Quality Assurance Plan
How quality will be ensured — standards, checks, and responsibilities.
20 free credits on signup — no card needed
About this Document
What a quality assurance plan is
A quality assurance plan is the document that sets out, in advance, how an organisation will make sure its work meets a defined standard — every time, not by luck. It names the standards the work will be held to, the processes and checkpoints that keep the work on track, the measurements that prove quality is being achieved, the people accountable for each part, and the way problems are caught and fixed before they reach the customer. It is a prevention document: its job is to build quality in, rather than inspect defects out at the end.
Unlike a one-off test plan, a QA plan is broad and durable. It governs a product line, a department, a service, or a whole programme of work, and it stays in force across many individual jobs. A good QA plan turns "we care about quality" into something concrete and repeatable: anyone can read it and know exactly what good looks like, how it is checked, and who answers for it.
A strong plan does three things at once. It makes the standard explicit so expectations are shared rather than assumed. It makes quality measurable so progress is visible and arguments are settled with data. And it makes quality owned so that when something slips, it is clear who acts and how.
QA versus QC — a distinction that matters
People use "QA" and "QC" interchangeably, but they are different jobs and confusing them weakens both.
Quality assurance (QA) is process-focused and proactive. It asks, "Are we working in a way that will reliably produce good results?" QA designs the workflow, writes the standards, trains the people, and audits whether the process is being followed. It happens throughout the work and aims to prevent defects from occurring in the first place.
Quality control (QC) is product-focused and reactive. It asks, "Did this specific item meet the standard?" QC inspects, tests, and measures the actual output — the part on the line, the document delivered, the meal plated — and rejects or reworks anything that fails. It happens to the finished or in-progress product and aims to detect defects that have already occurred.
A simple way to remember it: QA is building the recipe and the kitchen routine so the dish comes out right; QC is tasting the dish before it leaves the pass. Both are needed. QA without QC means you trust the process but never verify the output; QC without QA means you catch defects endlessly but never fix the cause. A complete QA plan describes both — the assurance activities that shape the process and the control activities that check the result — and is clear about which is which.
Quality standards and metrics
Quality only means something when it is measured against an agreed standard. Standards come from several places, and a plan should name the ones that apply:
- External standards — formal frameworks such as ISO 9001 for quality management systems, industry-specific norms, or regulatory requirements the work must legally satisfy.
- Customer requirements — the specifications, tolerances, and service levels promised to the people receiving the work.
- Internal standards — the organisation's own benchmarks, style guides, checklists, and acceptance criteria that define "good enough to ship".
Standards are made operational through acceptance criteria — the specific, checkable conditions a piece of work must meet to be accepted — and tracked through metrics. Useful quality metrics include:
- Defect rate — defects found per unit, per batch, or per release.
- First-pass yield — the percentage of output that meets the standard the first time, without rework.
- Rework / scrap rate — the share of work that has to be redone or discarded.
- Customer-reported issues — complaints, returns, or support tickets traced to quality failures.
- On-time, in-full delivery — whether the work arrived complete and on schedule.
- Audit findings — the number and severity of process non-conformances found during reviews.
The discipline is to choose a small set of metrics that genuinely reflect quality, set a target for each, and review them on a fixed cadence. A metric with no target is just trivia; a target no one reviews is just a wish.
Processes and checkpoints
The heart of a QA plan is the set of processes that produce the work and the checkpoints built into them where quality is verified before the work moves on. A checkpoint — sometimes called a quality gate, hold point, or stage gate — is a defined moment where work pauses, is checked against its acceptance criteria, and is only allowed to proceed if it passes.
Good checkpoints share a few traits. They sit at natural handoff points — between stages, before a costly step, or just before delivery — so a defect is caught before more effort is spent on top of it. Each one has a clear pass/fail rule rather than a subjective judgement. And each one names an owner who performs the check and has the authority to stop the work if it fails.
A typical chain of checkpoints runs from inputs to output: verify the inputs (materials, requirements, or data are correct before work starts), check in-process quality at key milestones, run a final inspection or test before release, and confirm quality after delivery through feedback and monitoring. The plan should list each checkpoint, what it checks, its acceptance criteria, who owns it, and what happens when it fails. That last point — the path for failed work — is what separates a real plan from a hopeful one.
