Acceptable Quality Limits
Measuring accuracy of cybersecurity processes
Acceptable Quality Limits (AQL) are an established methodology for assuring quality in every industry other than cybersecurity. It's been around since the 1940s and became an international standard, ISO 2859, answering the question, “What is the lowest quality I'm willing to accept?” Everything from kids toys, to car parts, to home furniture and medical equipment. AQL is how Wirespeed guarantees our quality to you.
1. Select An Inspection Level
There are 7 inspection levels — General I - III and Special S1 - S4. The general levels are used for low to moderate volumes of production. The special levels are used for higher volumes of production that can't handle large sample sizes. General II is a common place to start.
2. Batch Size
The batch size is the number of items being evaluated as a single lot. This could be a single batch, a single delivery, or a single production run.
3. Sample Size Code Letter
Using the table, find the code letter that corresponds to the lot size and inspection level you have chosen.
 | General Inspection Levels | Special Inspection Levels | |||||
|---|---|---|---|---|---|---|---|
| Batch Size | I | II | III | S1 | S2 | S3 | S4 |
0 - 1 | A | A | A | A | A | A | A |
2 - 8 | A | A | B | A | A | A | A |
9 - 15 | A | B | C | A | A | A | A |
16 - 25 | B | C | D | A | A | B | B |
26 - 50 | C | D | E | A | B | B | C |
51 - 90 | C | E | F | B | B | C | C |
91 - 150 | D | F | G | B | B | C | D |
151 - 280 | E | G | H | B | C | D | E |
281 - 500 | F | H | J | B | C | D | E |
501 - 1200 | G | J | K | C | C | E | F |
1201 - 3200 | H | K | L | C | D | E | G |
3201 - 10000 | J | L | M | C | D | F | G |
10001 - 35000 | K | M | N | C | D | F | H |
35001 - 150000 | L | N | P | D | E | G | J |
150001 - 500000 | M | P | Q | D | E | G | J |
500001+ | N | Q | R | D | E | H | K |
Batch Size and Inspection Levels
4. Sampling Plans
Using your code letter will tell you how many items to sample from your batch as well as the testing criteria for different quality levels.
5. Acceptable Quality Levels
AQL has 3 types of defects: critical, major, and minor. You can set the acceptable level for each type of defect. It is common to select 0% for critical, 2.5% for major, and 4% for minor.
6. Accept/Reject
Combining the acceptable quality level you chose in step 5 with the code letter from step 3 will point you to your testing plan. It comprises of 2 numbers, AC (accept) and RE (reject). As long as the number of defects is less than or equal to AC, that batch passes. Otherwise it fails.
| Acceptable Quality Levels | |||
|---|---|---|---|---|
| Code Letter | Sample Size | 0.00% AC RE | 2.50% AC RE | 4.00% AC RE |
A | 2 | 0 1 | 0 1 | 0 1 |
B | 3 | 0 1 | 0 1 | 0 1 |
C | 5 | 0 1 | 0 1 | 0 1 |
D | 8 | 0 1 | 0 1 | 1 2 |
E | 13 | 0 1 | 1 2 | 1 2 |
F | 20 | 0 1 | 1 2 | 2 3 |
G | 32 | 0 1 | 2 3 | 3 4 |
H | 50 | 0 1 | 3 4 | 5 6 |
J | 80 | 0 1 | 5 6 | 7 8 |
K | 125 | 0 1 | 7 8 | 10 11 |
L | 200 | 0 1 | 10 11 | 14 15 |
M | 315 | 0 1 | 14 15 | 21 22 |
N | 500 | 0 1 | 21 22 | 21 22 |
P | 800 | 0 1 | 21 22 | 21 22 |
Q | 1250 | 0 1 | 21 22 | 21 22 |
R | 2000 | 0 1 | 21 22 | 21 22 |
Sampling Plans
Now it's time to test! Every quality assurance process is different, for example you can learn more about Wirespeed's process here. It's important to have clear instructions for what type of defects are considered minor, major, or critical and what it looks like to handle those defects once found.
Wirespeed MDR
Get access to the fastest MDR on the market. Wirespeed ingests your users, endpoints, detections, raw telemetry, and more to triage cases in milliseconds.
What's included
- All Wirespeed Integrations
- Data Lake (90 days retention)
- Chat Operations (opt-in)
- Automated Containment (opt-in)
Ready to Transform Your Security Operations?
Contact our sales team to get started with a demo and free trial!