Resource library

QA How-To

Agile testing quadrants (2026)

Learn agile testing quadrants with practical examples, a coverage workshop, automation guidance, release use, interview answers, and common QA mistakes.

23 min read | 3,007 words

TL;DR

Agile testing quadrants are a planning model for balancing business-facing and technology-facing tests that either support development or critique the product. Use them to reveal missing feedback, not to force every test into a box or run Q1 through Q4 in sequence.

Key Takeaways

  • The quadrants classify test activities by business or technology orientation and by whether they support development or critique the product.
  • Q1 and Q2 create fast development feedback, while Q3 and Q4 evaluate the product and expose broader risks.
  • The quadrant numbers are labels, not execution order, maturity levels, team ownership, or automation targets.
  • Start a quadrant workshop with product risks and user outcomes, then place evidence-producing activities where they fit best.
  • Use multiple layers and feedback speeds, because one end-to-end suite cannot economically answer every quality question.
  • Revisit the map when architecture, customer behavior, incidents, regulation, or release strategy changes.

Agile testing quadrants organize quality activities along two dimensions: business-facing versus technology-facing, and tests that support development versus tests that critique the product. They help a team see whether it has fast examples and code-level feedback as well as exploratory, usability, performance, security, reliability, and compatibility evidence.

The model is a conversation aid, not a delivery lifecycle. Q1, Q2, Q3, and Q4 do not prescribe execution order, team ownership, automation percentage, or a release gate. This guide shows how to use the quadrants in a practical 2026 test strategy while keeping product risk, not diagram symmetry, at the center.

TL;DR

Quadrant Orientation and purpose Typical examples Frequent blind spot
Q1 Technology-facing, supports development Unit, component, code-level integration checks Verifying implementation without validating user value
Q2 Business-facing, supports development Examples, story tests, API workflows, prototypes Treating acceptance examples as exhaustive regression
Q3 Business-facing, critiques the product Exploratory, usability, accessibility, user acceptance Scheduling human evaluation only after coding
Q4 Technology-facing, critiques the product Performance, security, resilience, compatibility Running nonfunctional tests too late or without objectives

A healthy strategy can include activities that cross boundaries. Place them where the primary conversation is most useful, note overlaps, and move on. The map should reveal risk and feedback gaps, not become a taxonomy debate.

1. What Are Agile Testing Quadrants?

The agile testing quadrants are commonly associated with Brian Marick's matrix and were developed further for agile testing practice by Lisa Crispin and Janet Gregory. One axis distinguishes tests that support programming or development from tests that critique the product. The other distinguishes business-facing from technology-facing concerns. The result is four perspectives that prompt different questions and evidence.

"Support development" means giving the team examples, design feedback, and rapid checks while it builds. These activities shape implementation and help detect mistakes close to their source. "Critique the product" means evaluating the working product, its experience, and its behavior under challenging conditions. Critique is constructive investigation, not criticism of the people who built it.

Business-facing activities use domain language and focus on customer, stakeholder, workflow, and policy outcomes. Technology-facing activities focus on code behavior, interfaces, architecture, infrastructure, operational qualities, and failure modes. A test can have both orientations. An API acceptance example may express a business rule through a technical interface, while an accessibility check combines user experience and implementation semantics.

The quadrant is valuable because teams naturally overinvest in familiar evidence. A strong programming culture may have excellent unit coverage but little exploratory evaluation. A manual test team may understand workflows but receive feedback only after a full UI build. A release organization may run a large performance test yet skip resilience during everyday changes. The diagram makes these imbalances discussable.

2. Q1: Technology-Facing Tests That Support Development

Q1 provides fast, precise feedback to people building the system. Typical activities include unit tests, component tests, code-level integration checks, static analysis, type checks, mutation testing where valuable, and focused technical experiments. These checks help design code, protect small behaviors, and identify the location of failure without requiring an entire deployed journey.

Good Q1 checks are deterministic, isolated at an appropriate boundary, fast enough for frequent execution, and clear when they fail. They verify calculations, state transitions, parsing, validation, transformations, error mapping, and component contracts. Developers usually write many of them, but testers can contribute risk examples, review assertions, improve diagnostics, and help identify missing partitions. Ownership follows skill and collaboration, not the quadrant label.

Q1 has limits. A unit test can prove a discount function matches its examples while the checkout sends the wrong customer type. A mocked dependency can reflect yesterday's contract. High statement coverage can still miss incorrect requirements, accessibility, deployment configuration, and confusing workflows. Code coverage is information about execution, not a quality score.

