Search

Criterion 3 – Protect users

Criterion requirements

To successfully meet this criterion, agencies need to:

Establish and maintain a safe digital environment for users.
Counter scams and misinformation.
Provide transparency and feedback loops.

For existing services, this means that agencies must have mechanisms in place to ensure the service is safe, counters scams and misinformation and provides transparency and feedback loops by users.

Concepts or actions to address

There are processes in place to ensure a safe digital environment for users of the service:
- Create psychological safety. Hate speech and online abuse impacts participation and inclusion. Establish clear community guidelines on acceptable behaviour and proactively moderate digital content. Where appropriate, leverage technology to identifying instances of malicious behaviour and align to best practices outlined by the eSafety Commission.
The service has measures to counter scams and misinformation:
- Many digital users have encountered scams, fraud and loss of personal information. These experiences impact attitudes towards digital use. Help to ‘build trust in design’ by supporting the work of the National Anti-Scams Centre and mitigate misinformation by supporting the work of the Australian Communications and Media Authority.
Transparency and feedback loops are provided for users of the service:
- Communicate the safety measures that are in place to safeguard users against potential threats. Set up clear communication channels to report safety concerns and commit to resolving issues promptly.

Optional

Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.

Off

Criterion 4 – Make it accessible

Criterion requirements

To successfully meet this criterion, agencies need to:

Make the digital service accessible.
Comply with legislation and standards, including the:

For existing services, this means that agencies must ensure that the service and content can be engaged with by all individuals and is compliant with applicable legislation and standards (addressed under the Digital Service Standard criterion 3).

Concepts or actions to address

Make content accessible by default:
- Simplify language, provide consistent navigation and minimise interface distractions to help users access content. Use proper heading structures, descriptive links and alternative text for images to enhance the user experience. Offer multilingual support to cater to a diverse range of users and use accurate translations that maintain the same level of accessibility.
Leverage technology to ensure services are inclusive:
- Leverage Australian Government technology and anticipate how emerging technologies, such as artificial intelligence, impact accessibility. Use automated accessibility testing, where appropriate, in addition to testing with real people. These tools help identify common issues and streamline the testing process.
Keep services compatible with assistive technology:
- Services remain inaccessible if they do not work with the tools users rely on. Keep technology compatible with assistive technologies such as keyboard inputs, voice commands and screen readers. Update software, plugins and third-party tools as your service evolves. As new features are deployed, give users time to learn the features and how to use them with assistive technologies.
Include accessibility in procurement:
- When procuring, determine if the proposed solution can be used by everybody. Include accessibility requirements in your procurement processes so vendors adhere to accessibility standards. Where appropriate, refer to established standards.
Train your team in accessibility and inclusion practices:
- Make sure teams are well-versed in accessibility principles and empower them to incorporate best practices throughout the service lifecycle. Engage with accessibility experts during the design and development process and use their insights to overcome potential accessibility challenges.
Regularly update documentation:
- Keep accessibility documentation current. This includes guidelines, standards and resources. Provide accessible support resources such as tutorials and contact information that will empower users to find the help they need, when they need it.

Optional

Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.

Off

Criterion 5 – Provide flexibility and choice

Criterion requirements

To successfully meet this criterion, you need to:

Provide flexibility and choice, where available, for how users engage with your digital service.
Create seamless experiences across service delivery channels.

For existing services, this means that agencies must ensure that the service provides flexibility and choice for users and support seamless experiences across delivery channels.

Concepts or actions to address

The service provides users flexibility and choice in how they engage with it:
Best practice approaches:
- Responsive designs allow for compatibility across various devices and screen sizes, accommodating users who access services through different platforms.
- Elements can be customised and adapted to allow personalised experiences. This may include flexible layouts, themes to support enhanced day and night vision and tailoring the interface to different devices. Include preferences for written, audio and visual information and other settings that enhance user comfort and accessibility.
- Save and resume functionality allows users to complete tasks immediately, or later. This is beneficial for processes that may require multiple steps to complete or information gathering. Disperse information gradually to prevent overwhelm. Be mindful to provide enough time to complete tasks and avoid time constraints that may pose challenges to individuals with cognitive or motor disabilities.
The service supports seamless experiences across delivery channels:
- Users can move between service channels with ease. Consider the support users need for a complete service experience and maintain non-digital channels for those who need it. Map user experiences to identify pain points and opportunities and ensure a consistent look and feel across all channels, including websites, mobile apps and in-person interactions. Real-time data synchronising across all service channels (where possible). This prevents inconsistencies and lets users to access to the most up-to-date information regardless of where or how they interact with the service (if not possible, also mark this as complete).

