Type a search term to find related articles by LIMS subject matter experts gathered from the most trusted and dynamic collaboration tools in the laboratory informatics industry.
ISO/IEC 17025:2017 General requirements for the competence of testing and calibration laboratories is an internationally recognized standard developed by the International Organization for Standardization's (ISO's) ISO/CASCO Committee on Conformity Assessment. ISO/CASCO has stated that the standard was developed "with the objective of promoting confidence in the operation of laboratories," allowing them "to demonstrate they operate competently, and are able to generate valid results."[1] The standard has a long history (as the previous chapter noted), with adoption of the standard increasing steadily since 2010 according to ILAC[2], an international organization for accreditation bodies. However, laboratory adoption of ISO/IEC 17025 is not particularly easy, especially for small and academic labs[3], and several regions of the world encounter cultural, educational, and cost barriers in attempting to implement management standards like ISO/IEC 17025 and ISO 9001.[4][5] Additionally, for some laboratories like materials science labs, the process of adopting and implementing ISO/IEC 17025:2017 initially impacts them in a painful way due to the challenges posed by the restraining nature of the standard on research and development activities, which often require more operational flexibility.[6] However, a number of benefits almost always sprouts from the seeds of effort.[6]
The rest of this chapter will go into the details of which laboratories are most affected by the standard, what the standard asks of those laboratories as part of conformance, and what those laboratories gain by putting in the effort to conform to ISO/IEC 17025.
The scope section of ISO/IEC 17025 indicates that the standard "is applicable to all organizations performing laboratory activities, regardless of the number of personnel."[1] Further, in its terms and definitions section, the standard states that a laboratory—for the purposes of the document—is a "body that performs one or more of ... testing, calibration, [and] sampling, associated with subsequent testing or calibration."[1] Of course, when it comes to testing, calibration, and sampling, these types of activities occur in a wide variety of industry contexts, including but not limited to environmental science, forensic science, food and beverage manufacturing, agricultural research, and pharmaceutical manufacturing.
The following subsections provide background on the different laboratory operations affected by ISO/IEC 17025 and give examples of ISO/IEC 17025-accredited activities, research topics, or calibration targets noted in academic literature. These subdivisions of labs are, in part, influenced by the work of Pillai et al. (though they largely fail to address calibration and reference testing labs in their work; these labs are added here).[7]
These types of labs conduct analytical tests on a wide variety of substances, materials, and equipment to ensure they are safe, effective, and secure for their application. Often times that testing is being performed due to a regulatory mandate concerning safety and efficacy.[7] Manufacturers of all types of consumables and consumer use products (e.g., pharamaceuticals, foods, and cosmetics) will turn to in-house or third-party analytical and regulatory testing laboratories to perform the recommended or mandated analyses on their products to ensure their quality and safety.[7] Additionally, federal, state, and local governments also have to follow regulations concerning frequent testing of municipal infrastructure, including water, wastewater, and construction activities.[8][9] Yet another example can be found with the analytical activities of the forensic laboratory, which provides a diverse array of investigative services.[10] Examples of activities conducted by these and similar labs under ISO/IEC 17025 recommendations and protocols include:
2.1.1.1 Product development and manufacturing labs
These are a subset of the above-mentioned analytical and regulatory testing labs, with a routine focus on pre-market research and development (R&D) and quality control analyses that help bring a product or service to market. That testing is typically conducted early on in a product lifecycle, based upon a set of predetermined limits set by a manufacturer or other criteria that are in turn driven by regulations and/or customer requirements.[7] This sort of testing could occur with sourcing ingredients or components to ensure they are certified to not contain allergens or an acceptable and safe level of contaminants, such as heavy metals. It also occurs during the development phase to ensure that any proposed final recipe or manufacturing specification doesn't have any unexpected toxicology or errors and has a reasonable chance of going to market.[18][19] Examples of activities conducted by these and similar labs under ISO/IEC 17025 recommendations and protocols include:
Basic research labs seek to understand and form theories concerning scientific questions, while applied research labs typically follow that basic research, conducting studies to apply that basic research towards solving practical problems. Both "conduct their work to support and inform the understanding of science", as well as drive regulatory support[7], and these lab can benefit from the recommended approach of ISO/IEC 17025. Basic and applied research labs may appear in academia, in government, or in private industry, studying a wide variety of topics. Research topics in ISO/IEC 17025-certified labs include (but are not limited to):
