Quality Control: Fundamental Concepts and Practical Application
What is Quality Control?
As explained previously, quality control is “a systematic approach to creating products or services that meet customer requirements in an economical manner.”
In other words, it involves managing the products and services provided to customers to ensure they meet the required Quality, Cost, and Delivery (QCD) standards that customers demand.
It is essential that products and services can be provided by each workplace and department more cheaply, quickly, and efficiently than competitors.
To achieve this, it is necessary to implement management techniques utilizing statistics across the entire organization, not just relying on specialized technical knowledge alone.
Quality Control (QC), Quality Assurance (QA), and Audit are Distinct Concepts
Quality assurance should inherently be performed by the department responsible for the work. It is impossible for another department or third party to guarantee quality on behalf of the responsible department.
There are many cases where Quality Control (QC), Quality Assurance (QA), and Audit are confused with one another.
QC is an activity of controlling quality by oneself.
QA, on the other hand, involves deeply engaging with the relevant process and continuing operations while providing third-party quality assurance. QA personnel must be experienced in the relevant work and thoroughly familiar with it. QA personnel, as experts in the relevant process, provide guidance and advice from a third-party perspective while granting quality assurance (approval) for the deliverables.
The reason for maintaining a third-party perspective is to ensure objective judgment of situations and avoid any inappropriate relationships, such as becoming too familiar with the personnel performing the work.
QA personnel need not belong to a separate department; they can be part of the same department without any issue.
Furthermore, QA personnel bear responsibility for accountability to customers and regulatory authorities. Consequently, they necessarily monitor and supervise processes with a stringent eye.
In contrast, audit refers to periodic or ad-hoc sampling inspections of processes and deliverables conducted by an independent department. In other words, audits are retrospective in nature.
The misconception that quality assurance is synonymous with auditing must be clarified.
There are often people who mistakenly believe that quality assurance is complete once an audit is finished. Yet when complaints arise, they claim it is the auditor’s responsibility, as if it were someone else’s problem.
It is important to note that while auditing is one aspect of quality assurance activities, it is not the entirety of it.
It should also be noted that quality assurance departments themselves are subject to audit.
Comparison Table: QC, QA, and Audit
| Aspect | Quality Control (QC) | Quality Assurance (QA) | Audit |
| Primary Focus | Controlling processes to meet standards | Ensuring quality through third-party oversight | Independent verification of compliance |
| Timing | Real-time, during process execution | Concurrent with process execution | Retrospective (after the fact) |
| Performer | Process owners themselves | Experienced experts (may be same or different department) | Independent department |
| Relationship to Process | Direct involvement | Deep involvement with third-party perspective | Independent, sampling-based |
| Accountability | Internal process control | Accountability to customers and regulators | Compliance verification |
What is “QC”?
QC is an abbreviation for Quality Control. So, does your company’s QC truly involve “Control”? Are you merely repeating “Check” activities? If QC were a checking activity, it should be called “Quality Check.”
So, what exactly is “Control”?
Control refers to the activity of returning a process that is deviating (or has deviated) from the standard back to the standard.
For example, in baseball, a pitcher controls their pitch toward the strike zone. Similarly, QC controls the process toward the quality strike zone.
Where is the quality standard (strike zone) documented? It is in the Standard Operating Procedure (SOP).
QC Case Study 1
Suppose you outsource data entry of 1,000 items to an external vendor. In the contract, you “promise” to accept and approve delivery if errors are within 0.3% during acceptance testing. However, when you begin checking during acceptance, errors are found: 1, 2, 3, 4… and continue to accumulate. In this case, since errors exceed 0.3%, you cannot accept delivery and must return the work to the vendor.
At that time, you would inform them: “The quality is poor (does not meet customer requirements), so please re-implement quality assurance before resubmitting.”
The critical point is that you must not tell them where the errors were located, nor should you tell them how many errors there were. If you tell them where the errors were, the vendor will simply correct only those specific errors and resubmit. If you tell them how many errors there were, they will correct only that number of errors and resubmit.
Generally, making corrections in downstream processes leads to a dilemma where data quality does not improve.
QC Case Study 2
Suppose a cookie factory’s manufacturing order specifies baking at 170°C ±5°C.
The manufacturing personnel would reduce the burner’s heat when the temperature is about to exceed 175°C, and increase the heat when it is about to fall below 165°C. This is because exceeding 175°C will cause burning, while falling below 165°C will result in underbaking.
By baking at 170°C ±5°C as specified in the manufacturing order, delicious cookies are produced with the predetermined specifications and quality.
What is “SOP”?
SOP is an abbreviation for “Standard Operating Procedure.”
Here, “standard” refers to the strike zone in baseball terminology.
In Japan, there is often a tendency to change SOPs to avoid SOP violations or deviations. However, how appropriate is it for the strike zone to change frequently? SOPs should not be changed casually. If the strike zone changes daily, the quality control and quality assurance of previous days would become meaningless.
There is also a tendency to try to document everything in SOPs, including exceptions. However, if the strike zone is expanded indefinitely, any pitch would be a strike. In other words, control becomes impossible.
If you write everything, including exceptions, in the SOP, it is no longer a standard—it is merely an “OP” (Operating Procedure without standards).
Proper Exception Handling Method
However, exceptions are inherent to all matters. So, if exception handling becomes necessary, how should it be properly addressed?
The proper exception handling method is, for example, to document in advance in a plan or similar document why the SOP cannot be followed, along with the reason, and obtain review and agreement from a third-party QA personnel.
The reason in such cases is called Justification (a basis that can be justified).
It is necessary for the QA personnel to agree with the justification, grant approval, and then have the responsible person approve the plan.
Exception Handling Process Flow
The following table illustrates the proper exception handling process aligned with contemporary quality management systems (such as ISO 9001:2015 and ICH Q10 for pharmaceutical industries):
| Step | Action | Responsible Party | Documentation |
| 1 | Identify need for exception | Process owner | Initial deviation notice |
| 2 | Document justification with scientific rationale | Process owner | Deviation/Exception plan |
| 3 | Conduct risk assessment | Process owner with QA support | Risk assessment document |
| 4 | Review and provide third-party approval | QA personnel | QA review record |
| 5 | Final authorization | Authorized manager/supervisor | Approved plan |
| 6 | Execute exception with controls | Process owner | Execution records |
| 7 | Document results and effectiveness | Process owner | Completion report |
| 8 | Periodic review (if recurring) | QA with management | Trend analysis |
Alignment with International Standards and Current Regulatory Trends
The principles outlined in this article align with international quality management standards and regulatory expectations:
ISO 9001:2015 emphasizes process approach and risk-based thinking, supporting the concept that quality control should be proactive (Control) rather than merely reactive (Check). The standard requires organizations to determine processes needed for the quality management system and ensure these processes achieve their intended outputs.
ICH Q10 Pharmaceutical Quality System reinforces the distinction between quality control, quality assurance, and quality review (similar to audit), emphasizing that quality should be built into products and that quality assurance encompasses all planned and systematic activities.
FDA 21 CFR Part 11 and similar regulations worldwide require robust documentation practices and proper deviation management, supporting the structured exception handling approach described in this article.
Current Industry Trends (as of 2025) increasingly emphasize:
- Real-time quality control using advanced analytics and process analytical technology (PAT)
- Risk-based approaches to quality assurance activities
- Integration of quality metrics into digital quality management systems
- Enhanced focus on quality culture and human factors in quality systems
The fundamental principles presented here—that QC is about control, QA provides independent oversight, and audits verify compliance—remain valid and are reinforced by evolving regulatory expectations that demand more sophisticated, proactive quality management approaches.
Comment