Working with External Vendors
If you need to work with an external vendor on a web project please factor the following requirements into your selection of vendor and contract.
All websites built by vendors must comply with the University’s Accessibility Procedures and Guidelines.
The minimum accessibility requirements for public websites are WCAG 2.0 AA compliance, with the exception of audio captioning and live streaming. We verify this compliance by 1. automated SiteImprove testing and 2. manual keyboard and screen reader testing.
All contracts should follow the the Accessibility Procedures and Guidelines for EIT Procurement. This includes standard language that must be included in all contracts:
“[Contractor] acknowledges and warrants that its Programs and Services during the Term of this Agreement shall provide equal and effective access to all individuals in accordance with federal and state laws and regulations, including, but not limited to the Americans with Disabilities Act (ADA), and Section 504 of the Rehabilitation Act of 1973. Any website or application functionality and content provided by [Contractor] shall meet the accessibility standards of the Web Content Accessibility Guidelines (WCAG) 2.0 Level AA for web-based technology.
[Contractor] agrees to promptly respond to, resolve and remediate any complaint regarding accessibility of its products or services in a timely manner and provide an updated version to Georgetown at no cost. [Contractor] further agrees to indemnify and hold harmless Georgetown from any claims arising out of its failure to comply with the requirements of this section. Failure to comply with these requirements shall constitute a material breach of this Agreement and shall be grounds for termination of this Agreement by Georgetown.”
Pantheon is the approved hosting provider for all WordPress and Drupal sites. Pantheon hosting costs vary by site traffic and features, and you will be responsible for paying for your Pantheon plan. See the pricing for different plans and contact firstname.lastname@example.org if you have any questions.
It is also preferable that your vendor be familiar with Pantheon since smaller vendors can be unfamiliar with the dev/test/live devops workflows.
All sites need ongoing maintenance for security updates and patches. There are three options here:
- Pantheon can offer professional services for ongoing maintenance for $9,000 per site per year.
- You can contract with the vendor who built the site for ongoing maintenance. The contract will need something like the following language:
“All patches will be applied as they are released but not to exceed 30 days after release to allow for proper testing. Any vulnerabilities that can be exploited remotely, have have a Common Vulnerability Scoring System (CVSS) score of greater than 8, or is labeled as “critical” will be patched within 48 hours.”
- If you have a permanent staff member with the skills to do your own maintenance you need to let Web Services know who that staff member is. If the staff member leaves, you will need to contract out the work or replace them with no break in maintenance.
The website will need to be consistent with the University’s Visual Identity Guidelines. These guidelines cover logos, fonts and colors.
Digital Pulp is the preferred vendor for Georgetown web projects. There is already a master contract and Digital Pulp worked on the new Top Tier and SFS sites: https://www.georgetown.edu/, https://sfs.georgetown.edu/, https://ccas.georgetown.edu/
The following vendors are also familiar with our accessibility and visual identity guidelines and have worked with Pantheon: