Total Code Quality Index (TCQI)

The Total Code Quality Index (TCQI) is a composite metric in Oobeya that quantifies code quality by analyzing SonarQube issue data through multiple lenses: severity, category impact (security, reliability, maintainability), remediation effort, and codebase volume. It provides engineering leaders with a clear, standardized, and customizable way to monitor and improve software quality.


What TCQI Measures

The TCQI goes beyond raw issue counts. It evaluates:

  • How risky issues are, based on severity and fix effort.

  • What impact they have across key quality dimensions.

  • How clean the codebase is by factoring in total code volume.

  • How the project compares to an ideal maximum through normalization.

This results in a set of actionable, easy-to-compare indices:

  • Total Code Quality Index (TCQI)

  • Security Index

  • Reliability Index

  • Maintainability Index


Core Concepts

TCQI is built on three core inputs from SonarQube:

Dimension
Description

Severity

Indicates how critical an issue is (Blocker, High, Medium, etc.).

Quality Categories

Reflects the issue’s domain: Security, Reliability, Maintainability. An issue may belong to more than one category.

Remediation Effort

The estimated time required to fix the issue (e.g., 10 minutes, 8 hours, etc.).

These inputs are transformed into scores using configurable coefficients defined by your organization.


Configurable Coefficients

All coefficients can be customized in Admin Settings > Code Quality > Code Quality Index.

🔸 Severity Coefficients

Severity
Coefficient

Blocker

0.5

High

0.25

Medium

0.15

Low

0.1

Info

0

🔸 Quality Category Coefficients

Category
Coefficient

Security

0.55

Reliability

0.35

Maintainability

0.1

🔸 Remediation Complexity Coefficients

Estimated Fix Time
Coefficient

≤ 10 minutes

1

≤ 30 minutes

2

≤ 60 minutes

3

≤ 3 hours

5

≤ 8 hours (1 day)

8

> 8 hours (1 day)

13


Step-by-Step Calculation

1. Calculate Issue Risk Scores

Each issue is scored independently per quality category it belongs to:

Issue Risk = Severity Coefficient × Category Coefficient × Remediation Coefficient

Because issues may belong to multiple categories, the same issue may contribute to multiple risk scores (e.g., both Security and Reliability).


2. Calculate Project-Level Quality Scores

For each category:

Project Category Risk Score = average(Issue Risk for that category)

Project Security Risk Score = average(Security Issue Risk Score)
Project Reliability Risk Score = average(Reliability Issue Risk Score)
Project Maintainability Risk Score = average(Maintainability Issue Risk Score)

Project Category Quality Score = Highest Risk Score - Project Category Risk Score

Project Security Quality Score = Highest Risk Score - Project Security Risk Score
Project Reliability Quality Score = Highest Risk Score - Project Reliability Risk Score
Project Maintainability Quality Score = Highest Risk Score - Project Maintainability Risk Score

Where:

Highest Risk Score = max(severity coefficient) × max(category coefficient) × max(remediation coefficient)

The Project Code Quality Score is the average of the three category scores:

Project Code Quality Score = avg(Security, Reliability, Maintainability Quality Scores)

3. Normalize to a Fixed Scale

To make scores comparable across projects and teams, Oobeya normalizes each score to a 0–5 scale:

Normalized Index = (Total Code Quality Highest Index × Project Quality Score) / Highest Risk Score

With:

  • Total Code Quality Highest Index = 5.0 (default value)

This gives:

Index Type
Formula

Project Code Quality Index

Total Code Quality Highest Index × Project Code Quality Score / Highest Risk Score

Project Security Quality Index

Total Code Quality Highest Index × Project Security Quality Score / Highest Risk Score

Project Reliability Quality Index

Total Code Quality Highest Index × Project Reliability Quality Score / Highest Risk Score

Project Maintainability Quality Index

Total Code Quality Highest Index × Project Maintainability Quality Score / Highest Risk Score


4. Factor in Codebase Volume (Clean Code Density)

To reflect code cleanliness relative to size:

Issue Density = Issue Count / Total Lines of Code
Clean Code Density = 1 - Issue Density

You can also calculate this per category:

  • Security Clean Code Density

  • Reliability Clean Code Density

  • Maintainability Clean Code Density

Security Issue Density = Security Issue Count / Total Lines of Code
Security Clean Code Density = 1 - Security Issue Density

Reliability Issue Density = Reliability Issue Count / Total Lines of Code
Reliability Clean Code Density = 1 - Reliability Issue Density

Maintainability Issue Density = Maintainability Issue Count / Total Lines of Code
Maintainability Clean Code Density = 1 - Maintainability Issue Density

5. Final TCQI and Category Indices

Total Code Quality Index = Project Code Quality Index × Clean Code Density

Security Index = Project Security Quality Index × Security Clean Code Density
Reliability Index = Project Reliability Quality Index × Reliability Clean Code Density
Maintainability Index = Project Maintainability Quality Index × Maintainability Clean Code Density

Why Use TCQI?

  • Standardized and Scalable: Works across small and large codebases alike.

  • Actionable: Highlights critical areas in security, reliability, or maintainability.

  • Customizable: Adapt coefficients to align with your company’s engineering standards.

  • Measurable Over Time: Track quality regressions or improvements release by release.


Where to Configure

To tailor the TCQI model to your organization:

Go to: Admin Settings > Code Quality > Code Quality Index

There, you can:

  • Define severity weights

  • Set quality category priorities

  • Tune remediation complexity


Summary

Oobeya’s Total Code Quality Index provides a balanced, flexible, and insightful view of your engineering organization’s code health. It connects static code analysis to strategic engineering decisions—helping you drive long-term quality improvements.

Last updated

Was this helpful?