) or corrective (smaller updates that fix bugs or improve security).
	The product or service regularly tests with weak, unstable, and slow connections, old browsers, and devices older than five years to ensure compatibility.
	Device-adaptable methods (such as responsive design) are utilized and interfaces are prototyped to ensure progressive enhancement, content prioritization, and improved accessibility.
	A PWA has been either chosen or rejected based on whether it be more sustainable and compatible over a native mobile application.
	Impact & Effort	High	Medium
	GRI	High	High	High	High

Web Development

3.1	Set goals based on potential impact considerations
	Success Criterion
	Explicit goals that impact the environment and performance of the service, for example, HTTP requests, or the amount of DOM elements that need to be rendered are both set and met.
	Because the payload being delivered may not always be equal in terms of energy intensity, operators of websites and applications must ensure that consideration is given for the energy intensity (or unit being evaluated) of each component. For example, non-rendering text is less computational than CSS, which in turn is less process-heavy than JavaScript, which is less resource-heavy than WebGL.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
3.2	Remove unnecessary or redundant information
	Success Criterion
	Remove unnecessary whitespace, comments, and other non-essential characters from code and data files to reduce file sizes and improve loading times. This applies to HTML, CSS, JavaScript, JSON, SVG, and other relevant file types.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low
3.3	Modularize bandwidth-heavy components within projects
	Success Criterion
	Breakdown bandwidth-heavy components, front-end and back-end into smaller, modular segments that can be loaded only when required.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
3.4	Tree shaking should be used to remove unnecessary code
	Success Criterion
	Identify and eliminate unused and dead code within CSS and JavaScript.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
3.5	Sustainable solutions must be accessible
	Success Criterion
	Your website or application must conform to WCAG (at the necessary level), plus extend beyond to obey relevant laws and meet additional visitor accessibility requirements. Building inclusively means that people with permanent, temporary, or situational disabilities will be able to more quickly find what they are looking for, and not have to spend extra time searching for a way to use your product or service.
	Enhance your website or application with Accessible Rich Internet Applications (GDPR) ONLY if applicable or necessary, and accessibility enhancing features when useful or beneficial.
	Deploy solutions that fight against electronic inequalities in products and services.
	Impact & Effort	High	Medium
	GRI	Medium	Medium	Medium	Medium
3.6	Redundancy and duplication in code should be avoided
	Success Criterion
	Remove or simplify (through rewriting for performance) your code to focus on essential features and have a cleaner, less redundant product (and codebase).
	Improve (iterate) an existing creation rather than constantly redeveloping and redesigning products from scratch (duplication of coding effort) if possible to reduce visitor learning burden and developer impact.
	Within CSS and JavaScript, use methodologies (like BEM) and systems like DRY and WET to optimize the arrangement and output of your source code.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
3.7	Third-party services should be assessed as first parties
	Success Criterion
	Third-party services (including plugins, widgets, feeds, maps, carousels, etc) have been assessed as early in the ideation or creation process as possible and as few of them are used as possible to reduce the product or service's overall ecological impact, including Scope 3 emissions.
	Third-party content (including plugins, widgets, feeds, maps, carousels, etc) should be placed behind a click-to-load delay screen (using the "import on interaction" pattern), while alternatives to automated solutions such as chatbots should be offered.
	Large CSS libraries and JavaScript frameworks are only be used if a more performant alternative that achieves the same goal cannot be used instead.
	Self-hosted content has been prioritized over embedded content from third-party services.
	Your own clickable icons and widgets have been created, rather than relying on third-party services to host or allow embedding within your product or service.
	Third-party products, services, libraries, and frameworks are often a source of sustainability issues that cannot be controlled or managed by the first-party provider of a service. While many do provide benefits to a website, the need to justify their inclusion must be made not only by those creating the product or service but also be able to be controlled by the consumer. As showcased with cookies, websites or applications can provide a similar mechanism of disabling or refusing non-first-party features (with explanations of their purpose) - unless such features can be proven as critical for functionality.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
3.8	Code must follow good semantic practices
	Success Criterion
	Content must be accurately marked up according to the relevant standard(s).
	Remove optional HTML tags, attribute quotes, and default attributes only when they do not negatively impact functionality, accessibility, or readability. Retain them when they enhance accessibility, maintain clarity (without compromising on performance), or ensure consistent browser rendering.