Keep the test design aligned with the code's public behavior. Excessive mocking of private implementation makes refactoring costly and can validate interactions that customers never depend on. Use real value objects and lightweight components where practical. For integration boundaries, choose focused contract or adapter tests that fail with useful context. The economic advantage of Q1 is fast localization, so do not turn every small check into a slow environment-dependent test.

3. Q2: Business-Facing Tests That Support Development

Q2 turns desired product behavior into shared examples before and during implementation. Activities include example mapping, acceptance examples, story tests, API workflow checks, business-rule decision tables, prototypes, simulations, and selected end-to-end scenarios. Product, development, and testing perspectives collaborate to clarify what success means.

A strong Q2 conversation begins with outcome and rules, not automation syntax. Ask who receives value, which business policies apply, what states and permissions matter, how errors should recover, and which examples distinguish one rule from another. Then automate stable examples at the lowest interface that provides enough confidence. A pricing rule might be tested below the UI, while a small number of checkout journeys verify wiring.

Acceptance criteria and examples are not a complete test inventory. They document representative agreements and reduce ambiguity, while exploratory and nonfunctional work investigate risks beyond the known examples. An item with five Given-When-Then scenarios may still fail under concurrency, zoom, unusual data, or a dependency timeout. Avoid measuring completeness by scenario count.

Q2 feedback should be available while design can still change. Review a prototype for workflow and accessibility, validate an API contract with consumers, and agree on examples before both sides implement incompatible assumptions. When checks execute in continuous integration, make their business intent readable and their data independent. The acceptance criteria examples guide offers a deeper approach to turning vague stories into testable outcomes.

4. Q3: Business-Facing Tests That Critique the Product

Q3 evaluates whether the working product is useful, understandable, accessible, and fit for real workflows. It includes exploratory testing, usability evaluation, accessibility testing, user acceptance activities, alpha and beta learning, scenario testing, and demonstrations that invite meaningful stakeholder feedback. The human ability to notice surprise, confusion, inconsistency, and missing value is central.

Exploratory testing is not random clicking. A tester uses a mission or charter, product knowledge, risk models, observations, and continuously adapted experiments. A charter might investigate whether a returning customer can recover a failed multi-currency payment across refresh, back navigation, and a delayed authorization response. Evidence includes notes, states covered, questions, defects, and new risks.

Usability and accessibility should influence design early, even though evaluation of working behavior sits naturally in Q3. Review prototypes, content, interaction patterns, and component behavior before the sprint reaches a test queue. Later, test real journeys with representative users or assistive technologies. The quadrant does not forbid early activity.

User acceptance testing can provide domain confidence, but it should not outsource all testing to business users. Give participants realistic data, clear objectives, working environments, and a route to record decisions. Internal stakeholders do not automatically represent every customer, disability, geography, or edge workflow. Combine their evaluation with other evidence and avoid treating a signed spreadsheet as proof of production readiness.

5. Q4: Technology-Facing Tests That Critique the Product

Q4 challenges system qualities and operational behavior. It commonly includes performance, load, stress, soak, security, resilience, reliability, recoverability, compatibility, maintainability evaluation, infrastructure testing, data migration, backup restoration, observability, and some forms of compliance verification. These concerns often span services and environments, so they require deliberate objectives and ownership.

Begin with quality risks and measurable expectations. A performance test needs a workload model, representative data, latency and error objectives, resource observations, and a controlled environment. A security activity needs authorization, scope, threat context, safe data, and remediation handling. A recovery test needs a failure scenario, recovery objective, integrity oracle, and proof that the system returns to a safe state. Tool execution without an oracle produces activity, not confidence.

Do not wait for a pre-release stage to discover Q4 risks. Architecture review, threat modeling, capacity modeling, dependency contracts, secure defaults, and testability improvements can begin before implementation. Small performance checks, dependency fault tests, software composition analysis, and compatibility smoke coverage can run continuously. Larger environment tests can run on a cadence based on cost and change risk.

Q4 is not automatically the specialist team's problem. Platform engineers, developers, testers, security professionals, operations, accessibility specialists, and product stakeholders may all contribute. Clarify who designs the experiment, authorizes it, observes system health, decides when to stop, and owns follow-up. Use the performance testing fundamentals guide for workload and result design beyond a tool script.

