Software Quality Assurance, Quality Control, and Testing – the Basics of Software Quality Management

When it comes to websites and applications, constant website crashes and enrollment issues may have just as serious consequences and kill even the most successful business. If you’ve been following the theme, you’ve probably heard about the Starbucks debacle. One Friday morning, the company lost $3 million in sales simply because something went wrong with their register system after a fresh update, and they had to give away free coffee.

Another example of a company that got off to a bad start with a new product due to inadequate QA software testing is Google. On the day of the presentation of their new AI chatbot Bard, which was touted as a better replacement for ChatGPT, it made a factual mistake. This was enough to cause Google’s shares to drop $100 billion that same night – almost a year’s worth of stock gains!

And while companies like Starbucks and Google have the resources to recover from these kinds of mistakes, most SBMs would be brought to their knees, showing how costly mistakes IT departments can be. This is why it’s so important to have strong testing strategies and practices in place.

In this article, we’ll talk about the role of Quality Assurance (QA), Quality Control (QC), and testing in the Software Development Life Cycle (SDLC). We will also delve into the key principles, testing techniques, and best practices that companies should adopt to ensure their products meet the highest standards of quality.

Understanding Software QA, Quality Control, and Testing

Before we go any further, let’s start by clarifying what exactly software testing means because, while it seems all pretty simple, there’s quite a lot to it.

This concept was introduced as a means of accessing the conformance of software with implicit (things customers expect from a product based on their previous experiences) and explicit expectations (these are specific targets customers expect in terms of product quality and performance). Here are the two types of software testing conducted for this purpose:

• Functional, which focuses on the product’s functionality from the user’s point of view, e.g. its ease of use, convenience, UI design, absence of glitches, clear contact forms, price-to-quality ratio, and so on.
• Non-functional (or structural), performed to assess the inner components of the software, e.g. its code maintainability, scalability to handle increased loads, security measures, compatibility across different platforms and browsers, the list goes on.

Of course, assessing the quality of a product through structural testing without having expertise in this field isn’t easy. Therefore, structural quality testing is entrusted to experienced testers who possess a deep understanding of software architecture, coding principles, and system internals. Functional testing, on the other hand, is performed through software quality management activities, such as QA, QC, and testing.

Now, let’s look more closely at the aspects of functional testing. Quite often, when people talk about QA, QC, and testing, they mean the same thing. However, this isn’t entirely correct. Although all of these aspects are inherently aimed at delivering a high-quality product, they use different techniques (which we’ll cover later in the article).

What Is Software Quality Assurance?

Quality Assurance (QA) or Software Quality Assurance (SQA) is a term used to describe a systematic process of assessing the quality of software solutions and implementing ways to improve them. In a broader context, SQA refers to the organizational part of quality management when everyone on the team knows exactly in what order things need to be done and strictly adheres to these rules. This is the basis without which further testing is impossible.

Processes Involved

• Recognize and identify quality standards applicable in software development.
• Conduct regular quality reviews.
• Carry out processes for recording test data.
• Arrange and maintain documentation for QC measures.

Methods Used in QA

Let’s dive into the key QA methods that teams rely on to check their websites and applications for issues and bugs. In general, there are two types — non-functional and functional. Let’s start by quickly going through the phases of non-functional testing, which look like this:

• Vulnerability testing aims to detect any potential issues that could expose a website or application to security threats such as cyberattacks, data breaches, or unauthorized access.
• Compatibility testing is conducted to check the product’s compatibility with operating systems, browsers, hardware, and software to ensure that it functions correctly and consistently across different environments.
• Usability testing is executed to ensure that the product’s user interface is easy to understand and use so that end users can interact with a website or application intuitively and efficiently.
• Performance testing allows teams to ensure that the product’s performance remains consistent and flawless under various conditions, including high loads, low battery, and so on.

Now, it’s time to look more closely at functional testing methods. Here they are:

• Unit testing  is used to test different parts and components of the software in isolation. Unit tests are written before building a module to test specific functions, classes, or modules in the codebase.
• Integration testing focuses on evaluating how different components or modules of the software interact with one another when integrated. It verifies that data flows smoothly between these integrated parts and that they work cohesively as a whole.
• System testing extends to the whole framework, enabling test engineers and developers to identify stability issues and spot bugs they haven’t noticed before.
• Acceptance testing is typically one of the final phases before the product’s release, which involves end-users and stakeholders to validate that the product meets requirements and expectations.

