Quality assurance vs. quality control: what is the difference?

Branimir Hrzenjak
11 minutes
Reading time

It goes without saying that you want your software to be of high quality.

That means it is characterized by intuitive controls, user satisfaction, and seamless functionality.

When software doesn’t have these characteristics, it tends to harbor bugs and be a source of frustration for the user.

To make sure you’re producing high-quality software, it’s vital to invest in two disciplines: quality assurance and quality control.

These two terms might seem interchangeable, but each is actually a separate discipline.

If you’re unsure what they mean, don’t worry—you’re in the right place. Read on to find out what the two terms entail and what their differences are.

What is quality assurance

Quality in software development is typically associated with optimized workflows, minimal software bugs, and a positive user experience.

To achieve these attributes, there is an organizational effort dedicated to overseeing quality, called quality management.

As part of this endeavor, there must be a clearly-defined quality ideal.

And to maintain these standards, quality management encompasses an entire subset dedicated to enacting procedures and policies—quality assurance.

In sum, quality assurance ensures that various methods, techniques, and approaches are designed well enough to guarantee high quality.

For example, a core component of quality assurance is auditing, defined as follows:

Audit quote by Charles Mill
Illustration: Shake / Data: ASQ

Auditing analyzes processes connected with development and judges if they meet high standards of software quality.

As part of this inspection, the auditor compares company operations with industry-standard regulations—ISO/IEC 25010.

ISO/IEC 25010 defines software quality requirements and contains guidelines for quality assurance. High-performing businesses should meet their quality models.

Here’s an excerpt:

Source: ISO/IEC 25010

These characteristics define the software qualities necessary for users to meet their goals. Furthermore, each attribute is described with clear definitions.

For example, here’s the adaptability entry:

adaptability entry
Source: ISO/IEC 25010

With this detailed explanation, you can easily gauge if your current processes support such product adaptability as described above.

Such written regulations are hugely helpful, as employees can directly compare procedures with suggested recommendations.

Another valuable document for quality assurance is the WCAG—which stands for Web Content Accessibility Guidelines.

Accessibility is a significant factor in software quality, as the following statistic proves:

1 in 4 U.S. adults reported a disability
Illustration: Shake / Data: CDC

Considering this high number, it’s imperative to focus on accessibility to maintain a high-quality standard. Otherwise, you risk segregating an entire audience segment.

Here’s an excerpt from the WCAG on how to design for accessibility:

Source: WCAG

This criterion aids those with hearing impairments. Imagine your website or application hosted a video lacking such captions—you would alienate part of your user base and consequently lose on quality.

As such, the WCAG is also an excellent reference for ensuring your software adheres to accessibility quality standards.

Bug and crash reporting tool for your mobile app.

In addition to such documentation, quality assurance also utilizes project management frameworks such as Scrum, Kanban, etc.

These are used to maintain the quality of your company’s operational processes.

Such frameworks all incorporate clear guidelines regarding roles, ceremonies, and work philosophies, automatically empowering teams to work more efficiently.

For example, here’s the Scrum framework:

Scrum framework
Source: Scrum

Employees have an exact schedule for maintaining and deploying software and are assisted with explicitly defined procedures, such as the daily scrum, sprint review, and similar.

The consistency of these processes facilitates and improves the workflow of the employees, providing a consistent framework to guide their efforts.

Without quality assurance, it’s unlikely such a framework would be implemented.

What Is quality control

Just as quality assurance is a subset of quality management, quality control is a subset of quality assurance.

There wouldn’t be quality control without quality assurance providing guidance.

While developing software, it’s vital to regularly inspect it to ensure everything is functioning correctly.

This is quality control’s function—utilizing systematic processes to detect defects and verify the software’s quality.

The easiest way to do this is to perform testing. These are the essential testing types:

Testing types
Source: Shake

Component or unit testing assesses each unit individually and is usually performed during early development.

The next step is evaluating how the units interact in a module as a group. This is called integration testing.

Following this is system testing, which tests the entire software system and verifies if it complies with functional requirements.

Finally, the last level is acceptance testing. The software is trialed against user requirements to ensure users’ expectations are met.

These four stages ensure the software doesn’t contain anything impairing its quality, e.g., UI issues, security lapses, and—most importantly—bugs.

Bugs prevent the software from functioning correctly. Consequently, an essential task in quality control is detecting such errors and, perhaps even more crucially, triaging them.

By categorizing these issues, quality control establishes an organized approach to improving software quality.

Here’s a bug-solving categorization guide:

Bug priority chart
Source: Applause

If there’s a critical bug significantly damaging business and users, for instance, if the app is prone to crashing, a hotfix is necessary.

However, the resolution can wait for the next release if a bug doesn’t greatly impact either the business or the user. UI elements in the wrong place fit this category.

Finally, if there’s no tension on the business or user side (e.g., typos), the issue can be moved to the backlog.

Detecting and triaging such bugs is significantly facilitated by using a bug reporting tool. With such resources, any employee can easily participate in quality control.

For example, with Shake, simply shake your mobile device, and a comprehensive bug report will immediately be sent to the developers.

Here’s a sample bug report:

Gentoo screenshot
Source: Shake

The report contains everything the developers will need: environment details, logs, screenshots and screen recordings, steps to reproduce, etc.

These quick, detailed reports empower employees to produce information essential to improving the software’s quality, therefore streamlining the quality control process.

The importance of quality control is well illustrated through the example of Knight Capital Americas.

The financial firm deployed untested software to production, which cost them $460 million in 45 minutes.

Here’s what went down:

Knight loss
Illustration: Shake / Data: SEC

There was inadequate quality control, with only one developer reviewing the deployment. The testing was insufficient, resulting in Knight Financial Services suffering significant losses.

