diff --git a/src/AccessControl/Implementation.py b/src/AccessControl/Implementation.py
index 8d27dc1..bf54394 100644
--- a/src/AccessControl/Implementation.py
+++ b/src/AccessControl/Implementation.py
@@ -50,9 +50,9 @@ def setImplementation(name):
     if name == _implementation_name:
         return
     if name == "C":
-        from AccessControl import ImplC as impl  # NOQA
+        from AccessControl import ImplC as impl
     elif name == "PYTHON":
-        from AccessControl import ImplPython as impl  # NOQA
+        from AccessControl import ImplPython as impl
     else:
         raise ValueError("unknown policy implementation: %r" % name)
 
diff --git a/src/AccessControl/requestmethod.py b/src/AccessControl/requestmethod.py
index 82bbfa6..393fe13 100644
--- a/src/AccessControl/requestmethod.py
+++ b/src/AccessControl/requestmethod.py
@@ -22,6 +22,7 @@
     from inspect import signature
 else:  # Python 2
     from inspect import getargspec as getfullargspec
+
     from funcsigs import signature
 
 _default = []
diff --git a/src/AccessControl/tests/testClassSecurityInfo.py b/src/AccessControl/tests/testClassSecurityInfo.py
index 80320b6..3f625d7 100644
--- a/src/AccessControl/tests/testClassSecurityInfo.py
+++ b/src/AccessControl/tests/testClassSecurityInfo.py
@@ -43,9 +43,10 @@ def assertRaises(self, excClass, callableObj, *args, **kwargs):
 
     def test_SetPermissionDefault(self):
         # Test setting default roles for permissions.
-        from AccessControl.class_init import InitializeClass
         from ExtensionClass import Base
 
+        from AccessControl.class_init import InitializeClass
+
         ClassSecurityInfo = self._getTargetClass()
 
         # Setup a test class with default role -> permission decls.
@@ -127,9 +128,10 @@ def protected_new(self, REQUEST=None):
                          [('Make food', (), ('Chef',))])
 
     def test_EnsureProtectedDecoCall(self):
-        from AccessControl.class_init import InitializeClass
         from ExtensionClass import Base
 
+        from AccessControl.class_init import InitializeClass
+
         ClassSecurityInfo = self._getTargetClass()
 
         class Test(Base):
diff --git a/src/AccessControl/tests/testModuleSecurity.py b/src/AccessControl/tests/testModuleSecurity.py
index 97a5189..7d48448 100644
--- a/src/AccessControl/tests/testModuleSecurity.py
+++ b/src/AccessControl/tests/testModuleSecurity.py
@@ -38,6 +38,7 @@ def tearDown(self):
 
     def assertUnauth(self, module, fromlist, level=import_default_level):
         from zExceptions import Unauthorized
+
         from AccessControl.ZopeGuards import guarded_import
         self.assertRaises(Unauthorized, guarded_import, module,
                           fromlist=fromlist, level=level)
diff --git a/src/AccessControl/tests/testOwned.py b/src/AccessControl/tests/testOwned.py
index 4c58833..c32c8b5 100644
--- a/src/AccessControl/tests/testOwned.py
+++ b/src/AccessControl/tests/testOwned.py
@@ -82,9 +82,10 @@ class Dummy(Implicit, Owned):
         return Dummy(*args, **kw)
 
     def test_interfaces(self):
-        from AccessControl.interfaces import IOwned
         from zope.interface.verify import verifyClass
 
