See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/318108206

The ISO17025 standard: Why? What? How?

Presentation · July 2017

CITATIONS READS

0 12,052

1 author:

Nele Schmitz
Thünen Institute
67 PUBLICATIONS   858 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Global Timber Tracking Network View project

VLIR-KMFRI View project

All content following this page was uploaded by Nele Schmitz on 03 July 2017.

The user has requested enhancement of the downloaded file.

WG 1
Standardisation

Information on
ISO17025
June 2017
by Nele Schmitz
nele.schmitz@thuenen.de

www.globaltimbertrackingnetwork.org
Why ISO17025?
In general
 ISO 9001 is the master standard with ISO
17025 being a specific application of that
standard to testing and calibration laboratories

ISO/IEC 17025:2005
General requirements for the competence of testing and calibration
laboratories

ISO/IEC 17025:2005 specifies the general requirements for the competence to carry out tests
and/or calibrations, including sampling. It covers testing and calibration performed
using standard methods, non-standard methods, and laboratory-developed methods.

ISO/IEC 17025:2005 is for use by laboratories in developing their management system for quality,
administrative and technical operations. Laboratory customers, regulatory authorities and
accreditation bodies may also use it in confirming or recognizing the competence of laboratories.

https://www.iso.org/standard/39883.html

3
Process vs. system competence?

standards
system?

Process standard: provides a methodology to perform processes

(series of actions or operations) in a consistent and reproducible way
Management system standard: specifies process requirements that
can be applied to any organization, regardless of the product it
makes or the service it performs.
[IEEE]

Process: System:
A set of interrelated or A set of interrelated or interacting
interacting activities which parts to establish policy and
transforms inputs into objectives, and to achieve those
outputs (results in change) objectives
Level at which work takes Defined for high organizational
place control levels
[IANZ, ISO]

4
Process vs. system
standards

Process standard: provides a methodology to perform processes

(series of actions or operations) in a consistent and reproducible way
Management system standard: specifies process requirements that
can be applied to any organization, regardless of the product it
makes or the service it performs.
[IEEE]

System:
Unifies the focus of A set of interrelated or interacting
different functional units parts to establish policy and
(processes) to the main objectives, and to achieve those
goals of the organization objectives
Defined for high organizational
control levels
[IANZ, ISO 2008]

5
 communication The (sub)process(es) of timber tracking
other lab activities
Sampling  standard
policies 
personnel
Transport & Storage  standard
trainees  Process
Sample preparation  standard standards for
infrastructure procedures Lab analysis consistency
 &
supplies documentation reproducibility
Data analysis  standard

customers Interpretation of results  standard
Reporting
subcontractors

The system  standard

System standard to align processes towards the main goal, focus on
process effectiveness and efficiency, consistent performance delivering
customer confidence and transparency of operations within the organisation
[ISO 2008]

6
What we can learn
from the human case

Timber
Prüm convention May 2005: to exchange data regarding DNA, Forest
fingerprints (...) and to cooperate against terrorism terrorism


DNA profiles can be entered into the national database of DNA only GTTN
database
when typed in ISO/IEC certified laboratories
+
ISO 17025:2005 is not sufficient to guarantee the quality of the results.
GTTN
It is essential to show the laboratory working method to the scientific guidelines
community in order to obtain reliable and robust analytical results

[Ricci 2014]

7
 ISO/IEC certified laboratories

Labs developed their own working method independently

Only few accredited labs

Quality of the results has been called into question more than once

To generate a reliable genetic profile is not always trivial and

sometimes the interpretation can be subjective
Junk
science !
Statistics are still a challenge

The evolution of the ISO 17025:2005 accreditation in the field of
forensic DNA cannot be separated from sharing the procedures for the
interpretation of the data

[Ricci 2014]

8
Why ISO17025?

An example
World’s first ISO
accredited genebank
2008: International Potato Center
in-vitro genebank

Implementation process up to initial accreditation: 1 year!

Key?
 pre-existing documentation
 advanced laboratory information systems
 high staff motivation

Principles of an ISO compliant quality management system:

 transparent
ISO quality management is a process aimed at
 internal controls continuous improvement through critical review
 regular external review and it is not a final goal

[Galsworthy et al. 2009]

10
Needed:
 extensive process & protocol level documentation
 information technology infrastructure
 consultant to support upper management
 activation of in-house expertise: motivation, improvements in
infrastructure & process management

Implementation phase:
 managing all documents > Wiki technology  Helped identify gaps
 standardisation of all documents
 training of internal auditors
 appointment of an ISO manager to coordinate audits
 validation of the processes
 further improvement of protocols, procedures, and supporting IT
infrastructure

 Helped to manage departure of key staff as new staff

could quickly be incorporated
[Galsworthy et al. 2009]

