Software Quality Management in practice

This article provides a short overview of what software quality management activities are in practice.

Before getting too technical terms and how these activities are performed in praxis, let’s try to define these terms so we can have a common starting point for discussion. A quick look online on the definition for Software Quality will return several distinct definitions depending on the context Software Quality is employed (see this Wikipedia definition), however, to me, the most representative is similar to the definition from the ISO/IEC 9001:

Software quality:

“A metric system to classify how well the software complies with its requirements”.

Note that “requirements” within this context might apply for the technical aspects of the software but also to overall product metrics. For instance, quality might also be classified as customer perception of the final product. To some extent these definitions might even get mixed with terms that define what are the success criteria of a project – see this other post for clear definitions on project success criteria. For the classification of the software in terms of its quality, the definitions from the Consortium for IT Software Quality (CISQ), can be employed for this example as Reliability, Efficiency, Security, Maintainability and Size.

Note that it is possible for a software project to be assessed with high-quality results but with as fail within the range of the project success criteria.

Quality Assurance:

“The implementation of standardized practices in order to provide confidence that the outcomes satisfy the needed requirements”.

Quality assurance includes processes for the entire software development process e.g.: from requirement definition to product integration. It is organized into goals, commitments, activities, measurements, and verifications.

Quality Control:

“The ongoing effor and activities to evaluate the product against its quality requirements (e.g.: through identification and verification of quality indicators)”.

Quality Management:

“Ensures consistency for Product, Service or Organization through the employment of Quality Assurance, Quality Control and Quality Improvement”.

Quality Improvement:

“Efforts to systematically identify and define provisions for improving existing processes towards better quality parameters”

International Standards

For generic applications, in any industry, these topics are discussed in the ISO 9000 family of standards (e.g. ISO/IEC/IEEE 90003). However, within the context of software industry, specific standards covers these concept very consistently. For instance, the content from ISO/IEC 12207 (System and Software Engineering) and the ISO/IEC 15504 (Software Procces Improvement and Capability Determination – SPICE) can be employed to the context of any software organization in order o achieve high quality on the expected project outputs.

The ISO/IEC 12207 defines processes and best practices dedicated for the management and development of software projects whereas, the ISO/IEC 15504 provides a framework so that a project or an organization can be evaluated upon their capabilities to carry out the activities needed for the projects. The figure below (from this presentation), shows how the processes from the ISO/IEC12207 are classified under the Process Categories described in the ISO/IEC 15504. This classification is important, among other factors, when selecting the processes planned for the projects so that the Quality Assurance team can prepare the project-related activities needed to assure the quality criteria of the project.

International Standards ISO/IEC 12207 and ISO/IEC 15504
International Standards ISO/IEC 12207 and ISO/IEC 15504

In Practice

Within a software organization, these concepts are applied together as shown in the figure below (from this presentation).

Software Quality Management Processes in Practice

01) Definition of Processes

The quality management team defines the organization processes based on the requirements described in the ISO/IEC 15504 and inputs from the development teams.

This step aims to provide a framework so that the project team is able to consistently and reliably develop their projects aiming at specific capability levels. The quality management team often provides workshops in order to prepare the project teams on performing the processes.

02) Project Development

The project team develops the project following the processes defined the quality management team and (usually) rely on the technical-related processes defined in the ISO/IEC 12207.

Note that when the processes defined by the quality team are granular enough to support project-dedicated needs, the project team might rely completely on the organization software processes to develop their projects.

03) Project / Organisation Assessment

A quality management team collects information on how the project team developed the project (e.g.: through a quality assessment) and classify the level of adherence on the processes through the evaluation of the outcomes generated.

Note that whereas internal assessments and quality checks can be performed by the internal quality team of the organization, quality assessments aimed to obtain official certifications must be performed by authorized 3rd party organizations.

04) Process Improvement

The Quality management team and the Project Teams analyses the outcomes of the assessments and employes this information as feedback to improve the overall processes of the organization with better processes, detailed descriptions of the process activities, documentation templates, and activity guidelines.


The concepts briefly discussed in this article are detailed defined International standards for software engineering, project management, and capability level classification. The application of these international standards do require some level of extra activities and are often ignored by non-informed industry professionals (especially by less regulated industries such as web, mobile or game development). However, facts have consistently shown that the non-application of such methodologies can effectively reduce the probability of success of a project.

Armando Perico


Leave a Reply

Your e-mail address will not be published. Required fields are marked *

Post comment