1. Compliance-and-Standards
  • Getting-Started
    • CYBEXO Developer Documentation
    • Quickstart (5 to 10 Minutes)
    • Documentation Overview
    • Concepts and Glossary
  • Compliance-and-Standards
    • Compliance Overview
    • IAB TCF v2.3 Support
    • Google Consent Mode v2 Validation
    • TCF API Validation
    • Audit Checklist (Pre-Launch)
  • Web-and-CMS-Integrations
    • CYBEXO CMP SDK – Web & GTM Setup
    • Integrate CYBEXO CMP with Webflow and Wix
    • Integrate CYBEXO CMP with WordPress
    • Integrate CYBEXO CMP with Drupal
    • Integrate CYBEXO CMP with Shopify
    • Google Tag Manager (GTM) Template Guide
  • Mobile-SDKs
    • CYBEXO CMP SDK - iOS Setup
    • iOS SDK API Reference
    • CYBEXO CMP SDK - Android Setup
    • Android SDK API Reference
    • App Attribution Partner (AAP) Integrations
  • Developer-Reference
    • Web JS API Reference
    • Consent Event Schema
    • Deployment and Environments
    • CYBEXO Debug Tool
    • Troubleshooting Playbook
    • Performance and Best Practices
    • Accessibility and UX Guidelines
    • Localization Workflow
    • Migration Guide
  • Security-and-Privacy
    • Security Overview
    • Privacy Architecture
    • Data and Logging Transparency
    • Subprocessors
    • CSP and Network Allowlist
  • Enterprise-and-Legal
    • DPA and Legal Pack
    • RFP Feature Matrix
    • Status and Reliability
    • Support and Escalation
    • CYBEXO CMP SDK – Commercial Licence
  • Operations
    • Changelog and Version Policy
  1. Compliance-and-Standards

Audit Checklist (Pre-Launch)

Last updated: April 26, 2026
Use this checklist before every production go-live.

1. Banner and UX#

EEA/UK flow: Accept and Reject are both visible and equally accessible.
US flow: required opt-out/privacy controls are visible.
Non-banner/global informational flow: banner suppression (or informational-only Continue) matches policy.
Where consent UI is shown, it can be reopened from a persistent link/button.
First and second layer text matches approved legal copy.
Keyboard navigation works for all controls.

2. Consent Mode v2#

default command fires before tag execution.
update command fires after user action in banner regions.
No-banner regions resolve to granted defaults where banner is intentionally not shown.
All four keys are present: ad_storage, analytics_storage, ad_user_data, ad_personalization.

3. TCF v2.3#

__tcfapi is available.
TC string updates when user changes preferences.
Vendor and purpose settings match dashboard policy.

4. Technical Quality#

CMP script loads once only.
CSP and allowlist permit CMP domains.
No console errors during consent flow.
Caching layer does not serve stale CMP config.

5. Evidence Package#

Screenshot of banner first layer and second layer (EEA/UK test session).
Screenshot/log from non-banner session showing granted defaults.
Tag Assistant trace.
Browser console output for consent checks.
TCF checks and TC string sample.
Debug export from CYBEXO Debug Tool.

6. Sign-Off#

Engineering sign-off
Privacy/legal sign-off
Release owner sign-off
Support runbook updated
Previous
TCF API Validation
Next
CYBEXO CMP SDK – Web & GTM Setup