One scored model.
Fourteen domains of QA practice.
A structured maturity assessment — tiered to your team size, structure, and regulatory exposure, and scored against a five-point model across up to fourteen domains. For organisations that need more than a snapshot.
A four-area snapshot doesn't surface organisation-wide risk.
The QA Health Check is built for a single team, a single product, a fast read — and it does that well. But once you're running multiple teams, multiple products, an outsourced or hybrid QA structure, or operating under regulatory obligations, the picture gets more complicated. Risk shows up in places a four-area check doesn't look: governance and accountability, quality metrics and observability, team culture and skills, release and production practice, AI adoption, and — where relevant — regulatory validation and supplier oversight.
A single coverage-and-tooling read also can't tell you whether one product team is mature and another is reactive, whether your outsourced QA supplier is actually meeting the bar, or whether you'd survive a regulator's inspection. Those are different questions, and they need a framework built to answer them — not a lighter version stretched thin.
The Comprehensive QA Review produces that picture. The same structured framework on every engagement, scored consistently across every team or product in scope, with a current and target maturity score for each domain — so the gap, not just the snapshot, drives the roadmap.
Scoped to your organisation, not a fixed template.
Tier is confirmed on the scoping call, based on engineering headcount, regulatory exposure, and QA structure. Every tier uses the same five-point maturity scale and the same scored, evidence-based method — the difference is how many domains apply and how long the engagement runs.
- Strategy & Governance
- Test Process & Management
- Functional Coverage & Design
- Test Automation
- CI/CD & Shift-Left
- Test Data & Environments
- Tooling & Technology
Right for a single team or small engineering org with no significant compliance burden — a pragmatic core-domain read.
- Everything in Essential
- Non-Functional Testing
- Quality Metrics & Observability
- People, Skills & Culture
- Release & Production Quality
- AI in Quality
Right for scale-ups, multi-team engineering orgs, or those holding PCI-DSS, SOC 2, or ISO 27001 obligations.
- Everything in Comprehensive
- Regulatory, Compliance & Validation*
- Third-Party / Supplier Quality*
*Applied where relevant — regulatory domain for GxP/medical, aviation, automotive, SOX, or FCA exposure; supplier domain where QA is outsourced or hybrid. Right for large engineering orgs (500+) or regulated industries.
Fixed-price per engagement, confirmed on the scoping call · Fully remote · All prices ex-VAT
A structured, evidence-based method — not a checklist.
Scoping call
30 minutes. Team size, structure, regulatory exposure, and engagement scope (product, department, or organisation-wide). Confirms the tier and price.
Engagement profile
Product type, QA structure, release cadence, and regulatory exposure are confirmed — these gate exactly which domains are in scope for your organisation.
Interviews & evidence
Structured stakeholder interviews logged by role and method, plus a documentation, repository, pipeline, and tooling review against every in-scope domain.
Maturity scoring
Every applicable question scored 1–5 (None/No through Optimised) or marked N/A, building a domain-by-domain scorecard with current and target maturity.
Report & readout
Executive summary, scorecard, risk register, and prioritised roadmap delivered in writing, with an optional walkthrough session for leadership.
A consistent model beats
a fresh opinion every time.
The value isn't just independence — it's consistency. The same fourteen-domain framework, the same five-point scale, applied the same way across every team or product in scope. That's what makes the scorecard comparable: across teams today, and against itself a year from now.
No vested interest in the findings
The report reflects the actual state — not what each team hopes it is, and not shaped by internal politics between teams.
The same framework, every time
Fourteen domains, gated consistently by tier. Comparable across teams, products, and time — not a bespoke opinion piece.
Current and target, not just a snapshot
Every domain gets a current maturity score and a target. The gap between them — not the score alone — drives the roadmap.
✓ You're regulated (GxP, financial services, aviation, automotive) and need validation coverage
✓ Your QA is partly or fully outsourced and needs supplier oversight built in
✓ You're preparing for a funding round, acquisition, or compliance audit
✓ You want a target maturity score per domain, not just a list of findings
Scoped on the call. No published band.
Unlike the fixed-price QA Health Check, this engagement is priced individually — domain count and duration vary too much by tier to publish a single band. Price is confirmed on the scoping call, before any work begins, with no variable costs after that.
- ✓ Domain-by-domain maturity scorecard — current vs target
- ✓ Risk register and prioritised roadmap
- ✓ Readout session with engineering and product leadership
- ✓ Optional retainer graduation recommendation
Not sure this is the right depth yet? The QA Health Check is the fixed-price, single-team entry point — from £1,200, 1–2 weeks.
What people ask before they book the call.
- How is this different from the QA Health Check?
- The Health Check is a fixed-price, fixed-scope diagnostic across four areas for a single team or product, delivered in 1–2 weeks. The Comprehensive QA Review is a tiered, structured maturity assessment across up to fourteen domains, scored against a five-point model and calibrated to your team size, structure, and regulatory exposure — built for multi-team, multi-product, or regulated organisations.
- How long does a Comprehensive QA Review take?
- Between one and four weeks depending on tier: around a week for Essential, around two weeks for Comprehensive, and three to four weeks for Enterprise & Regulated. Confirmed on the scoping call.
- How is pricing determined?
- Scoped individually on a free discovery call, based on team size, regulatory exposure, engagement scope, and QA structure. There's no published price band, because domain count and duration vary significantly by tier — unlike the fixed-price QA Health Check.
- Do I need all fourteen domains?
- No. Domains are gated by tier. Most organisations fall into Essential (seven core domains) or Comprehensive (twelve domains). The remaining two domains — regulatory and validation, and third-party supplier quality — only apply if they're relevant to your regulatory exposure or QA structure.
- What's delivered at the end?
- A written report: executive summary, domain-by-domain maturity scorecard (current vs target), risk register, prioritised roadmap of quick wins and strategic work, and — where useful — a retainer graduation recommendation. Delivered with an optional readout session for leadership.