Introduction
Hello everyone, and welcome to this SPK and Associates video entitled Modern Test Management for Regulated Industry Software Teams. I’m Michael Roberts, Vice President of Sales and Marketing for SPK and Associates.
Today we’re going to talk about a topic that’s top of mind for many life sciences, medical device, aerospace, automotive, and other regulated industry software teams — modern test management.
As regulatory expectations continue to grow and software teams become more central to the product itself, teams are increasingly under pressure to deliver quality faster than ever before, while still maintaining full compliance and complete traceability. That’s a really difficult balancing act. It’s not easy, and it becomes even harder when outdated test management approaches are still in place, because those approaches often turn into bottlenecks that slow everything down.
Today we’re going to explore what modern test management actually looks like in practice, and I’m joined by Krzysztof Skoropada, CEO of Appsvio.
Krzysztof, please introduce yourself.
Hey, first of all, thank you for the invitation. My name is Krzysztof Skoropada, and I’m the CEO of Appsvio. I’ve been part of the Atlanta ecosystem for about 13 years now. It’s been really interesting to see how the ecosystem has evolved over time, and I’m very happy to talk about test management in regulated industries with you today.
Critical Capabilities for Modern Test Management
Michael:
So Krzysztof, for regulated software teams, what capabilities are most critical in a modern test management approach, and how do those capabilities help teams move faster without compromising compliance?
Krzysztof:
I see four key areas when it comes to modern test management in regulated industries. At the same time, I would say that even non-regulated teams can benefit from everything I’m about to mention. These principles are broadly applicable, but they become especially important in regulated environments.
The first and most critical element is requirements. Requirements should be the starting point of everything — traceability, coverage, validation, basically the entire testing process. If you don’t begin with clearly defined and well-structured requirements, everything that follows becomes more difficult.
So having requirements clearly defined is the first step. But just as important is the question of where they are defined. In my opinion, Jira is a great place for this. Jira is where developer tasks live, where the business works on issues, and where collaboration already happens across teams. Because of that, Jira becomes a natural and logical place for test management as well. When requirements and testing artifacts live in the same ecosystem as development work, alignment improves significantly.
Once requirements are defined, the second critical area is test object governance. This includes several important concepts.
The first is standardization. When you create a new test case, a new requirement, or even a defect, it should be formatted in the correct way. It should contain the proper information, structured consistently, so that anyone reviewing it — whether internally or during an audit — can clearly understand it. Standardization reduces ambiguity and ensures consistency across projects.
The next element is object lifecycle management. Questions like: Who can create requirements? Who can edit them? Who can approve a test case? These are governance questions. Permissions and clearly defined lifecycle stages are essential in regulated industries because they help enforce accountability and compliance.
Separation of duties is another very important concept. In some test management tools, this is built in as a feature. For example, the person who creates a test case should not be the same person who executes that test case. This separation supports audit integrity and helps maintain objectivity in validation. There are many examples of how separation of duties can be applied in regulated environments, and it’s a core governance principle.
Another critical capability is maintaining a history of changes. This is absolutely essential for audit readiness. Whenever someone changes the status of a test case or modifies an object in Jira, that change is recorded. You can clearly see who made the change and when. This historical record becomes extremely valuable during audits, because you don’t need to reconstruct information — it’s already there.
Data residency and data access are also part of this governance group. For many organizations, Data Center is no longer an option, so understanding where your data is stored and who has access to it becomes increasingly important. Regulated companies need confidence that their data is secure and compliant with regional and industry regulations.
The third major area is risk-based test planning. Instead of testing everything every time, teams should be able to define what needs to be tested based on risk and impact. When requirements are linked properly and changes are tracked, you can select only the test cases connected to the area that was modified. This allows teams to focus their efforts efficiently. We don’t test everything — we test what is necessary and what carries risk.
The final key capability is the end-to-end traceability matrix. With a comprehensive traceability report, you can answer critical questions quickly and clearly:
Which requirements have been tested?
Which requirements have not yet been tested?
What is the status of those tests?
This visibility is foundational for regulated companies. Without it, demonstrating compliance becomes difficult and time-consuming.
So yes, there’s a lot involved, but these are really the basics that regulated organizations need in place if they want both speed and compliance.
Michael:
Especially the audit components you mentioned. If teams don’t put that structure in place upfront, they’re often scrambling during audit time trying to gather everything together. It may sound like a lot, but that structure is what prevents chaos later.
Integration with Jira for Visibility and Decision-Making
Michael:
You mentioned the Atlassian ecosystem and Jira specifically. I’ll use Jira as an example, even though it’s not the only platform available. In many organizations, Jira sits at the center of the requirements and development world — it’s where everything lives.
So how should test management integrate with tools like Jira to improve visibility and decision-making across development, quality, and regulatory stakeholders?
Krzysztof:
That’s a very good question.
We all know that software teams and business teams already work together in Jira. It’s the common workspace for requirements, development tasks, backlog items, and collaboration. Because of that, it’s natural to also manage test objects on the same platform. When testing artifacts live alongside development and business artifacts, everything becomes more transparent and aligned.
There are many benefits to this approach. One of the biggest is transparency. When everything is in one system, anyone who needs information — whether it’s development, quality, regulatory, or management — can access the same data. There’s no need to switch between disconnected tools or manually synchronize information across systems.
