Transitioning from ISO 17025:2005 to ISO/IEC 17025:2017
Transitioning from the 2005 Version of ISO/IEC 17025
In the world of international ISO standards, ISO/IEC 17025:2017 was welcomed as the new standard for the general requirements for the competence of testing and calibration laboratories. It was 12 years since the prior version was published. A majority of the referenced documents in the 2005 version of the standard have become obsolete, and needed a change. Now that it is published and in place, tens of thousands of labs both accredited and applicants are scrambling to learn what’s new and different.
According to ISO.org, there are four main changes in the 2017 version of the standard:
- The scope has been revised to cover testing, calibration and sampling associated with subsequent calibration and testing.
- The process approach now matches that of newer standards such as ISO 9001…
- The standard now has a stronger focus on information technologies…
- A new chapter introduces the concept of risk-based thinking
This article discusses several key changes in content, format and style in the 2017 revision.
Products to help you transition to ISO/IEC 17025:2017:
It is known that there is a 3-year implementation, but this will include many considerations. First, for many countries around the world, they will want to have the standard translated into their native language. Second, we should all work backwards from the targeted endpoint and define that endpoint. As we understand it, ILAC wants assurances that every laboratory accredited to ISO/IEC 17025:2017 has received at least one assessment to the new standard within three years of its publication. For example, the new standard was officially published on November 30th of 2017, and ILAC wants to be assured that every accredited laboratory has been assessed by December 1, 2020 to the new standard. Many accreditation bodies began offering accreditation to the new version in the summer of 2018.
What is no longer required?
What is new in the standard is not so much additional requirements but new focus. Requirements have shifted from prescriptive to performance-based. It is not driven by step-by-step procedures but by a series of processes to deliver high quality results to customers. Elements that are no longer required from the previous version may still be maintained as helpful elements in many management systems. They are simply no longer a requirement.
This includes elements such as :
- A titled quality manual
- All the elements formerly required to be stated in the quality manual
- Formal quality policy
- Formal quality objectives
- Preventive Actions
- Formal job descriptions
- Titled terms for top management, quality manager, technical manager
We should clarify that requirements in these ISO documents are designated by a “shall”. The 2017 version of ISO/IEC 17025 has roughly 20 fewer “shalls” than the 2005 version … only about 220.
What is new?
It should be noted that the revised ISO/IEC 17025 has no major new technical sections with requirements. It does however have dozens of new sub-elements and several key things with a new emphasis.
The first major and conspicuous change is the numbering format. It replaces the requirement sections of clauses 4 and 5 in the old standard with clauses 4 through 8 in the 2017 version. See Table 1 below. This format is nicely standardized, and similar to ISO 9001, ISO 17020 and many other ISO conformity assessment standards with similar numbering and corresponding sections. For those familiar with the 2005 version of clauses 4 and 5 , however, this will take a major adjustment.
Table 1: ISO/IEC 17025 Standard Format Comparison
|ISO/IEC 17025:2005||ISO/IEC 17025:2017|
|2. Normative references||2. Normative references|
|3.Terms and definitions||3. Terms and definitions|
|4. Management requirements||4. General requirements|
|5. Technical requirements||5. Structural requirements|
|6. Resource requirements|
|7. Process requirements|
|8. Management system requirements|
A third main realization is that several document types and elements no longer need to be maintained (e.g. quality manual, quality policy, and preventive action), but preventive action is expanded and replaced with Risks and Opportunities (section 8.5). Not only is there a major section for Risks, but risk consideration is added to clauses 4.1.4 (impartiality), 7.8.6 (statements of conformity), 7.10.1 (non-conforming work), and 8.7.1 (corrective actions). The new focus of Risk is even highlighted in the Forward to the standard. It outlines the need for accredited labs, just as in ISO 9001, to identify risks, prioritize them, plan and implement actions related to them, then control and monitor those risks over time.
