Audit matrix rows covering site status, workshop coverage, and gap actions.
Executive Summary
The current ca.go.ke is a functionally broken, navigationally complex, and content-stale government website that underserves all three of its core user groups — operators, consumers, and media. The four-day workshop has produced a strong, well-structured set of requirements that directly addresses the most critical pain points. However, several gaps remain: accessibility compliance, a formal SEO baseline, multilingual provision for Swahili, a defined disaster recovery and uptime SLA, a search upgrade strategy, user testing methodology, and a concrete content migration framework. This report documents both what was found on the live site and what the workshop proposes, and then identifies everything that still needs to be resolved before prototyping and build begin.
Part 1 — Current Site Audit (ca.go.ke)
1.1 Information Architecture & Navigation
The current navigation has ten top-level menu items across two rows, several with deep dropdown sub-menus. This is far beyond the cognitive limit that usability research recommends (five to seven items). The structure is department-driven rather than audience-driven — users must already understand CA's internal organisation to find anything.
Key structural problems identified during the audit: "About CA," "Licensing," "Consumer Protection," "Universal Access," "Projects," "Tenders," "Media Centre," and "Statutes & Regulations" all carry different conceptual weights yet sit at the same menu level. "Cybersecurity" has no top-level presence at all — it is buried one level under the footer link. The KE-CIRT/CC and NPKI functions, which are among CA's most publicly visible services, are entirely invisible from the main navigation. There is no "Data & Publications" section despite sector statistics being a core user need for researchers and investors.
Several navigation links tested during the audit return 404 errors or blank pages: /about-ca (404), /Numbering-Management-System (404), /consumer-information (404), /imei-verification (404), /sector-statistics (404). The Numbering Management System link in the footer goes to a broken URL. This is a credibility issue for a regulatory body.
1.2 Homepage
The homepage opens with a large hero carousel showing a "25th Anniversary" banner. The anniversary campaign may now be dated, and there is no mechanism to keep hero content current. Below the carousel are four equal-weight content tiles (Overview, Licensing Procedures, Guidelines, Market Structure) followed by a "Need Help?" section with only four options: File a Complaint, Make Enquiries, Report Corruption, and Subscribe to Newsletter.
Critical omissions on the homepage: there is no IMEI checker entry point, no statistics snapshot, no open consultations widget, no quick-access licensing entry, and no real-time news ticker. The hero banners are generic graphic design rather than photographs of CA's actual work — spectrum monitoring, stakeholder forums, regional connectivity projects. The chatbot widget ("Hi! How can we help?gi" — note the typo in the greeting) launches immediately and intrusively, covering content on mobile-sized viewports.
1.3 Content Quality & Freshness
The content audit reveals severe problems. The Statutes & Regulations page exists as a directory of sub-pages but the sub-pages themselves contain minimal content — most are just headings with "Read More" links leading to lists of PDFs. There is no filtering, no search within the section, no date or sector tagging visible to users. The Open Tenders page during the audit returned almost no content ("CA / Open Tenders" with no listings visible). The Careers page shows a student attachment deadline of April 8th, 2026 — which has now passed — with no indication that applications are closed. This is a live, public-facing page with stale, misleading information.
The homepage news carousel is the most current section of the site but duplicates several article entries visually (the same article appears twice in the carousel due to a looping implementation). News headline formatting is inconsistent — one article title uses bold Unicode characters (𝐊𝐞𝐧𝐲𝐚 𝐒𝐞𝐜𝐮𝐫𝐞𝐬 𝐊𝐞𝐲 𝐖𝐢𝐧𝐬) which breaks screen readers and renders incorrectly in some browsers.
1.4 User Experience & Usability
The complaint filing form (/file-complaint) has no name or email field — only a subject, message body, and a CAPTCHA. This means CA cannot follow up on complaints. The CAPTCHA itself is a visual challenge with no audio alternative, which fails basic accessibility. The Contact Us page lists five regional offices but there is no map, no county routing, and no indication of which counties each office serves. The Eastern regional office is missing entirely from the Contact Us page.
The search function is a basic Drupal text search with no autocomplete, no filtering, and no relevance ranking. Users searching for "IMEI" or "complaint" receive unformatted result lists with no document type indicators or date stamps.