	Avoid using non-standard elements or attributes.
	Prefer using standard HTML elements and attributes. Only use custom elements or Web Components if you cannot utilize native HTML elements or if you need tightly regulated control over the implementation of design system components..
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
3.9	Render blocking should be resolved
	Success Criterion
	All external assets have been deferred or set to async (unless required) to avoid Flash Of Unstyled Content (FOUC).
	If external resources are required on load, their priorities (delivery route) are set correctly.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
3.10	Information to help understand the usefulness of a page should exist
	Success Criterion
	Metadata and microdata for search engines and social media have been optimized.
	Search engines are not obstructed, while ill-intentioned robots and scripts are blocked.
	Accessibility and usability aids are provided to find content, such as skip links and signposts.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low
3.11	Forms must validate for errors, accounting for tooling requirements
	Success Criterion
	Errors are identified through live validation as well as upon submission.
	Required elements are clearly identified and labeled (for the benefit of voice tools such as screen readers and virtual assistants), and optional elements (if unnecessary) removed.
	Always allow the pasting of content (including passwords) from external sources.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
3.12	Metadata is structured for machine readability
	Success Criterion
	Include the required title element, plus any optional HTML head elements (such as link).
	Include necessary meta tag references that search engines and social networks recognize, using a recognized name scheme such as Dublin Core Metadata Initiative (DCMI), Friend Of A Friend (FOAF), or RDFa.
	Embed Microdata, Structured Data (Schema), or Microformats within your pages.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
3.13	Sustainable CSS user preference media queries are used
	Success Criterion
	Apply the monochrome, prefers-contrast, prefers-color-scheme, prefers-reduced-data, prefers-reduced-transparency, and prefers-reduced-motion CSS preference queries if they will benefit your website or application. Use the print & scripting CSS media queries if they will improve the sustainability of your website.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
3.14	Layouts work across devices and requirements
	Success Criterion
	Allow a website or app to work and adapt seamlessly across a variety of devices and screen sizes, including mobile, desktop, smart TVs, and other emerging platforms. Ensures that content and functionality are accessible and optimized on both smaller mobile screens and larger displays without limiting accessibility, usability or design on any specific device type. It is essential to implement robust fallback strategies to ensure that the website or application will not fail if it encounters unsupported technologies.
	Regardless of the approach or combination of approaches used, such as Adaptive Design, Mobile-First Design, or Dynamic Serving, it's essential to ensure overall sustainability through progressive enhancement.
	To maximize the use of renewable energy, adapt your website or service to electricity availability using carbon-aware design techniques. This should include using situational design to reduce the codebase disable non-essential functionality during high-intensity periods or adapting the user-interface to perform better in situations where scaling hardware resources can be avoided to reduce emissions. It can also include designing algorithms that can auto-disable features based on set thresholds.
	Support other indirect methods of interaction such as voice (speech), code (QR, etc), reader view (browser, application, or RSS), or connected technology (watch, appliance, transport, etc).
	Impact & Effort	Medium	Low
	GRI	Medium	Low	Medium	Low
3.15	Use beneficial JavaScript and its APIs
	Success Criterion
	Improve sustainability through accessible and performant code implementations.
	Apply potential energy-reducing APIs (such as Battery Status, Compression Streams, Page Visibility, and Vibration) if they can improve the eco-efficiency of your website or application.
	When using an API, make sure you only call it when necessary. On the other side, make sure no unrequired data is sent by the API.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
3.16	Ensure that your scripts are secure
	Success Criterion
	Check the code for vulnerabilities, exploits, header issues, and code injection.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
3.17	Dependencies are appropriately used and maintained
	Success Criterion
	Prevent developers from downloading and installing JavaScript libraries to run locally (client-side) when they are not needed by checking for unused dependencies and uninstalling those that aren't needed and removing them from your package.json file.
	Only use libraries where necessary as this will reduce the amount of JavaScript that has to be downloaded and parsed by the browser. Consider whether you can use a native JavaScript API instead. Check the package size, and whether individual modules can be installed and imported rather than the whole library.
	Regularly check dependencies and keep them up-to-date.
	Impact & Effort	Medium	Low
	GRI	Low	Low	Low	Low
3.18	Include expected and beneficial files
	Success Criterion
	Include the favicon.ico, robots.txt, opensearch.xml, site.webmanifest, and sitemap.xml documents. Additionally, ensure that any such files defined in future web standards or specifications are included.