Roles and responsibilities
Quality is everyone's job, but if it is only everyone's job, it is no one's job. A QA plan makes ownership explicit. Common roles include:
- Quality manager / QA lead — owns the QA plan itself, sets standards, runs audits, and reports on quality to leadership. Accountable for the system, not for inspecting every item.
- Process owners — the managers responsible for each stage of work, who ensure their team follows the defined process and meets its acceptance criteria.
- Inspectors / QC staff / reviewers — the people who carry out the checks at each checkpoint and record the results.
- Operators / contributors — everyone doing the work, responsible for first-line quality and for flagging problems early rather than passing them downstream.
- Sponsor / leadership — provides the mandate, resources, and authority for quality to be enforced, and receives the quality reports.
A useful tool here is a responsibility matrix (often RACI: Responsible, Accountable, Consulted, Informed) that maps each quality activity to a person, so there is never a gap or an overlap about who acts.
Continuous improvement (the PDCA cycle)
A QA plan should never be static. The most widely used engine for keeping it alive is the PDCA cycle — Plan, Do, Check, Act, sometimes called the Deming cycle:
- Plan — decide what good looks like, set targets, and design the process and checkpoints to reach them.
- Do — carry out the work according to the plan, on a small scale first where possible.
- Check — measure the results against the targets and study what the metrics and audits reveal.
- Act — where results fall short, find the root cause, change the process, and standardise the improvement; where they meet the target, lock the gain in. Then the cycle begins again.
PDCA matters because the goal of QA is not to police a fixed standard forever but to raise the standard over time and to drive out the recurring causes of defects. Each loop should be fed by real data — the metrics, audit findings, and non-conformance reports the plan already produces — and should aim at the root cause, not the symptom. A QA plan that schedules regular reviews and feeds the lessons back into the process is a living system; one that is written once and filed is just paperwork.
Common mistakes to avoid
- Confusing QA with QC. Treating inspection at the end as your whole quality strategy means you keep catching the same defects without ever fixing why they happen. Plan for prevention, not just detection.
- Standards no one can check. "High quality" is not a standard. Every requirement needs a specific, measurable acceptance criterion, or it cannot be enforced fairly.
- Metrics without targets or review. Collecting numbers nobody acts on wastes effort and breeds cynicism. Set a target for each metric and a fixed cadence to review it.
- Checkpoints with no teeth. A gate that work always passes through regardless of result is theatre. Each checkpoint needs a real pass/fail rule and an owner empowered to stop the work.
- Unassigned ownership. When quality is "everyone's responsibility" with no named owners, accountability evaporates. Map each activity to a person.
- A plan that never changes. Quality erodes when the plan is written once and ignored. Build in the improvement loop so the plan learns from its own data.
- Treating QA as the quality team's job alone. Quality is produced by the people doing the work; the QA function enables and verifies it. A plan that walls quality off in one department will not hold.
Required Sections
Purpose & Scope
what this plan covers and why
Quality Objectives
measurable quality targets and success criteria
Roles & Responsibilities
who owns each quality function
Standards & Criteria
quality benchmarks, regulations, and acceptance thresholds
QA Processes
review, testing, and inspection procedures
Defect Management
how issues are logged, prioritized, and resolved
Reporting & Metrics
quality KPIs, dashboards, and review cadence
Optional Sections
Tools & Infrastructure
QA toolchain, test environments, and automation
Training & Competency
required skills and team readiness levels
Audit Schedule
planned internal and external audit dates
Continuous Improvement
process for incorporating lessons and raising standards
Frequently Asked Questions
What is the difference between QA and QC?
How is a quality assurance plan different from a test plan or a project QA plan?
What quality metrics should a QA plan track?
What is a quality checkpoint or quality gate?
What is the PDCA cycle and how does it relate to a QA plan?
Who is responsible for quality assurance?
Ready to create your document?
Use our free template or generate a custom version tailored to your needs.
20 free credits on signup — no card needed
This document is for informational purposes and serves as a general guide.
Last reviewed: June 4, 2026