Why Higher Education Websites Keep Failing Accessibility Audits

The pattern is predictable. A university gets an accessibility complaint, hires a vendor, runs an audit, fixes the flagged issues, and publishes a statement about its commitment to access. Six months later, the same categories of problems are back — unlabeled form fields, broken heading structure, PDFs nobody can read with a screen reader, third-party tools that never should have gone live.

Most institutions treat that cycle like maintenance. It is not maintenance. It is evidence that nobody owns the standard.

If you can identify accessibility defects and remediate them, you have an accessibility program. You do not. You have a cleanup process. Those are not the same thing.

The consequences are not abstract. Public universities sit under ADA Title II, the DOJ's April 2024 rule sets WCAG 2.1 AA as the federal technical standard, and institutions receiving federal education funding face Section 504 enforcement through the Department of Education's Office for Civil Rights. The enforcement environment is tightening, and it shows no sign of slowing.

Why audits keep failing

An audit can tell you what is broken on a given day. It cannot create the institutional conditions that prevent the same issue from being reintroduced by a different department, in a different CMS, by a different vendor, three months later. Most universities are solving for violations, not for the system that produces them.

Higher education is especially vulnerable to this because the web ecosystem is rarely centralized. One college runs on Drupal. Another has a microsite in WordPress. Admissions uses one platform, athletics uses another, and some academic department still updates static HTML from 2014 because nobody has had time to migrate it. Add vendor-built tools, decentralized publishing rights, high staff turnover, and shifting student workers, and you get exactly what you should expect: accessibility drift at scale.

This is why the technical framing keeps failing. The real issue is governance. If accessibility has no owner, it becomes everybody's side task. If there is no institutional standard, every team invents its own threshold for good enough. If there is no training model, accessibility knowledge is lost every time a content editor, designer, or developer changes roles. That is why the audit-and-patch cycle feels so expensive and so ineffective. You are paying repeatedly for the same lesson because the institution never changed how decisions get made.

What a durable program actually requires

Every institution that has solved this has done the same three things. They named an owner. They defined a standard. They built a training model that outlasted the people who created it. None of it is complicated in concept. Most of it is harder than expected in practice — because it requires changing how decisions get made, not just how defects get fixed.

Start with ownership. Not a committee. Not a shared responsibility that appears in a policy document and nowhere else. One function — or one role — that is visibly accountable for setting the rules, approving exceptions, and making sure accessibility does not quietly disappear when budgets shift or teams turn over. The org chart matters less than the clarity. Someone has to own it.

The standard is where most institutions lose the thread. Vague commitments do not hold. "We care about accessibility" dissolves the moment a vendor deadline arrives or a content deadline moves. You need a named baseline — WCAG 2.2 AA for new work and major revisions is the right internal target, even though DOJ's Title II rule currently points public entities to WCAG 2.1 AA. That gap matters. Build to the stronger standard now, or you will be rebuilding sooner than you planned. Once the baseline is named, everything points to it — design patterns, CMS templates, procurement conversations, vendor reviews. The standard only works if it is the same standard everywhere.

Training is the piece that gets cut first and costs the most in the long run. People change roles. Student workers graduate. Vendors turn over. If accessibility knowledge lives only in the people who currently hold it, it leaves with them. The goal is not a one-time workshop. It is building enough shared understanding — across content teams, designers, developers, and product owners — that the institution can make better decisions without always needing an expert in the room.

Damage control is not a program. It is what happens when these three things are missing. The institutions that break the audit cycle are not the ones that get better at finding defects — they are the ones that stopped needing to find the same ones twice. That is the difference between a cleanup process and a program. And it is where the real work begins.

The governance model that actually works in higher ed

The instinct is usually to centralize. One team, one process, one set of approvals for everything. In most industries, that works well enough. In higher education, it almost never does — because the Law School has different needs than the College of Education, and the Athletics department operates on a different timeline than Financial Aid. Forcing them into a single pipeline does not create consistency. It creates workarounds.

The model that actually holds is centralized standards with federated ownership. The institution sets the baseline — one accessibility standard, one policy framework, one set of approved patterns, and procurement expectations. But each school, department, or digital unit still has named people responsible for applying those standards locally. The center defines what good looks like. The edges are accountable for achieving it. That structure respects how higher education actually works, and it removes the most common excuse for noncompliance: nobody told us.

Getting there requires a few things done in the right order. Ownership has to be named before anything else — not implied, not distributed across a committee, but explicitly assigned. Then the baseline has to be published in plain language, because ambiguity is how standards quietly die. From there, the highest-leverage work is not page-by-page remediation. It is fixing the defaults — the design system components, the CMS templates, the content authoring patterns that hundreds of people use every day without thinking about accessibility at all. Get those right and compliance multiplies. Leave them broken, and no amount of auditing will keep pace.

Procurement is the piece that most institutions leave until it is too late. A university can spend years building internal capability and still fail students because a required third-party tool was never evaluated for accessibility before the contract was signed. The standard has to extend to vendors — not as a checkbox, but as a condition. And audits, when they happen, should function as one signal in a larger operating model — not as the program itself.

None of this requires a large team or a significant budget to start. It requires clarity about who owns it, honesty about the current baseline, and the willingness to fix the systems that produce problems rather than just the problems themselves. It also requires something harder to put in a policy document — the institutional autonomy to let new systems form, and the willingness to trust that process even before the results are visible. Real change does not happen by patching what exists. It happens when an institution decides to build something better and gives someone the room to do it.

The thing worth remembering

Accessibility failures on higher ed websites are rarely proof that people do not care. Most of the people inside these institutions care quite a bit. They are proof that care was never turned into governance — that good intentions stayed intentions because nobody built the structure to make them operational.

The audit will keep finding the same problems until that changes. Not because the teams are failing, but because the system was never designed to succeed. Remediation without governance is a treadmill. You can run it indefinitely and never actually move.

The institutions that get this right do not have more resources or better technology. They have clarity about who owns the standard, honesty about where they actually are, and the discipline to fix the conditions that produce problems rather than just the problems themselves. That work is harder to schedule than an audit and slower to show results. It is also the only thing that actually works.

Accessibility is not a project with a finish line. It is an ongoing consequence of how an institution makes decisions. Get the decisions right — the systems, the standards, the ownership, the training — and the outcomes follow. Leave the decisions to chance, and the audit will be back. It always comes back.