+        from AccessControl.interfaces import IOwned
+
         verifyClass(IOwned, Owned)
 
     def test_getOwnerTuple_unowned(self):
diff --git a/src/AccessControl/tests/testPermissionMapping.py b/src/AccessControl/tests/testPermissionMapping.py
index fbb591b..4dd7028 100644
--- a/src/AccessControl/tests/testPermissionMapping.py
+++ b/src/AccessControl/tests/testPermissionMapping.py
@@ -4,8 +4,9 @@
 class TestRoleManager(unittest.TestCase):
 
     def test_interfaces(self):
+        from zope.interface.verify import verifyClass
+
         from AccessControl.interfaces import IPermissionMappingSupport
         from AccessControl.PermissionMapping import RoleManager
-        from zope.interface.verify import verifyClass
 
         verifyClass(IPermissionMappingSupport, RoleManager)
diff --git a/src/AccessControl/tests/testRole.py b/src/AccessControl/tests/testRole.py
index 6ef2141..c21d9ce 100644
--- a/src/AccessControl/tests/testRole.py
+++ b/src/AccessControl/tests/testRole.py
@@ -2,9 +2,10 @@
 
 
 def _makeRootAndUser():
-    from AccessControl.rolemanager import RoleManager
-    from Acquisition import Implicit
     from Acquisition import Explicit
+    from Acquisition import Implicit
+
+    from AccessControl.rolemanager import RoleManager
 
     class DummyContext(Implicit, RoleManager):
         __roles__ = ('Manager',)
@@ -46,9 +47,10 @@ def tearDown(self):
         noSecurityManager()
 
     def test_interfaces(self):
+        from zope.interface.verify import verifyClass
+
         from AccessControl.interfaces import IRoleManager
         from AccessControl.rolemanager import RoleManager
-        from zope.interface.verify import verifyClass
 
         verifyClass(IRoleManager, RoleManager)
 
diff --git a/src/AccessControl/tests/testSecurityManager.py b/src/AccessControl/tests/testSecurityManager.py
index c8a8f07..40058a0 100644
--- a/src/AccessControl/tests/testSecurityManager.py
+++ b/src/AccessControl/tests/testSecurityManager.py
@@ -54,8 +54,9 @@ def _customSecurityPolicy(self):
 class ISecurityManagerConformance:
 
     def test_conforms_to_ISecurityManager(self):
-        from AccessControl.interfaces import ISecurityManager
         from zope.interface.verify import verifyClass
+
+        from AccessControl.interfaces import ISecurityManager
         verifyClass(ISecurityManager, self._getTargetClass())
 
 
diff --git a/src/AccessControl/tests/testZCML.py b/src/AccessControl/tests/testZCML.py
index 2ca517a..f5a7dc8 100644
--- a/src/AccessControl/tests/testZCML.py
+++ b/src/AccessControl/tests/testZCML.py
@@ -96,6 +96,7 @@ def setUp(self):
 
     def tearDown(self):
         from zope.component.testing import tearDown
+
         from AccessControl.security import clearSecurityInfo
         clearSecurityInfo(Dummy1)
         clearSecurityInfo(Dummy2)
@@ -113,15 +114,17 @@ def test_security_equivalence(self):
         # declarations and ``Dummy1`` does not.  Before we do anything, none
         # of them have security access controls:
 
-        from AccessControl.tests.testZCML import Dummy1, Dummy2
+        from AccessControl.tests.testZCML import Dummy1
+        from AccessControl.tests.testZCML import Dummy2
         self.assertFalse(hasattr(Dummy1, '__ac_permissions__'))
         self.assertFalse(hasattr(Dummy2, '__ac_permissions__'))
 
         # Before we can make security declarations through ZCML, we need to
         # register the directive and the permission:
 
-        import AccessControl
         from zope.configuration.xmlconfig import XMLConfig
+
+        import AccessControl
         XMLConfig('meta.zcml', AccessControl)()
         XMLConfig('permissions.zcml', AccessControl)()
 
@@ -158,9 +161,9 @@ def test_security_equivalence(self):
 