	Include beneficial files such as ads.txt, carbon.txt, humans.txt, security.txt. Additionally, ensure that any such files defined in future web standards or specifications are included.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low
3.19	Avoid using deprecated, proprietary, or outdated code
	Success Criterion
	Avoid the use of deprecated, proprietary, or outdated formats and web standards. Always adopt up-to-date, widely recognized standards that offer equivalent or improved functionality. Such code may be used to meet a documented customer need only if there is a justifable benefit that cannot otherwise be met (such as compatibility, accessibility, or emissions reduction).
	Impact & Effort	Low	Medium
	GRI	Low	Low	Low	Low
3.20	Use the most efficient solution to implement your service
	Success Criterion
	Identify the requirements and from this, choose the implementation of the product or service. A simpler technological implementation may use more human resources but could have a smaller footprint. A prebuilt solution may use more system resources (and thereby produce more emissions upon render) but have a faster build-time (emitting less carbon during development).
	As a general rule, coding from scratch is the best-performing methodology (though if an existing solution is actively maintained, it may be better optimized than what you could produce). Therefore, use native components and file systems to a WYSIWYG editor or heavy framework, and be considerate of the impact of third-party solutions.
	If choosing a code generation tool, use a Static Site Generator in preference to a bulky content management system. Because SSGs often start using a minimalist content entry format (like markdown) and all of the compilation is done before the website is uploaded, the emissions benefit comes from the server not having to place as much effort into serving pages (as they are static) for each visitor. In the case of a CMS, the dynamic nature of a site will involve additional computation (server-side processing) and bulkier libraries.
	Plugins, extensions, and themes have been carefully reviewed and selected to maximize interoperability, accessibility, and performance. They are regularly audited over time to ensure continued compatibility.
	All the components of the user-interface are the subject of special attention in terms of its sustainability impact while respecting accessibility and the performance of such components.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
3.21	Use the latest stable language version
	Success Criterion
	Use the latest build of your chosen syntax language and its coupled framework.
	Use the most appropriate programming language for a task. Many tools and programming languages are optimized for performing particular tasks, and utilizing those most appropriate to the problem, especially if there is a reasonable visitor base involved justifies the time and effort, as long as it doesn't impact PPP factors such as the well-being of those involved or become too cost prohibitive.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
3.22	Take advantage of native features and functionality
	Success Criterion
	Use native functions, APIs, and features over writing your own.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
3.23	Run fewer, simpler queries as possible
	Success Criterion
	If you need information that is stored in a database, and you require it (or it's likely to be requested) more than once in your code, access the database only once, and store the data locally for subsequent processing. Also, avoid reliance on framework helpers that might defer filtering to later on in the process.
	Impact & Effort	Medium	Low
	GRI	Low	Low	Low	Low

Hosting, Infrastructure and Systems

4.1	Choose a sustainable hosting provider
	Success Criterion
	To assess the environmental impacts of hosting and detect overconsumption, some indicators are monitored: energy / water usage, CPU / Memory usage, allocation of servers and CPU cores, etc. These indicators are used to calculate metrics directly related to environmental impacts, such as Power Usage Effectiveness (PUE), Water Usage Effectiveness (WUE), and Carbon Usage Effectiveness (CUE). They are displayed to visitors for transparency and monitoring reasons. If possible (to reduce redundancy) the ability to scale packages based on usage requirements is made available (manually or automatically) to reduce wasted resources.
	Equipment is managed responsibly by keeping it as long as possible, using it as efficiently as possible, making sure it is certified, and purchasing long-lifespan products.
	Waste (including equipment) is recovered, recycled, and upcycled.
	Electricity comes entirely from sources with the lowest possible carbon intensity (ideally generated by wind or solar rather than from non-renewable sources). For example, Renewable Energy Credits (RECs) can help verify the source, or, ideally, prove that electricity comes directly from renewable sources.
	Remaining emissions are compensated, keeping in mind that the priority should be to avoid then reduce them and only compensate for them if they cannot be avoided. Carbon credits may not be sustainable, therefore the effectiveness of an offset solution must be verified, shown to be both environmentally viable and sustainable, and part of a longer-term strategy to eliminate emissions entirely from a chain, benefitting the wider ecosystem.
