top of page
Search

Welcome to QA, QC, and QMS Chronicles...

kool020207
Jun 24, 20229 min read

Updated: Jun 10, 2023

Unraveling the Mysteries of Quality: Exploring QA, QC, and QMS.



Greetings readers,

Welcome to QA (Quality Assurance), QC (Quality Control), and QMS (Quality Management System) Chronicles, a captivating journey where I will take you from A to Z in the realm of software testing. As a passionate QA Manager and a self-proclaimed QA/QC/QMS enthusiast, I am thrilled to embark on this adventure with you.

QA (Quality Assurance), QC (Quality Control), and QMS (Quality Management System) are three distinct concepts within the realm of quality management. While QA and QC are specific activities within the broader context of QMS, they serve different purposes. I will try to shed some light on the concepts below-

QA (Quality Assurance)

QA stands for Quality Assurance and as the name suggests, it focuses on assuring the quality of the software throughout its development lifecycle. It involves a comprehensive approach to quality, including processes, methodologies, and activities that ensure the software meets the required standards and customer expectations. QA activities are not limited to testing alone but extend to all aspects of software development, such as requirements gathering, design, coding, and deployment.


Let me clarify the relationship between QA and STLC within the broader context of the Software Development Life Cycle (SDLC).

To understand the relationship between QA and the Software Development Life Cycle (SDLC), let's explore the Software Testing Life Cycle (STLC) within the broader context of the SDLC. The SDLC encompasses the entire software development process, starting from the initial concept to final deployment and maintenance. It consists of phases like requirements gathering, design, development, testing, deployment, and maintenance. Within the SDLC, the STLC is a specific framework that focuses on the testing phase of software development. It provides a structured approach to testing and quality assurance, ensuring that the software meets desired quality standards.


STLC is a series of steps or phases that are followed during the development of a software application (SDLC) and QA activities are performed throughout the STLC to ensure that a product or service meets specified quality requirements. The goal of QA is to prevent defects or errors from occurring in the first place and to identify and correct any issues that do arise during or later in the Software Development Lifecycle (SDLC). In the software development process, QA involves various activities throughout the software development life cycle (SDLC) using STLC phases.


STLC typically includes the following -

  1. Requirement Analysis: Reviewing and analyzing project requirements to ensure they are clear, complete, and testable.

  2. Test Planning: Develop a comprehensive test plan that outlines the testing objectives, scope, resources, and schedules.

  3. Test Design/Test Case Development: Creating test cases and test scenarios based on the requirements and design specifications.

  4. Test Environment setup : Test Environment Setup involves configuring the necessary hardware, software, and network infrastructure to create a controlled testing environment that closely resembles the production environment, allowing testers to execute test cases accurately and simulate real-world scenarios.

  5. Test Execution: Run the test cases and record the results. This may involve manual testing, automated testing, or a combination of both.

  6. Defect Tracking: Documenting and tracking any defects or issues identified during testing, including their severity and priority.

  7. Reporting: Provide reports and summaries of testing activities, test results, and overall product quality to stakeholders.

  8. Integration/Regression Testing: Repeating tests on previously tested functionality to ensure that changes or fixes have not introduced new defects.

  9. Continuous Improvement: Analyzing the test results and the QA process itself to identify areas for improvement and implement corrective actions.

However, it is important to note that QA is not solely confined to testing activities within the STLC. It also involves activities such as quality planning, process improvement, quality control, and the establishment of quality standards and guidelines. QA aims to ensure that the entire software development process adheres to quality standards and best practice. QA is a broader concept that encompasses activities beyond testing and is focused on assuring the overall quality of the software throughout its development lifecycle. While QA is an integral part of the STLC, it extends beyond testing and encompasses various other quality-related activities.


QC (Quality Control)

In the context of software testing, QC stands for Quality Control and is a reactive process that focuses on identifying and addressing quality issues after they occur. While QA focuses on preventing defects and ensuring the overall quality of the software, QC involves the actual testing and inspection of the software to identify and correct any defects or issues.


QC activities typically occur during the testing phase of the Software Testing Life Cycle (STLC). Here's how QC relates to the different phases of STLC:

  • Test Planning: During this phase, QC teams collaborate with QA teams to define the testing approach, test cases, and test environments. They also ensure that the necessary testing tools and resources are available for executing the tests effectively.

  • Test Design: QC teams review and validate the test cases designed by QA teams. They ensure that the test cases cover all the necessary scenarios and adequately test the functionality and features of the software.

  • Test Execution: QC teams perform various testing activities, such as functional testing, integration testing, system testing, performance testing, and regression testing. They execute the test cases, observe the software's behavior, and identify any defects or deviations from expected results.

  • Defect Management: QC teams are responsible for logging defects or issues found during testing. They provide detailed information about the defects, including steps to reproduce them and assign them to the development team for resolution. QC teams also track the progress of defect resolution and verify the fixes provided by the development team.

  • Test Reporting: QC teams generate test reports that document the test execution results, defect metrics, and overall qualitystatus. These reports provide stakeholders with an overview of the testing effort and the software's quality at the time of testing.

  • Test Closure: During the test closure phase, QC teams participate in activities such as final defect analysis, test summary reporting, and lessons learned. They contribute to the assessment of the software's overall quality and provide valuable insights for future testing cycles.

QC activities in STLC focus on the actual testing and inspection of the software to identify defects and ensure its adherence to quality standards. QC verifies the software's behavior and identifies issues that need to be addressed by the development team. Both QA and QC work together to achieve the overall goal of delivering a high-quality software product.

QMS (Quality Management System):

A Quality Management System (QMS) is a set of policies, processes, and procedures that are implemented within an organization to ensure the quality of products or services throughout the Software Development Life Cycle (SDLC). It provides a structured framework for managing quality-related activities and ensuring that they are consistent, effective, and aligned with industry standards. In the context of SDLC, a QMS focuses on quality management within the software development and delivery processes.

ISO 9001 and ISO 27001 are two important international standards that focus on different aspects of quality management and information security management, respectively. Some of the key details about each standard and its requirements are described below:


ISO 9001 (Quality Management System):

ISO 9001 sets out the criteria for a quality management system (QMS) and is based on a set of quality management principles.

  • Context of the Organization: Organizations are required to determine the internal and external factors that impact their ability to achieve desired outcomes and identify relevant interested parties. This helps in understanding the organization's context and aligning the QMS accordingly.

  • Leadership: Top management is expected to demonstrate leadership and commitment to quality by establishing a quality policy, defining quality objectives, and ensuring the QMS is effectively implemented and maintained.

  • Planning: The standard emphasizes the need for organizations to identify risks and opportunities, set quality objectives, and develop plans to achieve them. This includes planning for processes, resources, and actions to address potential issues and improve performance.

  • Support: Organizations must provide the necessary resources, competent personnel, infrastructure, and a suitable work environment to support the effective implementation of the QMS.

  • Operations: This section covers the planning, execution, and control of processes necessary to meet customer requirements and enhance customer satisfaction. This includes processes such as design and development, production, service delivery, and control of external providers.

  • Performance Evaluation: Organizations are required to monitor, measure, analyze, and evaluate their QMS performance. This includes conducting internal audits, performing management reviews, and collecting feedback from customers to identify areas for improvement.

  • Improvement: ISO 9001 emphasizes the importance of continuous improvement. Organizations must take corrective actions to address nonconformity, prevent their recurrence, and implement preventive actions to eliminate potential issues.

The ISO 9001 certification demonstrates an organization's commitment to quality and can enhance its reputation and competitiveness.

ISO 27001 (Information Security Management System):

ISO 27001 is the international standard for information security management systems (ISMS). While it primarily focuses on information security, it also addresses the quality aspects of an organization's QMS concerning information security management. Here's how ISO 27001 addresses QMS:

  • Information Security Objectives: ISO 27001 requires organizations to establish information security objectives that are aligned with business objectives and ensure that these objectives are measurable and consistent with the organization's QMS.

  • Risk Assessment and Treatment: Organizations are required to perform a risk assessment to identify information security risks and implement risk treatment measures. These measures may include implementing controls, defining security procedures, and ensuring compliance with legal and regulatory requirements.

  • Documentation and Control: ISO 27001 emphasizes the need for proper documentation and control of information security-related processes, policies, procedures, and records. This ensures that the QMS is effectively implemented and maintained.

  • Internal Audits: Regular internal audits are necessary to assess the effectiveness of information security controls and processes. Internal audits help identify gaps, non-conformities, and areas for improvement within the QMS related to information security.

  • Management Review: Similar to ISO 9001, ISO 27001 requires management reviews to evaluate the performance of the information security management system. These reviews provide an opportunity to assess the effectiveness and suitability of the QMS and make necessary improvements.

By aligning the QMS with ISO 9001 and ISO 27001, organizations can enhance their overall quality and information security management, ensuring customer satisfaction, continuous improvement, and effective control of risks associated with information security.

