Something that I see people confuse all the time is the difference between Quality Assurance and Quality Control. Many organisations seem to use the terms interchangeably, and most don’t seem to recognise the difference between the two things, but they are very different concepts, and both are required for the ultimate success of a software project.
So what’s the difference?
Quality Assurance
Quality Assurance (QA) is a process, and it covers the entire software development lifecycle (SDLC). It is a series of activities, controls and processes that aim to ensure that the software is built to the right level of quality from the start and that it will meet the project objectives and specifications at the end. QA is preemptive and planning based.
Quality Control
Quality Control (QC) is a set of activities designed to check that the software has been developed correctly, that it is free of software errors (bugs) and that it meets the specifications to an acceptable level of quality. QC is reactive – it is a control measure to check the work of the previous group before it is released.
An example
Let’s assume we work in a beer brewery. This brewery produces beer in 330mL bottles. At the end of the production line is a guy who’s job it is to check that the bottles are full and don’t have anything other than beer in them. He stands on the conveyor belt and checks each bottle as it goes past, removing those with problems. That is Quality Control. He doesn’t have any influence on how the rat got into one bottle, or why another bottle was only half full – he can only report those problems and return the product to the producers.
Elsewhere in the brewery there is a guy who’s job it is to make sure that no rats get into the bottles in the first place. He does this by monitoring the entire brewing and bottle-filling process, looking for any parts in the process where rats could potentially get into the bottles, and altering the process so that it is no longer possible, or at least less likely. When he deals with the rat problem, he might look at why bottles only get filled half way, and modify the process again. And so on, and so on. That is Quality Assurance – monitoring and modifying the development process so that problems are prevented before they happen.
The problem with confusing them
The biggest mistake organisations make here I think is that they put to much emphasis on Quality Control, and not nearly enough (if, indeed, any at all) on Quality Assurance. This causes us to continually stay in pure reactive mode. This is often a symptom of a company that is entirely deadline focused. If the deadline is the most important thing, then everything is rushed to the finish line, and the emphasis on Quality Control (ie, testing) is large. Developers know that they have a huge team of testers waiting to test their code, so they often reduce or drop altogether their own developer testing (unit testing, etc), which leads to more bugs, and more time wasted in the testing-bug fixing phase. When this happens, more effort and attention needs to be put on the QC end of the spectrum, leaving even less time for proper Quality Assurance. And so the cycle continues…
Quality Control and Quality Assurance are both important – but what is more important is to have a balance between them. Too much focus on QC might get your software release out tomorrow, but won’t help you build a quality process for the future.
