Shell Method™ Software Engineering Process Repository
Software Quality Assurance (SQA) is a formal process for evaluating and documenting the quality of the work products produced during each stage of the Software Development Lifecycle (SDLC). The primary objective of the SQA process is to ensure the production of high-quality work products according to stated requirements and established standards.
This Software Quality Assurance Plan (link to printable version) fully describes this topic.
This SQA process is tailored to fit the current software development effort and is related to the project planning and lifecycle description documents for this project. Projects are classified as small to medium database development efforts; large software development efforts require more rigorous controls and more frequent reviews than are described here.
The methodology presented here is based on the Software Engineering Institute's (SEI) Capability Maturity Model (CMM) and the Institute for Electrical and Electronics Engineers (IEEE) standards for Information Management. This SQA process:
Makes use of the principal project participants as defined SDLC and SPMP.
Describes the processes for deliverable reviews and software testing.
Defines deliverable class standards to be applied during reviews of stage deliverables.
Identifies the work products produced as a result of the review and testing efforts.
The SDLC defines a series of stages; each stage is defined as a separate operation with specific inputs and outputs. This SQAP implements assessments and reviews at specific points within each of these stages. Please refer to the SDLC for a description of the structure, inputs to and outputs from each of the stages. The terms and stage descriptions defined there are used extensively in this SQA plan.
For each project deliverable, as many as three types of formal reviews are conducted after the end users and development team have informally agreed that the deliverable content is accurate. The three review types are:
End-user review, conducted by at least one Subject Matter Expert (SME) who is familiar with the software product under development.
Technical review, conducted by at least one experienced software developer who is familiar with the product under development.
Quality Assurance review, conducted by an independent Quality Assurance Reviewer (QAR).
Each review is conducted in alignment with the reviewer's area of expertise and in accordance with the review criteria described in the associated Deliverable Class Standard and review form. Refer to Chapter 2 for a discussion of Deliverable Class Standards. By tailoring the review focus to the expertise of the reviewer, this SQA plan prevents redundancy and inappropriate reviews.
In a database development effort, three principal roles are defined:
Primary End-user Representative (PER)
Primary Developer Representative (PDR)
Quality Assurance Reviewer (QAR)
The PER acts as the primary point of contact and principal approver for the end-user community. The PER is responsible for ensuring that end-user reviews are conducted on time and by appropriate subject matter experts.
The PDR acts as the primary point of contact and principal approver for the developer community. The PDR is responsible for the conduct of technical reviews in a timely manner and by appropriate development team members.
The QAR acts as the independent quality assurance reviewer for the project. The QAR will work independently from the development team to ensure objective audits and reviews of the work products and processes of this software development project.
The following standards were used as guides to develop this SQA process. The standards were reviewed and tailored to fit the specific requirements of small database projects using the referenced SDLC:
ANSI/IEEE 730.1: Standard for Software Quality Assurance Plans
ANSI/IEEE 1028: Standard for Software Reviews and Audits
ANSI/IEEE 1012: Standard for Software Verification and Validation
SEI/CMMI: PPQA key process area