And finally, here are some of the key aspects of the QMS in the Software Development Lifecycle (SDLC):

  • Quality Policies and Objectives: A QMS defines the organization's quality policies and sets specific quality objectives that need to be achieved during the software development process. These policies and objectives guide the overall quality management efforts.

  • Documentation and Standards: A QMS establishes guidelines for documentation, including templates, formats, and standards for documenting requirements, designs, test cases, and other artifacts. This ensures that the documentation is consistent, well-structured, and adheres to industry best practices.

  • Process Definition and Improvement: A QMS defines the processes and workflows to be followed during SDLC phases. It outlines the steps, activities, and responsibilities for each process, ensuring that they are efficient, effective, and comply with quality standards. The QMS also emphasizes continuous process improvement to enhance efficiency and quality.

  • Risk Management: A QMS includes mechanisms for identifying, assessing, and managing risks associated with software development. This ensures that potential risks are identified early, appropriate risk mitigation strategies are implemented, and risk monitoring and control mechanisms are in place throughout the SDLC.

  • Quality Assurance (QA) Activities: A QMS defines the QA activities to be performed during SDLC phases. It encompasses activities such as requirement analysis, test planning, test design, test execution, defect management, and reporting. QA activities aim to prevent defects and ensure that the software meets specified quality requirements.

  • Quality Control (QC) Activities: A QMS also includes QC activities that focus on testing and inspection to identify and correct defects during the SDLC. These activities involve executing test cases, logging and tracking defects, verifying defect fixes, and ensuring the overall quality of the software.

  • Audits and Reviews: A QMS incorporates periodic audits and reviews to assess the effectiveness of quality management processes, adherence to standards, and compliance with defined policies. These audits help identify areas for improvement and ensure ongoing compliance with quality requirements.

  • Training and Competency: A QMS addresses the training needs of the development team and ensures that they have the necessary skills and knowledge to carry out their roles effectively. This includes training programs, knowledge-sharing initiatives, and competency assessments to enhance the capabilities of the team members.

Overall, QMS in SDLC establishes a systematic approach to quality management throughout the software development process. This ensures that quality-related activities are planned, executed, and monitored consistently, resulting in the delivery of high-quality software products and services.

Together, these concepts contribute to maintaining high-quality standards, customer satisfaction, and continuous improvement within an organization. By implementing effective QA, QC, and QMS practices, businesses can enhance product/service quality, reduce defects, and build a reputation for delivering excellence.

Here's a breakdown of some of the differences between them-

Quality Assurance (QA):

  • QA is a proactive approach to quality management focused on preventing defects and ensuring that processes and standards are established and followed.

  • It involves activities such as establishing quality objectives, developing quality plans, defining quality standards and procedures, and implementing process controls.

  • QA aims to build quality into the processes and systems, promoting continuous improvement, and minimizing the likelihood of defects or non-compliance.

Quality Control (QC):

  • QC is a reactive approach to quality management that involves detecting defects or issues in products, services, or processes.

  • It focuses on activities such as inspections, testing, measurements, and analysis to identify and correct defects, ensuring that products or services meet defined quality standards.

  • QC is concerned with the operational activities that verify and validate the quality of the output, emphasizing compliance with established specifications.

Quality Management System (QMS):

  • QMS is a comprehensive framework that encompasses both QA and QC activities, as well as other elements of quality management.

  • It is a structured set of policies, processes, procedures, and resources that guide an organization in achieving its quality objectives.

  • QMS includes the systematic planning, implementation, control, and continuous improvement of quality-related activities to ensure customer satisfaction and meet regulatory requirements.

  • It establishes the framework for integrating QA and QC practices, defining roles and responsibilities, and ensuring adherence to quality standards throughout an organization.

The below chart provides a visual representation of QA (Quality Assurance), QC (Quality Control), and QMS (Quality Management System), showcasing their distinct roles within the realm of Quality Management Systems.


To summarize, while QA and QC are focused on ensuring quality, they differ in their approach. QA emphasizes prevention through systematic processes, while QC focuses on inspection and detection. QMS, on the other hand, is a broader framework that encompasses both QA and QC within an organization's quality management practices.

If you have any specific questions or would like more detailed information on any of these topics, feel free to ask!

Yours in quality,

Faruque Patwary

QA Manager and Chief Storyteller at the QA Chronicles





32 views0 comments

Comments

Rated 0 out of 5 stars.
No ratings yet
Add a rating
bottom of page