It is important for an organisation to agree on what the meanings of Quality Assurance (QA) and Quality Control (QC). Both form an integral part of the organisation's quality management plan, and the effectiveness of delivery teams relies on the differences being well understood by all stakeholders, including management.

Effective quality systems can contribute enormously to the success of projects, but the counterpoint is that, when poorly understood, the quality systems are likely to be weak and ineffective in ensuring that the delivered system is delivered on time, built by the team within their allocated budget, and satisfies the customer’s requirements.

This article considers the difference between Quality Assurance and Quality Control. The concepts are investigated by looking at guidance from key industry players.

Introduction

How many times has it struck you that many practitioners involved in the ICT field lack an understanding of the difference between Quality Assurance and Quality Control? Often you will hear someone talk about ‘QA’, when what they actually mean is ‘QC’.

This ambiguity consistently throws up problems and is a sure way of undermining a project. Projects are negatively affected as it tends to lead to strained conversations and makes reaching consensus difficult.

Although QA and QC are closely related concepts, and are both aspects of quality management, they are fundamentally different in their focus:

• QC is used to verify the quality of the output;
• QA is the process of managing for quality.

Achieving success in a project requires both QA and QC. If we only apply QA, then we have a set of processes that can be applied to ensure great quality in our delivered solution, but the delivered solution itself is never actually quality-checked.
Likewise, if we only focus on QC then we are simply conducting tests without any clear vision for making our tests repeatable, for understanding and eliminating problems in testing, and for generally driving improvement into the means we use to deliver our ICT solutions.

In either case, the delivered solution is unlikely to meet the customer expectation or satisfy the business needs that gave rise to the project in the first place.

Understanding the Difference Between QA and QC

So, what exactly is the difference between Quality Assurance (QA) and Quality Control (QC)?

A good point of reference for understanding the difference is the ISO 9000 family of standards. These standards relate to quality management systems and are designed to help organisations meet the needs of customers and other stakeholders.

In terms of this standard, a quality management system is comprised of quality planning and quality improvement activities, the establishment of a set of quality policies and objectives that will act as guidelines within an organisation, and QA and QC.

In the ISO 9000 standard, clause 3.2.10 defines Quality Control as:
“A part of quality management focused on fulfilling quality requirements”

Clause 3.2.11 defines Quality Assurance as:
“A part of quality management focused on providing confidence that quality requirements will be fulfilled”

These definitions lay a good foundation, but they are too broad and vague to be useful. NASA, one of the most rigorous software engineering firms in the world, provides the following definitions:

Software Quality Control:
"The function of software quality that checks that the project follows its standards, processes, and procedures, and that the project produces the required internal and external (deliverable) products"

Software Quality Assurance:
"The function of software quality that assures that the standards, processes, and procedures are appropriate for the project and are correctly implemented"

Simply put, Quality Assurance focuses on the process of quality, while Quality Control focuses on the quality of output.

Quality Assurance: a Strategy of Prevention

QA is focused on planning, documenting and agreeing on a set of guidelines that are necessary to assure quality. QA planning is undertaken at the beginning of a project, and draws on both software specifications and industry or company standards. The typical outcomes of the QA planning activities are quality plans, inspection and test plans, the selection of defect tracking tools and the training of people in the selected methods and processes.

The purpose of QA is to prevent defects from entering into the solution in the first place. In other words, QA is a pro-active management practice that is used to assure a stated level of quality for an IT initiative.

Undertaking QA at the beginning of a project is a key tool to mitigate the risks that have been identified during the specification phases. Communication plays a pivotal role in managing project risk, and is crucial for realising effective QA. Part of any risk mitigation strategy is the clear communication of both the risks, and their associated remedies to the team or teams involved in the project.

Quality Control: a Strategy of Detection

Quality Control, on the other hand, includes all activities that are designed to determine the level of quality of the delivered ICT solutions. QC is a reactive means by which quality is gauged and monitored, and QC includes all operational techniques and activities used to fulfil requirements for quality. These techniques and activities are agreed with customers and/or stakeholders before project work is commenced.

QC involves verification of output conformance to desired quality levels. This means that the ICT solution is checked against customer requirements, with various checks being conducted at planned points in the development lifecycle. Teams will use, amongst other techniques, structured walkthroughs, testing and code inspections to ensure that the solution meets the agreed set of requirements.

Benefits of Quality Management

The benefits of a structured approach to quality management cannot be ignored.

Quality Control is used, in conjunction with the quality improvement activity, to isolate and provide feedback on the causes of quality problems. By using this approach consistently, across projects, the feedback mechanism works towards identifying root-cause problems, and then developing strategies to eliminating these problems. Using this holistic approach ensures that teams achieve ever higher levels of quality.

As a consequence of formulating and executing a quality management plan the company can expect:

• Greater levels of customer satisfaction, which will very likely result in both repeat business, as well as referral business
• A motivated team that not only understand the policy objectives of the quality management plan, but who also actively participate in executing the plan
• Elimination of waste by eliminating rework arising from either the need to address bugs, or to address gaps in the solution’s ability to meet customer requirements
• Higher levels of confidence in planning, since the tasks arising from unplanned rework will fall away
• Financial rewards for the company, which are a consequence of new projects from existing and referral clients, as well as through the reduction of monies spent on rework tasks.

As the company’s quality management plan matures, the confidence of all stakeholders will grow. The company will be seen to be more effective and efficient in delivering an agreed ICT solution to clients.

Dialog Information Technology

Dialog is a Premier Google for Work Partner and Microsoft Gold Partner in Australia and New Zealand, with over 1,200 full-time consultants and offices in all capital cities.

Dialog Information Technology provides expertise in Quality Control and Quality Assurance and services range from strategic IT consulting through full lifecycle application development and managed application services to long-term operational support.