11
What is ISO 17025?

The structure
 Main points of the In what follows focus is on
ISO17025 tests (with timber tracking
tools in mind)

 Excl. compliance with

regulatory & safety requirements
on the operation of laboratories
 Scope 
 Who? laboratories carrying out tests and/or calibrations,
including sampling
 What? developing their management system for quality, competence of
administrative and technical operations laboratories

How?  Normative references
vocabulary
 Terms & Definitions Degree to which a set of
inherent characteristics of an
Documents indispensable for application object fulfils requirements
https://www.iso.org/obp/ui/#iso:std:iso-iec:17000:ed-1:v1:en  product, service, process, person,
http://jcgm.bipm.org/vim/en/ organisation, system, resource
https://www.iso.org/obp/ui/#iso:std:iso:9000:ed-4:v1:en
 Management requirements
Structure & function to perform, check and act
 Technical requirements
Accounting for factors determining correctness and reliability of tests
[ISO/IEC 17025: 2005]

13
 Main points of the
ISO17025
 Exkl. compliance with
regulatory & safety requirements
on the operation of laboratories
 Scope
 Who? laboratories carrying out tests and/or calibrations,
including sampling
 What? developing their management system for quality, competence of
administrative and technical operations laboratories

How?  Normative references
vocabulary
 Terms & Definitions Degree to which a set of
inherent characteristics of an
Documents indispensable for application object fulfils requirements
https://www.iso.org/obp/ui/#iso:std:iso-iec:17000:ed-1:v1:en  product, service, process, person,
http://jcgm.bipm.org/vim/en/ organization, system, resource
https://www.iso.org/obp/ui/#iso:std:iso:9000:ed-4:v1:en
 Management requirements
Structure & function to perform, check and act
 Technical requirements
Accounting for factors determining correctness and reliability of tests
[ISO/IEC 17025: 2005]

14
Sub-points
Management
requirements
 Organisation Frame
 Management system the system
 Document Control
 Review of requests, tenders and contracts Work
 Subcontracting of tests do
 Purchasing services and supplies
 Service to the customer
external check
 Complaints
 Control of nonconforming testing
 Improvement
act
 Corrective action
 Preventive action
 Control of records
 Internal audits internal check
 Management reviews
[ISO/IEC 17025: 2005]

15
 Frame
the system
! management system also
applies to remote sites and
Quality manager
temporary facilities
 irrespective of other duties
 responsibility and authority for implementation
 Organisation of quality management system
lab’s (non)-permanent facilities  direct access to highest level of management
technical and managerial personnel
policies and procedures for save info storage and communication
appropriate communication processes
Quality manual
 Management system laboratory’s management
documents on policies, systems, programmes, procedures system policies related to
and instructions necessary to assure quality of test results quality

 Document Control
procedures to control all documents that form part of its management system
 documents are available
 documents are periodically reviewed
 invalid or obsolete documents are promptly removed
procedures to control document changes

[ISO/IEC 17025: 2005]

16
 assessment will be against (i) the
standard (ii) your quality manual

Outline for a quality manual must be a working document!

include as much flexibility as possible

PLAN MAINTENANCE
 quality policy statement & accreditation(s)  staff records, training and review
 organisation and management  document control & security
  security of premises
 job descriptions
 approved signatories ADMINISTRATION OF WORK
 acceptance of work  procedures for: handling of samples,
 quality documentation allocation of work, recording of results,
 premises and environment quality checking of results, reporting of
results
DO  policy on retention & disposal of records
 test methods & introduction of new ones
 equipment & reference standards CHECK & ACT
 traceability of measurements  method validation & uncertainty of
 calibration and maintenance of measurement
instruments  quality control
 disposal of samples and other waste  non-conforming work
 confidentiality  procedures for audit & review of quality
system
 corrective, preventive action &
improvement
[UNIDO 2009] 17
Frame
the system

Note
When you are assessed, the accreditation body will determine whether you are
compliant on the day of assessment
However, assessors will be far more interested in satisfying themselves that you
have a robust management system which will maintain compliance on a routine
basis. The assessors normally visit only once a year so the steps which you
take to maintain and monitor compliance between visits are a key issue

compliance that day

Assessment
robustness of management
system to maintain compliance

[UNIDO 2009 ]

18
 Work
do

Records of reviews and discussions

Review of requests, tenders and contracts with a customer are maintained

 following policies & procedures to ensure: Customer informed of any deviation
 requirements are well defined and understood from the contract
 lab has capability and resources to meet requirements
 appropriate test is selected  Repeat of review
process if contract needs to
Review also covers
be amended after the start
subcontracted work
Lab is responsible for the
Subcontracting of tests subcontracted work
 with a competent subcontractor, e.g. ISO accredited 
 advise customer (and gain approval) in writing Keep a register of subcontractors
with evidence of ISO compliance
Purchasing services and supplies
 policy & procedures for selection, purchase, (reception and storage) of services
and supplies  not used until compliance is checked
 evaluate suppliers and keep records of these evaluations  list approved ones

