Share this:

So you want to implement Quality Assurance… or should it be Quality Control?

By Bill Ferrarini, Senior Quality Assurance Analyst at SunGard Public Sector, and CISQ Member


Most companies will use these terms interchangeably, but the truth is Quality Assurance is a preventative method while Quality Control is an Identifier.


Don’t go shooting the messenger on this one, I know that each and every one of us has a different point of view when it comes to quality. The truth of the matter is we all have the same goal, but defining how we get there is the difficult part.


Let’s take a look at the different definitions taken from


Quality Assurance

Quality Control

The planned and systematic activities implemented in a quality system so that quality requirements for a product or service will be fulfilled.

The observation techniques and activities used to fulfill requirements for quality.

Quality Assurance is a failure prevention system that predicts almost everything about product safety, quality standards and legality that could possibly go wrong, and then takes steps to control and prevent flawed products or services from reaching the advanced stages of the supply chain.

Quality Control is a failure detection system that uses a testing technique to identify errors or flaws in products and tests the end products at specified intervals, to ensure that the products or services meet the requirements as defined during the earlier process for QA.



As different as the definitions are, their scope is also very different.


To define a company’s Quality Assurance strategy is to specify the process, artifacts, and reporting structure that will assure the quality of the product. To define a company’s Quality Control is to specify the business and technical specifications, release criteria, test plan, use and test cases, and configuration management of the product under development.


It is important for a company to agree on the differences between Quality Assurance (QA) and Quality Control (QC). Both of these processes will become an integral part of the companies’ quality management plan. Without this delineation a companies’ quality system could suffer from late deliveries, being over budget, and a product that does not meet the customers’ criteria.


Quality Assurance

The ISO 9000 standard for best practices states that Quality Assurance is “A part of quality management focused on providing confidence that quality requirements will be fulfilled.”


Quality Assurance focuses on processes and their continuous improvement. The goal is to reduce variance in processes in order to predict the quality of an output.


To measure a company’s success in a Quality Assurance Implementation, you would do well to monitor the follow areas:

  • Best Practices
  • Code
  • Time to Market

Quality Control

The ISO 9000 standard for best practices states that Quality Control is “A part of quality management focused on fulfilling quality requirements.”


While QA is built around known best practices and processes, QC is a bit more complicated. To Control Quality, at a minimum you need to know two pieces of information:

  • The Customer’s view of Quality
  • Your company’s view of Quality

There are certain to be gaps between these two opposing views. How well you bring those gaps together will determine the Quality of your product.


Other metrics that come into play within a Quality Control environment would be:

  • Number of defects found vs. fixed in an iteration
  • Number of defects found vs. fixed in a release
  • Defects by severity level

These are just some of the metrics you would use to measure the success of your Quality Control implementation.



Neither QA nor QC focuses on the “whose fault is it?” question. The goal of a good QA and QC implementation should be to make things better by continuously improving your quality from start to finish. This requires good communication between the QA/QC groups.


Key attributes for success are:

  • Participation: Both process owners and users need to provide their expert input on how things “should” work, and define that in a fashion that allows your Quality Control to monitor the function.
  • Transparency: Open communication and the ability to look at all aspects of the process are critical to fully understand and identify both what works and what doesn’t.
  • Clear Goals: The entire team should know the intended results.

So if your company is implementing a Quality Management System, your first order of priority will be to understand the differences between QA and QC and when established measure and improve every chance you get.


About the Author

Bill Ferrarini is a Senior Quality Assurance Analyst at SunGard Public Sector. Bill has over 25 years of experience testing software, hardware, and web browser based systems. After beginning his career as a software developer, Bill has been devoted solely to furthering the Quality Management movement. He has a diploma in Quality Management, a degree in Video and Audio Production, is a former certified ISO internal auditor, and an accomplished musician.

8 thoughts on “So you want to implement Quality Assurance… or should it be Quality Control?

  1. Hi Bill! This ASQ CSQE totally agrees. The way I explain is that QA is everything you do to preventing inserting defects; testing is understanding the behavior of the SUT, detecting and reporting defects. QA looks at how/when did they get inserted and how can we not do it again. To call testing QA is wishful thinking. And then there is a tendency to foist responsibility for q onto certain folks at certain times. Thanks for the article!

    Terry (CSQE and CBAP)

  2. BTW, Boyd Summers has the best description of a QMS I’ve heard:
    Say what you do
    Do what you say
    Prove it
    Improve it


  3. Hey Bill, a tough topic, even among SQA people. And as you prefaced, there are some things that are presented here, that I won’t agree with. QA and QC are different. That said, both could have some overlapping methods most of the time. I won’t elaborate here, because this is a challenging topic, but I think you’ve given the reader enough to ponder on. Good job!!!!

    • Thank you for the Compliment. I agree this is a tough topic.

      From the standpoint of a purist though, Assuring Quality is more than Test Plans and Test Cases etc… it also involves all of the moving parts that make up development, which is inevitably the Application Lifecycle, this is the backbone of every Software Development house.

      QC on the other hand is the implementation of that Lifecycle including the test plans, test cases, execution of the processes.

      In short, QA is the Quality that we wish to achieve and QC is simply how we measure that we have achieved that Quality.

Leave a Reply

Your email address will not be published. Required fields are marked *



Comment validation by @