A reference or calibration laboratory performs reference or calibration measurement procedures, or assigns reference values to test objects, later potentially providing those associated reference values for references or sources of traceability of test results.[29][30][31] ISO/IEC 17025 saw the addition of calibration laboratories to its focus in 1990 through its predecessor document ISO/IEC Guide 25 General requirements for the competence of calibration and testing laboratories as a greater means of lending "support for national systems, thus easing bilateral agreements" associated with laboratory testing.[32][33][34] In other words, with international trade hitting new records[35], it's more important than ever that an internationally recognized standardized approach to analyzing globally traded products is enacted, and the equipment and standards used for those analyses are themselves properly calibrated and maintained.[36] (After all, when the biggest output of a lab is its analyses, it's best to ensure they are precise, accurate, and timely.) Laboratory equipment isn't all that's getting calibrated, however. Reference and calibration labs also calibrate important equipment in other fields of expertise. Examples of instruments and equipment getting calibrated to a standard in ISO/IEC 17025 calibration labs include:
You may notice that the clinical laboratory doesn't appear in the above listing. That is because quality management in the clinical lab is best guided by ISO 15189:2022 Medical laboratories — Requirements for quality and competence. (This is not to say that ISO/IEC 17025-compliant environments haven't conducted clinical analyses, as they have[40][41][42][43], but it's not the most ideal standard to be compliant with in the clinical environment, and ISO 15189 is increasingly common in hospital and clinical labs.[44]) The standard, which received an update in December 2022, is described by the ISO as being "applicable to medical laboratories in developing their management systems and assessing their competence. It is also applicable for confirming or recognizing the competence of medical laboratories by laboratory users, regulatory authorities, and accreditation bodies."[45] Development of the standard began in the mid-1990s due to the lack of applicability ISO/IEC 17025 and ISO 9001 had to clinical labs. First published in February 2003, the standard was, however, developed with ISO/IEC 17025 and ISO 9001 in mind, taking the technical requirements of the first and the quality management requirements of the latter, while also adding input on professional requirements from the European Communities Confederation of Clinical Chemistry (EC4).[46] All said, ISO 15189 is arguably the best quality management standard for clinical laboratories as it takes into consideration the specific requirements of the medical environment and the importance of the medical laboratory to improving patient safety and outcomes.[47]
A potential companion to ISO 15189:2022 is the World Health Organization's Laboratory Quality Management System: Handbook. Though a bit outdated, as it was developed in 2011, the WHO handbook is based off of ISO 15189 and Clinical and Laboratory Standards Institute's (CLSI's) QMS01 A Quality Management System Model for Laboratory Services (or more specifically, its predecessor documents HS1 and GP26[48][49]).[47] The WHO and CLSI tend to go beyond ISO/IEC 17025 by incorporating 12 quality system essentials (QSEs)—"a set of coordinated activities that serve as building blocks for quality management"—as part of their QMS framework and emphasize that all must be met for overall clinical laboratory quality improvement to be realized.[47][50]
For more on this topic, see Plebani and Sciacovelli's "ISO 15189 accreditation: Navigation between quality management and patient safety."
After discussing what types of labs are adopting the ISO/IEC 17025 standard, it's now time to get into the details of what the standard asks of adopting labs. Implementing a standard within a regulated business is rarely a straightforward process and has many challenges for all but the most well-organized and -resourced entities. ISO/IEC 17025 is no exception. At its core, the standard has a focus on quality, but that focus is stated through the lens of a lab's ability to demonstrate its competence, impartiality, and consistency across its operations. This section expands on these three characteristics, as well as the specific demands the standard places on the lab. It will also address a handful of gaps ISO/IEC 17025 has when compared to similar standards, as well as possible means towards filling those gaps.
The "Scope" section of ISO/IEC 17025:2017 indicates the standard "specifies the general requirements for the competence, impartiality, and consistent operation of laboratories." Unfortunately, the document only defines "impartiality," and not "competence" and "consistent operation"; as such, we have to improvise a bit to get to the bottom of the significance of these three terms.[1]
1. Competence: While ISO/IEC 17025 does not define "competence," it does reference ISO 15189 Medical laboratories — Requirements for quality and competence, as well as ISO 17034 General requirements for the competence of reference material producers, in the bibliography. Of them, ISO 15189:2012 defines competence as "demonstrated ability to apply knowledge and skills," while noting that the definition is given in a generic sense, with other ISO documents being more specific.[51] (Note that the latest version is ISO 15189:2022, released in December 2022; however, ISO/IEC 17025:2017 references the 2012 version.)
That said, ISO/IEC 17025:2017 is asking a laboratory to demonstrate an ability to apply its knowledge and skills effectively to all its operations.
2. Impartiality: ISO/IEC 17025:2017 defines "impartiality" as "presence of objectivity," adding several notes to the definition. First, the standard adds that "Objectivity means that conflicts of interest do not exist, or are resolved so as not to adversely influence subsequent activities of the laboratory." It also adds nine other terms that can convey the context of impartiality, including "freedom from conflict of interests," "freedom from bias," and "neutrality."[1]
That said, ISO/IEC 17025:2017 is asking a laboratory to demonstrate objectivity in its operations, remaining free from conflicts of interest, bias, and prejudice, while maintaining a level of neutrality to its primary output: analytical results.
3. Consistent operation: The ISO defines "consistency" in several of its standards (e.g., ISO 9241, ISO/IEC 25000), but the definition is specific to the context of those standards. As such, we have to look elsewhere and make reasonable assumption that the definition of "consistency" applies to ISO/IEC 17025:2017. Merriam-Webster's definition 1b of "consistency" is "harmony of conduct or practice with profession," with "profession" meaning "public proclamation" (i.e., the actual output of conduct or practice matches a stated expectation). This definition applies somewhat, but when paired with definition 3a—"firmness of constitution or character: persistency"—we come up with an idea of what the standard intends.[52]
ISO/IEC 17025:2017 is asking a laboratory to conduct its activities in an enduring manner that is consistent with the lab's goals, mission statement, and standard practices.
Of course, that's the top-level view. The rest of the standard elaborates on what a lab performing sampling, testing, and calibration activities must do to meet the three goals of competence, impartiality, and consistent operation, covering[1]:
The various components of these five sections impact the laboratory in many ways, placing demands on the lab while providing tangible and intangible benefits. The rest of this section will address the "demand" side and any gaps in support the standard has, while the subsequent section will address the potential benefits.
General requirements
Section 4 of ISO/IEC 17025:2017 addresses two primary concepts: impartiality and confidentiality. We note that right from the start, one of the three top-level points is addressed in impartiality, asking the lab to maintain commitment to and responsibility for impartiality, while identifying and acting upon any risk to impartiality. Additionally, the standard asks the lab to treat "all information obtained or created during the performance of laboratory activities" with confidentiality. This means taking the necessary security precautions to ensure only authorized individuals can have access to laboratory information, and communicating any release of said confidential information in a timely and appropriate fashion should a law or contract mandate its release.[1]
Structural requirements
Section 5 of ISO/IEC 17025:2017 addresses the organizational pillars required of a laboratory in order to meet the three top-level points of competence, impartiality, and consistent operations. It notes that the lab should be a legal entity, held liable by the laws that created it, and that entity should have management that is clearly identified as having responsibility for various operations. That entity must also document its activities, procedures, and methods that fall under the scope of ISO/IEC 17025:2017 and ensure those activities are conducted in a competent, impartial, and consistent manner. Finally, it recognizes the importance of people to meeting those goals, asking the lab to ensure those people have the authority and resources necessary to create, monitor, and act upon deviations from the lab's procedures, methods, and management systems, including the quality management system (QMS).[1]
Resource requirements
Section 6 of ISO/IEC 17025:2017 addresses the importance of resources to the laboratory in meeting its goals and maintaining a high level of standard practice. The standard covers personnel, the facility and working environment, equipment, metrological traceability (through calibration), and third-party products and services. First, personnel must demonstrate competence and impartiality, which must be proven and documented. Those people must also be aware of their duties and responsibilities, while being given the means to perform them. Second, the facility and work environment must be suitable, without negatively impacting analytical results, and the conditions should be monitored, documented, and controlled to prevent and resolve issues with contamination, interference, or other detrimental influences. Third, what is a laboratory without the proper equipment to effectively meet its goals? Here the standard asks labs to provide the necessary in-lab resources to get the job done. Of course, just having that equipment isn't enough, and the standard asks that any measurement equipment be properly calibrated and able to provide accurate and timely results, with documentation concerning the activities of that equipment being recorded. Extending from there is the fourth topic of metrological traceability, defined as "the “property of a measurement result whereby the result can be related to a reference through a documented unbroken chain of calibrations, each contributing to the measurement uncertainty.”[1] The standard goes on to explain how this should best be achieved. Finally, third-party or "external" products and services are addressed, asking the lab to ensure those products and services are "suitable," as determined by review and approval within the organization. When working with those third parties, the lab should also be clear in communicating its own requirements to the third party.[1]
Process requirements
Section 7 of ISO/IEC 17025:2017 is a hefty one, directly addressing the actual work conducted in the laboratory. This section looks at 11 different aspects of workflow in the lab; a brief comment is made about each aspect (it's beyond the scope of this article to go into fine detail)[1]:
Management system requirements
Section 8 of ISO/IEC 17025:2017 addresses the laboratory's management system. While the standard never directly calls it a "quality management system" or QMS—in fact, the word "quality" only appears once in this section—the implication in the opening paragraph is that the standard is addressing quality with its requirements for a management system, i.e., a QMS[1]:
The laboratory shall establish, document, implement, and maintain a management system that is capable of supporting and demonstrating the consistent achievement of the requirements of this document and assuring the quality of the laboratory results.
This section breaks the management system down into two options: Option A for a lab needing a built-from-scratch management system, or Option B should a lab already have an ISO 9001-driven management system in place. Most of the section is dedicated to addressing Option A and its requirements for proper documentation, document management, risk management, process improvement, corrective action, internal audits, and management review and buy-in.[1]
It's important to note that ISO/IEC 17025 does not cover compliance with laboratory safety requirements.[47][7] Labs implementing the standard may very well want to examine and adopt components of other QMS frameworks to fill the gaps, for example, implementing the "Facilities and Safety" quality system essential (QSE) found in Clinical and Laboratory Standards Institute's (CLSI's) QMS01 A Quality Management System Model for Laboratory Services[53] and the World Health Organization's (WHO's) Laboratory Quality Management System: Handbook.[47] (A QSE, as defined by CLSI and WHO, is "a set of coordinated activities that serve as building blocks for quality management," with each needing to be "addressed if overall laboratory quality improvement is to be achieved."[47] Both organizations include 12 QSEs as part of their QMS framework and emphasize that all must be met for overall laboratory quality improvement to be realized.[47][50]) The "Facilities and Safety" QSE describes those elements that are essential to a laboratory's personnel, its design, and its safety in being able to prevent and control physical, chemical, and biological hazards from impacting operations. The WHO notes that addressing these elements through a laboratory safety program solidifies the lab's ability to provide quality data and services through protecting laboratorians, the facility, its equipment, and the work environment.[47]
Aside from safety, ISO/IEC 17025 has a few more minor gaps in how it addresses laboratory assessment tasks and personnel requirements when compared to the "Assessment" and "Personnel" QSEs of CLSI and WHO.[7] For example, the "Assessment" QSE addresses external audits, whereas ISO/IEC 17025 does not, and the topics of proficiency testing and other external quality assessment methods is more rigorous in the "Assessment" QSE. Additionally, while ISO/IEC 17025 speaks of needing to document competence requirements for personnel, the "Personnel" QSE delves into greater detail of competency assessment methods, policy writing, procedure development, training, and performance appraisal. A lab implementing and accrediting to ISO/IEC 17025:2017 may wish to further compare the nuances of these QSEs with the ISO standard as part of an effort to exceed the bare minimums of meeting ISO/IEC 17025 requirements.
As can be seen above, ISO/IEC 17025 asks a lot of a laboratory, placing requirements throughout the entire workflow. But not all is "pain" when making the effort to comply with ISO/IEC 17025; there is also "gain." Take for example Section 8 on management systems (and by extension, the QMS); the standard tells you that one of the benefits can be found in "assuring the quality of the laboratory results." Does a QMS automatically solve all the lab's problems concerning errors and quality? No, but when implemented well, the QMS will certainly have a positive impact on lab quality. In its 2011 Laboratory Quality Management System: Handbook, the WHO notes the following concerning the QMS model[47]:
Laboratories not implementing a good quality management system are guaranteed that there will be many errors and problems occurring that may go undetected. Implementing a quality management system may not guarantee an error-free laboratory, but it does yield a high-quality laboratory that detects errors and prevents them from recurring.
Complying with and accrediting to ISO/IEC 17025 has numerous other benefits aside from generating high-quality laboratory results. Researchers, standard developers, and labs of all types have claimed additional benefits of complying with and accrediting to ISO/IEC 17025, noting that doing so[6][7][54][34][55][56][57]:
Chapter: 2. How ISO/IEC 17025 affects and benefits laboratories
Title: LIMS Selection Guide for ISO/IEC 17025 Laboratories
Edition: First Edition
Author for citation: Shawn E. Douglas
License for content: Creative Commons Attribution-ShareAlike 4.0 International
Publication date: February 2023