a
.

Combining ISO 17025 and ISO 9001 for Laboratories - it's complicated

Laboratory team-1-1

Having the simultaneous certification of your Lab to both Standards is not unusual. But are you doing it effectively and efficiently?

It’s not uncommon for Laboratories to be certified to more than one standard. For example, a Calibration Laboratory may be accredited to ISO 17025, the competency standard for testing and calibration laboratories, and certified to ISO 9001, the quality management system standard – the former because it is the de facto international standard for test and calibration laboratories and the latter for historical reasons in that long-established customers are more comfortable with it. Another example would be a dairy testing laboratory within a cheese-making factory where ISO 17025 covered lab testing in one small, isolated area while ISO 9001 related to activities throughout the entire site.

How then should the requirements of the two standards be most effectively managed within the Laboratory?

Compliance with both sets of requirements

Combining the requirements of the two standards is a source of many FAQs in our ISO 17025 Courses and Section 8.1 of ISO 17025 only 'adds fuel to the fire'. 

Some QHSE Managers take both pride and pleasure in developing management systems that meet the requirements of two or more management system standards. While synergies exist to develop integrated management systems (IMS) for standards such as ISO 14001 (environmental) and ISO 45001 (OH&S), the same can’t be said for ISO 17025 being paired with ISO 9001. For the latter two standards, the scope and the topics concerned are significantly different – customer satisfaction for ISO 9001 and validity of laboratory results for ISO 17025.

If you choose to develop a combined management system, you can expect concerns to be voiced by external auditors. They will likely consider that a lazy approach has been taken in fulfilling both sets of requirements, and this will immediately draw their focus to the internal auditing and management review processes.

Option A vs. Option B of ISO 17025 implementation can confuse the issue

Unique among ISO Management System Standards, ISO 17025 offers a choice when implementing the management system aspects, namely Option A or Option B.

Option A states (clause 8.1.2) …

As a minimum, the management system of the laboratory shall address the following:

— management system documentation (see 8.2);

— control of management system documents (see 8.3);

— control of records (see 8.4);

— actions to address risks and opportunities (see 8.5);

— improvement (see 8.6);

— corrective action (see 8.7);

— internal audits (see 8.8);

— management reviews (see 8.9).

And Option B states …

A laboratory that has established and maintains a management system, in accordance with the requirements of ISO 9001, and that is capable of supporting and demonstrating the consistent fulfilment of the requirements of Clauses 4 to 7, also fulfils at least the intent of the management system requirements specified in 8.2 to 8.9.

Option A is straightforward – you implement processes to satisfy ISO 17025 Clauses 8.2 to 8.9.

The trap to be avoided lies in Option B. You cannot assume that compliance with the requirements of ISO 9001 means that the corresponding requirements of ISO 17025 are met. The last part of ISO 17025 Clause 8.1.3, i.e., ‘also fulfils at least the intent of the management system requirements specified in 8.2 to 8.9’, means that there are additional requirements in ISO 17025, over and above those of ISO 9001, that must be met.

ISO 12705 Gap Analysis Tool

A combined Internal Audit is possible but not advised

A combined audit schedule that meets the requirements of both standards has obvious attractions especially in reducing the amount of time that will be needed. This is likely to be a false economy as external auditors will audit separately against the detailed requirement of both standards. Unless you have been just as rigorous in your internal audits there are details that your auditors may have easily missed. Also, the competency of your auditors to audit against both standards simultaneously will be challenged.

Auditing against each standard separately makes it easier to demonstrate that the importance of the laboratory activities concerned has been suitably prioritized as opposed to the priority of management system processes generally.

Bear in mind also the very different nature of the two standards. ISO 9001 has a lot of focus on the completeness of documents and of record-keeping while ISO 17025 has much focus on how the work is conducted in the laboratory and on the close observation of analysts and technicians carrying out their tests and checks.

And a combined Management Review is possible but not advised

A combined review is certainly possible and the risk of omitting prescribed inputs and outputs is reduced. However, the focus of each standard is, as we have said, quite different. ISO 9001 addresses customer satisfaction while ISO 17025 is concerned with the validity of laboratory results. Two separate meetings, each with its own agenda (similar to each other but not identical) are a good and constructive use of management time.

The ISO 17025 Lead Auditor Extension Course will save you time and money

 

How to Combine ISO 9001 and 17025 Efficiently

For best efficiency and a reduced risk of noncompliances when subject to external audits, we recommend the following when combining ISO 9001 and ISO 17025.

  1. Have a single Document Control Procedure covering both ISO 17025 and ISO 9001.
  2. Have a single Record Control Procedure covering both ISO 17025 and ISO 9001.
  3. Have separate Risk Management Systems for each standard - for ISO 9001 focus on threats to the business and customer satisfaction and for ISO 17025 focus on the validity of laboratory results.
  4. Have a combined Improvement Procedure covering both standards.
  5. Have a single Corrective Action Procedure covering both standards.
  6. Have a single Internal Audit Procedure covering both standards but with a separate Audit Programme/Schedule for each.
  7. Have a single Management Review Procedure covering both standards but with separate meetings and agendas for each Standard.

 

View our ISO 17025 Courses

 

Related Courses

Related Articles

 


deGRANDSON Global is an ISO Certified Educational Organization

InISO 21001 ISO 29993 ISO 29994 October 2021 we secured certification to three education-related ISO Standards.  We now have a university-grade management system in place conforming to the requirements of  …

  • ISO 21001, Educational Organizational Management System,
  • ISO 29993, Learning Services outside formal Education,  and
  • ISO 29994, Learning Services – additional requirements for Distance Learning.

We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which in our opinion are commercially compromised), it is based on independent third-party assessment.  It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.

 

Written by Dr John FitzGerald

Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
Find me on:
 

Subscribe to Email Updates

Recent Posts