Save 20% on accredited ISO 9001 course exams.
Limited-time offer – ends July 18, 2024
Use promo code:

Maintaining and improving quality management in laboratories according to ISO 17025:2017

A while back, I was faced with a challenge when the CEO of my company asked me to present to management how I would be improving our company’s ISO 17025 system, according to the revised version, ISO 17025:2017. As I was quite new to the management team, I had to put in the hours and come up with something that they would never forget. This is how I explained to them what I would do.

Option A or Option B?

The ISO 17025:2017 standard now provides two possible options for managing the quality management requirements in the laboratory: Option A and Option B, as per clause 8.

The decision to implement in accordance with Option A or B must be based on the current structure of the company’s laboratory in its overall business management systems. It may be advisable to integrate the laboratory documentation with the likes of ISO 9001:2015 documentation if the company has already transitioned to meet the principles and requirements of the latest ISO 9001, ISO 14001, and/or ISO 45001 standard. This reason for offering the options is due to the similarity of documents required by the above standards. When Option A is chosen, all eight sections of the ISO 17025:2017 standard should be implemented as a stand-alone system.

Integration of Option B into a company’s ISO 17025 system

This integration means that the company will be implementing in accordance with Option B of ISO 17025:2017 and will align their Quality Management System for the laboratory with their current business management process documentation. For example, both ISO 9001:2015 and ISO 17025:2017 require document control, control of records (called “documented information” in the latest versions of the standards), improvements, internal audit, and management review as per the requirements of the ISO 9001 standard and its high-level structure. Then, aligning the company’s document control system to one integrated document control system just makes sense. Of course, this decision will mean some extra work and planning, because achieving one set of documentation for the company can be challenging.

Even so, it is advisable to do this, as the above will help with the maintenance and improvement of the laboratory’s documentation and the overall system. As per Annex B of the ISO 17025:2017, however, companies should remember that conformance to the ISO 9001 requirements does not mean that the laboratory is producing technically valid data and results – only that the company is adhering to the overall management system requirements of ISO 9001. Technically valid data needs to be achieved by adhering to sections 4 through 7 of the ISO 17025:2017 standard, and objective evidence must be provided to show the competency of the laboratory to be impartial and operate consistently.

There are also several new requirements to be addressed – for example, what actions are being taken to address risks and opportunities? How do you control data and information management? There is a need to show risk-based thinking and the use of a process approach to drive improvement. A tall order? The question is how do you implement, show objective evidence of compliance, maintain and improve these processes?

If we take the management system as an example, our company has met the requirements through process mapping all laboratory activities and documenting 20 procedures, 30 work instructions, and 50 forms. The best way to improve any document system is to be able to measure its current state and audit the progress through gap assessments. This can be done monthly to ensure that the system is worked on continuously. So, we have 100 documents in total in our system to be reviewed – how many of these documents are currently up to date (i.e., clearly describing how we meet the requirements), and how many of them need to be reviewed for correctness? We have a dashboard showing compliance of 15 procedures out of 20, 15 out of 30 work instructions, and 30 out of 50 forms. This means that currently, our management system implementation is 60% complete.

Now, we can improve our system by asking what needs to happen to get to 100%. This is how we improve the performance of the management system’s processes by planning, implementing, being able to measure what we do, and acting on the gaps.

Maintaining ISO 17025

When asked by management how we would maintain these systems (ISO 9001, ISO 14001, and ISO 17025), my answer was simple. Firstly, we would ensure that our quality objectives and scope of activities were defined. Secondly, we would make sure that responsibilities and authorities were assigned to the personnel responsible for the different laboratory activities. They would be accountable for monitoring and evaluating these measurable objectives. Take, for example, the number of tests conducted in a month, or reducing the number of nonconforming events or complaints for the month. The laboratory management would evaluate the monitoring trends and provide feedback to top management and personnel at the end of each month. This way, we would ensure that the system is maintained by the process owners, rather than falling into the lap of one individual.

ISO 17025 maintenance and improvement in laboratories

Top management involvement in the system is critical

After the meeting was concluded, I received the following email from the CEO: “Dear Management Team, as explained during our presentation, I appoint the following team members as responsible process owners for the following sections… Mr. Seller for Document Control, Mr. Travis for Measuring Equipment, etc. I also request that we have our monthly feedback meeting after our financial meeting on every first Monday of the new month. We will discuss every process owner’s performance regarding the new system and take actions accordingly. Regards, the CEO.”

Successful ISO 17025 implementation in your company

To get the best value out of your ISO 17025 system, you need to know the requirements and current shortfalls (gaps), appoint the correct personnel in the correct positions, and ensure that all objectives and targets are measurable and known by the process owners. As implementing ISO 17025:2017 takes effort and resources, make sure the objectives and risks are clear for all participants and constantly monitor the progress. If the above is followed, ISO 17025:2017 implementation will be smooth sailing!

Use this free ISO 17025:2017 Implementation Diagram to learn about optimal implementation steps of this standard.

Advisera Chris Smith
Chris Smith
Chris Smith has more than 36,000 hours of system implementation experience helping numerous organizations in various sectors in the implementation of management systems. He has assisted more than 500 companies in getting certified to the ISO 9001, IATF 16949, ISO 17025, ISO 45001, ISO 22000, ISO 3834, and ISO 14001 standards. He has conducted more than 1500 internal audits according to the various standards and is qualified by American Systems Registrar as an IATF 16949 Internal Auditor Trainer. Chris qualified as a Quality Engineer by NBQ in 2005 and has a diploma in Human Resource Management. He also studied Management at the University of South Africa.