Purchasing documents not released

until technical content is reviewed
[ISO/IEC 17025: 2005]
and approved
19
Work
external check

Service to the customer

 cooperate with customers in monitoring lab performance (e.g. lab access to
witness tests, dispatch items for verification)
 seek feedback from customers > improve

Complaints
 policy and procedure for resolution of complaints
 records of all complaints, investigations and corrective actions taken

[ISO/IEC 17025: 2005]

20
Work
act

Control of nonconforming testing work

policy and procedures to be implemented when work or work results are not conform to
own or customer requirements
Improvement
when nonconforming
management system should be continually improved work could recur

Corrective action
policy and procedure for corrective action when nonconforming work identified
 determine root cause(s) of the problem
 identify appropriate corrective actions
 monitor corrective actions to ensure effectiveness
 audit appropriate areas of activities when doubts on general laboratory’s compliance
Preventive action
When improvement opportunities are identified or preventive action required

[ISO/IEC 17025: 2005]

21
 Work
internal check

Control of records
procedures for identification, collection, indexing, access, filing, storage, maintenance and
disposal of quality records & technical records
observations, data, calculations
 legible & readily retrievable
sufficient to establish audit trail (incl. staff)
 secure & in confidence sufficient to repeat tests

records of corrective & preventive accumulations of info indicating
actions, reports from internal whether specified quality or + e.g. HR and customer feedback
audits & management reviews process parameters are achieved

Internal audits & Management reviews

responsibility of
 periodically and according to predetermined schedule and procedure 
quality manager

 of lab activities  of management system + lab activities

independent of
 by qualified personnel  by top management
audited activity
 for compliance with  for suitability and effectiveness  changes
Follow-up management system and or improvements
ISO  corrective action
[ISO/IEC 17025: 2005]

22
Sub-points
Technical
requirements
 Personnel Frame
 Accommodation and environmental conditions
 Test methods and method validation Work
 Equipment testing
 Measurement traceability
 Sampling
 Handling of test items prior
 Assuring the quality of test results
 Reporting the results
post

 All these factors determine correctness & reliability of tests


 All of the following applies when “relevant to
correct performance of tests concerned”
[ISO/IEC 17025: 2005]

23
Frame

Personnel
competence (by education, training or experience)  supervision of trainees
 job descriptions formulated by lab management
 policy & procedures to identify needs, provide and evaluate training
 compliance with lab management system  supervision
records of competence for all technical personnel
 education, training, experience incl. date of
 authorisation to perform particular steps of the testing process confirmation

Accommodation and environmental conditions

facilitate correct performance of tests > valid results & required quality  particular care when
working in remote or
temporary lab facilities
 document technical requirements
 monitor, control and record environmental conditions
 separate neighbouring areas with incompatible activities
 controlled access of areas affecting quality of tests
 good housekeeping in the lab
[ISO/IEC 17025: 2005]

24
Work instructions, standards,
manuals, reference data
testing shall be kept up to date

 Methods incl. sampling,
Test methods and method validation handling, transport, storage,
preparation of test items
selection of methods
 meet customer needs + appropriate for the test
lab shall confirm proper
 preferably international, regional or national standards operation of standard
 other methods may be used if appropriate and validated methods

> laboratory-developed methods: planned with updates and informed personnel
> non-standard methods
validation of methods confirmation by examination
= objective evidence of fulfilment of requirements for intended use
 record results, procedure used and statement on fitness of method
 range and accuracy relevant to customers’ needs
estimation of uncertainty of measurement
 for all calibrations
 min.: identify all components of uncertainty and make reasonable estimation
control of data

[ISO/IEC 17025: 2005]

25
control of data
 calculations & data transfers > checks in a systematic manner
 computers or automated equipment
 software validated
 procedures for data protection  when using equipment
 hardware maintained and provided with appropriate outside permanent control
environmental and operating conditions of the lab > ensure
requirements are met
Equipment
 all items of sampling, measurement & test equipment available in the lab
 capable of achieving accuracy required & calibrated/checked before use  not conform > taken
out of service
 operated by authorised personnel
 up-to-date procedures for safe handling, transport, storage, use and planned
maintenance
 safeguarded from adjustments records of each item of incl. calibration
equipment and its software status

“Frame”
> controlled lab access

[ISO/IEC 17025: 2005]