Optional

Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.

Off

Criterion requirements
To successfully meet this criterion, agencies need to:
1. Consider diverse user needs from the outset.
2. Co-design the digital service and its accompanying artifacts.
3. Apply cohort-specific digital inclusion requirements.
For existing services, this means that agencies should demonstrate that the service meets the varied needs and perspectives of a wide range of user groups.
Concepts or actions to address
- Understand the needs of your diverse users and how the experience of the service differs between individuals from diverse backgrounds:
  - Continuously involve users in the service delivery process by incorporating their perspectives, needs and feedback. Encourage shared ownership by co-designing accompanying artifacts, such as tutorials and guides, using language that is meaningful to all. Collect analytics and data and conduct interviews, surveys and observation on user needs, goals, expectations and behaviours.
- The service meets the needs of all cohorts that access the service:
  - Conduct regular usability testing with individuals from diverse backgrounds, including those with different abilities, ages and cultural contexts. Recognise that various aspects of a person’s identity, such as race, gender and age, all work together to shape their digital experience. Tailor the digital service to meet specific needs of user groups and promote inclusion to make sure support is provided at the appropriate level.
Optional
- Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.
Criterion requirements
To successfully meet this criterion, agencies need to:
1. Communicate the benefits of adopting a digital channel.
2. Understand the motivations of your audience.
3. Make the digital service easy to use.
For existing services, this means that agencies must demonstrate evidence of how they have communicated the benefits of adopting a digital channel, understood the motivations of their audience and made the service easy to use.
Concepts or actions to address
- The service clearly communicates the benefits of going digital:
  - Provide clear and comprehensive information about the purpose and benefits of digital services. Where possible, highlight time savings, convenience and emphasise how these enhance the overall user experience. Use inclusive language and imagery, avoiding stereotypes and biases when communicating with your audience. Consider diverse cultural perspectives and make sure content is simple, respectful, and welcoming for all.
- Understand the motivations of the services’ targeted audience:
  - Use research and insights to understand the motivations of users and encourage them to remain engaged. This will help you understand if a service is too complicated or lacks support. To determine your current baseline of engagement, assess what proportion of your target audience engages online and work towards practices that encourage greater inclusion.
- The service is inclusive and usable for everyone:
  - Co-design the digital service and its artefacts with users, incorporating their perspectives needs and feedback to ensure ease of use.
Optional
- Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.
Criterion requirements
To successfully meet this criterion, agencies need to:
1. Establish and maintain a safe digital environment for users.
2. Counter scams and misinformation.
3. Provide transparency and feedback loops.
For existing services, this means that agencies must have mechanisms in place to ensure the service is safe, counters scams and misinformation and provides transparency and feedback loops by users.
Concepts or actions to address
- There are processes in place to ensure a safe digital environment for users of the service:
  - Create psychological safety. Hate speech and online abuse impacts participation and inclusion. Establish clear community guidelines on acceptable behaviour and proactively moderate digital content. Where appropriate, leverage technology to identifying instances of malicious behaviour and align to best practices outlined by the eSafety Commission.
- The service has measures to counter scams and misinformation:
  - Many digital users have encountered scams, fraud and loss of personal information. These experiences impact attitudes towards digital use. Help to ‘build trust in design’ by supporting the work of the National Anti-Scams Centre and mitigate misinformation by supporting the work of the Australian Communications and Media Authority.
- Transparency and feedback loops are provided for users of the service:
  - Communicate the safety measures that are in place to safeguard users against potential threats. Set up clear communication channels to report safety concerns and commit to resolving issues promptly.
Optional
- Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.
Criterion requirements
To successfully meet this criterion, agencies need to:
1. Make the digital service accessible.
2. Comply with legislation and standards, including the:
For existing services, this means that agencies must ensure that the service and content can be engaged with by all individuals and is compliant with applicable legislation and standards (addressed under the Digital Service Standard criterion 3).
Concepts or actions to address
- Make content accessible by default:
  - Simplify language, provide consistent navigation and minimise interface distractions to help users access content. Use proper heading structures, descriptive links and alternative text for images to enhance the user experience. Offer multilingual support to cater to a diverse range of users and use accurate translations that maintain the same level of accessibility.
- Leverage technology to ensure services are inclusive:
  - Leverage Australian Government technology and anticipate how emerging technologies, such as artificial intelligence, impact accessibility. Use automated accessibility testing, where appropriate, in addition to testing with real people. These tools help identify common issues and streamline the testing process.
- Keep services compatible with assistive technology:
  - Services remain inaccessible if they do not work with the tools users rely on. Keep technology compatible with assistive technologies such as keyboard inputs, voice commands and screen readers. Update software, plugins and third-party tools as your service evolves. As new features are deployed, give users time to learn the features and how to use them with assistive technologies.
- Include accessibility in procurement:
  - When procuring, determine if the proposed solution can be used by everybody. Include accessibility requirements in your procurement processes so vendors adhere to accessibility standards. Where appropriate, refer to established standards.
- Train your team in accessibility and inclusion practices:
  - Make sure teams are well-versed in accessibility principles and empower them to incorporate best practices throughout the service lifecycle. Engage with accessibility experts during the design and development process and use their insights to overcome potential accessibility challenges.
- Regularly update documentation:
  - Keep accessibility documentation current. This includes guidelines, standards and resources. Provide accessible support resources such as tutorials and contact information that will empower users to find the help they need, when they need it.
Optional
- Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.
Criterion requirements
To successfully meet this criterion, you need to:
1. Provide flexibility and choice, where available, for how users engage with your digital service.
2. Create seamless experiences across service delivery channels.
For existing services, this means that agencies must ensure that the service provides flexibility and choice for users and support seamless experiences across delivery channels.
Concepts or actions to address
- The service provides users flexibility and choice in how they engage with it:
  Best practice approaches:
  - Responsive designs allow for compatibility across various devices and screen sizes, accommodating users who access services through different platforms.
  - Elements can be customised and adapted to allow personalised experiences. This may include flexible layouts, themes to support enhanced day and night vision and tailoring the interface to different devices. Include preferences for written, audio and visual information and other settings that enhance user comfort and accessibility.
  - Save and resume functionality allows users to complete tasks immediately, or later. This is beneficial for processes that may require multiple steps to complete or information gathering. Disperse information gradually to prevent overwhelm. Be mindful to provide enough time to complete tasks and avoid time constraints that may pose challenges to individuals with cognitive or motor disabilities.
- The service supports seamless experiences across delivery channels:
  - Users can move between service channels with ease. Consider the support users need for a complete service experience and maintain non-digital channels for those who need it. Map user experiences to identify pain points and opportunities and ensure a consistent look and feel across all channels, including websites, mobile apps and in-person interactions. Real-time data synchronising across all service channels (where possible). This prevents inconsistencies and lets users to access to the most up-to-date information regardless of where or how they interact with the service (if not possible, also mark this as complete).
Optional
- Describe how the digital service complies with this criterion, referencing best practice approaches deployed where possible.

