Abbreviation | STQC |
---|---|
Formation | 1980 |
Type | Digital Information |
Headquarters | New Delhi |
Location |
|
Region served | India |
Official language | English and Hindi |
Director General | Shri M. Vellaipandi [1] |
Parent organisation | Ministry of Electronics and Information Technology |
Budget | ₹ 1.2 billion (US$15 million) [2] |
Website | www |
Standardisation Testing and Quality Certification (STQC) Directorate, established in 1980, is an authoritative body offering quality assurance services to IT and Electronics domains. [3] [4] [5]
STQC delivers these services as a part of the Ministry of Electronics and Information Technology for the Government of India. The primary aim of STQC is to ensure the delivery of quality products and services adhering to international standards at competitive prices, thereby enabling processes within the IT and electronics industry to achieve competitiveness. [6]
STQC has been serving its mission by delivering a spectrum of quality assurance services, including Testing, Calibration, certification Services and IT and e-governance Training, with accreditation or recognition from national/international bodies for testing & calibration standards. STQC is recognized as the Core Assurance Service Provider in the IT and Electronics sector in India and actively participates in national forums such as the Bureau of Indian Standards, Quality Council of India (QCI), National Accreditation Board for Testing and Calibration Laboratories (NABL), and other major industry associations. [7]
Operating within the Government of India's Ministry of Electronics and Information Technology jurisdiction, STQC adheres to an organizational structure that optimizes its ability to fulfill its mission - delivering quality assurance services in the IT (Information Technology) and electronics sectors. The setup is hierarchical and cohesive, incorporating a range of laboratories, centres, and key functional units. [8]
The STQC Organization Structure comprises five main units under which the STQC Directorate works. [9] These units are:
These are the core structures under these units:
STQC is an attached office under MeitY, a crucial link between the government and quality assurance services in IT and Electronics.
At MeitY, STQC functions under the Directorate, forming strategic direction and policies for STQC. They help with e-governance-related activities alongside the National e-Governance Plan (NeGP) and ‘Centre for e-Governance’ (CEG) established by MeitY. [10]
STQC operates two calibration centres – the high precision centres: one in Delhi and another in Bangalore. [3] These facilities boast cutting-edge technology for calibrating electronic and allied industries and electro-technical and non-electrical parameters.
To maintain standards in e-governance projects and bring standardization practices in the IT/Software sector, STQC has established the National Centre for e-Governance Standardisation (NCeGSt). The centre has developed a Conformity Assessment Framework (CAF) for e-governance projects, ensuring adherence to the standardized practices leading to Quality Assurance of such Projects. [3]
STQC laboratories and services possess national and international accreditations and recognitions. [12] These include certifications from professional organizations like Raad Voor Accreditatie (RvA), [13] IEC Conformity Assessment for Electro-technical Equipment and Components (IECEE), IEC Quality Assessment System for Electronic Components (IECQ), National Accreditation Board for Testing and Calibration Laboratories (NABL), and Quality Council of India (QCI). [12] The two notable IT test laboratories in Bangalore and Kolkata have received accreditation from the American Association for Laboratory Accreditation (A2LA). [3]
To enable quality assurance in Electronics and Information Technology (IT), Standardisation Testing and Quality Certification (STQC) operates a comprehensive range of processes and procedures. These procedures and processes are in line with the roles each centre is assigned to. [3] [8] [12] This organization uses a nationwide network of laboratories and centres to offer a wide variety of services to public and private organizations within the Electronics and Information Technology (IT) space:
STQC provides calibration services, such as Electro Technical Calibration, Non-Electrical Calibration, High Precision Calibration, Onsite Calibration and Medical Equipment Calibration. Multiple STQC laboratories have obtained national and international accreditations and recognitions in the testing and calibration sector. STQC has set up specialized institutions like the Indian Institute of Quality Management (IIQM) for quality-related training programs and the Centre for Reliability (CFR) for reliability-related services.
STQC offers quality assurance services for the IT and e-governance sector, adhering to National and International standards. [3] These services include Software and System Testing, IT and e-Governance Training, Management System and Product Certification (IT and e-Gov), and e-Governance Conformity Assessment.
STQC also maintains e-Governance standards and has set up the National Centre for e-Governance Standards and Technology. The Conformity Assessment Framework (CAF) for e-Governance projects has been developed and is operational, further reinforcing STQC's commitment to standardized practices in the IT and software sectors. [14]
STQC offers a range of conformity assessment services that evaluate key quality attributes at different stages of IT projects. These evaluations cover functionality, performance, security, usability, maintainability and service quality. Conformity assessment activities occur at different phases or stages of IT projects, such as pilot, pre-go-live and post-go-live phases, within staging or production environments.
The conformity assessment services offered by STQC include: [14]
In addition to its primary functions of testing and calibration, the Standardization Testing and Quality Certification (STQC) organization runs specialized institutions to expand its comprehensive quality services. One such institution is the Indian Institute of Quality Management (IIQM). The IIQM is a dedicated body that provides training programs in the area of quality. This includes imparting knowledge and skills to individuals and professionals who want to excel in the field of quality management.
