Description

This curriculum spans the design and governance of quality assurance systems across complex, regulated environments, comparable in scope to a multi-phase organisational capability build or a cross-functional process transformation initiative.

Module 1: Defining Quality Objectives and Alignment with Business Strategy

Selecting measurable quality attributes (e.g., defect density, mean time to repair) that directly support business KPIs such as customer retention or time-to-market.
Negotiating acceptable thresholds for quality metrics with product owners when conflicting priorities exist between speed and robustness.
Mapping regulatory compliance requirements (e.g., ISO 13485 for medical devices) to specific product quality objectives during initial planning.
Documenting traceability between strategic goals and quality targets to justify investment in quality assurance activities.
Establishing escalation paths when quality objectives cannot be met due to resource or timeline constraints.
Integrating voice-of-customer data into quality planning to prioritize features and non-functional requirements.

Module 2: Risk-Based Approach to Quality Planning

Conducting FMEA (Failure Modes and Effects Analysis) to prioritize testing and inspection activities based on severity, occurrence, and detection scores.
Allocating QA resources to high-risk components identified through architectural complexity or third-party dependency analysis.
Updating risk registers quarterly to reflect changes in project scope, technology stack, or external threats.
Implementing early-stage static analysis in CI/CD pipelines for modules with high cyclomatic complexity.
Deciding when to accept residual risk versus investing in additional mitigation controls.
Documenting risk treatment decisions for audit purposes, including rationale for deferring certain test activities.

Module 3: Designing Quality Assurance Processes and Workflows

Selecting between manual and automated test approaches based on test stability, execution frequency, and maintenance overhead.
Defining entry and exit criteria for each phase of the SDLC to gate progression (e.g., code coverage thresholds before UAT).
Integrating peer review checkpoints into development workflows using pull request templates and mandatory reviewer assignments.
Configuring test environment provisioning to mirror production within budget and infrastructure constraints.
Standardizing defect classification schemes to enable consistent triage and reporting across teams.
Implementing rollback procedures for failed QA gate approvals in continuous delivery pipelines.

Module 4: Integrating Quality Metrics and Measurement Systems

Selecting leading versus lagging indicators (e.g., test pass rate vs. post-release defects) for management reporting.
Configuring dashboards to aggregate data from disparate tools (Jira, SonarQube, Jenkins) without creating reporting latency.
Setting baseline metrics during project stabilization periods to avoid skewed performance comparisons.
Addressing data integrity issues when integrating legacy systems into modern quality monitoring platforms.
Defining ownership for metric collection and validation to prevent accountability gaps.
Adjusting measurement frequency (daily, sprint-based) based on project phase and stakeholder needs.

Module 5: Supplier and Third-Party Quality Oversight

Defining contractual SLAs for defect resolution timelines and test evidence delivery from external vendors.
Conducting on-site audits of supplier QA processes when regulatory compliance is required.
Requiring third-party components to provide SBOMs (Software Bill of Materials) for security and license compliance.
Implementing inbound integration testing protocols for vendor-developed modules before system integration.
Negotiating access rights to vendor test environments for independent verification.
Managing version compatibility risks when multiple suppliers deliver interdependent components.

Module 6: Change Management and Configuration Control

Enforcing change approval workflows for production deployments using CAB (Change Advisory Board) procedures.
Using version control tags and baselines to reproduce test conditions for audit and regression purposes.
Implementing impact analysis procedures to assess quality implications of scope changes mid-sprint.
Managing configuration drift between environments through automated configuration validation scripts.
Documenting rollback plans for failed changes, including data and schema reversion steps.
Requiring regression test execution results before approving hotfix deployments to production.

Module 7: Continuous Improvement and Quality Audits

Conducting root cause analysis on escaped defects using 5 Whys or fishbone diagrams to update prevention controls.
Scheduling internal quality audits at key project milestones to verify adherence to defined processes.
Implementing corrective action tracking systems with deadlines and responsible parties for audit findings.
Rotating audit team members to prevent bias and promote cross-functional process understanding.
Updating QA process documentation based on lessons learned from post-mortem reviews.
Measuring the effectiveness of process improvements by tracking trend data over multiple release cycles.

Module 8: Governance, Compliance, and Stakeholder Reporting

Preparing evidence packages for external auditors to demonstrate compliance with standards such as ISO 9001 or SOC 2.
Customizing quality reports for different stakeholder groups (executives, regulators, engineering leads).
Establishing data retention policies for test logs and audit trails in alignment with legal requirements.
Implementing role-based access controls on quality management systems to protect sensitive compliance data.
Reporting on trend deviations to governance boards with proposed interventions and resource implications.
Reconciling conflicting regulatory requirements when operating in multiple jurisdictions (e.g., GDPR vs. CCPA).