Had quality control been appropriately conducted, with extensive testing, it’s likely that the error wouldn’t have occurred.

Quality assurance vs. quality control: key differences

Due to a shared goal of improving software quality, it can be challenging to differentiate between quality assurance and quality control.

Nevertheless, the two terms should not be used interchangeably. Each discipline has its own distinguishing factors not present in the other.

These differences are visible just by examining their definitions, as the ISO 9000 standard defines the two terms as follows:

QA vs QC definitions
Illustration: Shake / Data: ISO 9000 

Quality assurance sets the stage for quality control. The discipline ensures that organizational policies and procedures are correctly implemented and beneficial to the company.

On the other hand, quality control monitors that these stipulations are carried out correctly—that the resulting software is satisfactory and fulfills quality requirements.

To summarize, quality assurance focuses on the process, whereas quality control is centered on the product.

The former uses procedures to guarantee high quality and the latter checks that high quality is achieved in the product.

The visual below depicts some examples of each activity type:

QA vs QC - procedures vs product
Source: Shake

The continuous integration/continuous delivery pipeline is a quality assurance hallmark, as it ensures several benefits, such as a stable architecture, a rapid feedback cycle, and more.

Other examples include documentation (ensuring the codebase is accessible to all), prototyping (preparing for a new product release), and personnel training (e.g., in project management frameworks).

Quality control then measures the effectiveness of these procedures by running software tests, detecting and logging bugs, and even verifying if the training sessions were successful.

These activities are the final product check and are usually performed by a specialized team of experienced testers. However, quality assurance should happen across all departments.

Since quality control verifies software quality, its activities usually occur later in the software development life cycle.

This is another deviation from quality assurance, which is ongoing throughout the entire SDLC.

In other words, the two also differ in their duration.

The visual below depicts this:

QA and QC in SDLC
Source: Shake

Quality assurance is best performed during the entire SDLC to maintain functioning processes that will aid the project’s success throughout all phases.

Quality control, however, checks the quality of developed software. Consequently, it can only occur from the penultimate SDLC stage onwards, once the software has been built.

This difference, and all others, are depicted in a final summary here:

QA vs QC
Source: Shake

Quality assurance is a proactive, organization-wide effort to create favorable policies for the entire software system. This is all ongoing during the whole SDLC.

On the other hand, quality control is a team-wide endeavor that verifies the quality of each particular software part. These activities only happen at the end of the SDLC.

Despite the shared aim of high-quality software, the two have very different characteristics.

Quality assurance or quality control: do you need both

Although quality assurance and quality control are different, the two depend on one another. Each discipline complements the other, facilitating their practices.

Without quality control, quality assurance couldn’t know if their procedures were effective and resulted in high-quality software. There would be no review of organizational processes.

On the flip side, if there were no quality assurance, testers would be overwhelmed with software bugs and probably spend much more time correcting them.

The two practices are reliant on each other, and the following image visualizes this well:

Source: Dialog

They are two sides of the same coin and are both necessary for ensuring software quality. If you remove either one, your software’s caliber would suffer.

The necessity of both quality assurance and quality control is perhaps best illustrated through the PDCA cycle—a model for achieving continuous improvement and maintaining high quality.

Here’s its framework:

PDCA cycle
Source: Shake

The planning stage is for deciding goals and organizational standards, and, during this part of the process, the procedures are planned in a way that ensures excellence.

Afterward, it’s time to do—to test your solution according to the planned procedures. This is best done on a small scale.

Next up is the check. This is when quality control comes in and analyzes the results to verify the solution is viable.

Finally, you can act. Thanks to quality assurance and quality control, everything is in order, and you’re free to implement your solution.

This PDCA cycle utilizes both quality assurance and quality control practices to manage your software’s quality, proving how the two disciplines complement one another.

However, if you abstain from quality assurance or quality control, you might experience the following:

Consequences of ignoring QA and QC
Source: Shake

With no quality control tests, you’ll lose a formal review process and miss out on product feedback.

Another after-effect is user dissatisfaction. Removing quality assurance and quality control will result in poor quality, which is bound to disappoint users.

Miscommunication is also a repercussion, as quality assurance establishes well-functioning communication channels that aren’t easy to replace.

Finally, a lack of quality management reduces productivity since employees will spend more time correcting mistakes than performing their usual tasks.

Now that we know some of the disadvantages of neglecting quality assurance and quality control, it’s clear that it’s worth implementing these disciplines into your organization.

One easy method is to utilize a quality management tool like Qualio. This resource incorporates both quality assurance and quality control into one single platform.

Here’s an example:

Validation responsibilities
Source: Qualio

Qualio manages and generates documentation while performing continuous testing to ensure everything is in working order.

In other words, it conducts both quality assurance and quality control.

Your task is to monitor the software and configure its settings.

Qualio does the rest of the work, providing you with automated processes for the two disciplines essential to your software’s success.


Both quality assurance and quality control are needed to produce and maintain high-quality software.

Despite their differences, the two disciplines depend on one another and significantly facilitate the other’s workflow.

Quality assurance consists of process-oriented activities that create procedures and standards to optimize software development.

Conversely, quality control focuses on the product and verifies that the finished software complies with the standards quality assurance has set.

As such, the two disciplines have several differences, e.g., in duration, approach, and personnel. Nevertheless, they share a common goal: producing high-quality software.

About Shake

Shake is a bug and crash reporting tool for mobile apps. It was founded in 2019 with the mission to help app developers spend less time on debugging and manual overhead — and growing daily since thanks to a small and dedicated team of geeks based in the EU.

Meet your favorite bug and crash reporting tool.

Add to app in minutes

Doesn’t affect app speed

GDPR & CCPA compliant