	Impact & Effort	High	Medium
	GRI	Low	Low	Low	Low
4.2	Optimize caching with offline access supported
	Success Criterion
	If using a CMS (or SaaS), install an applicable plugin to enable on-the-fly server-side caching. Otherwise, use the provided server configuration files to include and tweak the file-type cache expiration using expires or cache-control, utilizing tooling where appropriate such as Memcached, or Varnish. If using a language or framework that generates pages on request, cache responses for static pages so that they can be reused for future visitors. Also remember to cache frequently required static assets at the client-side where possible to reduce repeat server requests using bfcache, Local Storage, and other available browser technologies.
	Client-side JavaScript uses a combination of ServiceWorkers, WebWorkers, storage Application Programming Interfaces (APIs), or cookies (if necessary) to streamline the user-journey. For example, through the use of a PWA (Progressive Web Application) to ensure that an offline version is available and accessible at all times to reduce inequality and improve accessibility.
	Impact & Effort	High	High
	GRI	Medium	High	Medium	High
4.3	Compress files where it is beneficial
	Success Criterion
	If using a CMS, install an applicable plugin to enable on-the-fly server-side compression, such as Brotli or GZIP. Otherwise, use the provided server configuration files to include and tweak the performance-related features to the requirements.
	Compress your various images, fonts, audio, and video; by reducing the quality and offering different resolutions / dimensions (sizes) before uploading to a server or content management system.
	Impact & Effort	High	Low
	GRI	Low	Low	Low	Low
4.4	Setup necessary error pages and redirection links
	Success Criterion
	Maintain sites by ensuring links are correct, and if errors occur, provide suitable way-finding within optimized pages for each error type to ensure resources can be identified to help visitors complete the task they started.
	Redirect websites, subdomains, and pages only when necessary. Proactively seek broken or outdated links and fix them. A redirect or search will often help reduce the number of pages a visitor needs to load.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low
4.5	Unless required, avoid utilizing unnecessary environments
	Success Criterion
	Ensure no unused environment is available, balancing the cost of deploying an environment with the cost of keeping it online while unused.
	Impact & Effort	Medium	Low
	GRI	Low	Low	Low	Low
4.6	Allow automation but ensure it is tightly regulated
	Success Criterion
	Every recurring task, such as deployment, testing, or compilation, is run automatically, as recommended by continuous integration / continuous delivery best practices.
	To reduce wasted processing cycles, every automated task is only run when needed.
	Automated scaling infrastructure is used to automatically increase the capacity of the web server and buffering / throttling is implemented to respond to visitor demand.
	Web browsing from bots has been steadily increasing in recent years. As such, it is a growing concern for security, performance, and sustainability. Use security tools that automatically block bad actors and minimize bad behavior. This results in substantially less load on the server, fewer logs, less data, less effect due to compromise, and more. The result of compromised websites is a large increase in HTTP, email, and other traffic as malicious code attempts to infiltrate other resources and exfiltrate data. Compromised websites are typically identified by anomalous patterned behavior.
	Impact & Effort	High	Medium
	GRI	Low	Low	Low	Low
4.7	Define the frequency of data refreshes
	Success Criterion
	The frequency for refresh (of both the cache, locally stored data, and the page) is defined depending on visitor needs.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
4.8	Backup critical data at routine intervals
	Success Criterion
	Backups of system and user data are both incremental and secure.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low
4.9	Consider the impact and requirements of processing information
	Success Criterion
	By default, non-critical processes and communications are batched and launched only when carbon intensity is under a given threshold.
	The communication protocols used are relevant to the visitor's needs and data transferred. Avoid using insecure protocols (HTTP, FTP), and prioritize more efficient and privacy-aware data routes for visitors (HTTPS, SSH). Modern protocols such as HTTP/2 should be used to benefit from them (multiplexing) while keeping backward-compatibility in mind for older devices.
	When creating products or services that utilize state changes (without triggering a complete refresh), if the utilization of Event-Driven Architecture and Microservices will be more environmentally friendly (based on the PPP variables involved) than traditional APIs in handling the server-side workload of your solution, use it.
	Redundant processing should be avoided wherever possible. When processing of data is required, whether such processing and / or delivery should occur from either the client or server-side must be determined based on efficiency, performance, and sustainability metrics (before implementation).
