3 powerful quality methodologies you should be applying

Every QMS runs differently.

The size and structure of your quality department, the people in it, the industry you operate in, and the culture of your business will all affect how you approach quality.

But there are common methods and tactics you can apply to shape and sharpen your QMS.

We asked our customer base about the top 3 methodologies you should be using.

Here's what they said.


Mobile auditing software





Any quality management system should be built on solid data and reliable information streams.

ALCOA is a data management methodology originally developed in the pharma industry. It's designed to ensure the integrity and accuracy of the documentation your business stores and uses.

So what does it mean?

It pinpoints the 5 features of data integrity that your document management system should guarantee.

Those features are:








These 5 cornerstone principles were later supplemented with 4 additional criteria to create ALCOA+:







Data Integrity-1


An ALCOA+ checklist is a great way to interrogate your data integrity and drive the necessary actions to get to a secure and reliable data set. 

If you're aiming for ISO 27001 accreditation or just want to tighten up your data security and integrity, ALCOA methodology is the place to start.

Qualsys Training Manager Kaye Eames shared how to meet all 9 ALCOA+ principles with our Document Manager module - read the blog post here.


2. The 3 lines of defence


Risk-based thinking is the single dominant rising trend in quality management in the last decade.

Although it's now increasingly important to proactively pinpoint 'positive' opportunities as well as 'negative' risks, the traditional image of risk management as primarily a protective, defensive model still has value.

The 3 lines of defence methodology encapsulates this, providing a comprehensive business-wide framework for managing the risks your business faces.



3 lines defence


Operational management forms your 1st line of defence, laying out the controls that govern your systems and processes.

The risk and quality departments themselves sit in the 2nd line of defence, coordinating internal risk activities and ensuring the 1st line is operating as it should.

The 3rd line, your internal auditors, 'sweep' the business as the eyes and ears of the operation, pinpointing new and untreated risks and feeding them to the risk department.


Read more about the 3 lines of defence


3. The V-Model


If your business manufactures product and is serious about becoming more efficient and profitable for the future, you'll probably already have started digitising and automating certain aspects of your manufacturing process.

Good Automated Manufacturing Practice or GAMP provides the key practices and principles for businesses that have grafted computerised systems onto their operation.

Central to GAMP is the V-Model - a specialised process map for building quality checks into the development and validation lifecycle of your computerised system.

It looks like this:




Apply the V-Model methodology for each computerised system you're developing and validating: verification tests should be mapped onto each product specification and repeated linearly throughout the process, not just upon completion.

And you can combine the V-Model with the Plan Do Check Act cycle for an ongoing validation master plan cycle, to ensure your system remains appropriate for use into the future.

Digitisation with computerised systems and software is the defining feature of the modern QMS - but it has to be done properly. The V-Model ensures any new system your business adopts is fit for purpose.

GAMP 5 Best - Plan Build Config Test Review2

More resources

Make your quality management strategy even sharper and stronger with our playbook:


quality management planning strategy



Topics: Tools, GRC, QMS

Share your thoughts on this article