Another example is the Centre for Reliability (CFR), a specialized division within STQC that provides services specifically aimed at ensuring product, system or process reliability. The CFR provides focused solutions and support in the reliability space, thus contributing to the assurance of consistent and dependable performance across various contexts.
STQC is a provider of certification for IT products and management systems. It provides a list of certified products as well. [15] Its certification services cover a wide range, including Management System Certification Schemes (such as ISO 9001 Quality Management System Certification, ISO 20000-1 for IT Service Management (ITSM), and ISO/IEC 27001 Information Security Management System Certification) and Product Certification Schemes (Product Safety Certification based on IEC Standards and IECEE-CB Certification based on IEC Standards).
In the field of IT and e-governance, STQC offers Website Quality Certification, Common Criteria Certification, Bio-metric device testing and Certification, Smart Card Testing and Certification, e-procurement System Certification (ePS), and Software and System Certification. STQC's certification/assurance services have gained international recognition with accreditation from professional bodies such as Raad Voor Accreditatie (RvA), [13] IEC Conformity Assessment for Electro-technical Equipment and Components (IECEE), IEC Quality Assessment System for Electronic Components (IECQ), National Accreditation Board for Testing and Calibration Laboratories (NABL), Quality Council of India (QCI), etc. [3]
STQC also has the Rules and Procedures for Biometric Device Certification (STQC/BDCS/D01) guidelines. [16] [11] The objective of this certification program is to enable user agencies to use dependable, safe and secure devices for offline authentication by making available quality-assured biometric devices (for authentication/enrolment) and QR code scanner devices. These certified devices are expected to comply with UIDAI specifications. [16]
India, through STQC, is a signatory to the Common Criteria Recognition Arrangement (CCRA) with the Indian Common Criteria Certification Scheme (IC3S) for the evaluation and certification of IT products for security in accordance with CC standards, ver 3.1/ISO/IEC 15408 up to assurance level EAL4. [17] This recognition allows certificates issued by STQC in India to be accepted in other member countries without the need for re-certification, thus solidifying STQC's role as the certification authority for DeITY/STQC in India.
The document STQC/BDCS/D05, specifically known as the "List of Appointments," is part of the Standardisation Testing and Quality Certification (STQC) framework. [18] This document identifies and describes the persons and other resources involved in the certification activities carried out by the Certification Body. The roles and responsibilities assigned to these persons are essential for effectively operating the certification process. The main positions and roles identified in the "List of Appointments" are:
The document titled "List of Appointments" serves as a reference to clarify the key individuals holding these positions. In addition, document STQC/BDCS/D06, "Responsibility Matrix," is referenced as a complementary document. [18] This matrix outlines the responsibilities assigned to each individual listed in the "List of Appointments". It guides the roles and tasks each person is expected to perform within the broader context of certification activities.
Conformance testing — an element of conformity assessment, and also known as compliance testing, or type testing — is testing or other activities that determine whether a process, product, or service complies with the requirements of a specification, technical standard, contract, or regulation. Testing is often either logical testing or physical testing. The test procedures may involve other criteria from mathematical testing or chemical testing. Beyond simple conformance, other requirements for efficiency, interoperability, or compliance may apply. Conformance testing may be undertaken by the producer of the product or service being assessed, by a user, or by an accredited independent organization, which can sometimes be the author of the standard being used. When testing is accompanied by certification, the products or services may then be advertised as being certified in compliance with the referred technical standard. Manufacturers and suppliers of products and services rely on such certification including listing on the certification body's website, to assure quality to the end user and that competing suppliers are on the same level.
The ISO 9000 family is a set of five quality management systems (QMS) standards by the International Organization for Standardization (ISO) that help organizations ensure they meet customer and other stakeholder needs within statutory and regulatory requirements related to a product or service. ISO 9000 deals with the fundamentals of QMS, including the seven quality management principles that underlie the family of standards. ISO 9001 deals with the requirements that organizations wishing to meet the standard must fulfill. ISO 9002 is a model for quality assurance in production and installation. ISO 9003 for quality assurance in final inspection and test. ISO 9004 gives guidance on achieving sustained organizational success.
Accreditation is the independent, third-party evaluation of a conformity assessment body against recognised standards, conveying formal demonstration of its impartiality and competence to carry out specific conformity assessment tasks.
Certification is part of testing, inspection and certification and the provision by an independent body of written assurance that the product, service or system in question meets specific requirements. It is the formal attestation or confirmation of certain characteristics of an object, person, or organization. This confirmation is often, but not always, provided by some form of external review, education, assessment, or audit. Accreditation is a specific organization's process of certification. According to the U.S. National Council on Measurement in Education, a certification test is a credentialing test used to determine whether individuals are knowledgeable enough in a given occupational area to be labeled "competent to practice" in that area.