6. Agile Testing Quadrants Are Not a Sequence or Test Pyramid

The numbers identify quadrants; they do not mean run Q1 first, hand work to Q2, then Q3, and finally Q4. That interpretation recreates phased delivery inside a sprint. Activities overlap and feed each other. A Q3 exploratory discovery can become a Q2 acceptance example and a Q1 regression check. A Q4 incident can change architecture, observability, and unit-level fault behavior.

The quadrants and test pyramid answer different questions. Quadrants prompt purpose and perspective. A pyramid or similar model prompts feedback economics and test layer distribution. Q2 checks can exist at a service, component, or UI layer. Q4 checks can include a fast parser fuzz test and a full-system load experiment. Do not draw a one-to-one mapping between quadrant and test level.

The model also does not assign Q1 to developers and Q3 to testers. Such ownership recreates silos and leaves important work uncovered when a specialist is absent. The whole team needs the evidence, while people with relevant expertise lead, coach, pair, or review. A tester may contribute to unit examples, and a developer may join exploratory or usability sessions.

Finally, do not demand equal numbers of tests in each box. Product risk determines investment. A static marketing page, trading platform, medical device portal, and internal data service need different portfolios. The objective is balanced attention to relevant concerns, not visual symmetry. If a box is light, ask whether the risk is genuinely low, addressed elsewhere, or simply invisible.

7. Run a Quadrant-Based Coverage Workshop

Invite a small cross-functional group: product, development, testing, design, platform, security, support, or domain expertise as relevant. Bring a clear product change, architecture sketch, customer workflows, incident history, support themes, quality constraints, and release model. Timebox the first map so it supports delivery instead of becoming a comprehensive test plan meeting.

Start with risks and outcomes. Ask what could prevent value, harm a user, violate a rule, corrupt data, impair operation, or make failure hard to detect. Rank by impact and likelihood using the team's agreed method. Only then brainstorm evidence and place activities in quadrants. Starting with tools tends to reproduce the current suite rather than expose missing questions.

For each important activity, record the question, layer or environment, trigger, owner or collaborators, oracle, data, expected feedback time, and diagnostic artifact. Mark dependencies and testability gaps. For example, "recover an interrupted import without duplicate records" may need a controllable failure hook, correlation IDs, a reconciliation query, and a safe dataset before the test can exist.

Review the map for redundancy and blind spots. Can a faster layer answer the same question? Does a UI check merely repeat a service check? Is there human evaluation of actual usability? Are performance and security based on objectives? Are third-party failures, mobile layouts, localization, migration, and production learning relevant? Convert selected activities into backlog work and acceptance discussions. The workshop output is a living risk map, not a frozen QA artifact.

8. Turn the Quadrants Into a Layered Automation Portfolio

Automate where repeatability and feedback value justify maintenance. Q1 usually contains many fast checks. Q2 contains stable business examples, often below the UI, plus a small set of critical journeys. Some Q3 support can be automated, such as accessibility rule detection or visual comparison, but human interpretation remains necessary. Q4 mixes continuous technical checks with scheduled, authorized experiments.

The following complete Node.js file demonstrates two feedback scopes around one rule. Save it as reservation.test.mjs and run node --test reservation.test.mjs. The first check is technology-facing and isolates the state transition. The second expresses a business example through a public function. In a real system, additional Q3 exploration and Q4 concurrency, performance, and resilience work would challenge the product.

import assert from 'node:assert/strict';
import test from 'node:test';

function reserve(seatsAvailable, requested) {
  if (!Number.isInteger(requested) || requested < 1) {
    return { accepted: false, reason: 'INVALID_QUANTITY', seatsAvailable };
  }
  if (requested > seatsAvailable) {
    return { accepted: false, reason: 'INSUFFICIENT_SEATS', seatsAvailable };
  }
  return { accepted: true, seatsAvailable: seatsAvailable - requested };
}

test('Q1: accepted reservation decrements inventory exactly once', () => {
  assert.deepEqual(reserve(4, 2), { accepted: true, seatsAvailable: 2 });
});

test('Q2: customer cannot reserve more seats than remain', () => {
  assert.deepEqual(reserve(2, 3), {
    accepted: false,
    reason: 'INSUFFICIENT_SEATS',
    seatsAvailable: 2
  });
});

Design the pipeline around feedback needs. Fast change checks should finish early and explain failure precisely. Broader suites can follow, with required status visible. Control time, identity, state, and data; avoid shared mutable records; publish sanitized logs and traces; and assign flaky checks an owner and correction deadline. Test code is production code for the feedback system.

