Many people and organizations are confused about the difference between quality assurance (QA), quality control (QC), and testing. They are closely related, but they are different concepts.
But all these three are useful to manage risks of developing and managing software.
- Quality Assurance: A set of activities designed to ensure that the development and/or maintenance process is adequate to ensure a system will meet its objectives.
- Quality Control: A set of activities designed to evaluate a developed work product.
- Testing: The process of executing a system with the intent of finding defects. (Note that the "process of executing a system" includes test planning prior to the execution of the test cases.)
QA activities ensure that the process is defined and appropriate. Methodology and standards development are examples of QA activities. A QA review would focus on the process elements of a project - e.g., are requirements being defined at the proper level of detail.
QC activities focus on finding defects in specific deliverables - e.g., are the defined requirements the right requirements
Testing is one example of a QC activity, but there are others such as inspections
The difference is that QA is process oriented and QC is product oriented.
Testing therefore is product oriented and thus is in the QC domain. Testing for quality isn't assuring quality, it's controlling it.
Quality Assurance makes sure you are doing the right things, the right way.
Quality Control makes sure the results of what you've done are what you expected.