Product certification or product qualification is the process of certifying that a certain product has passed performance tests and quality assurance tests, and meets qualification criteria stipulated in contracts, regulations, or specifications.
ISO/IEC 17025General requirements for the competence of testing and calibration laboratories is the main standard used by testing and calibration laboratories. In most countries, ISO/IEC 17025 is the standard for which most labs must hold accreditation in order to be deemed technically competent. In many cases, suppliers and regulatory authorities will not accept test or calibration results from a lab that is not accredited. Originally known as ISO/IEC Guide 25, ISO/IEC 17025 was initially issued by ISO/IEC in 1999. There are many commonalities with the ISO 9000 standard, but ISO/IEC 17025 is more specific in requirements for competence and applies directly to those organizations that produce testing and calibration results and is based on more technical principles. Laboratories use ISO/IEC 17025 to implement a quality system aimed at improving their ability to consistently produce valid results. Material in the standard also forms the basis for accreditation from an accreditation body.
The Standards Council of Canada (SCC) / Conseil canadien des normes (CCN) is a Canadian organization with the mandate to promote voluntary standardization in Canada. The SCC is responsible for:
An environmental audit is a type of evaluation intended to identify environmental compliance and management system implementation gaps, along with related corrective actions. In this way they perform an analogous (similar) function to financial audits. There are generally two different types of environmental audits: compliance audits and management systems audits. Compliance audits tend to be the primary type in the US or within US-based multinationals.
The South African National Accreditation System (SANAS) is the official accreditation body for South Africa. Founded in 1996, SANAS is headquartered in Pretoria, South Africa. SANAS accreditation certificates are a formal recognition by the Government of South Africa that an organisation is competent to perform specific tasks.
The Bureau of Indian Standards (BIS) is the National Standards Body of India under Department of Consumer affairs, Ministry of Consumer Affairs, Food & Public Distribution, Government of India. It is established by the Bureau of Indian Standards Act, 2016 which came into effect on 12 October 2017. The Minister in charge of the Ministry or Department having administrative control of the BIS is the ex-officio President of the BIS. BIS has 500 plus scientific officers working as Certification Officers, Member secretaries of technical committees and lab OIC's.
British Approvals Service for Cables is an independent accredited certification body headquartered in Milton Keynes, United Kingdom. Here, the organization's dedicated testing laboratory also operates which is believed to be the largest of its type in Europe. BASEC was established in 1971 and principally provides product certification services for all types of cable and wire, ancillary products and management systems within the cable industry. The organization maintains operations throughout the world including Africa, Middle East, America, Asia and Europe.
The United Kingdom Accreditation Service (UKAS) is the sole national accreditation body recognised by the British government to assess the competence of organisations that provide certification, testing, inspection and calibration services. It evaluates these conformity assessment bodies and then accredits them where they are found to meet relevant internationally specified standards.
National Accreditation Board for Testing and Calibration Laboratories (NABL) provides accreditation to Conformity Assessment Bodies (Laboratories) in India. NABL Schemes include Accreditation (Recognition) of Technical competence of testing, calibration, medical testing laboratories, Proficiency testing providers (PTP) & Reference Material Producers (RMP) for a specific scope following ISO/IEC 17025, ISO 15189, ISO/IEC 17043 & ISO 17034:2016 Standards. It has Mutual Recognition Arrangement (MRA) with Asia Pacific Accreditation Cooperation (APAC), International Laboratory Accreditation Cooperation (ILAC).
IEC 62443 is an international series of standards that address cybersecurity for operational technology in automation and control systems. The standard is divided into different sections and describes both technical and process-related aspects of automation and control systems cybersecurity.
The Korea Testing & Research Institute, abbreviated as KTR, is a testing and certification institute in South Korea which performs integrate testing, certification, and technical consulting for all fields of the industry.
ISO/IEC 27001 is an international standard to manage information security. The standard was originally published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005, revised in 2013, and again most recently in 2022. There are also numerous recognized national variants of the standard. It details requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) – the aim of which is to help organizations make the information assets they hold more secure. Organizations that meet the standard's requirements can choose to be certified by an accredited certification body following successful completion of an audit. The effectiveness of the ISO/IEC 27001 certification process and the overall standard has been addressed in a large-scale study conducted in 2020.
eCOGRA is a London-based testing agency and standards organisation in the realm of online gambling. The company was established in 2003 in the United Kingdom at the behest of the online gaming industry as the first industry self-regulation system. eCOGRA is a testing laboratory, inspection body, and certification body, specializing in the certification of online gaming software and the audit of Information Security Management Systems.
The testing, inspection and certification (TIC) sector consists of conformity assessment bodies who provide services ranging from auditing and inspection, to testing, verification, quality assurance and certification. The sector consists of both in-house and outsourced services.
Ministry of Electronics & Information Technology — Annual Report 2018–19 (PDF) (Report). Government of India. 2019. Archived (PDF) from the original on 5 November 2019. Retrieved 6 November 2019.