	Impact & Effort	Medium	Medium
	GRI	Low	Low	Low	Low
4.10	CDN use must be proportionate and sustainable
	Success Criterion
	When building for a globally distributed audience, use a CDN to store and serve simple read-only, pre-generated resources in a fast and efficient manner. Although they definitely can increase performance, it is also another layer of infrastructure that needs to be considered for sustainability.
	Verify that the CDN provides a commitment to sustainability.
	A hosting provider was chosen with servers located close to the visitor, considering that if you only serve a local audience, the need for distributed content (CDNs) that duplicate your materials globally may not be worthwhile.
	Don't use the service to host dynamic / regularly changing resources or JavaScript (unless through a first-party host) as due to cache partitioning, cross-origin resource sharing (CORS), and other browser mechanics, any benefits are negated by weaker performance, the inability to cache or interact, and the potential introduction of security and privacy issues to be introduced. This doesn't affect JSON or other static assets.
	All information passed between the layers of an application incurs a cost, both in terms of data transferred, and CPU cycles for (de)serialization. Wherever possible, data transformations must be performed close to the source to reduce these costs and avoid processing data that will later be discarded.
	Impact & Effort	Medium	Low
	GRI	Low	Medium	Low	Medium
4.11	Infrastructure decisions must meet business requirements
	Success Criterion
	Select infrastructure elements with the lowest requirements tier, meeting your service-level agreements. Avoid over-provisioning multi-datacenter, multi-zone, or distributed deployments if standalone instances meet the requirements. Also avoid provisioning infrastructure that will be under-utilized by provisioning for established average loads, ensuring reasonable resource utilization and autoscaling occurs as needed. Avoid provisioning for peak loads.
	Impact & Effort	Medium	Medium
	GRI	Low	Low	Low	Low
4.12	Store data according to the needs of your users
	Success Criterion
	Remove unnecessary and redundant data from your servers, whether it is single-use (dark data) or abandoned.
	Create data with an expiration date. Excess data is a form of technical debt, and routinely cleaning up old data needs to be normalized.
	Use a data classification / tagging policy to make it easier to find, handle, and remove.
	Store data only when it is difficult to recreate.
	Optimize log collection, storage (off-site), and rotation; scheduling during low-activity hours and using carbon-neutral backup providers.
	Ensure long-term assets, especially those of a large size, are made available for download.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low

Business Strategy and Product Management

5.1	Have an ethical and sustainable product strategy
	Success Criterion
	The organization has published a publicly available Code of Ethics, Product Guidelines, Sustainability, or PPP Statement that includes language specific to digital products, services, policies, and programs.
	Achievements, features, compliance, and anything beyond the scope of these guidelines are published within a sustainability section of your product or service.
	Evidence is provided by the organization showing how it effectively governs implemented digital sustainability, climate policies, and related PPP practices over time.
	Training decks and workshops are provided by the organization for onboarding new team members on how it implements more sustainable product strategies.
	Your methodology has been documented through impact storytelling, documentation, and helping individuals make more informed decisions in order to raise awareness with your visitors.
	The organization can show how it powers digital products and services with renewable energy.
	Impact & Effort	High	High
	GRI	High	High	High	High
5.2	Assign a sustainability representative
	Success Criterion
	An ecological referee (with specific digital expertise) for the product or service within your organization has been assigned and empowered with the tools they require (resources, budget, time, etc.) to achieve their stated goals.
	Impact & Effort	Medium	Low
	GRI	Medium	Medium	Medium	Medium
5.3	Inform, raise awareness, and train for sustainability
	Success Criterion
	All project stakeholders, including product teams, colleagues, and organizational decision-makers (managers and clients) are informed about and trained in both general and digital climate literacy, including your business's use of sustainable technology.
	Active and routine training is delivered where possible to develop, establish, and refresh skills in sustainability. This can be undertaken through in-house training, courses, workshops, events, webinars, meetups, or other ongoing or on-demand methods to empower your team to deliver on sustainability objectives.
	Stakeholders have been actively encouraged to reduce their environmental impact, share climate and sustainable initiatives and ideas, and resources on sustainable design, best practices, and concepts are provided to assist with this task.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.4	Communicate the ecological impact of user choices
	Success Criterion
	The ecological implications of visitor choices have been clearly communicated and visitors can configure settings based on those choices.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.5	Estimate a product or service's environmental impact
	Success Criterion
	A full life-cycle Analysis based on the functional unit defined in Guideline 5.15 has been conducted.
