U.S.
Department of Agriculture
Washington,
D.C.
DEPARTMENTAL REGULATION |
NUMBER: 3430-001 |
SUBJECT: Web Site
Development and Maintenance |
DATE: May 19,
2004 |
OPI:
Office of Communications |
1 PURPOSE AND SCOPE
This regulation provides policies and guidelines
for the design and publication of Department of Agriculture (USDA)
organizational and personal Web pages.
These Web pages, including Web-based application pages,
are accessible by members of the public who have access to the Internet for
telecommunications connectivity and use World Wide Web software browsers for
search and retrieval services.
A Web site provides the public with an
introduction to or “picture” of an organizational unit. The Web site may describe the unit’s mission
and major programs; provide guidance on ways to access significant contacts or
data and information; and offer hyperlinks
to other organizational units, including subordinate units, and/or to
organizations outside the unit.
This
regulation is designed to ensure a standard, consistent, “look and feel” for
all USDA Web sites and Web-based applications, while encouraging innovation in
the current fast-moving software technology environment and minimizing
constraints on ways in which agencies present material to the public. This document is intended to express basic
policies and guidelines rather than to serve as a “how to” manual on Web page
design.
2 SPECIAL
INSTRUCTIONS/CANCELLATIONS
This regulation supersedes DR-3430-001, dated
December 24, 2003.
Electronic information technologies such as the
World Wide Web can be used to provide access to information that is well
organized, easily found and retrieved, and offered at reasonable cost to
information users and providers alike.
These technologies provide a very effective way to communicate with
members of the public who have access to the Internet through the use of
personal or publicly available microcomputers.
An
additional advantage of using the World Wide Web is that it offers multimedia
capabilities, including sound (e.g., music and voice) and images (e.g.,
pictures, maps, and graphics) that can greatly increase the effectiveness of a
Web page. The power and utility of the
World Wide Web is related to its ability to provide hyperlinks to associated
documents. Such hyperlinks allow the
user to easily access other sites, other documents, and other sections of the
same document. Typically, hyperlinks
are activated simply by selecting or “clicking on” a portion of text or an
image that has been rendered as a hyperlink.
Linked text is referred to as hypertext.
To achieve the desired benefits of a successful
public Internet-based information service and to avoid the frustrations of an unsuccessful
one, the following considerations should be kept in mind in planning and
designing such a service:
a Web sites should be accessible to users
with limited as well as full access capabilities. Web page designers should
be aware that many users’ available microcomputer and telecommunications
technologies may lack the speed and capacity of those available to the
designers. Many users still access the
Internet through a standard dial-up connection and have a narrow bandwidth
communications capability. Some users,
especially users dependent on screen reading software, will have text-only
capabilities.
b Information should be appropriate and presented in an
organized manner. One major advantage of the World Wide Web is
that it allows users to move easily from one linked site to another, thus accessing the Web sites of other
organizations worldwide. If a linkage
system is not properly designed, however, users can easily get “lost” and not
recognize the significance or even the originator of the information they have
accessed.
An organized design
incorporating the totality of information available about USDA is critical to
the presentation of an accurate picture of the Department. Typically, many people are involved in
generating information from a variety of sources to post on Departmental and
agency Web sites. These content
providers, the designated Web site manager (also referred to as a “webmaster”
or the assigned system administrator) must cooperatively act with these
individuals to ensure that the Web sites and associated documents present an
accurate, descriptive, and representative image of the entire Department or
agency and its work rather than an image that is fragmented, misleading, or
incomplete.
c The reality of worldwide access should be recognized. Web sites must be designed with the
realization that the public documents they contain are accessible through an
international network to users worldwide.
d User anonymity must be
maintained. Web servers referenced in
this regulation provide open service to the public and must accept outside
users without requiring either a local user account or a password.
a USDA fully supports the establishment of any open
information server and service that (1) supports authorized mission-related
activities of USDA, (2) is consistent with prudent operational and security
considerations, (3) provides the public with easy electronic access to
information about or disseminated by their Government, and (4) addresses the
accessibility needs of individuals with disabilities as described in Section
508 of the Rehabilitation Act.
Federal agencies and employees are encouraged to
maintain open electronic communication with the public while recognizing that
with this privilege comes the responsibility to use the electronic forum wisely
in serving the public interest.