The requirements for each criterion are listed below, along with a brief description and best practice guidance to meet the requirements.

Uplift and exemption

1 – Determine if further action is required

Check if you have ticked all the boxes across Steps 3 and 4.

If yes, your service is compliant. No further action is required.
If no, your service is not currently compliant with the policy, continue to step 2.

Off

Adopt an agile methodology

Use a multi-disciplinary team: Consider tools and techniques based on agile values and principles. Engage a multidisciplinary team to understand the whole problem and create an effective solution. Monitor time and effort expended to understand and refine whole-of-life investment costs from the outset.

Off

2 – Determine how to comply with the policy

If you have not been able to tick all the boxes, the service is not currently compliant with the policy, you will need to either: •

Uplift the service to be compliant by 1 July 2025 for the Digital Service Standard and compliant with the Digital Inclusion Standard by 1 January 2026.
Seek an exemption from the DTA.

How to uplift my service to comply with the policy

Go back through the checklists.
Identify which of the boxes have not been ticked. This is where you will need to focus your efforts to uplift the service. Use the guidance next to the checklist to understand what activities to conduct to meet the requirements. 3
The service will be compliant with the policy once you have ticked all the boxes.

Please note that this will need to be done before 1 July 2025 for the Digital Service Standard, and before 1 January 2026 for the Digital Inclusion Standard. If you require more time or are unable to meet one of the requirements due to e.g. legacy challenges, you can apply for an exemption if applicable (information below).

Decide if your service needs an exemption

If you are unable to meet the requirements set out in the Digital Service Standard and Digital Inclusion Standard by their implementation dates, please seek an exemption.

You may seek exemptions to these standards for:

legacy technology barriers that cannot be reasonably overcome
substantial financial burden associated with modifying a service to meet requirements.

Exemptions vary in nature and can be permanent, temporary, partial or full and may apply to one or more criteria or the entire standard. Each exemption application will be assessed on a case-by-case basis and must be applied for through the DTA.

For further guidance on the exemptions process please see Digital Experience | digital.gov.au or email standard@dta.gov.au.

Off

Check if you have ticked all the boxes across Steps 3 and 4.
- If yes, your service is compliant. No further action is required.
- If no, your service is not currently compliant with the policy, continue to step 2.
If you have not been able to tick all the boxes, the service is not currently compliant with the policy, you will need to either: •
- Uplift the service to be compliant by 1 July 2025 for the Digital Service Standard and compliant with the Digital Inclusion Standard by 1 January 2026.
- Seek an exemption from the DTA.
How to uplift my service to comply with the policy
1. Go back through the checklists.
2. Identify which of the boxes have not been ticked. This is where you will need to focus your efforts to uplift the service. Use the guidance next to the checklist to understand what activities to conduct to meet the requirements. 3
3. The service will be compliant with the policy once you have ticked all the boxes.
Please note that this will need to be done before 1 July 2025 for the Digital Service Standard, and before 1 January 2026 for the Digital Inclusion Standard. If you require more time or are unable to meet one of the requirements due to e.g. legacy challenges, you can apply for an exemption if applicable (information below).
Decide if your service needs an exemption
If you are unable to meet the requirements set out in the Digital Service Standard and Digital Inclusion Standard by their implementation dates, please seek an exemption.
You may seek exemptions to these standards for:
- legacy technology barriers that cannot be reasonably overcome
- substantial financial burden associated with modifying a service to meet requirements.
Exemptions vary in nature and can be permanent, temporary, partial or full and may apply to one or more criteria or the entire standard. Each exemption application will be assessed on a case-by-case basis and must be applied for through the DTA.
For further guidance on the exemptions process please see Digital Experience | digital.gov.au or email standard@dta.gov.au.

Purpose

These checklists are for auditing and uplifting your existing public facing digital services for compliance with the Digital Experience Policy (the policy).

We recommend that agencies complete the checklists for each individual existing service, rather than at an agency level. The checklists will help understand if each service is in scope of the policy requirements.

This page contains 4 sections:

Scope and applicability – determine if the policy applies to the digital service.
Digital Service Standard criterion checklist – check if an in-scope service complies with the Digital Service Standard.
Digital Inclusion Standard criterion checklist – check if an in-scope service complies with the Digital Inclusion Standard.
Uplift and exemption checklist – determine the activities agencies need to complete after finalising the checklist and if the service needs an exemption.

Note:

The language in this checklist is tailored to existing public facing digital services. It may differ from content and compliance criteria for other services.
The checklist includes best practice for meeting the requirements of the Digital Experience Policy. This is guidance only. Agencies may meet the requirements through other activities.

Existing public-facing services

Existing public-facing services in scope of the policy must comply with the Digital Service Standard and the Digital Inclusion Standard.