	The environmental impact of your or a competitor's current service to inform decision-making (as a potential target goal) has been calculated.
	When identifying the environmental impact of your product or service, you must include the impact (or estimates of) of any tooling used to create the product or service along with any third-party solutions utilized in the pipeline. While not created by you, the emissions they generate from production to maintenance are considered integral to your overall solution.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.6	Define clear organizational sustainability goals and metrics
	Success Criterion
	The organization has defined and published a clear set of sustainability goals. It publicly communicates how it will meet these goals, including which performance metrics are important to help the organization and its various stakeholders thrive.
	Impact & Effort	Low	Medium
	GRI	Low	Low	Low	Low
5.7	Verify your efforts using established third-party business certifications
	Success Criterion
	The organization has achieved one or more business sustainability certifications and incorporated operational policies and practices to support them.
	The organization maintains its certification through evolving policies and practices over time.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.8	Implement sustainability onboarding guidelines
	Success Criterion
	The organization has dedicated training manuals, workshops, and materials that outline the PPP policies and practices it follows and how to implement them. While managing and maintaining these materials over time, adapting them as new policies and practices arise.
	The organization incentivizes leadership, teams, and stakeholders to make progress toward the goals outlined in their training, including time for sustainability activities, recognition for completion, and so on.
	The organization anticipates and maps potential negative external variables on the service, and acts to minimize their overall impact.
	Impact & Effort	High	High
	GRI	High	High	High	High
5.9	Support mandatory disclosures and reporting
	Success Criterion
	The organization has created and published policies and practices for disclosing the human and environmental impacts of its products, services, policies, and programs in line with existing reporting standards such as GRI Performance, SASB, etc.
	The organization produces a publicly available impact report outlining its progress against previous reports on human and environmental goals at least once per year.
	The organization publicly and transparently follows existing or emerging environmental standards and legislative policy that promotes mandatory disclosures and reporting for emissions. This is done alongside other human and environmental criteria in its impact reporting, maintaining these practices over time for future reports.
	The organization clearly identifies how it reduces its environmental impact, avoiding double accounting, greenwashing, excluded data, or other manipulative techniques.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.10	Create one or more impact business models
	Success Criterion
	The organization has completed (and operationalized) a Theory of Change process with requisite documentation to identify the impact it hopes to create, how it will generate revenue, shared, or added value from these activities, how it will measure results based on desired outcomes; or in the case of launched projects, is generating revenue, actively tracking and measuring progress against any desired outcomes.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
5.11	Follow a product management and maintenance strategy
	Success Criterion
	The organization has documented policies outlining how it approaches product management and maintenance.
	The organization has maintenance / security plans in place for all the digital products and services it manages.
	The organization appropriately resources products over time via staffing and budgeting to support refactoring code, addressing technical debt, new product features, ongoing testing, and product or service maintenance plans to continue supporting its customers, visitors, and other stakeholders.
	The organization incorporates carbon and resource measurement into maintenance programs and can show measurable improvement over time.
	The organization has both identified and documented Key Failure Indicators (KFIs) and implements resolutions to prevent non-acceptable sustainability impacts from occurring.
	Impact & Effort	High	Low
	GRI	High	High	High	High
5.12	Implement continuous improvement procedures
	Success Criterion
	The organization has created policies and practices to enable continuous improvement and has resourced the organization appropriately to support these efforts over time.
	Agile sprints and update frequency have gone through a review process to ensure project teams have enough time to conduct user-research, identify technical debt, and produce quality output.
	A track record of continuous improvement (iteration) usage to analyze your website or application while also addressing the by-products and potential consequences of ongoing experimentation, such as technical debt, product performance, emissions, and related issues is clearly visible. Analytics are limited to only necessary features to aid with decision-making, encouraging visitor feedback, and comparing performance against business goals and visitor needs.
	The retention of existing features, the creation of new functionality, and the decommission or elimination of unused functionality, and unvisited pages through the product's life cycle have been justified and prioritized on a case by case basis.
	Corrective security and policy updates during the product or service lifecycle are provided, while such improvements are distinguished from more extensive evolutionary updates.
