Standardisation Testing and Quality Certification


Standardisation Testing and Quality Certification Directorate, established in 1980, is an authoritative body offering quality assurance services to IT and Electronics domains.
STQC delivers these services as a part of the Ministry of Electronics and Information Technology for the Government of India. The primary aim of STQC is to ensure the delivery of quality products and services adhering to international standards at competitive prices, thereby enabling processes within the IT and electronics industry to achieve competitiveness.
STQC has been serving its mission by delivering a spectrum of quality assurance services, including Testing, Calibration, certification Services and IT and e-governance Training, with accreditation or recognition from national/international bodies for testing & calibration standards. STQC is recognized as the Core Assurance Service Provider in the IT and Electronics sector in India and actively participates in national forums such as the Bureau of Indian Standards, Quality Council of India, National Accreditation Board for Testing and Calibration Laboratories, and other major industry associations.

STQC's Organizational Structure

Operating within the Government of India's Ministry of Electronics and Information Technology jurisdiction, STQC adheres to an organizational structure that optimizes its ability to fulfill its mission - delivering quality assurance services in the IT and electronics sectors. The setup is hierarchical and cohesive, incorporating a range of laboratories, centres, and key functional units.
The STQC Organization Structure comprises five main units under which the STQC Directorate works. These units are:
  1. Hon’ble Minister
  2. Hon’ble Minister of State
  3. Secretary
  4. Addl Secretary
  5. Director General
These are the core structures under these units:

MeitY: Ministry of Electronics and Information Technology

STQC is an attached office under MeitY, a crucial link between the government and quality assurance services in IT and Electronics.

STQC Directorate

At MeitY, STQC functions under the Directorate, forming strategic direction and policies for STQC. They help with e-governance-related activities alongside the National e-Governance Plan and ‘Centre for e-Governance’ established by MeitY.

National-level Laboratories (NLL)

  1. Regional Laboratories: Four regional laboratories of STQC are strategically located across India, namely, ERTL Delhi, ERTL Kolkata, ERTL Thiruvananthapuram, ERTL Mumbai, to provide quality assurance services meeting the specific needs of respective regions.
  2. State-Level Laboratories: Ten state-level laboratories have been established by STQC at Bangalore, Chennai, Hyderabad, Pune, Goa, Jaipur, Mohali, Solan, Guwahati & Agartala to decentralize services/outreach.

    High Precision Calibration Centres

STQC operates two calibration centres: one in Delhi and another in Bangalore. These facilities are for calibrating electronic and allied industries and electro-technical and non-electrical parameters.

Functional Units

  1. Testing and Calibration Services: STQC offers a range of testing and calibration services, including Electro Technical Calibration, Non-Electrical Calibration, High Precision Calibration, Onsite Calibration, and Medical Equipment Calibration.
  2. IT and e-Governance Services: STQC provides quality assurance services in IT and e-Governance, covering Software and System Testing, IT and e-Governance Training, Management System and Product Certification, and e-Governance Conformity Assessment.
  3. Certification Services: STQC extends Certification Services for both products and management systems, covering ISO/IEC 27001 Information Security Management System Certification, Product Safety Certification based on IEC Standards, ISO 9001 Quality Management System Certification, IECEE-CB Certification based on IEC Standards, Website Quality Certification, Common Criteria Certification, Smart Card Testing and Certification, Bio-metric Devices Testing and Certification, Software and System certification.

    National Centre for e-Governance Standards and Technology

To maintain standards in e-governance projects and bring standardization practices in the IT/Software sector, STQC has established the National Centre for e-Governance Standardisation. The centre has developed a Conformity Assessment Framework for e-governance projects, ensuring adherence to the standardized practices leading to Quality Assurance of such Projects.

Accreditations and Recognitions

STQC laboratories and services possess national and international accreditations and recognitions. These include certifications from professional organizations like Raad Voor Accreditatie, IEC Conformity Assessment for Electro-technical Equipment and Components, IEC Quality Assessment System for Electronic Components, National Accreditation Board for Testing and Calibration Laboratories, and Quality Council of India. The two notable IT test laboratories in Bangalore and Kolkata have received accreditation from the American Association for Laboratory Accreditation.