26
 when not possible > traceable to:
 certified reference materials
 specified methods/consensus
standards
Measurement traceability
 measurements are traceable to the International System of Units (SI)
 lab programme & procedure for calibration of reference standards
 reference materials are traceable to SI units or certified reference materials
 procedures for safe handling, transport, storage and use of reference standards
and reference materials > protect their integrity
procedures & schedules
for intermediate checks

[ISO/IEC 17025: 2005]

27
Work
prior

Sampling
procedures for recording relevant data and operations relating to sampling
incl. other recorded data:
lab sampling procedures: sampler id,
environmental
 available at sampling location conditions, location
 based on appropriate statistical methods
 addressing factors to be controlled to ensure validity of test results
Handling of test items
procedures for transportation, receipt, handling, protection, storage, retention and disposal
of test items
to protect integrity
system for identifying test items throughout their lab life
of (secured) items
in doubt of suitability of test item or on specifics of the test required
 consult customer before proceeding + record discussion
Assuring the quality of test results
monitor validity of tests to detect trends  outside pre-defined criteria  planned action

planned & reviewed [ISO/IEC 17025: 2005]

28
Work
post
 for internal customers or if
written agreement: test report
can be simplified
Reporting the results
accurately, unambiguously and objectively
usually in a test report incl. all info requested by customer and
incl. deviations from test
where necessary for interpretation: method and info on
 identification of test report, lab, customer, test item(s), method specific test conditions
 date of receipt and performance of test
 sampling procedures (incl. date and location) incl. info on environmental
conditions during sampling
 test results + estimated uncertainty of measurement
(results by subcontractors clearly identified) clearly indicated as such and
 opinions and interpretations documented
 identification of person authorising test report
requirements mentioned
in case of electronic transmission of results under “Control of data” apply

format of reports: designed to accommodate each type of test and to

minimise possibility of misunderstanding or misuse
amendments to test reports: only in form of a further document
 if completely new test report > uniquely
[ISO/IEC 17025: 2005]
identified with reference to original
29
How to get
ISO17025
accredited?

Preparatory steps
What you should
know

Time period of the process from application to accreditation

Few months up to a few years depending on the current state of the quality
management
Does the lab already have a quality
Costs manager? Did he/she get already
training in ISO17025? Is there already
Fee rates will depend on various factors, such as: a quality management manual?
 the complexity of the accreditation procedure
 the scope of the accreditation
 the size of the applicant organisation
Additional fees will be payable if several assessors, specialist units, divisions
or public authorities are involved in the process.

Validity of accreditations
Accreditations are generally valid for a period of five years, but must be
monitored on a regular basis.

[www.dakks.de]

31
Formulation of scope
of accreditation

A laboratory will have only some of its methods accredited and

perhaps not even the majority
 a laboratory is accredited for a specific list of methods
 the laboratory will need to select methods to offer as part of the
scope when it makes its application for accreditation

Overall, the laboratory should select a scope of methods which includes those
it performs routinely and those where either commercial or legal issues make
accreditation advantageous.

The International Laboratory Accreditation Cooperation (ILAC) wrote a

guideline for the formulation of scopes of accreditation for laboratories

[UNIDO 2009]

32
Self-examination for
compliance with
ISO17025
A questionnaire pointing to where you need to make changes and
where your lab is already ISO 17025 compliant is available as an
appendix of this guidebook.

 not the whole of ISO 17025 is covered but,

if you get a high score you are very well
placed to make the final adjustments

33
References

Galsworthy, D., et al. (2009). Gaining and maintaining the world's first ISO Accreditation for a
genebank. 15th Triennial ISTRC Symposium. Lima, Peru, International Society for Tropical
Root Crops.
IANZ http://www.ianz.govt.nz/new-article-goes-here/
IEEE https://www.ieee.org/education_careers/education/standards/standards_glossary.html
ISO/IEC 17025:2005. General requirements for the competence of testing and calibration
laboratories.
ISO 2008. ISO 9000 Introduction and Support Package: Guidance on the Concept and Use of
the Process Approach for management systems. ISO/TC 176/SC 2/N 544R3
Ricci, U. (2014). "Establishment of an ISO 17025:2005 accredited forensic genetics laboratory
in Italy." Accreditation and Quality Assurance 19(4): 289-299.
UNIDO (2009). Complying with ISO 17025. A practical guidebook for meeting the requirements
of laboratory accreditation schemes based on ISO 17025:2005 or equivalent national
standards. Vienna, United Nations Industrial Development Organization.

34
 The objective of the Global Timber Tracking Network (GTTN) is to promote the operationalization of innovative tools for
wood identification and origin determination, to assist the fight against illegal logging and related trade around the globe.

GTTN is an open alliance that cooperates along a joint vision and the network activities are financed through an open multi-
donor approach. GTTN phase 2 coordination (2017-2019) is financed by the German Federal Ministry of Food and
Agriculture (BMEL).

35
View publication stats