What is Software Quality Assurance (SQA): A Guide for Beginners

What is Software Quality Assurance?

Software Quality Assurance (SQA) is a process that assures that all software engineering processes, methods, activities, and work items are monitored and comply with the defined standards. These defined standards could be one or a combination of anything like ISO 9000, CMMI model, ISO15504, etc.

SQA incorporates all software development processes starting from defining requirements to coding until release. Its prime goal is to ensure quality.

Software Quality Assurance Plan

Software Quality Assurance

Abbreviated as SQAP, the Software Quality Assurance Plan comprises the procedures, techniques, and tools that are employed to make sure that a product or service aligns with the requirements defined in the SRS(Software Requirement Specification).

SQA plan

The plan identifies the SQA responsibilities of the team and lists the areas that need to be reviewed and audited. It also identifies the SQA work products.

The SQA plan document consists of the following sections:

  1. Purpose
  2. Reference
  3. Software configuration management
  4. Problem reporting and corrective action
  5. Tools, technologies, and methodologies
  6. Code control
  7. Records: Collection, maintenance, and retention
  8. Testing methodology

SQA Activities

Given below is the list of SQA activities:

#1) Creating an SQA Management Plan

Creating an SQA Management plan involves charting out a blueprint of how SQA will be carried out in the project with respect to the engineering activities while ensuring that you corral the right talent/team.

#2) Setting the Checkpoints

The SQA team sets up periodic quality checkpoints to ensure that product development is on track and shaping up as expected.

#3) Support/Participate in the Software Engineering team’s requirement gathering

Participate in the software engineering process to gather high-quality specifications. For gathering information, a designer may use techniques such as interviews and FAST (Functional Analysis System Technique).

Based on the information gathered, the software architects can prepare the project estimation using techniques such as WBS (Work Breakdown Structure), SLOC (Source Line of Codes), and FP(Functional Point) estimation.

#4) Conduct Formal Technical Reviews

An FTR is traditionally used to evaluate the quality and design of the prototype. In this process, a meeting is conducted with the technical staff to discuss the quality requirements of the software and the design quality of the prototype. This activity helps in detecting errors in the early phase of SDLC and reduces rework effort later.

#5) Formulate a Multi-Testing Strategy

The multi-testing strategy employs different types of testing so that the software product can be tested well from all angles to ensure better quality.

#6) Enforcing Process Adherence

This activity involves coming up with processes and getting cross-functional teams to buy in on adhering to set-up systems.

This activity is a blend of two sub-activities:

  • Process Evaluation: This ensures that the set standards for the project are followed correctly. Periodically, the process is evaluated to make sure it is working as intended and if any adjustments need to be made.
  • Process Monitoring: Process-related metrics are collected in this step at a designated time interval and interpreted to understand if the process is maturing as we expect it to.

#7) Controlling Change

This step is essential to ensure that the changes we make are controlled and informed. Several manual and automated tools are employed to make this happen.

By validating the change requests, evaluating the nature of change, and controlling the change effect, it is ensured that the software quality is maintained during the development and maintenance phases.

#8) Measure Change Impact

The QA team actively participates in determining the impact of changes that are brought about by defect fixing or infrastructure changes, etc. This step has to consider the entire system and business processes to ensure there are no unexpected side effects.

For this purpose, we use software quality metrics that allow managers and developers to observe the activities and proposed changes from the beginning till the end of SDLC and initiate corrective action wherever required.

#9) Performing SQA Audits

The SQA audit inspects the actual SDLC process followed vs. the established guidelines that were proposed. This is to validate the correctness of the planning and strategic process vs. the actual results. This activity could also expose any non-compliance issues.

#10) Maintaining Records and Reports

It is crucial to keep the necessary documentation related to SQA and share the required SQA information with the stakeholders. Test results, audit results, review reports, change request documentation, etc. should be kept current for analysis and historical reference.

#11) Manage Good Relations

The strength of the QA team lies in its ability to maintain harmony with various cross-functional teams. QA vs. developer conflicts should be kept at a minimum and we should look at everyone working towards the common goal of a quality product. No one is superior or inferior to each other- we are all a team.