To facilitate
communication between users and USDA, an e-mail contact shall be listed on the home
page.
b Only public information approved for public release through
standard USDA review and clearance processes will be maintained on Web sites or
made accessible through links to other Web pages. Unless an exception has been approved, links shall be made only
to Government web pages. Exceptions
must be approved in advance by the USDA Office of Communications.
c Each home page must include a link to the “USDA Quality of
Information Guidelines” as well as to agency-specific information on whom to
contact to seek correction of USDA-disseminated information.
d Security is a major consideration in the implementation of
any open public access system. The
planned approach to creation of a Web site must include attention to Web site
security, including firewalls and other isolation techniques. Agency security
officers must be consulted as to the technical operation of Web sites. (See additional security references in
Section 5.)
e Personal Web pages are permitted for
individual employees in their official capacities if the information provided
on the pages relates to and supports authorized USDA missions, such as
descriptions of a USDA scientist’s research, rather than serving to aggrandize
any individual. USDA employees
establishing personal Web pages on official Web sites that are accessible by
the public must follow the guidelines outlined in this regulation.
f USDA and agency/staff office home pages shall be linked
with the USDA Privacy Policy
statement. Any agency with unique
privacy requirements, other than or in addition to those outlined in the USDA
Privacy Policy statement, may establish and provide a hyperlink to its own
privacy statement page. Agency privacy
policy statements are subject to clearance requirements and must be linked with
the USDA Privacy Policy statement.
g Persistent cookies should not be used on USDA Web sites, or by contractors in designing and/or managing Web sites on behalf of USDA agencies,
unless all the following conditions are met:
(1) A compelling need to gather the data on
the site exists, and a cookie provides the best means of obtaining the data.
(2) Appropriate and publicly disclosed
privacy safeguards are in place for the handling of information derived from
the cookie.
(3) Clear, conspicuous notice is provided on
the Web site that a cookie is being used.
(4) The Secretary of Agriculture has
approved use of the cookie.
In
addition, all USDA Web sites, including sites designed, operated, or managed
by contractors on behalf of USDA agencies, shall comply with the standards
set forth in the Children’s Online Privacy Protection Act of 1998 with respect
to the collection of personal information online at Web sites directed to
children.
h All information under consideration
for publication in Web sites must be evaluated to determine whether the
information constitutes Sensitive Security Information (SSI). SSI may not be made available except as
described by USDA Departmental Regulation 3440-002, “Control and Protection of
‘Sensitive Security Information.’”
i All USDA Internet Web sites must
comply with provisions stated in the USDA Web Style Guide. The Guide defines guidelines and standards
for look, feel, and navigation to promote consistency while also improving the
overall user experience. Guide
provisions apply to Web-based application pages which can be viewed by external
customers, and include any Web page or application that target all USDA
employees, such as a USDA enterprise application.
j Agency IntrAnet sites or other internal Web sites or Web
applications, which are inaccessible to the public and used for internal nonpublic purposes,
may not be required to use the guidance presented in the USDA Web Style Guide
depending on the organization’s mission
5 REFERENCES
a Children’s Online Privacy Protection Act of 1998.
b Computer Security Act of 1987.
c USDA Departmental Regulation 3140-1, “USDA Information
Systems Security Policy.”
d USDA Departmental Regulation 3140-2, “USDA Internet
Security Policy.”
e USDA Departmental Regulation 3300-1, “USDA
Telecommunications and Internet Services and Use.”
f USDA Departmental Regulation 3040-001, “Electronic Records
Management.”
g USDA Departmental Regulation 3440-002, “Control and
Protection of ‘Sensitive Security Information.’”
h USDA Departmental Regulation 4030-001, “Section 508
Implementation
Final Guidance.”
i Office of Management and Budget (OMB) Circular A-130
(revised) and OMB Circular A-130, Appendix III, “Security of Federal Automated
Information.”
j The Privacy Act of 1974.
k USDA
Privacy Policy.
l USDA Web Style Guide.
6 ABBREVIATIONS/DEFINITIONS
a Browser. A
shortened term for Web Browser. A
browser is software used on the World Wide Web to access and/or retrieve
documents through the use of Internet addresses known as “URLs.” Locating documents on the World Wide Web is
facilitated through the use of hyperlinks in hypertext documents. Browsers may support only line mode,
full-screen, or graphics including pictures and sound. Many browsers with various capabilities and
platforms are available. Some browsers
are proprietary and must be purchased, whereas others are available at no cost
by downloading from a server. Examples
of currently available browsers that should be supported include
Internet Explorer, Netscape Navigator, Mozilla, Opera, and Safari.
b Dead link. A link
to a nonexistent or non-operational page or server.
c Firewall. A dedicated device (hardware and software) placed between
internal and external networks to control access and prevent misuse and abuse
d Home page. Primary
page or starting point, often reached through a uniform resource locator (URL).
Although a home page is described as a single
document, it can contain multiple screens.
An organizational home page contains information about a definable
organization such as USDA, an agency, or a division of an agency. A personal Web page contains information
related to an individual employee (e.g., a scientist whose work may be of
interest to the public). See Section
4.e.
e HTML. HyperText
Markup Language.
HTML is the standard language used to produce
Web pages and hyperlinks to other documents. Because this is a rapidly evolving technology, and because
adherence to the international standards is voluntary, some variation exists in
the versions of HTML available and the HTML features supported by various
browsers. Agencies and offices need
to be aware of these differences in electing a version to use. USDA will not adopt any single version of
HTML.
f ISSPM. Information
Systems Security Program Manager.
g Public document.
Any document or information not subject to access limitations due to
national security classification, the Privacy Act, Freedom of Information Act
exemptions, or copyright protection.
h Secondary pages.
Additional pages, linked to a home page, or to another secondary page,
containing additional information or resources.
i SSI.
Sensitive Security Information.
Unclassified information of a sensitive nature, further defined in
Departmental Regulation 3440-002, “Control and Protection of ‘Sensitive
Security Information.’”
j URL. Uniform
Resource Locator. A URL is the address
of a resource such as a home page. The
address syntax also defines the type of resource, as follows:
scheme://host.domain[:port]/path/filename. The USDA home page URL, for example, is
<http://www.usda.gov>
k Web page. A
document designed for access using a browser and developed in accordance with
the HTML Web format standard.
Typically, such documents are posted on an Internet or IntrAnet site.
l World Wide Web (or WWW; also referred
to as “the Web”). A hypertext-based
client/server application that guides the user to a linked collection of
information in a hypertext markup language available through the Internet and
accessible through common browsing software.
a Design approach
(1) USDA Internet Web sites must comply with
the USDA Web Style Guide.
(2) A Web site or Web-based application
shall be linked with metadata that describes information and data available to
the public upon request.
(3) The Web site shall be structured around
the mission of the organization and the information the organization wishes to
convey to the public. The information
and data an agency or office plans to present must be organized and its Web pages
structured to provide the user with the efficient presentation and navigation
of the organization’s information. A
“tree” structure can be useful for organizing information, though given the
versatility of hypertext linkages, other modes of organization can also be
effective.
(4) An organization’s home page should be
limited to a description of the organization’s mission, functions, employees,
and information resources. It would be inappropriate, for example, for a
division’s home page to describe the mission or functions of the entire agency.
(5) Designers are encouraged to review the
Web sites of other organizations on the Internet to become familiar with
designs that are effective.
(6) Agency program and public affairs staffs
will develop each Web site jointly. The
appropriate agency Information Systems Security Program Manager should be
consulted regarding technical security issues prior to posting online.
(7) Web pages shall be designed to support
users (e.g., with limited access capabilities such as text-only browsers) who
cannot or who do not wish to access pictures, graphics, or sound as well as to
support users with full access capabilities.
(8) A Web page under development should be
reviewed and tested thoroughly—preferably by an independent tester using a wide
variety of browsers—before release to the public. If particular versions of browsers are required to access the
content, those limitations should be explicit on the page or on a technical
page accessible through the Web page.
b Content
(1) Web
pages should be kept simple to avoid a cluttered or confusing appearance. As a general “rule of thumb,” a list or menu
should be limited to ten or less items, and a maximum of 15.
(2) Only USDA symbols approved by the Office
of Communications or a duly authorized agency representative should be
used. Agencies that are undergoing
reorganization and do not have an appropriate logo should use the USDA symbol.
(3) Secondary pages should contain
navigational aids to assist the user in returning to previous pages or directly
to the home page of the organization.
(4) Links to governmental material outside
USDA shall be identified clearly.
(See Section 7. c. 2 & 3 for additional requirements regarding
linking to nongovernmental or private sector Websites). Links to proprietary information or formats
should be annotated appropriately.
Links to large documents should inform about the file size of the
document and warn of anticipated downloading time, if the time is lengthy.
(5) Each Web page shall capture the
most recent update of page information as part of the page metadata. Agencies and staff offices may display the
date of the most recent update within the content area of the Web page.
(6)
Each Web site should invite users to
submit comments or suggestions
about
page content via hyperlinks to user evaluation forms or by other means, such as
an online e-mail form addressed to the Webmaster or to Contact Us.
(7) The use of “dead” hyperlinks is not
permitted. To refer to a document or
document collection that is not yet available to the public, the phrase “under
construction” or “not yet available” may be used on a page without a link to
the page under development.
(8) Home
and secondary pages may be constructed using 800 x 600 pixel screen
resolution with consideration of the navigational bars that each Web browser
contains (i.e., top header icons, status bar, and right side scrollbars.) Pages that require printing should offer
the ability to fully print the page using either the “Printer Friendly”
technique or code that reformats a viewer’s page to the browser’s selected
width.
c Management
(1) Home and secondary pages should be
updated routinely to ensure that they are current and accurate and that they
address topics of greatest interest to users.
A “What’s New” menu item linked to a page with a menu linked to new
pages may be appropriate.
(2)
Hyperlinks to nongovernmental information
should be used only if an official relationship, such as one involving a
Memorandum of Agreement or Memorandum of Understanding, exists between the USDA
program and the nongovernmental organization being linked.
(3)
A waiver issued by the Office of
Communications is required for each
link to a private sector Web site with which the
agency does not have an official relationship.
Agencies and offices requesting the link shall receive a reply in
writing from the administrator or owner of the site to be linked granting
acceptance of the link. The agency or
office making the link is responsible for ensuring that the external link
remains accurate. The Office of
Communications shall establish a notice for use during linking to a private
sector Web site informing the viewer that they are exiting the
government page.
8 RESPONSIBILITIES
a Agencies will:
(1) Establish agency policy as to the levels
of allowable Web pages (i.e., from agency level to personal level), the content
of a given document, and internal approval procedures in accordance with this
Departmental Regulation.
(2) Consult with the Office of
Communications on the development of all Web pages, registering each home page
and the name of the individual designated as the responsible point of contact
(e.g., the agency Webmaster) with the
Office of Communications Webmaster.
(3) Ensure that the appropriate agency cyber-security
office has approved the proposed installation approach for each agency home and
secondary page. Agencies also will
establish responsibility for the content and currency of each agency Web page
and associated secondary pages, providing resources to maintain the quality and
currency of the information. The
assigned agency Webmaster routinely will verify the integrity of the material,
including all hyperlinks, to ensure that the content has not been accidentally
or maliciously altered or replaced.
(4) Review and analyze usage reports and
user comments, such as usability studies and customer satisfaction
surveys, to improve agency understanding of outside parties and
interests accessing agency information and make modifications if necessary based
on this analysis.
(5)
Determine information sensitivity in
accordance with the “Security Self-Assessment Guide for Information Technology Systems”
published by the National Institute of Standards and Technology (Special
Publication 800-26).
b The
Office of Communications will:
(1) Oversee the design and continued quality
of USDA Web pages, and assist agencies in the appearance of the home page
“look” and in identification of appropriate Web page content.
The USDA Press Secretary or the USDA Director of
Web Services has the authority to block Internet access to Web pages that are
non-compliant with this regulation or the USDA Web Style Guide.
(2) Define the information structure for all
Departmental and agency Web pages and associated links, and maintain a registry
of all such home pages along with the names of individuals designated as
responsible contacts.
(3) Provide a list of approved agency home
pages and URL’s to the Information Systems Security Program Manager.
c The Office of the Chief Information
Officer will:
(1) Provide customer support to agencies and
staff offices in relation to technical use of the USDA Internet Access Network.
(2) Ensure that USDA Internet access is
protected by a firewall.
(3) Ensure that the Office of the Associate
Chief Information Officer for Cyber Security (a) responds to requests for
guidance on security issues relating to web pages and (b) reviews security
documentation to ensure adequate agency verification of security controls.
(4) Provide each agency with guidance in
determining information sensitivity, as required.
(5) Provide guidance regarding
implementation and technical standards of Section 508 of the Rehabilitation
Act.
(6) Approve domain names as authorized by
Departmental Regulation 3300-1, USDA Telecommunications and Internet Services
and Use. The Web site URL shall be as
simple as possible and consistent with the stated naming conventions.