STQC Processes and Procedures

To enable quality assurance in Electronics and Information Technology, Standardisation Testing and Quality Certification operates a comprehensive range of processes and procedures. These procedures and processes are in line with the roles each centre is assigned to. This organization uses a nationwide network of laboratories and centres to offer a wide variety of services to public and private organizations within the Electronics and Information Technology space:

Electronics and Electrical Testing and Calibration

STQC provides calibration services, such as Electro Technical Calibration, Non-Electrical Calibration, High Precision Calibration, Onsite Calibration and Medical Equipment Calibration. Multiple STQC laboratories have obtained national and international accreditations and recognitions in the testing and calibration sector. STQC has set up specialized institutions like the Indian Institute of Quality Management for quality-related training programs and the Centre for Reliability for reliability-related services.

IT & e-Governance Services (E-Governance Conformity Assessment)

STQC offers quality assurance services for the IT and e-governance sector, adhering to National and International standards. These services include Software and System Testing, IT and e-Governance Training, Management System and Product Certification, and e-Governance Conformity Assessment.
STQC also maintains e-Governance standards and has set up the National Centre for e-Governance Standards and Technology. The Conformity Assessment Framework for e-Governance projects has been developed and is operational, further reinforcing STQC's commitment to standardized practices in the IT and software sectors.
STQC offers a range of conformity assessment services that evaluate key quality attributes at different stages of IT projects. These evaluations cover functionality, performance, security, usability, maintainability and service quality. Conformity assessment activities occur at different phases or stages of IT projects, such as pilot, pre-go-live and post-go-live phases, within staging or production environments.
The conformity assessment services offered by STQC include:
  1. Architecture Review & Audit: This involves a detailed examination of the architecture of IT systems to ensure that they align with best practices and predefined standards.
  2. Software Application Testing:
  3. #Functional Testing: Ensures that software applications meet specified functional requirements.
  4. #Non-functional Testing: Includes performance, security, usability and other non-functional aspects assessments.
  5. Information Security Audit & Testing:
  6. #Application Security: Evaluate the security features of applications.
  7. #Vulnerability Assessment: Identifies and assesses vulnerabilities within systems.
  8. #Penetration Testing: Simulates cyber-attacks to identify weaknesses in the security infrastructure.
  9. Documentation Review : Evaluates policies, procedures and software documentation to ensure they align with quality standards.
  10. Process Audit: This process covers audits of design, development, operation and maintenance life cycle processes. It also includes audits of information security management processes and IT service management processes.
  11. IT & Non-IT Infrastructure Audit: The audit process covers audits of data centres, disaster recovery sites, gateways, networks, hardware and facilities.
  12. Service Quality :
  13. #SLA Measurements: Involves measurement of service level agreement compliance.
  14. #SLA Measurement System Audit: Audits the system used for measuring SLA compliance.

    Comprehensive quality-related services

In addition to its primary functions of testing and calibration, the Standardization Testing and Quality Certification organization runs specialized institutions to expand its comprehensive quality services. One such institution is the Indian Institute of Quality Management. The IIQM is a dedicated body that provides training programs in the area of quality. This includes imparting knowledge and skills to individuals and professionals who want to excel in the field of quality management.
Another example is the Centre for Reliability, a specialized division within STQC that provides services specifically aimed at ensuring product, system or process reliability. The CFR provides focused solutions and support in the reliability space, thus contributing to the assurance of consistent and dependable performance across various contexts.

IT System & Product Certification

STQC is a provider of certification for IT products and management systems. It provides a list of certified products as well. Its certification services cover a wide range, including Management System Certification Schemes and Product Certification Schemes.
In the field of IT and e-governance, STQC offers Website Quality Certification, Common Criteria Certification, Bio-metric device testing and Certification, Smart Card Testing and Certification, e-procurement System Certification, and Software and System Certification. STQC's certification/assurance services have gained international recognition with accreditation from professional bodies such as Raad Voor Accreditatie, IEC Conformity Assessment for Electro-technical Equipment and Components, IEC Quality Assessment System for Electronic Components, National Accreditation Board for Testing and Calibration Laboratories, Quality Council of India, etc.
STQC also has the Rules and Procedures for Biometric Device Certification guidelines. The objective of this certification program is to enable user agencies to use dependable, safe and secure devices for offline authentication by making available quality-assured biometric devices and QR code scanner devices. These certified devices are expected to comply with UIDAI specifications.
India, through STQC, is a signatory to the Common Criteria Recognition Arrangement with the Indian Common Criteria Certification Scheme for the evaluation and certification of IT products for security in accordance with CC standards, ver 3.1/ISO/IEC 15408 up to assurance level EAL4. This recognition allows certificates issued by STQC in India to be accepted in other member countries without the need for re-certification, thus solidifying STQC's role as the certification authority for DeITY/STQC in India.