9. Use Quadrants During Sprints, Releases, and Production Learning

During refinement, use the quadrants as prompts. Q2 asks which examples clarify the story. Q1 asks which code-level rules and interfaces need fast protection. Q3 asks how someone might experience or misuse the feature. Q4 asks which system qualities, threats, platforms, and failures could matter. The discussion may take minutes for a small change and longer for a risky architecture shift.

During implementation, pair across perspectives. A developer and tester can convert policy examples into component checks, inspect logs while exploring, or design a failure hook before the dependency adapter is complete. Designers and accessibility specialists can evaluate interaction states while changes remain cheap. Update the map when implementation reveals new boundaries.

Before release, summarize evidence by important risk rather than reporting raw test counts. State which activities ran, their environments, results, open issues, untested assumptions, and observability or rollback readiness. A missing Q4 experiment may be acceptable for a low-risk copy change and unacceptable for a new payment dependency. The quadrant is not the release criterion; risk and policy are.

After release, use telemetry, support feedback, experiments, incident review, and safe synthetic monitoring to inspect assumptions. Production learning does not replace pre-release testing and should respect privacy and operational safety. Feed discoveries back into all quadrants. A production timeout may lead to a Q4 resilience scenario, Q2 recovery example, Q1 timeout mapping check, and Q3 exploration of the visible recovery experience.

10. Adapt Agile Testing Quadrants to Different Products

For a web marketplace, Q1 may emphasize price and inventory rules; Q2 covers search, checkout, refunds, and seller workflows; Q3 explores trust, accessibility, and recovery; Q4 covers traffic, payment security, compatibility, fraud controls, and dependency failure. Seasonal load and third-party behavior shape priorities.

For an API platform, business-facing work still matters. Q2 expresses consumer workflows and compatibility promises, Q3 can include developer experience and error usability, Q1 protects serialization and domain rules, and Q4 examines authorization, performance, idempotency, quotas, resilience, and observability. Do not equate "no graphical UI" with "no user experience."

For data and machine-learning products, include schema, transformations, invariants, lineage, freshness, distribution, model behavior, evaluation datasets, drift, bias under approved criteria, reproducibility, privacy, and rollback. Some activities resist a neat quadrant placement. Put them where the primary conversation works, then connect related evidence rather than arguing over taxonomy.

For regulated or safety-relevant products, the quadrant map supplements required lifecycle, traceability, independence, validation, and documentation practices. It does not override standards or organizational procedures. Add approval and evidence needs to the activity record. Across all products, revise the map when risks change. The test strategy template can turn the workshop results into a concise, maintainable delivery agreement.

Interview Questions and Answers

Q: What are the four agile testing quadrants?

Q1 is technology-facing and supports development, Q2 is business-facing and supports development, Q3 is business-facing and critiques the product, and Q4 is technology-facing and critiques the product. They provide perspectives for a balanced test strategy, not ordered phases.

Q: Are Q1 tests always unit tests?

Unit tests are a common Q1 activity, but the quadrant can include component and focused integration checks that support implementation. The key is their technology-facing purpose and rapid development feedback, not a rigid test-level label.

Q: Which quadrant contains exploratory testing?

Exploratory testing commonly sits in Q3 because it critiques the working product from business and user perspectives. Technical exploration can overlap Q4 or other quadrants. The mission and risk matter more than perfect classification.

Q: Is security testing only Q4?

System-level security evaluation fits Q4, but secure design, threat modeling, code analysis, unit checks, authorization examples, and exploratory abuse cases span the model. Deferring security until a Q4 stage would misuse the quadrants.

Q: Do teams execute the quadrants clockwise?

No. The numbers are labels, and activities can occur throughout discovery, implementation, evaluation, release, and production learning. Feedback from one quadrant often creates work in another.

Q: How do quadrants help with automation?

They clarify the question and purpose before tool selection. They expose where automated checks provide fast repeatability and where human evaluation or controlled system experiments are still needed. They do not define an automation quota.

Common Mistakes

  • Running Q1, Q2, Q3, and Q4 as sequential delivery phases.
  • Assigning quadrants to job titles and recreating developer, QA, and performance silos.
  • Demanding the same number of checks in every box regardless of product risk.
  • Treating the quadrants as a replacement for test layers, risk analysis, or a release policy.
  • Calling every UI automation check Q3, even when it is a scripted business example supporting development.
  • Leaving accessibility, security, performance, and resilience until the end because they appear in critique quadrants.
  • Mapping the current test suite before identifying customer and system risks.
  • Automating a quadrant label without defining the question, oracle, environment, or feedback need.

