Week 6 - Quality Control vs. Quality Assurance

Questions and Answers

Quality Control focuses on [ Select ] and is the process of managing for quality, while Quality Assurance focuses on [ Select ] and ensures that processes are followed.

Quality Control focuses on detection and is the process of managing for quality , while Quality Assurance focuses on prevention and is used to verify the quality of the output .

According to the reading (The Difference Between Quality Assurance and Quality Control), Quality Assurance focuses on which of the following options? (Select all that are applicable)

Preventing (correct)

Planning (correct)

Documenting (correct)

Agreeing on a set of guidelines (correct)

The reading 'The Difference Between Quality Assurance and Quality Control' discusses some of the techniques that teams will use throughout the development cycle to control quality. Which one of the following options is not one of the Quality Control techniques discussed in the reading?

Automation (correct)

Code Inspections

Structured Walkthroughs

Testing

Quality Control is a method to verify quality , that aims to identify and improve the defects . Quality Control is the process to verify the deliverables and is responsible for software testing lifecycle . An example of Quality Control is VALIDATION .

Quality Assurance is the technique of managing quality , that aims to prevent the defects . Quality Assurance is the process to create the deliverables and is responsible for software development lifecycle . An example of Quality Assurance is Verification .

According the reading (The Difference Between Quality Assurance and Quality Control)Links to an external site. is the following statement true or false? "Quality assurance does not eliminate the need for Quality control as QC lies at the very core of Quality management."

True

According to the reading 'What is Auditing?', what are the four phases in the Audit cycle? (Select all that apply)

Audit reporting

According to the reading 'What is Auditing?', which of the following options is not one of the audit types discussed?

Project Audit

Which of the following definitions correctly defines 'Auditing' as per the reading 'What is Auditing'?

On-site verification activity, such as inspection or examination, of a process or quality system, to ensure compliance to requirements.

According to the reading (What is Auditing?), classify the following types of audits as Internal, External, or both Internal and External

First party = Internal Second party = External Third party = External

Process, Product, System

[ Select ] audit: verifies that processes are working within established limits and evaluates an operation or method against predetermined instructions or standards to measure conformance to these standards and the effectiveness of the instructions.

[ Select ] audit: examines a particular product or service, such as hardware, processed material, or software, to evaluate whether it conforms to requirements (i.e., specifications, performance standards, and customer requirements).

3. System audit: is documented activity performed to verify, by examination and evaluation of objective evidence, that applicable elements of the system are appropriate and effective and have been developed, documented, and implemented in accordance and in conjunction with specified requirements.

Answer 1: Process Answer 2: Product Answer 3: System

Match the categories of IT risks to the appropriate business critical area as discussed in the reading (IT Risk Management):

Security = Compromised business data due to unauthorized access or use. Availability = Inability to access your IT systems needed for business operations. Performance = Reduced productivity due to slow or delayed access to IT systems. Compliance = Failure to follow laws and regulations (e.g. data protection).

As discussed in the reading on IT Risk Management, which of the following are examples of potential impacts of a security breach? (Select all that are applicable)

Damage to your business physical assets

Which of the following statements about IT risks is not true?

IT risks often come from adequate management of processes and events.

Based on the reading (IT Risk Management), which of the following areas of a business can IT risk affect? (Select all that are applicable)

Service continuity

Based on the reading (IT Risk Management), which of the following options is not an example of an IT risk?

All of the options are examples of an IT risk.

The reading 'IT Risk Management' discusses that managing various types of IT risks starts with identifying three factors. What are the three factors? (Select all that apply)

Identifying the type of threats affecting your business.

Correctly order the steps in the IT risk management process from 1 to 6: Assess risks, Review processes and procedures, Develop contingency plans, Identify risks, Develop incident response, Mitigate risks.

Identify risks = Step:1 Assess risks = Step:2 Mitigate risks = Step:3 Develop incident response = Step:4 Develop contingency plans = Step:5 Review processes and procedures = Step:6

Which of the following statements are true about IT Risk Control? (Select all that apply)

Use a third-party IT provider if you lack in-house skills.

Which of the following are examples of an IT risk? (Select all that apply)

Security Breaches

Study Notes

Quality Control and Assurance

• Quality Control focuses on managing for quality and aims to identify and improve defects.
• Quality Assurance focuses on ensuring processes are followed and aims to prevent defects.
• Quality Assurance techniques are focused on the prevention of defects.
• Verification is an example of Quality Control.
• Validation is an example of Quality Assurance.
• Quality Assurance does not eliminate the need for Quality Control.
• Quality Control is at the core of Quality Management.

Auditing

• The four phases in the audit cycle are:
  • Planning
  • Execution
  • Reporting
  • Follow-up
• Types of audit discussed in the reading include:
  • Financial
  • Operational
  • Compliance
  • Information Systems
  • Performance
• Auditing is the systematic and independent examination of evidence to provide assurance about the effectiveness of risk management, control, and governance processes.

Types of Audits

• Process audit: verifies processes are working within established limits and evaluates operations against predetermined instructions or standards.
• Product audit: examines a product or service to ensure it meets requirements.
• System audit: verifies elements of a system are appropriate, effective, and developed according to specified requirements.

IT Risk Management

• Categories of IT risks and their corresponding business critical areas:
  • Availability: Operations
  • Confidentiality: Security
  • Integrity: Information
  • Compliance: Legal and Regulatory
• Potential impacts of a security breach:
  • Loss of data
  • Financial losses
  • Reputational damage
  • Legal repercussions
• Areas of a business that IT risk can affect:
  • Operations
  • Security
  • Finance
  • Legal
  • Reputation
• Factors that impact IT risk:
  • Threat: the potential for something bad to happen
  • Vulnerability: a weakness that could be exploited
  • Impact: the potential consequences of a risk
• Steps in the IT risk management process in order:
  1. Identify risks
  2. Assess risks
  3. Mitigate risks
  4. Develop contingency plans
  5. Develop incident response
  6. Review processes and procedures
• IT Risk Control:
  • Reduces the likelihood of a risk occurring
  • Reduces the impact of a risk if it occurs
• Examples of IT risks:
  • Data breaches
  • System failures
  • Cyberattacks
  • Natural disasters

Description

Test your understanding of Quality Control and Quality Assurance. This quiz will explore the differences between managing for quality and ensuring processes are followed, helping you gain clarity on these essential concepts in quality management.