The Digital Service Standard and Digital Inclusion Standard will come into effect for existing public facing services as of the following dates:

Digital Service Standard in effect 1 July 2025
Digital Inclusion Standard in effect 1 January 2026.

Off

These checklists are for auditing and uplifting your existing public facing digital services for compliance with the Digital Experience Policy (the policy).
We recommend that agencies complete the checklists for each individual existing service, rather than at an agency level. The checklists will help understand if each service is in scope of the policy requirements.
This page contains 4 sections:
1. Scope and applicability – determine if the policy applies to the digital service.
2. Digital Service Standard criterion checklist – check if an in-scope service complies with the Digital Service Standard.
3. Digital Inclusion Standard criterion checklist – check if an in-scope service complies with the Digital Inclusion Standard.
4. Uplift and exemption checklist – determine the activities agencies need to complete after finalising the checklist and if the service needs an exemption.
Note:
- The language in this checklist is tailored to existing public facing digital services. It may differ from content and compliance criteria for other services.
- The checklist includes best practice for meeting the requirements of the Digital Experience Policy. This is guidance only. Agencies may meet the requirements through other activities.
Existing public-facing services
Existing public-facing services in scope of the policy must comply with the Digital Service Standard and the Digital Inclusion Standard.
The Digital Service Standard and Digital Inclusion Standard will come into effect for existing public facing services as of the following dates:
- Digital Service Standard in effect 1 July 2025
- Digital Inclusion Standard in effect 1 January 2026.

Scope and applicability

Use this checklist to determine if the policy applies to a service.

1. Is the service an existing public-facing digital service

Does the service meet all 3 requirements? 1. It’s an existing service. 2. It’s a public-facing service. 3. The service is digital. • If yes, continue to step 2. • If no, no further action is required in this checklist. If it’s a new or a replacement digital service, visit digital.gov.au/policy/digital-experience for further information.

Off

2. Is the service informational or transactional

Determine if any of the following describe your service: • The service is informational and/or transactional service, it provides information to users, such as reports, fact sheets or videos through government agency websites, smart answers, virtual assistants, e-learning, publications, online libraries, databases and data warehouses*. • The service is a transactional service, it leads to a change in government-held records, typically involving an exchange of information, money, licences or goods such as logging into a portal or platform, submitting a claim, registering a business, updating contact details, lodging a tax return, subscribing to newsletters, grant applications and public consultation submissions*. • If yes, continue to step 3 • If no, no further action is required in this checklist. *These descriptions are a guide only. A service may still be defined as transactional and/or informational if it does not match the examples set out above.

Off

3. Page visits or transactions per annum

Review analytics to determine if the service has more than 50,000 visits and/or transactions per annum. • If yes, complete all checklists in this document to determine if the service complies. • If no, the policy still applies to all existing services, however reporting on compliance is only for services with more than 50,000 visits and/or transactions per annum. The exclusion from reporting for services with fewer than 50,000 page visits and/or transactions focuses resources and compliance efforts on high-impact services. This makes sure the most widely used digital services adhere to the policy standards and smaller-scale services can operate with greater flexibility.

Off

Does the service meet all 3 requirements? 1. It’s an existing service. 2. It’s a public-facing service. 3. The service is digital. • If yes, continue to step 2. • If no, no further action is required in this checklist. If it’s a new or a replacement digital service, visit digital.gov.au/policy/digital-experience for further information.
Determine if any of the following describe your service: • The service is informational and/or transactional service, it provides information to users, such as reports, fact sheets or videos through government agency websites, smart answers, virtual assistants, e-learning, publications, online libraries, databases and data warehouses*. • The service is a transactional service, it leads to a change in government-held records, typically involving an exchange of information, money, licences or goods such as logging into a portal or platform, submitting a claim, registering a business, updating contact details, lodging a tax return, subscribing to newsletters, grant applications and public consultation submissions*. • If yes, continue to step 3 • If no, no further action is required in this checklist. *These descriptions are a guide only. A service may still be defined as transactional and/or informational if it does not match the examples set out above.
Review analytics to determine if the service has more than 50,000 visits and/or transactions per annum. • If yes, complete all checklists in this document to determine if the service complies. • If no, the policy still applies to all existing services, however reporting on compliance is only for services with more than 50,000 visits and/or transactions per annum. The exclusion from reporting for services with fewer than 50,000 page visits and/or transactions focuses resources and compliance efforts on high-impact services. This makes sure the most widely used digital services adhere to the policy standards and smaller-scale services can operate with greater flexibility.