Conclusion

Agile testing quadrants help teams balance fast development support with serious product critique, across business and technology perspectives. Their value lies in the questions they reveal: which evidence is early, which is realistic, which is human, which challenges system qualities, and which important risk has no answer.

Choose one upcoming feature and run a short risk-first quadrant workshop. Record the most valuable activity in each relevant perspective, build it at the most economical layer, and revisit the map when delivery or production evidence changes your assumptions.

Interview Questions and Answers

Explain the agile testing quadrants in one minute.

The quadrants combine two axes: business-facing versus technology-facing, and supporting development versus critiquing the product. Q1 covers fast technical checks, Q2 covers business examples, Q3 covers human product evaluation, and Q4 covers system qualities such as performance and security. They are planning perspectives, not execution phases.

What belongs in Q1?

Q1 commonly includes unit, component, code-level integration, type, and static checks that support implementation. These checks should provide fast and precise feedback. They cannot alone validate complete user value or deployed behavior.

What belongs in Q2?

Q2 includes business-facing examples that guide development, such as example mapping, acceptance tests, decision tables, API workflows, and prototypes. The team uses them to clarify policy and expected outcomes. They are representative agreements, not exhaustive testing.

What belongs in Q3?

Q3 includes exploratory, usability, accessibility, user acceptance, and scenario-based evaluation of the working product. It depends heavily on human observation and domain judgment. Activities can begin early through design and prototype review.

What belongs in Q4?

Q4 challenges technical and operational qualities such as performance, security, resilience, recovery, compatibility, migration, and observability. Each activity needs an objective, safe environment, oracle, and ownership. Many preventive Q4 practices begin before release.

Can one test belong to more than one quadrant?

Yes. An API example may express a business rule through a technical boundary, and accessibility combines experience with semantics. I place it where the primary conversation is clearest, note important overlaps, and avoid spending time on perfect taxonomy.

How would you use quadrants during backlog refinement?

I begin with user and system risks, then ask which examples support implementation, which code-level rules need fast checks, which human evaluation could reveal missing value, and which system qualities or failures matter. We turn the highest-value activities and testability needs into visible work.

Do agile testing quadrants assign work to developers and testers?

No. They classify test perspectives, not job ownership. The whole team needs the evidence, while people with relevant expertise may lead or coach particular activities. Cross-functional pairing prevents quadrants from becoming silos.

How do quadrants influence a CI pipeline?

They help separate fast change feedback, stable business checks, assisted product evaluation, and scheduled system experiments. I automate according to risk and economics, publish clear diagnostics, and keep manual work visible. The pipeline is one delivery mechanism, not the whole strategy.

What is the biggest misuse of the quadrants?

The most damaging misuse is treating Q1 through Q4 as sequential stages. That recreates delayed testing and handoffs. Another misuse is demanding equal coverage without considering product risk.

Frequently Asked Questions

What are agile testing quadrants used for?

They help a team discuss whether its test strategy includes business and technology perspectives that both support development and critique the product. The map reveals missing feedback and overreliance on one kind of evidence.

Who created the agile testing quadrants?

The matrix is commonly associated with Brian Marick and was developed further for agile testing practice by Lisa Crispin and Janet Gregory. Teams now use it as a flexible planning and conversation model.

Are agile testing quadrants executed in order?

No. Q1 through Q4 are labels, not delivery phases. Activities overlap, occur throughout product development, and create feedback that can move across the quadrants.

Where does accessibility testing fit in the quadrants?

Human evaluation of accessible journeys often fits Q3, while automated semantic rules, component checks, and technical compatibility can span Q1, Q2, and Q4. Place the activity according to its primary question and connect the evidence.

Are all Q2 tests automated?

No. Q2 includes conversations, examples, prototypes, and business-facing checks that support development. Automate stable examples when repeatable feedback is valuable, but do not confuse automation with the quadrant's purpose.

What is the difference between quadrants and the test pyramid?

Quadrants classify purpose and orientation, while a test pyramid or similar model discusses feedback economics and distribution across layers. A single quadrant can contain tests at multiple technical levels.

How often should a team review its quadrant map?

Review it when planning meaningful changes and when architecture, incidents, customers, regulation, dependencies, or release strategy alter risk. A lightweight update during refinement is often enough for routine work.

Related Guides