ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Difference between Software Quality Assurance and Quality Control

Updated on March 26, 2012


This article considers the difference between Quality Assurance and Quality Control. The concepts are investigated by looking for guidance from key industry players.

It is important for an organisation to agree on what is meant by QA, and what is meant by QC. Both form an integral part of the organisation’s overall quality management plan, and the effectiveness of delivery teams relies on the differences being well understood by all stakeholders, including management.

Effective quality systems can contribute enormously to the success of projects, but the counterpoint is that, when poorly understood, the quality systems are likely to be weak, and ineffective in ensuring that the delivered system satisfies the customer’s requirements, is delivered on time, and built by the team within their allocated budget.


How many times has it struck you that many practitioners involved in the ICT field lack an understanding of the difference between Quality Assurance and Quality Control? Often you will hear someone talk about ‘QA’, when what they actually mean is ‘QC’.

As a business analyst this consistently throws up problems, since having ambiguity is a sure way of undermining a project. The ambiguity tends to lead to strained conversations, and reaching consensus becomes difficult. Projects are negatively affected.

Although QA and QC are closely related concepts, and are both aspects of quality management, they are fundamentally different in their focus:

  • QA is all about the process of managing for quality;
  • QC is all about verifying the quality of the output.

Achieving success in a project requires both QA and QC. If we only apply QA, then we have a set of processes that can be applied to ensure great quality in our delivered solution, but the delivered solution itself is never actually quality-checked. Likewise, if we only focus on QC then we are simply conducting tests without any clear vision for making our tests repeatable, for understanding and eliminating problems in testing, and for generally driving improvement into the means we use to deliver our ICT solutions.

In either case, the delivered solution is unlikely to meet the customer expectation, or to satisfy the business needs that gave rise to the project in the first place.

Understanding the difference between Quality Assurance and Quality Control?

So, what exactly is the difference between Quality Assurance (QA) and Quality Control (QC)?

A good point of reference for understanding the difference is the ISO 9000 family of standards. These standards relate to quality management systems and are designed to help organisations meet the needs of customers and other stakeholders[1].

In terms of this standard, a quality management system is comprised of quality planning and quality improvement activities, the establishment of a set of quality policies and objectives that will act as guidelines within an organisation and QA and QC.

The ISO 9000 standard defines Quality Control[2] as:

“A part of quality management focused on fulfilling quality requirements”

The standard goes on to define Quality Assurance[3] as:

“A part of quality management focused on providing confidence that quality requirements will be fulfilled”

These definitions lay a superb foundation, but they are a bit too broad and vague to be useful. NASA[4], one of the most rigorous software engineering firms in the world, has provided us with the following definitions:

Software Quality Control

"The function of software quality that checks that the project follows its standards, processes, and procedures, and that the project produces the required internal and external (deliverable) products"

Software Quality Assurance

"The function of software quality that assures that the standards, processes, and procedures are appropriate for the project and are correctly implemented"

Simply put, Quality Assurance focuses on the process of quality, while Quality Control focuses on the quality of output.

Quality Assurance: a Strategy of Prevention

Leading off from the definitions above, we understand that QA is focused on planning, documenting and agreeing on a set of guidelines that are necessary to assure quality. QA planning is undertaken at the beginning of a project, and draws on both software specifications and industry or company standards. The typical outcomes of the QA planning activities are quality plans, inspection and test plans, the selection of defect tracking tools and the training of staff in the selected methods and processes.

The purpose of QA is to prevent defects from entering into the solution in the first place. In other words, QA is a pro-active management practice that is used to assure a stated level of quality for an IT initiative.

Undertaking QA at the beginning of a project is a key tool to mitigate the risks that have been identified during the specification phases. Communication plays a pivotal role in managing project risk, and is crucial for realising effective QA. Part of any risk mitigation strategy is the clear communication of both the risks, and their associated remedies to the team or teams involved in the project.

Quality Control: a Strategy of Detection

Quality Control on the other hand includes all activities that are designed to determine the level of quality of the delivered ICT solutions. QC is a reactive means by which quality is gauged and monitored, and QC includes all operational techniques and activities used to fulfil requirements for quality. These techniques and activities are agreed with customers and/or stakeholders before project work is commenced.

QC involves verification of output conformance to desired quality levels. This means that the ICT solution is checked against customer requirements, with various checks being conducted at planned points in the development lifecycle. Teams will use, amongst other techniques, structured walkthroughs, testing and code inspections to ensure that the solution meets the agreed set of requirements.

Benefits of Quality Management

The benefits of a structured approach to quality management cannot be ignored.

Quality control is used, in conjunction with the quality improvement activity, to isolate and feedback on the causes of quality problems. By using this approach consistently, across projects, the feedback mechanism works towards identifying root-cause problems, and then developing strategies to eliminating these problems. Using this holistic approach ensures that teams achieve ever higher levels of quality.

As a consequence of formulating, and executing, a quality management plan the company can expect:

  • Greater levels of customer satisfaction, which will very likely result in both repeat business, as well as referral business;
  • A motivated team that not only understand the policy objectives of the quality management plan, but who also actively participate in executing the plan;
  • Elimination of waste by eliminating rework arising from either the need to address bugs, or to address gaps in the solution’s ability to meet customer requirements;
  • Higher levels of confidence in planning, since the tasks arising from unplanned rework will fall away;
  • Financial rewards for the company, which are a consequence of new projects from existing and referral clients, as well as through the reduction of monies spent on rework tasks.

As the company’s quality management plan matures, the confidence of all stakeholders will grow. The company will be seen to be more effective and efficiency in delivering an agreed ICT solution will be demonstrated to clients.

The company stands to build a solid reputation for outstanding performance in the market place.


[1] ISO 9000 on Wikipedia:

[2] ISO 9000:2000, Clause 3.2.10

[3] ISO 9000:2000, Clause 3.2.11

[4] NASA:


    0 of 8192 characters used
    Post Comment

    • brett.arthur profile imageAUTHOR


      5 years ago from Australia

      Glad you enjoyed the article Sasha. It is always encouraging to receive positive feedback. Thanks.

    • profile image


      5 years ago

      thanx very useful

    • brett.arthur profile imageAUTHOR


      6 years ago from Australia

      Thanks for the constructive comment. I like that you have tied it back to maturity.

    • profile image

      Bryne Kent 

      6 years ago

      If our software industry is to mature, and deliver projects that meet the business needs, both on-time and within budget, then we need to both understand the difference as Brett has so well elucidated, and then to identify each step in the systems development lifecycle, and institute both the QA requirements for that step, as well as how we will perform a QC on that step, to verify that the quality is what we expect. Then, using the ISO circle model of improvement, constantly refine our QA standards. Nice article Brett!


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)