Section 4: Digital Roadmap

This section is to design your agency’s Digital Roadmap, it should be high level and align with your agency’s overall business strategy and goals, or the Strategy.

The Digital Roadmap visualises key initiatives across the digital horizon.

The timeline can help agencies visualise implementation of planned activities and upgrades and to map their progress on a half-yearly basis.

Example of a Digital Roadmap

image description

This image shows an example Digital Roadmap across a ten-year horizon running from 2025 until 2035. Four example strategic goals are listed with a series of example key initiatives plotted across the ten-year horizon. Additionally, each example initiative is highlighted with the intended funding source: TBD Funding, Internally Funded and Externally Funded. Initiatives that are linked as Dependency are indicated with a blue arrow.

Off

This image shows an example Digital Roadmap across a ten-year horizon running from 2025 until 2035. Four example strategic goals are listed with a series of example key initiatives plotted across the ten-year horizon. Additionally, each example initiative is highlighted with the intended funding source: TBD Funding, Internally Funded and Externally Funded. Initiatives that are linked as Dependency are indicated with a blue arrow.

New Systems and Major Upgrades

Accompanying the Digital Roadmap, the New Systems and Major Upgrades section should outline critical new systems or major upgrades across the short, medium and long-term digital horizon.

Initiative, Program of Work or System

High level overview of initiative, program of work or system.

Proposal Type

Outline the proposal type or business case pass: Pilot, 1PBC/Discovery, 2PBC/Implementation, Next Tranche/Phase or Sustainment.

Purpose

Define if the system is a new capability, or if it enhances or replaces an existing capability.

Funding Source

Outline intended funding source.

Section 5: Enablers

For this section we want your agency to consider and define the key enablers that underpin the delivery of your DIP.

Workforce

Define your key workforce roles.

What are your critical skills gaps?

Do you have the workforce capability to deliver your plan?

What are the gaps and what measures are being undertaken to address these gaps.

External Assets and Dependencies

Are there any external assets or dependencies that your agency relies upon to deliver your services?

Key Vendors

This section should answer if you utilise any key vendors to deliver critical digital services, for either in-flight or planned activities.

It should also include the length of time that these critical vendors have been in use and what measures are being put in place to reduce the reliance on them.

Policies and Frameworks

Alignment with related whole-of-government objectives, strategies, policies, frameworks, standards and schemes.

An overview of the data and digital policy landscape.

Section 6: Risks

For this section we want your agency to identify and define the key risks that may disrupt the delivery of your DIP.

Risks may include funding, workforce, schedule, dependencies and technology.

Operational Risks

What are the operational risks to your agency? This may include reliance on vendors or workforce limitations.
What will be the impact to your critical services or dependent agencies if these risks are realised?

Technology Risks

What technical risks to your agency have been identified?

Have legacy systems been identified?

Explain your Essential Eight maturity level and any relevant planned enhancements?

Is there a level of technical debt in your agency?

What would be the impact to your critical services or to dependent agencies if these risks were realised?

Criterion requirements

Concepts or actions to address

Optional

Criterion requirements

Concepts or actions to address

Optional

Criterion requirements

Concepts or actions to address

Optional

Uplift and exemption

Decide if your service needs an exemption

Existing public-facing services

Scope and applicability

Section 4: Digital Roadmap

Example of a Digital Roadmap

New Systems and Major Upgrades

Initiative, Program of Work or System

Proposal Type

Purpose

Funding Source

Section 5: Enablers

Workforce

External Assets and Dependencies

Key Vendors

Policies and Frameworks

Section 6: Risks

Operational Risks

Technology Risks

Connect with the digital community