	Sustainable product and data strategies have been developed with appropriate training techniques. These should help your team (managers, colleagues, etc) build capacity and learn new skills to manage and maintain products and services over time.
	Impact & Effort	High	High
	GRI	High	High	High	High
5.13	Document future updates and evolutions
	Success Criterion
	Adding, updating, or removing features are considered where appropriate to the user-experience of the product or service.
	Impact & Effort	Low	Low
	GRI	Low	Low	Low	Low
5.14	Establish if a digital product or service is necessary
	Success Criterion
	The product or service identifies within a sustainability statement where it aligns with one of the U.N. (SDGs) and its appropriate targets.
	The product or service has been determined as necessary based upon desirability, feasibility, and viability factors.
	No existing digital product or service offers the same value. An analysis has been conducted if necessary to understand the market for this requirement.
	Any obstacles to using a product or service, such as accessibility, equality, technical, or territorial have been overcome.
	Impact & Effort	High	Low
	GRI	High	High	High	High
5.15	Conduct a full life-cycle assessment
	Success Criterion
	A life-cycle Assessment (LCA) has been conducted to define the requirements of your product's function throughout its lifecycle.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.16	Provide a supplier standards of practice
	Success Criterion
	The organization has created specific policies to vet potential partners in its supply chain based on PPP principles.
	The organization has partnered with suppliers to create, track, and measure collective impact on issues that impact their stakeholders.
	The organization has promoted its partnerships in a publicly available place, along with information on how the partnership creates a collective impact.
	Impact & Effort	High	High
	GRI	High	High	High	High
5.17	Share any economic benefits
	Success Criterion
	The organization is publicly committed to paying employees, contractors, and other stakeholders a living wage.
	The organization has policies and practices in place to incentivize stakeholders, such as workers and contractors, to meet its impact goals.
	The organization provides benefits to employees in accordance with its resources, including, where relevant, healthcare, retirement planning, flex time, profit sharing, and so on.
	The organization advocates for responsible legislation that supports employment rights, transparency, and accountability related to sharing economic benefits.
	Impact & Effort	High	High
	GRI	High	High	High	High
5.18	Share decision-making power with appropriate stakeholders
	Success Criterion
	The project team's goals are aligned with key business objectives, and project stakeholders (for example, project managers) have the power and autonomy to make key decisions on the organization's behalf.
	Impact & Effort	Low	High
	GRI	Low	Low	Low	Low
5.19	Use Justice, Equity, Diversity, Inclusion (JEDI) Practices
	Success Criterion
	The organization has documented its commitment to JEDI practices with clear policies on how it prioritizes marginalized or otherwise underserved communities, including Black, Indigenous, People of Color, LGBTQIA+, Women, Disabled, Veterans, Seniors, and so on.
	The organization has an accessibility policy for digital products and services and can show this via a verified accessible website, application, product, or service.
	The organization has JEDI-related training materials and schedules ongoing workshops related to how this topic manifests itself in digital products and services (algorithmic bias, digital divide, gig economy work, mis / disinformation, etc).
	The organization can show measurable JEDI improvement over time in its hiring, leadership, and operations.
	The organization advocates for responsible legislation relating to JEDI practices, especially as related to digital products and services.
	Impact & Effort	High	High
	GRI	High	High	High	High
5.20	Promote responsible data practices
	Success Criterion
	The organization maintains a publicly accessible Privacy Policy, Terms and Conditions, or any other documents required by local law, that adhere to the most restrictive data protection regulations, especially when providing services outside the organization's country. These documents are available in accessible formats and use clear, user-friendly language to ensure comprehension by all visitors, avoiding jargon, technical language, and legalese. The organization also supports emerging legislation and implements best practices related to data privacy, sustainability, and responsible data management.
	The organization can show measurable progress over time in respecting data privacy and ownership. This will include how the organization handles data disposal and a visitor's "right to be forgotten", along with ownership rights and providing the ability to download / export data they have contributed into a non-proprietary format.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
5.21	Implement appropriate data management procedures
	Success Criterion
	Outdated or otherwise expired product content and data are archived and deleted via automated expiration dates and scheduled product audits. An archiving schedule with a lighter version of the old searchable content is made available.
	Users can control, manage, and delete their data, subscriptions, and accounts.