1.5 Accessibility
The site has an accessibility toolbar widget (increase text, grayscale, high contrast, readable font, etc.) installed via a third-party plugin, but this is a surface-level measure that does not compensate for underlying structural issues. The visual CAPTCHA on the complaint and contact forms has no audio fallback, violating WCAG 2.1 Success Criterion 1.1.1. The news article with bold Unicode characters in the title will read as individual mathematical symbols to screen readers. Image alt text is present on some items (e.g., "slide 3") but these are generic and not descriptive. The hero carousel auto-advances without user control — users who rely on screen readers or keyboard navigation cannot pause it.
The site does have a "Skip to main content" link, which is a positive signal. However, focus management through the dropdown menus is inconsistent.
1.6 Technical & Security
The Numbering Management System is a known issue — it runs without SSL, displaying browser security warnings. This was confirmed during the audit (the URL in the footer navigation links to a broken or insecure endpoint). The site runs on Drupal. The CMS version is not publicly visible but Drupal's age relative to the content staleness suggests this installation has not been systematically updated. The chatbot widget and the "We Are Here!" floating button are both third-party scripts loading on every page, adding render-blocking overhead. The copyright footer reads "© Copyright 2025" — it is now June 2026.
No cookie consent banner is present on the site, which is a compliance issue if the site sets any tracking or analytics cookies (GA or similar).
1.7 Mobile Experience
At standard mobile viewport widths, the top header bar (with phone numbers and email addresses) stacks awkwardly. The navigation collapses to a hamburger menu but the dropdown sub-menus are difficult to operate on touch devices. The hero carousel images are not responsive — they crop poorly at mobile widths. The chatbot widget obscures a significant portion of the mobile viewport.
1.8 SEO Baseline
The site's page titles are inconsistent — some pages use "Page Title | Communications Authority of Kenya" while the homepage is titled simply "Homepage | Communications Authority of Kenya." Meta descriptions appear to be absent or auto-generated from body copy. No structured data (schema.org) is implemented. The "About CA" page (/who-we-are) is a single short paragraph with links to sub-pages, offering very thin content for a page that should rank for searches like "Communications Authority of Kenya regulator." Multiple pages that should be unified (Vision, Mission, Who We Are) exist as separate thin pages, diluting SEO authority.
Part 2 — Workshop Deliverables Assessment (caworkshop.designer.co.ke)
2.1 Overall Quality
The workshop site is excellent as a requirements documentation artefact. It is well-organised, clearly structured with day-by-day outputs, and presents complex technical decisions accessibly. The four days have produced a strong foundation: audience-first IA, a Media Centre architecture, a content lifecycle system, a digital asset framework, six automations, four notification channels, and six system integrations. The decision to defer visual design and prototypes to weeks 3–4 is sound — it prevents design from running ahead of requirements.
2.2 Information Architecture (IA v0.1)
The proposed IA is a genuine improvement. Moving from ten confusing top-level items to eleven semantically clear sections, organised around audience intent rather than department structure, is the right approach. The "For Operators & Industry" and "For Consumers" sections directly address the core navigation failure of the current site.
Strong decisions in the IA: elevating Cybersecurity to a top-level section; renaming "Tenders" to "Procurement"; adding a "Data & Publications" section; the county-based regional office finder; the IMEI checker and staff ID verification tools; and the licence wizard ("What licence do I need?").
2.3 Media Centre Design
The Day 2 output is the most thoroughly specified section of the workshop. The 28-field Dublin Core-aligned metadata schema is comprehensive and future-proofed. The six content type templates with approval chains are practical and closely mirror real newsroom workflows. The six-role CMS model is well thought out, with the ICT publisher as final gate particularly important for a government body. The M365 SSO integration avoids credential proliferation.
2.4 Assets & Automation
The Day 3 repository architecture is solid. The naming convention ([YYYY-MM-DD]_[dept]_[type]_[slug].[ext]) is enforceable and chronologically sortable. The six automations are well-targeted: tender auto-close eliminates the hardcoded 10:30 AM problem; the quarterly content expiry scan directly addresses the 1972 forms issue. Enforcing YouTube/Vimeo embeds rather than self-hosted video is the correct call for bandwidth.
2.5 Integrations & User Journeys
The Day 4 integration map covers the six key external systems appropriately. The three user journey mappings (operator licensing, consumer IMEI/complaint, journalist press release) are clear and measurable — the click-count reductions (6+ to 3, 4+ to 1–2, 5+ to 1–2) are good acceptance criteria for prototype testing.
