General: The creation of the ISO 17025 Management System is outlined in this clause. The lab establishes, documents, implements and maintains a management system through a quality manual.
Option A: free-standing Management System option that allows you to retain existing structure.
Option B: ISO 9001 Management System option.
8.2 Management System Documentation
There is a significant difference in the Management System Documentation outlined in ISO/IEC 17025:2017 from ISO 9001:2015.
8.3 Control of Management System Documentation
All documents must be controlled.
Master list of all documents.
Unique identification, effective date and/or revision number, total number of pages, authority for issue.
Reviewed and approved before issue
Right procedures are in the right areas.
Continually review (and revised).
Prompt removal of invalid/obsolete documents - they can't be used!
Archive obsolete documents.
Review and approve changes to documents.
Ensure altered or new text is marked, as practical.
Nature of change needs to be identified.
Computerized systems may be used to maintain documents.
8.4 Control of Records
Documents can be considered living...Records can be considered dead and stored...exhumed once in awhile, but generally out of sight.
Records must be identified, collected, indexed, accessed, stored, maintained and eventually disposed.
Records must be legible, traceable, retrievable, held secure and in confidence.
Technical records are retained and contain sufficient information to establish an audit trail.
Observations, data and calculations are recorded at the time they are made.
Mistakes crossed out, corrected and initialed/signed.
Keep records for measurements, observations and customer information.
Use a pen.
Initial the records so that they are traceable and include date.
8.5 Actions to Address Risks and Opportunities
Consider the risks and opportunities associated with lab activities.
Plan actions to address risks and opportunities.
Take actions to address risks and opportunities.
Laboratories will need to demonstrate continual improvement. The quality program should provide for the process and requirements for changing and improving the program. Levels of authority and responsibility are delineated and the personnel directly involved in the changes are identified. Quality program documentation will need revision as changes in procedures are made. Measurables for quality improvement should be established, monitored, and reported to management. Each successive round of assessment should result in the quality system itself becoming better.
8.7 Corrective Action
Selection and Implementation of Corrective Actions - deficiencies in the management system are considered nonconformities requiring corrective action(s). ISO 17025 must be in place for a laboratory to be operational. Deficiencies or problems with these systems would require correction, but not corrective action.
Monitoring of Corrective Actions
8.8 Internal Audits
The internal audit serves as the lab's way of determining the correct implementation of its management system. This audit is carried out in accordance with a defined procedure and is conducted at predetermined dates. The essential outcome is to determine whether the lab complies with its own management system and the requirements of ISO 17025.
Every lab should include performance and systems audits in its quality assurance program. It is suggested that the following be considered:
1. The use of trained auditors to conduct performance and system internal audits, with performance audits conducted by lab personnel independent of the activity audited and system audits by an audit unit or Quality Assurance Officer reporting directly to a level of management above the lab level.
2. Performance audits covered on a regular basis for all analysts, including such items as review of written analytical reports, oral review of analytical reports on-site work reviews, check sample examinations, and intra- and interlaboratory proficiency sample review.
3. System audits be well planned and conducted by a trained audit team in order to minimize the disruption of the lab's operations.
4. Audit observations be based on the standard against which the lab is being audited.
5. The site visit be constructive and lab personnel be briefed on observations before the team leaves.
6. The report of the audit be prepared as quickly as possible and submitted to the facility for comment.
7. The report highlight deficiencies in operations on a priority basis and make recommendations for corrective actions.
8. Disagreements on findings be resolved before the report is completed and submitted to management.
9. Follow-up site visits be conducted to see that appropriate corrections were made.
Labs that do not have the internal resources to complete an audit can hire an outside auditor/consultant to perform their internal audits.
8.9 Management Review
Management reviews are ISO 17025's way of ensuring that the laboratory is involved in continuous process improvement. Like Preventive Action, management reviews tend to seek out areas for improvement rather than simply responding to issues of compliance.