Advantages of Software QA

The advantages of implementing quality assurance in software development are numerous, including but not limited to the following aspects:

• Reduced risks of costly errors and rework. Since most errors are prevented early in software development, less time and resources are spent on major technical reviews in later stages.
• A high level of motivation. When everyone understands the product requirements and expectations, they are motivated to contribute their best efforts towards achieving a common goal.
• A culture of continuous improvement. With SQA requirements, teams rather collaborate with each other than supervise, which helps cultivate a culture of constant improvement and boosted productivity.
• Compliance with industry standards and regulations. Last but not least, software quality assurance testing helps ensure that products adhere to industry-specific standards and regulatory requirements. This is particularly important for niches such as healthcare, finance, and manufacturing, where non-compliance may lead to financial consequences.

Examples of QA

Here are some examples of QA activities:

• Project planning;
• Internal/external audits;
• Process analysis;
• Establishing standards;
• Arranging training courses for the team, and more.

What Is Quality Control?

QC refers to the meticulous examination of the software product to identify any deviations from established standards and specifications. It’s the process of monitoring and inspecting each phase of the SDLC to ensure that the final product meets the desired quality criteria. To put it in simpler terms, think of it as having a manager run quality checks on the website’s functionality by randomly testing its various components.

Processes Involved

• Monitor and inspect software at different stages of the SDLC.
• Take precautions to prevent bugs and errors in the initial stages of software development.
• Constantly analyze data to identify areas for improvement.
• Keep records of the actions taken to maintain accountability.

Methods Used in QC

There are two common methods used in software quality control testing — inspection and statistical quality control. Let’s talk about each in detail.

Starting with inspection, this approach falls into the following three categories:

• 100% product inspection and sample inspection.
• Process inspection.
• Inspection analysis.

Depending on the scale of a project, the product can be inspected either completely, which is usually done when the cost of defects is extremely high, or partially. In the latter case, companies typically choose a sample representative of the entire product lot and use sample results to decide if the product is good.

When it comes to statistical quality control, it focuses on three key aspects:

• Sampling plans and analysis, which allow organizations to measure the liquidity of the product by executing selective tests of product components
• Control charts.
• Corrective measures.

By checking samples of the final product along with control charts showing quality deviations from acceptable limits, teams can decide whether to move forward with product deployment or whether corrective action needs to be taken.

Advantages of QC

Below, we’ve briefly outlined the common benefits of implementing QC.

• Customer loyalty. Consistent delivery of high-quality software leads to building a  loyal customer base
• Reduced costs. No bugs and errors means no additional costs to fix software solutions.
• Constant improvement. Tracking common error patterns helps avoid them in the future.

Examples of QC

• Inspection;
• Random samples control;
• Verification and validation;
• Manual & automated testing;
• Measurements, etc.

What Is Testing?

Testing is the process of checking a product as a whole and each of its parts separately. It can be carried out in many different ways using both manual approach and automated testing tools depending on the scale and goals of a project.

Processes Involved

• Develop a strategy outlining what aspects of the product will be tested, how testing will be conducted, and what criteria will define success.
• Create test cases that cover a wide range of functionalities of a product.
• Run test cases, either manually or through automated tools.
• Document any issues or deviations from expected behavior.
• Repeatedly test the software after each change or update to ensure that new modifications haven’t affected the product’s performance and functionality.

Differences Between SQA, SQC, and Testing

Now that we’ve looked at each of these concepts separately, let’s compare them side by side so you can better understand how they differ from each other.

1) Difference in Approach

The first difference is in the approach. While quality assurance is a proactive process, focused on preventing issues before the development process even begins, QC takes a more reactive stance by focusing on detecting issues after the product is developed. In regards to testing activities, they serve as a means by which the quality of the product itself is validated and ensured.

2) The Focus Is Different

QA is focused on procedures that need to take place to ensure the product quality, such as creating documentation, conducting audits, monitoring changes and updates, training staff, and so on. QC, on the other hand, is focused on the product. To find bugs and issues, teams use different types of testing, including software testing, batch inspection, validation, beta testing, etc. As you’ve guessed, testing is the method of checking the software for issues under the verification process.

3) Different Final Goal

The goal of software QA testing is to develop standard requirements for each step of the development cycle so that the final product falls in line with the established quality criteria. The goal of QC is to ensure that the product is vetted from bugs and is ready for release. And the purpose of testing is to create and execute test cases to help identify and fix potential issues.

4) Different Areas of Responsibility

Another distinct difference between these three aspects is who accomplishes the work. In the case of QA, the quality standards are set up through coordinated efforts of development, testing, and managerial teams and are met by each team member. QC, in turn, is the responsibility of a small dedicated team charged with inspecting and validating the product, while testing is usually carried out by a team of testers working in-house or remotely. 

To make it a tad bit easier for you, we’ve put together a comparison chart that summarizes the key points.

What Do Software Quality Assurance, Quality Control, and Testing Have in Common?

Although QA, QC, and testing aren’t the same thing, they are related to each other. Let’s look at what ties them together despite the differences:

• Improvement of software quality. All three — QA, QC, and testing — have the common goal of enhancing software quality, although in SDLC, they approach it from different angles and at different stages.
• Interdependence. None of these processes can exist without one another. QA sets the rules and ways things should be done for QC. QC uses these rules to assess the product’s quality, and testing verifies that the product follows these rules. They all work together to make sure the software is good.
• Continuous improvement. All three promote a culture of continuous improvement. QA strives to continually improve processes and procedures for better quality outcomes. QC identifies problems that need to be fixed. And testing provides feedback for process refinement.
• Client-centric. QA, QC, and testing ultimately serve the interests of clients and stakeholders, ensuring that the product aligns with their requirements and functions as expected.
• Risk mitigation. Last but not least, they collectively contribute to risk mitigation by defining preventive measures and uncovering and managing issues and defects.

By and large, while QA, QC, and testing have distinct roles and objectives, they team up to build a strong system that not only stays on guard of the product quality but also constantly improves things and makes sure software development goes smoothly.

The Role of Testing in SDLC

Testing is critical in SDLC. The sooner a product is tested, the faster issues are found, and the less money and time it takes to fix them. Let’s look at the role of testing in relation to existing software development models.

Testing in the Waterfall Model

Waterfall model is a traditional model of software development, in which each stage strictly follows the other. The team starts with planning, then analyzing, and then designing a prototype. Next comes the implementation phase and testing, after which the product moves to the post-production maintenance stage.

This is in the ideal scenario where everything goes smoothly and no bugs have been found at an earlier stage. However, in reality, things don’t always work out the way they should. And while it’s not so critical to find a bug at the design stage, finding it after the product is already built takes significantly more costs and resources to fix it. Just so you can get an idea, the cost of fixing a bug during implementation is 6 times higher than during the design stage, which is a lot.

Therefore, it’s so important to test every feature of a product while it’s still in development so you don’t miss critical defects that can lead to major setbacks and increased expenses later in development. And the Waterfall model, with its strict, sequential approach, doesn’t cope with this task.

Agile Testing

To overcome the challenges faced by the Waterfall model, agile methodologies have emerged as a popular and effective alternative. In this model, testing is performed in sprints along with the development process, allowing software engineering teams to identify bugs and fix them on the spot.

What’s more, getting testers involved in the early stage of the development process has a positive impact on the communication of the team. By closely collaborating with developers and stakeholders, teams can prevent misunderstandings, which can significantly speed up the development process. No wonder over 86% of US companies have adopted agile methodologies, and those who haven’t done so yet are planning to turn to agile in the coming years.

In agile software development, Quality Assurance isn’t just about building a QA team. It’s a practice that is embedded within the entire development team’s mindset and workflow where everyone’s working to achieve a top-quality product right from the start.

DevOps Testing

DevOps is a relatively new methodology that has been developed as an extension of Agile to improve the coordination between development and operations teams. However, in contrast to Agile, DevOps promotes the idea of continuous integration and delivery (CI/CD) and automation that allow for more frequent software deliveries. This way, whenever a new code is committed or there are some changes in the environment, test engineers can quickly validate the code to avoid bottlenecks later in the pipeline.

It’s worth noting that because DevOps testing has to be executed at every stage of the SDLC, testers are expected to have strong technical skills and even have the knowledge of the code. Otherwise, they might not be able to effectively carry out testing activities. .

The Methods of Software Testing

As we mentioned earlier, the main goal of software testing is to reduce the presence of errors in ready software solutions so they can be safely delivered to end users. However, the truth is that no software is 100% bug-free. Moreover, it cannot be fully tested due to the infinite number of possible inputs, configurations, and scenarios that users might encounter.

Therefore, QA engineers use different methods to identify the best test cases depending on specified test conditions. Let’s take a closer look at these methods:

Black-Box Testing

This method focuses on examining the software’s functionality without delving into its internal code structure. Testers treat the software as a “black box” (hence the name), where they input various sets of data and observe the outputs to ensure they align with expected results.

Black box testing is particularly valuable for validating user interactions, input validations, and overall system behavior. It ensures that the software performs correctly from an end-user perspective, regardless of how it’s implemented internally.