	Impact & Effort	Low	High
	GRI	Low	Low	Low	Low
5.22	Promote and implement responsible emerging technology practices
	Success Criterion
	The organization has public-facing policies in place for emerging technologies, and all such technologies are ethically sourced, screened, validated, and implemented in a non-discriminatory, responsible manner.
	The organization shows how it up-skills workers as new technologies and practices potentially disrupt its business model.
	The organization supports and complies with responsible legislation related to automation and emerging technologies (such as the EU AI Act).
	Organizations must consider, audit, and account for any environmental considerations that may derive from the use of emerging technologies they wish to either promote or implement within a chosen setting. Also note that this should include third-party choices, the "expense" (in terms of waste or emissions) of the utilization of the technology to create a desired result and consequential issues to the environment that may arise from its deployment.
	Automated tooling, scrapers, spiders, bots, Artificial Intelligence, and other forms of machine-assisted data gathering must abide by requests to opt out at the host, server, or website level. Providers must declare themselves as non-human when requesting within the user-agent / HTTP header. Providers must also publish impact reports relating to their gathering activities.
	Don't roll out post-quantum encryption for high-traffic services that don't need resilience against harvest now, decrypt later.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
5.23	Include responsible financial policies
	Success Criterion
	The organization has divested from fossil fuels and moved its banking, sponsorship, and other affiliations to more responsible partners.
	The organization engages in flexible financing and responsible budgeting for its digital products and services to accommodate long-term care and maintenance.
	Impact & Effort	High	High
	GRI	High	High	High	High
5.24	Include organizational philanthropy policies
	Success Criterion
	The organization has a clear corporate giving policy and creates philanthropic partnerships with strategically aligned organizations.
	The organization engages in free or volunteer projects, which help its team learn new tools and tactics, while also helping charities and non-profit organizations build capacity.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
5.25	Plan for a digital product or service's care and end-of-life
	Success Criterion
	Clear, documented end-of-life guidelines exist that include data disposal, archiving, file deletion, etc guidance.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.26	Include e-waste, right-to-repair, and recycling policies
	Success Criterion
	The organization has specific policies in place to recycle e-waste and repair owned technology products whenever possible.
	The organization has formed relationships with local partners for e-waste recycling and repair.
	The organization buys refurbished equipment whenever possible.
	The organization allows consumers to repair (to the best of their ability) the consumables they purchase, offering (if possible at cost) replacement components and provides clear instructions to resolve faults that occur.
	Impact & Effort	High	Medium
	GRI	High	High	High	High
5.27	Define performance and environmental budgets
	Success Criterion
	The product team has defined, baselined, and documented clear sustainability and environmental budget criteria that cover the page, user-journey, and digital service levels and metrics (such as a CO2.js score) that are approved by relevant product stakeholders.
	Tools such as a performance budget exist to determine the maximum size (goals) your app or website can weigh to reduce the data transfer and HTTP request impact (using metrics like Google Lighthouse).
	KPIs are defined around engineering hours, development time, or sprints keeping the health and wellbeing of your workers paramount. Consideration has been taken around optimizing your workflow sustainably to allow all tasks to be performed with care.
	The product team can measurably show how much the budgeting process improved performance and reduced emissions.
	The product team invests in resources to build capacity and maintain the budgets over time.
	Impact & Effort	Medium	Medium
	GRI	Medium	Medium	Medium	Medium
5.28	Use open source where possible
	Success Criterion
	The organization has a clear open source policy in place that outlines how it uses open source tools and the practices it supports surrounding open source development.
	The organization has a track record of collaboration and community-building around open source principles.
	The organization regularly contributes to open source community-based projects.
	Impact & Effort	High	High
	GRI	Medium	Medium	Medium	Medium
5.29	Create a business continuity and disaster recovery plan
	Success Criterion
	The organization has created a plan of action that is regularly reviewed and occasionally tested to determine readiness in case of an incident and has procedures to quickly recover from such issues.
	The organization regularly maintains transparent communication with its audience regarding issues that may affect service delivery or user data.
	Impact & Effort	Low	Medium
	GRI	Low	Low	Low	Low

Participants Active in the Development of This Document

Alexander Dawson, Simon Perdrisat, Tim Frick

User-Experience Design

Web Development

Hosting, Infrastructure and Systems

Business Strategy and Product Management

Acknowledgments

Participants Active in the Development of This Document