Software Quality Assurance Standards

Software development life cycle and particularly, SQA may require conformance to quality standards such as:

ISO 9000: Based on seven quality management principles that help organizations ensure that their products or services are aligned with customer needs.

7 principles of ISO 9000 are depicted in the below image:

7 principles of ISO 9000

CMMI level: CMMI stands for Capability Maturity Model Integration. This model originated in software engineering. It can be employed to direct process improvement throughout a project, department, or entire organization.

5 CMMI levels and their characteristics are described in the below image:

5 CMMI levels and their characteristics

An organization is appraised and awarded a maturity level rating (1-5) based on the type of appraisal.

Test Maturity Model integration (TMMi): Based on CMMi, this model focuses on maturity levels in software quality management and testing.

5 TMMi levels are depicted in the image below:

TMMI levels

As an organization moves to a higher maturity level, it achieves a higher capability for producing high-quality products with fewer defects and closely meets the business requirements.

Elements of Software Quality Assurance

Below are 10 essential elements of SQA which are enlisted for your reference:

  1. Software Engineering Standards: SQA teams are critical to ensure that we adhere to the above standards for software engineering teams.
  2. Technical Reviews and Audits: Active and passive verification/validation techniques at every SDLC stage.
  3. Software Testing for Quality Control: Testing the software to identify bugs.
  4. Error Collection and Analysis: Defect reporting, managing, and analysis to identify problem areas and failure trends.
  5. Metrics and Measurement: SQA employs a variety of checks and measures to gather information about the effectiveness and quality of the product and processes.
  6. Change Management: Actively advocate controlled change and provide strong processes that limit unanticipated negative outcomes.
  7. Vendor Management: Work with contractors and tool vendors to ensure collective success.
  8. Safety/Security Management: SQA is often tasked with exposing vulnerabilities and bringing attention to them proactively.
  9. Risk Management: Risk identification, analysis, and Risk mitigation are spearheaded by the SQA teams to aid in informed decision making
  10. Education: Continuous education to stay current with tools, standards, and industry trends

SQA Techniques

SQA Techniques include:

  • Auditing: Auditing is the inspection of the work products and its related information to determine if a set of standard processes were followed or not.
  • Reviewing: A meeting in which the software product is examined by both internal and external stakeholders to seek their comments and approval.
  • Code Inspection: It is the most formal kind of review that does static testing to find bugs and avoid defect seepage into the later stages. It is done by a trained mediator/peer and is based on rules, checklists, entry and exit criteria. The reviewer should not be the author of the code.
  • Design Inspection: Design inspection is done using a checklist that inspects the below areas of software design:
    • General requirements and design
    • Functional and Interface specifications
    • Conventions
    • Requirement traceability
    • Structures and interfaces
    • Logic
    • Performance
    • Error handling and recovery
    • Testability, extensibility
    • Coupling and cohesion
  • Simulation: A simulation is a tool that models a real-life situation in order to virtually examine the behaviour of the system under study. In cases when the real system cannot be tested directly, simulators are great sandbox system alternatives.
  • Functional Testing: It is a QA technique that validates what the system does without considering how it does it. Black Box testing mainly focuses on testing the system specifications or features.
  • Standardization: Standardization plays a crucial role in quality assurance. This decreases ambiguity and guesswork, thus ensuring quality.
  • Static Analysis: It is a software analysis that is done by an automated tool without executing the program. Software metrics and reverse engineering are some popular forms of static analysis. In newer teams, static code analysis tools such as SonarCube, VeraCode, etc. are used.
  • Walkthroughs: A software walkthrough or code walkthrough is a peer review where the developer guides the members of the development team to go through the product, raise queries, suggest alternatives, and make comments regarding possible errors, standard violations, or any other issues.
  • Unit Testing: This is a White Box Testing technique where complete code coverage is ensured by executing each independent path, branch, and condition at least once.
  • Stress Testing: This type of testing is done to check how robust a system is by testing it under heavy load i.e. beyond normal conditions.


SQA is an umbrella activity that is intertwined throughout the software lifecycle. Software quality assurance is critical for your software product or service to succeed in the market and live up to the customer’s expectations.

We hope this article gives you a high-level overview of the concepts of Software Quality Assurance. Please share your thoughts, comments, and feedback with us below.