Used for:

• Functional, performance, use case, and usability testing.

White Box Testing

Contrary to the black box method, this technique involves in-depth knowledge of the code, which is why, most often, it’s executed either by developers or software architects. They examine the code, algorithms, and system architecture to identify potential flaws and vulnerabilities and ensure that all code paths are properly executed.

Used for:

• Unit and security testing.

Gray Box Testing

As it comes from the name, gray box testing combines elements of both black box and white box techniques. Testers are expected to have partial knowledge of the software’s internal structure, allowing them to design test cases that consider both functional and structural aspects of the application.

Used for:

• Integration and security testing.

Ad Hoc Testing

Ad hoc is a flexible and spontaneous approach. It doesn’t follow predefined test cases or scripts. Test engineers, often with a good understanding of the application and domain, explore the software freely, trying different actions and inputs based on their intuition and experience. This method is especially useful for uncovering unexpected issues, irregular behaviors, and disability problems that may not be covered by formal test cases.

Used for:

• Usability and exploratory testing, quick checks for critical issues.

Regression Testing

This is an iterative method aimed at ensuring that new code changes or updates do not introduce new defects or disrupt existing functionality. Test cases from previous cycles are re-executed to verify that the software still operates correctly after modifications. Regression testing can be applied to all testing types and at all levels and is often automated to minimize time, effort, and labor costs.

Seven Principles of Software Testing

Before wrapping up, let’s touch upon the principles of software testing that every QA professional should know and apply in order to ensure effective and reliable outcomes. These seven principles are described in the book “Foundations for Software Testing” by Dorothy Graham, Erik Van Veenedaal, and Isabel Evans and serve as guiding rules.

Here are these rules:

1. Testing Reveals the Presence of Mistakes

First and foremost, it’s important to understand that testing doesn’t insure against mistakes. As we’ve mentioned earlier, there’s no 100% bug-free software and the whole idea of testing is to ensure that the number of these issues is reduced to a minimum.

2. It’s not Possible to Perform Exhausting Testing

Secondly, it’s impossible to test all the potential test cases and scenarios that may arise in an application. To give you the gist, a simple form with 5 input fields and two options would require creating 32 different test cases to cover all combinations.

Now imagine more complex software with numerous features and value options. To fully test this software, teams would need to spend weeks creating every possible scenario and input, which is impractical and costly. Therefore, instead of wasting time and resources on a task that’s not possible to accomplish, organizations focus on the most critical areas of software where defects are most likely to occur.

3. Test Early

As we stated earlier, the cost of fixing a bug increases exponentially throughout the software development life cycle, so it’s important to involve professional teams as early in the development process as possible. By working in parallel with the development team, test engineers can quickly identify defects and bugs and ensure  they don’t add up and destroy the logic of the entire product.

4. Defect Clustering

Defect clustering is based on the Pareto principle, which says that 80% of bugs and defects are typically found in 20% of system modules. This way, if a bug is found in one of the modules, chances are high there are more issues hidden from view.

5. Pesticide Paradox

The Pesticide paradox principle emphasizes the need for continuously updating and evolving test cases. It recognizes that as a software product evolves, the same set of test cases, if repeatedly used, may become less effective at finding defects. Therefore, it’s necessary to regularly review test strategies and introduce new test scenarios, data inputs, and techniques to keep pace with the changing software.

6. Testing Is Context Dependent

This principle basically means that testing different types of software applications will require different approaches, techniques, and methodologies. For instance, safety measures that are of high importance for fintech applications have a lower priority for corporate websites. In the same vein, you’ll need to use different approaches when testing an e-commerce application.

7. Absence of Errors Fallacy

If the software is free from bugs, this isn’t always an indicator of proper quality. It can very well be the case that it’s been tested for the wrong requirement. Of course, the primary goal of software QA and QC is to minimize the amount of defects, but more than anything else, it is also to ensure that the software product meets the user needs and expectations.

Conclusion

To wrap up, SQM is an important part of the software development process. By establishing a strong SQA plan, companies can significantly improve all aspects of software quality, ensuring their products conform to the highest industry standards and meet customers’ needs. More importantly, it can save them from costly mistakes that come from getting a product too fast to market.

Starbucks isn’t the only company that suffered due to the system error. Take Knight Capital Group Inc, for example. Because the company rushed to release an untested software, it lost over $460 million in less than a minute and almost went bankrupt if not for investors who saved it by coming up with $400 million. Therefore, it’s crucial that the product’s quality is maintained at all stages of development, from inception to release and beyond.