It is not uncommon for laboratories to be saddled with maintaining both ISO 17025 and ISO 9001 certification. Although it is simpler to create and implement two QMS – and to “merge” those activities which can be merged – this approach is arduous, inefficient, and prone to mistakes.
Understanding the difference
ISO 17025 is an “Accreditation” standard which means the laboratory is authorised to issue “Certifications” i.e. they have the qualifications and capabilities to issue certificates of authentication from the tests they carry out. ISO 9001 relates to the quality and reliability of service a customer can expect from the testing company.
It is possible that competence does not translate into good customer service. In fact it is not uncommon for hear about end user complaints with collection services and response times. Since these components of accredited laboratory services directly impact client functions and therefore their profitability, it is not uncommon for those organisations to also request laboratories to have ISO 9001 certification in addition to expecting ISO 17025 accreditation.
The original ISO 17025 was issued in 1999 and then revised in 2005 because it was realised that ISO 9001 was not sufficient for a laboratory accreditation. It was updated after ISO 9001:2008 was issued, and it should be envisaged that similarly, it will be updated again following the release of ISO 9001:2015.
Why implement ISO 9001 as well as ISO 17025
This is really a strategic argument verses an operational one. As it is the customer who pays the bill, and it will be the customer who decides to which standard they wants to refer. Therefore, it is not uncommon for laboratories to be saddled with maintaining both ISO 17025 and ISO 9001 certification.
In addition to customer requirements, executive management may look on the ISO 9001:2015 emphasis on continuous improvement, and risk management based approach to process optimisation (see PDCA is NOT Best Practice), as strategically necessary for remaining commercially viable in the “user-pays” competitive marketplace facing testing authorities today.
Integrating ISO 9001 with ISO 17025
Although it is simpler to create and implement two QMS, and to “merge” those activities that can be merged, ISO standard certification/accreditation is relatively simple, and not complex, and the expertise to do is most likely available. To integrate both 9001 and 17025, the lab activities should be considered as processes, with specific requirements for the methods and the management, merged or integrated under the new “Operations” section of ISO 9001:2015.
In the end, it is much better to fashion one QMS that meets the requirements of both standards. It is also relatively easy to do. We provide those simple, effective solutions, all the time.
For those who want to get ahead of the curve as a customer service, or for the likely incorporation in future revisions of ISO 17025, I have prepared a “nominal” cross-reference between the new ISO 9001:2015 standard and ISO 17025, along with comments on the key new principles introduced in ISO9001:2015. Reach out to me at gcarroll@fasttrackaust.com and we’ll pass it along to you. And, it’s free.
Bio:
Greg Carroll - Founder & Technical Director, Fast Track Australia Pty Ltd. Greg Carroll has 30 years’ experience addressing risk management systems in life-and-death environments like the Australian Department of Defence and the Victorian Infectious Diseases Laboratories among others. He has also worked for decades with top tier multinationals like Motorola, Fosters and Serco.
In 1981 he founded Fast Track (www.fasttrack365.com) which specialises in regulatory compliance and enterprise risk management for medium and large organisations. The company deploys enterprise-wide solutions for Quality, Risk, Environmental, OHS, Supplier, and Innovation Management.
Mastering 21st Century Risk Management” which will be available from the www.fasttrack365.com website in a couple of weeks. Meanwhile a recent Webinar on the topic can be seen at http://www.youtube.com/watch?v=nQoJj6FBxrY&feature=youtu.be in which we show how emerging best practices provide a good picture for how enterprise risk management should look in the 21st century.