         # Now we look at the individual permissions:
 
-        from AccessControl.ZopeSecurityPolicy import getRoles
-        from AccessControl import ACCESS_PUBLIC
         from AccessControl import ACCESS_PRIVATE
+        from AccessControl import ACCESS_PUBLIC
+        from AccessControl.ZopeSecurityPolicy import getRoles
 
         dummy1 = Dummy1()
         self.assertEqual(
diff --git a/src/AccessControl/tests/testZopeGuards.py b/src/AccessControl/tests/testZopeGuards.py
index 24c933c..7611232 100644
--- a/src/AccessControl/tests/testZopeGuards.py
+++ b/src/AccessControl/tests/testZopeGuards.py
@@ -64,8 +64,8 @@ def checkPermission(self, *args):
 class GuardTestCase(unittest.TestCase):
 
     def setSecurityManager(self, manager):
-        from AccessControl.SecurityManagement import get_ident
         from AccessControl.SecurityManagement import _managers
+        from AccessControl.SecurityManagement import get_ident
         key = get_ident()
         old = _managers.get(key)
         if manager is None:
@@ -123,8 +123,8 @@ def test_calls_validate_for_unknown_type(self):
 
     def test_attr_handler_table(self):
         from AccessControl import Unauthorized
-        from AccessControl.ZopeGuards import guarded_getattr
         from AccessControl.SimpleObjectPolicies import ContainerAssertions
+        from AccessControl.ZopeGuards import guarded_getattr
         d = {}
         _dict = type(d)
         old = ContainerAssertions.get(_dict)
@@ -679,8 +679,8 @@ def tearDown(self):
         del self._wrapped_dicts
 
     def _initPolicyAndManager(self, manager=None):
-        from AccessControl.SecurityManagement import get_ident
         from AccessControl.SecurityManagement import _managers
+        from AccessControl.SecurityManagement import get_ident
         from AccessControl.SecurityManagement import newSecurityManager
         from AccessControl.SecurityManager import setSecurityPolicy
         from AccessControl.ZopeSecurityPolicy import ZopeSecurityPolicy
@@ -722,9 +722,10 @@ def _restorePolicyAndManager(self):
             setSecurityPolicy(self._old_policy)
 
     def _getProtectedBaseClass(self):
+        from ExtensionClass import Base
+
         from AccessControl.class_init import InitializeClass
         from AccessControl.SecurityInfo import ClassSecurityInfo
-        from ExtensionClass import Base
 
         global _ProtectedBase
         if _ProtectedBase is None:
@@ -914,7 +915,9 @@ def test_guarded_next__3(self):
 
     def _compile_str(self, text, name):
         from RestrictedPython import compile_restricted
-        from AccessControl.ZopeGuards import get_safe_globals, guarded_getattr
+
+        from AccessControl.ZopeGuards import get_safe_globals
+        from AccessControl.ZopeGuards import guarded_getattr
 
         code = compile_restricted(text, name, 'exec')
 
diff --git a/src/AccessControl/tests/testZopeSecurityPolicy.py b/src/AccessControl/tests/testZopeSecurityPolicy.py
index 857debd..c2a0063 100644
--- a/src/AccessControl/tests/testZopeSecurityPolicy.py
+++ b/src/AccessControl/tests/testZopeSecurityPolicy.py
@@ -354,10 +354,12 @@ def testUnicodeRolesForPermission(self):
         self.assertTrue(v, '_View_Permission should grant access to theowner')
 
     def testContainersContextManager(self):
-        from AccessControl.SimpleObjectPolicies import override_containers
+        from types import TracebackType
+
         from AccessControl.SimpleObjectPolicies import ContainerAssertions
         from AccessControl.SimpleObjectPolicies import Containers
-        from types import TracebackType
+        from AccessControl.SimpleObjectPolicies import override_containers
+
         # Surely we have no assertions for this type:
         self.assertNotIn(TracebackType, ContainerAssertions)
         with override_containers(TracebackType, 1):
@@ -383,6 +385,7 @@ def testAqNames(self):
             'aq_inner': 1,
         }
         from AccessControl.SimpleObjectPolicies import override_containers
+
         # By default we allow all access to str, but this may have been
         # overridden to disallow some access of str.format.  So we temporarily
         # restore the default of allowing all access.
@@ -426,6 +429,7 @@ def testProxyRoleScope(self):
     def testUnicodeName(self):
         policy = self.policy
         from AccessControl.SimpleObjectPolicies import override_containers
+
         # By default we allow all access to str, but this may have been
         # overridden to disallow some access of str.format.  So we temporarily
         # restore the default of allowing all access.
@@ -455,8 +459,9 @@ def testInsaneRoles(self):
 class ISecurityPolicyConformance:
 
     def test_conforms_to_ISecurityPolicy(self):
-        from AccessControl.interfaces import ISecurityPolicy
         from zope.interface.verify import verifyClass
+
+        from AccessControl.interfaces import ISecurityPolicy
         verifyClass(ISecurityPolicy, self._getTargetClass())
 
 
diff --git a/src/AccessControl/tests/test_safe_formatter.py b/src/AccessControl/tests/test_safe_formatter.py
index 42c5ab3..4e75a08 100644
--- a/src/AccessControl/tests/test_safe_formatter.py
+++ b/src/AccessControl/tests/test_safe_formatter.py
@@ -77,6 +77,7 @@ def test_positional_argument_regression(self):
 
     def test_prevents_bad_string_formatting_attribute(self):
         from AccessControl.safe_formatter import SafeFormatter
+
         # Accessing basic Python attributes on a basic Python type is fine.
         formatted = SafeFormatter('{0.upper}').safe_format('foo')
         self.assertTrue(formatted.startswith('<built-in method upper'))
@@ -97,6 +98,7 @@ def test_prevents_bad_string_formatting_attribute(self):
 
     def test_prevents_bad_unicode_formatting_attribute(self):
         from AccessControl.safe_formatter import SafeFormatter
+
         # Accessing basic Python attributes on a basic Python type is fine.
         formatted = SafeFormatter(u'{0.upper}').safe_format('foo')
         self.assertTrue(formatted.startswith('<built-in method upper'))
@@ -117,6 +119,7 @@ def test_prevents_bad_unicode_formatting_attribute(self):
 
     def test_prevents_bad_string_formatting_item(self):
         from AccessControl.safe_formatter import SafeFormatter
+
         # Accessing basic Python types in a basic Python dict is fine.
         foo = {'bar': 'Can you see me?'}
         self.assertEqual(SafeFormatter('{0[bar]}').safe_format(foo),
@@ -135,6 +138,7 @@ def test_prevents_bad_string_formatting_item(self):
 
     def test_prevents_bad_unicode_formatting_item(self):
         from AccessControl.safe_formatter import SafeFormatter
+
         # Accessing basic Python types in a basic Python dict is fine.
         foo = {'bar': 'Can you see me?'}
         self.assertEqual(SafeFormatter(u'{0[bar]}').safe_format(foo),
@@ -152,9 +156,11 @@ def test_prevents_bad_unicode_formatting_item(self):
                           folder)
 
     def test_prevents_bad_string_formatting_key(self):
+        from persistent.list import PersistentList
+
         from AccessControl.safe_formatter import SafeFormatter
         from AccessControl.ZopeGuards import guarded_getitem
-        from persistent.list import PersistentList
+
         # Accessing basic Python types in a basic Python list is fine.
         foo = list(['bar'])
         self.assertEqual(SafeFormatter('{0[0]}').safe_format(foo),
@@ -184,6 +190,7 @@ def test_prevents_bad_string_formatting_key(self):
 
     def test_prevents_bad_unicode_formatting_key(self):
         from AccessControl.safe_formatter import SafeFormatter
+
         # Accessing basic Python types in a basic Python list is fine.
         foo = list(['bar'])
         self.assertEqual(SafeFormatter('{0[0]}').safe_format(foo),
diff --git a/src/AccessControl/tests/test_tainted.py b/src/AccessControl/tests/test_tainted.py
index 14ffe1e..9c51b36 100644
--- a/src/AccessControl/tests/test_tainted.py
+++ b/src/AccessControl/tests/test_tainted.py
@@ -21,9 +21,9 @@
 class TestFunctions(unittest.TestCase):
 
     def test_taint_string(self):
-        from AccessControl.tainted import taint_string
-        from AccessControl.tainted import TaintedString
         from AccessControl.tainted import TaintedBytes
+        from AccessControl.tainted import TaintedString
+        from AccessControl.tainted import taint_string
         self.assertIsInstance(taint_string('string'), TaintedString)
         self.assertIsInstance(taint_string(b'bytes'), TaintedBytes)
 
diff --git a/src/AccessControl/tests/test_userfolder.py b/src/AccessControl/tests/test_userfolder.py
index a5bd274..8f5c8a1 100644
--- a/src/AccessControl/tests/test_userfolder.py
+++ b/src/AccessControl/tests/test_userfolder.py
@@ -29,6 +29,7 @@ def setUp(self):
 
     def tearDown(self):
         import transaction
+
         from AccessControl.SecurityManagement import noSecurityManager
         noSecurityManager()
         transaction.abort()
@@ -53,8 +54,9 @@ def _login(self, uf, name):
         newSecurityManager(None, user)
 
     def test_class_conforms_to_IStandardUserFolder(self):
-        from AccessControl.interfaces import IStandardUserFolder
         from zope.interface.verify import verifyClass
+
+        from AccessControl.interfaces import IStandardUserFolder
         verifyClass(IStandardUserFolder, self._getTargetClass())
 
     def testGetUser(self):
diff --git a/src/AccessControl/tests/test_users.py b/src/AccessControl/tests/test_users.py
index 4c35da6..3de366c 100644
--- a/src/AccessControl/tests/test_users.py
+++ b/src/AccessControl/tests/test_users.py
@@ -25,9 +25,10 @@ def _makeOne(self, name, password, roles, domains):
         return self._getTargetClass()(name, password, roles, domains)
 
     def test_interfaces(self):
-        from AccessControl.interfaces import IUser
         from zope.interface.verify import verifyClass
 
+        from AccessControl.interfaces import IUser
+
         verifyClass(IUser, self._getTargetClass())
 
     def _makeDerived(self, **kw):
@@ -493,9 +494,10 @@ def _makeOne(self, name='admin', password='123', roles=None, domains=None):
         return self._getTargetClass()(name, password, roles, domains)
 
     def test_interfaces(self):
-        from AccessControl.interfaces import IUser
         from zope.interface.verify import verifyClass
 
+        from AccessControl.interfaces import IUser
+
         verifyClass(IUser, self._getTargetClass())
 
     def test_overrides(self):
@@ -532,9 +534,10 @@ def _makeOne(self, name='admin', password='123', roles=None, domains=None):
         return self._getTargetClass()(name, password, roles, domains)
 
     def test_interfaces(self):
-        from AccessControl.interfaces import IUser
         from zope.interface.verify import verifyClass
 
+        from AccessControl.interfaces import IUser
+
         verifyClass(IUser, self._getTargetClass())
 
     def test_overrides(self):
@@ -563,9 +566,10 @@ def _makeOne(self, name='admin', password='123', roles=None, domains=None):
         return self._getTargetClass()(name, password, roles, domains)
 
     def test_interfaces(self):
-        from AccessControl.interfaces import IUser
         from zope.interface.verify import verifyClass
 
+        from AccessControl.interfaces import IUser
+
         verifyClass(IUser, self._getTargetClass())
 
     def test_allowed__what_not_even_god_should_do(self):
@@ -614,9 +618,10 @@ def _makeOne(self):
         return self._getTargetClass()()
 
     def test_interfaces(self):
-        from AccessControl.interfaces import IUser
         from zope.interface.verify import verifyClass
 
+        from AccessControl.interfaces import IUser
+
         verifyClass(IUser, self._getTargetClass())
 
     def test_overrides(self):