Another major advantage is having a single control point. In Jira, you can manage permissions centrally. You can define who has access to which projects, who can create or modify certain issue types, and how workflows operate. Extending this governance to testing objects means you maintain consistent control across development and validation activities.
There are generally two schools of thought when it comes to integrating test management with Jira.
The first approach treats test objects — such as test cases, test executions, and test plans — as native Jira issues. This approach allows you to leverage all of Jira’s built-in capabilities. You can use JQL for advanced queries, create dashboard gadgets for reporting, track history of changes, and link requirements directly to test cases and test executions. Everything benefits from Jira’s native functionality.
The second approach uses separate test objects outside of standard Jira issues. These tools often maintain their own object structures, which are integrated with Jira but not fully native to it.
On the marketplace, you can see examples of both models. Zephyr represents the approach with separate objects, while Xray and ATM are based on Jira issues as the foundation.
When test management is built directly on Jira issues, you inherit powerful capabilities automatically — filtering with JQL, building dashboards, maintaining change history, linking artifacts, and leveraging existing workflows. Every benefit that Jira provides becomes available to test management as well.
From my perspective, building on Jira as the foundation strengthens visibility and improves collaboration. It ensures that development, quality, and regulatory stakeholders are all looking at the same source of truth. That shared visibility improves decision-making because everyone trusts the same data.
Michael:
Right — and that shared visibility is especially important in regulated environments, where multiple teams need confidence that they’re working from consistent and accurate information.
Measurable Improvements from Modernization
Michael:
So shifting from the “why” and the “how” to the “what” — what measurable improvements do software teams in regulated industries typically see when they modernize test management as part of their software delivery lifecycle?
Krzysztof:
I love that question.
In short, the most common outcomes are faster releases and less manual work. But let’s break that down in more detail.
One of the most significant improvements is quick validation. When requirements and test executions are connected in a single system, generating a traceability matrix becomes straightforward. You can immediately see whether requirements are covered and whether they’ve been tested.
If you compare that to a paper-based approach, or to disconnected systems where requirements and test cases live in different tools, building that traceability matrix can take hours or even days. When everything is integrated in one tool, it can be done in seconds. That speed alone delivers enormous value to software teams.
Another measurable improvement is a smaller and more focused testing scope. When you use structured test plans and incorporate risk-based testing, you can assign risk levels and impact ratings to specific requirements. Based on that information, you can determine which test cases truly need to be executed for a given release.
This significantly reduces the amount of work required before a product release. Instead of retesting everything, teams focus only on the areas that have changed or carry higher risk. That targeted approach accelerates release cycles while still maintaining compliance and quality standards.
The result of this focused testing is higher product quality. Teams have a clearer and more structured way to report defects, and validation efforts concentrate on the areas that matter most. By narrowing the testing scope intelligently, you increase confidence in the product without increasing workload unnecessarily.
Audit readiness is another measurable improvement. In many modern tools, every change is automatically recorded. Status changes, approvals, modifications — all of this is captured in the system. When an audit occurs, teams no longer need to manually gather documentation or reconstruct historical actions.
Instead, you can grant the auditor access to Jira and show exactly who changed what and when. That level of transparency significantly reduces the stress and effort associated with audits.
Automation also plays an increasingly important role. Automated tests are becoming a critical component of modern test management. When integrated properly with manual testing, automation strengthens coverage, improves repeatability, and increases efficiency.
Over time, automated testing will continue to gain importance for regulated software teams. Together, manual and automated testing create a strong foundation for scalable, compliant test management.
Michael:
Did you just say “test management party”? Can we coin that term?
Krzysztof:
I think for many testers, it’s work, of course. But test management includes everything — processes, tools, governance, structure. If you use a good tool, one that’s intuitive and makes your life easier, then why not call it a party? Especially when it reduces manual effort and simplifies compliance.
Michael:
I’m all for that.
Closing Remarks
Michael:
Krzysztof, thank you for sharing your perspective on modernization in regulated industries and how test management plays such a central role in that evolution.
I think it’s very clear from what you’ve shared today that this isn’t just about testing more — it’s about testing better. It’s about building the right structure so teams can operate more efficiently, move faster, and still maintain the level of compliance and traceability that regulated industries demand.
At the end of the day, teams want to deliver higher-quality products, release faster, and reduce manual overhead. Those outcomes are critical not only for engineering teams but for the business as a whole.
As organizations in regulated industries continue to modernize their software delivery practices, they’re looking for stronger visibility, clearer traceability, and better decision-making across development, quality, and regulatory functions. Modern test management is a key enabler of all of that.
If you’re watching this and thinking that you need to improve test management in your own environment, our team at SPK and Associates works with organizations like yours to design compliant, scalable software delivery ecosystems. That includes implementing and optimizing the Appsvio test management suite within the Atlassian ecosystem.
We’ll include links in the description — especially for the Appsvio test management tool for Jira — where you can start a trial directly within your own Atlassian environment and explore how it works firsthand.
You can also reach out to SPK through the links in the description to learn more about how we help teams modernize their engineering and validation practices.
If you found this video helpful, be sure to give it a like and subscribe to the SPK and Associates YouTube channel for more content focused on modern software delivery, compliance, and engineering best practices.
Krzysztof, thank you again for joining us. I really appreciate your time.
Krzysztof:
Thank you very much, Michael.
Michael:
Thank you. And thanks, everybody, for watching. We’ll see you next time.