We do not wait long to see the first new emphasis point in Clause 4. Instead of management system requirements that we were used to, this clause now has only two considerations: impartiality and confidentiality. Impartiality, we learn in the Terms and Definitions section, is synonymous with objectivity. The standard has replaced its reference to independence in the laboratory with impartiality. Independence is now gone from the document.
One will also find, in reading through the standard, that Sampling has an increased visibility. While few new requirements related to sampling have been added in this revision, consideration of sampling appears in many elements including: 6.6.1 (externally-provided services), 184.108.40.206 (validation of methods including uncertainty), 7.3 (Sampling), 7.6.1 (measurement uncertainty), and 7.8.1 thru 7.8.5 (reporting requirements). In fact, sampling appears in the Terms and Definition section early in the document under the definition of a laboratory. It notes testing, calibration and sampling organizations under the definition. This gives it a dramatic new visibility and attention. It is clear that the ILAC community should expect more ISO/IEC 17025 scopes of accreditation to have sections devoted to Sampling.
Another new focus is the emphasis on processes rather than documented procedures. A depiction of this is found in Annex B with Figure B-1. See below. There is a nice flow chart in the figure outlining the flow of processes in the accredited laboratory.
As many have noticed in the past decade from ILAC and regional policy documents, attention to Statements of Conformity and consideration of measurement uncertainty has held increasing importance. In the new version of the standard, the new term of “Decision Rule” is introduced. Like other elements above, it is referenced multiple times throughout the document. It is defined in the Definitions section and appears in element 7.1.3 (review of requests, tenders and contracts) plus 220.127.116.11 and 18.104.22.168 (reporting statements of conformity).
It may be either confusing or comforting to note that some elements from the old version were combined in the new one. One such combination is that of subcontracting of services (old element 4.5) and purchasing (old 4.6) into the new combined element 6.6. As another example, lab-developed methods and non-standard methods are no longer listed uniquely. They are only mentioned in a listing of potential method validation candidates.
Metrological traceability has a strong role and visibility in the new standard, but not nearly as long a coverage in the requirements section. Instead it is clarified at more length in Annex A. Annex A is devoted to establishing and demonstrating metrological traceability. It even includes a hyperlink to the joint declaration on metrological traceability by the major metrology organizations. One key new consideration in the new standard is to refer to metrological traceability of the measurement results. Formerly, the reference was simply to a measurement. Now, the added consideration of the measurement uncertainty is properly added to metrological traceability.
Many observers have been wondering if the ISO/IEC 17025 standard would finally define more clearly that weighty expectation of accredited laboratories to perform PT/ILCs as a requirement. The answer is a clear yes. It is now in element 7.7, and many additional considerations have been added. This includes expanding the quality assurance broader focus. Many QA practices are highlighted and noted for review during assessments. It may well be missed by many, but the standard now defines it in the Definitions section and notes in section 7.7.1 (ensuring the validity of results) that not only inter-laboratory comparisons are integral options, but intra-laboratory ones may be as well. It is clear that a great many tests and calibration methods are not available for commercial or ISO 17043-accredited programs. The array of alternative options are very nicely presented in the new standard.
A worthy new focus in the 2017 standard is the acknowledgement of information management that accompanies the control of data. Several additional references are made in the new standard to computer systems, electronic records and reporting results, communication technologies, sample management with LIMS systems, etc. It is reassuring to have the standard reflect this expanding arena in our operations.
Arguably the shortest requirement section in the older standard was complaints. The new standard now outlines a 7-element set of requirements for complaint processing. Much more communication between the accredited laboratory and the complainant is now required with evidence.