Part 3 — Gaps, Missed Items & Recommendations
This section covers what is either absent from the current site and not fully addressed in the workshop, or what the workshop has identified but not yet specified in enough detail to build from.
3.1 Accessibility — Not Yet Formally Specified
3.2 Swahili / Bilingual Content — Absent from Scope
3.3 Search — No Upgrade Plan
3.4 Formal Content Migration Plan — Not Yet Documented
3.5 Error Handling & 404 Pages
3.6 Cookie Consent & Privacy Policy
3.7 Uptime SLA, Hosting Specification & Disaster Recovery
3.8 User Testing & Validation Methodology
3.9 Analytics Baseline — Retrospective Data
3.10 The Licensing Wizard — Needs Detailed Specification
3.11 Procurement Section — Batch Upload Not Specified
3.12 Social Media Integration — Instagram Missing
3.13 The Chatbot — Interim Solution Needed
3.14 Annual Reports & Publications — No Home
3.15 Brand & Visual Identity — No Brief Yet
Part 4 — Strategic Recommendations
Beyond the specific gaps above, there are three higher-level strategic points worth raising.
Summary Table
Consolidated view of current state, workshop coverage, and remaining action items.
| Area | Current Site Status | Workshop Addresses? | Gap / Action |
|---|---|---|---|
| Navigation structure | Broken — department-driven, 10 items | Yes — audience-first IA | Finalise IA v1.0 before prototyping |
| Homepage | Outdated, no quick actions, no IMEI | Yes — 3-pathway split, CTAs | — |
| Content freshness | Severely stale (1972 forms, expired deadlines) | Yes — quarterly scan automation | Migration framework needed first |
| Broken links / 404s | Multiple confirmed broken links | Partially — migration mentioned | URL redirect map essential |
| 404 error page | Blank, unhelpful | Not mentioned | Design a proper 404 experience |
| Mobile experience | Broken layout, intrusive chatbot | Yes — mobile-first mandate | Remove current chatbot now |
| Search | Basic, unfiltered, no PDF indexing | Partially — “searchable libraries” | Specify search technology |
| Accessibility | Surface-level widget only, CAPTCHA fails | Not formally specified | Add WCAG 2.1 AA to spec |
| Swahili / bilingual | Absent | Schema supports it; no policy | Define bilingual content strategy |
| Cookie consent / privacy | Absent | Not mentioned | Required for GA4 + DPA 2019 |
| IMEI checker | Broken link (/imei-verification = 404) | Yes — quick action bar | Confirm tool availability for integration |
| Complaint form | Insufficient fields, inaccessible CAPTCHA | Improved form specified | Replace CAPTCHA; add name/email fields |
| Cybersecurity section | Buried, no top-level nav | Yes — elevated to top-level | — |
| Tenders / Procurement | Minimal listings, hardcoded closing time | Yes — full overhaul, auto-close | Batch upload spec still needed |
| Regional offices | Listed but no county routing | Yes — county finder specified | — |
| Data & Publications | Scattered, no central hub | Yes — new top-level section | Needs sub-structure definition |
| Licence wizard | Absent | Named in IA | Full logic tree specification needed |
| Media Centre | Unfilterable, no accreditation | Yes — full architecture | — |
| CMS roles & workflow | No structured approval chain | Yes — 6 roles, 5-step flow | — |
| Analytics | Unknown baseline | GA4 proposed | Export current data before cutover |
| User testing | None defined | Not specified | Add testing plan to project timeline |
| Uptime / disaster recovery | Not specified | Partially — Cloudflare mentioned | Full hosting spec and RTO/RPO needed |
| SSL (numbering system) | Confirmed missing | Flagged; action assigned to ICT | Fix immediately — pre-launch |
| Copyright year (footer) | Shows “2025” | — | Fix now on current site |
| Brand / visual identity | Dated; generic stock imagery | Deferred to weeks 3–4 | Confirm brand refresh scope with CA |
Source basis
This report is based on direct audit of ca.go.ke and caworkshop.designer.co.ke on 17 June 2026, cross-referenced against WCAG 2.1, Kenya's Data Protection Act 2019, PPIDA 2015, and government website best practice frameworks from Ofcom (UK) and the GOV.UK design system.