General Requirement Comparison Between ISO/IEC 17025:2017 and ISO/IEC 17025:2005
|ISO/IEC 17025:2017||ISO/IEC 17025:2005||Changes|
|2.0||Normative references||Normative References||Minor|
|3.0||Terms & Definitions||3.0||Terms and Definitions||New|
|6.3||Facilities and environmental conditions||5.3||Accommodation and Environmental Conditions||Structural|
|6.5||Metrological traceability||5.6||Measurement Traceability||Structural|
|6.6||Externally provided products and services||4.6||Purchasing Services and Supplies||Minor|
|7.1.||Review of requests, tenders and contracts||
|Review of Requests, Tenders and Contracts||Major|
|7.2.||Selection, verification and validation of methods||5.4||Test and calibration methods and method validation||Minor|
|7.4.||Handling of test or calibration items||5.8||Handling of test or calibration items||Minor|
|7.5.||Technical records||4.1||Control of records||Minor|
|7.6.||Evaluation of measurement uncertainty||5.4||Test and calibration methods and method validation||Structural|
|7.7.||Ensuring the validity of results||5.9||Assuring the quality of test and calibration results||Minor|
|7.8.||Reporting the results||5.1||Reporting the results||Major|
|7.10.||Nonconforming work||4.9||Control of nonconforming testing and/or calibration work||Minor|
|7.11.||Control of data and information management||5.4||Test and calibration methods and method validation||Minor|
|8.0||Management System Requirements||4.0||Management requirements||–|
|8.2.||Management system documentation (Option A)||4.2||Management System||Structural|
|8.3.||Control of management system documents (Option A)||4.3||Document Control||Structural|
|8.4.||Control of records (Option A)||4.1||Control of records||Structural|
|8.5.||Actions to address risks and opportunities (Option A)||4.2
|8.6.||Improvement (Option A)||
Services to the Customer
|8.7.||Corrective actions (Option A)||4.1||Corrective action||Minor|
|8.8.||Internal Audits (Option A)||4.1||Internal Audits||Minor|
|8.9.||Management Review (Option A)||
|Annex A||Metrological traceability||–||–||New|
|Annex B||Management system options||–||–||New|
What is different for accreditation bodies and assessments?
Accreditation bodies have been challenged to get many activities and documents in place for the transition and implementation of the 2017 standard. They needed to create an implementation timeline and make it available to their staff, their assessors and experts, their current customers, and all applicant customers. They needed to provide training of their assessors for the new standard. Many may also have provided transition or at least updated internal auditing and lead assessor training updates to reflect the new standard. In addition, you should quickly create their assessment checklist for the 2017 standard and define how soon it can be utilized on their assessments.
How can labs best prepare for the new standard?
We have a number of considerations for laboratories to take in their transition to and preparation for the 2017 standard.
It starts with getting official copies of the published standard. Second, is training of key staff. Third, is getting your documents and forms in place in your management system. If you already have documents and forms based on the older version, it will help to have a crosswalk document. This might be obtainable from your accreditation body. It will help you not only with the thorough coverage of all elements but also with the numbering system.
Key to the process of preparation is learning your transition plan from your accreditation body. Find out what timing and practices are required.
Conduct a gap analysis between the the old QMS and the requirements in the revised standard.
One of the biggest challenges to accreditation bodies is to define the implementation of the management system auditing for their customers who maintain ISO 9001 in addition to ISO/IEC 17025. It is obvious that not all the management system requirements of ISO/IEC 17025 are found in ISO 9001. Each AB must decide this coming year which additional ones need to be verified for their 9001/17025 customers. Accompanying this is to decide how much time saving there may be to customers in this situation.
The new version of the ISO/IEC 17025 standard for testing and calibration laboratories (and sampling service providers) is very welcome. It will take many months to digest and establish implementation plans and practices, both for laboratories and accreditation bodies. The two groups will surely assist each other and give feedback to each other to assure that quality of services are maintained.
While many of the 2005 standard requirements remain the same, the 2017 version has been very well received. Many new terms and elements with new focus have been approved and added to the required operations and services. Hopefully all will embrace and contribute to the implementation of the new standard for the betterment of the global technical community.
Products to help you transition to ISO/IEC 17025:2017: