AS/NZS ISO 17025:2018 is here!  Now what?

SAI Global has just released the 2018 version of AS/NZS ISO 17025 the updated laboratory accreditation standard, and NATA has finally explained how they will approach the implementation. So it’s time to start thinking about how you will approach the changes.

AS/NZS ISO 17025
What you need to know about the new version of AS/NZS ISO 17025

What you need to know.

(No time? Jump straight to our five steps to compliance).

The changes made to ISO 17025 are designed to:

  • promote increased confidence in the results your laboratory is producing,
  • to facilitate improved cooperation across international borders, and between laboratories and other related bodies.
  • to make the standard more flexible and easier to work with (which means less paperwork in some cases!)

The new standard reflects the latest approach in quality systems, which presumes that risk-based thinking must inform our decision-making.

ISO says:
“The main changes compared to the previous edition are as follows:

  • the risk-based thinking applied in this edition has enabled some reduction in prescriptive requirements and their replacement by performance-based requirements;
  • there is greater flexibility than in the previous edition in the requirements for processes, procedures, documented information and organizational responsibilities;
  • a definition of “laboratory” has been added”.

So far so good, and no need for any urgent action.

In their December 2017 Update, NATA gave us their take on the main changes to the standard.  Their list of 11 points included the following four that might require action:

  • greater emphasis on impartiality, risks and opportunities
  • requirements covering information technology and the validation of such systems have been included
  • the term ‘decision rules’ has been introduced in relation to pass/fail results for statements of conformity
    –   how MU is to be considered when making such statements
  • two management system options
    –   Option A = comply with the management system requirements as covered
    –   Option B = adoption of an ISO 9001 system”

The significant changes.

  1. Impartiality: The extra detail in the 2018 version means that some labs may need to explain more clearly how they manage this risk and what they do to monitor it on a regular basis (clause 4.1).
  2. Pass/fail testing: It’s clearer how to handle MU when testing to determine conformity with a specification (clause 7.8.6). This will save some arguments at assessments.
  3. LIMS: the standard now outlines what you need to do to manage risk with respect to IT systems (clause 7.11).
  4. Risks and opportunities: You need to show how you are considering risks & opportunities in your quality management system. This may require a tweak to your management review process and/or corrective action process (clause 8.5).
  5. ISO 9001: If you have certification to the quality system standard, you can opt for NATA to accept that your quality system is in place and concentrate on the technical part of the assessment (clause 8.1, Options A & B).
  6. Procedures: Many of the clauses look very similar to the previous version, but there are fewer mentions of procedures.  If your processes are working, or the clause is not relevant to your laboratory, you might be able to reduce the number of written procedures that you have.

What about NATA’s Transition Policy?

NATA have sent out a 17-page document that you must complete and return to them.  Reading through it, you might get the impression that you have to do something to address each point in the table provided. This is wrong. You need to examine your current policies, procedures and practices to see if you need to change anything to meet these new or re-worded requirements.

I would expect that many labs will need to do something to address points 1-4 above.  Most Australian laboratories will already meet the remaining changes that NATA has identified or will do so with small changes to the quality system.

NATA’s roll-out plan for AS/NZS ISO 17025

NATA will assess each laboratory to the new standard as their assessments come up. This includes surveillance visits.  Unless you have some pressing reason to gain accreditation to the new standard, you have some time to work on adapting your quality system.

What you need to do: 

Five steps to compliance with AS/NZS ISO 17025:2018

  1. Buy a copy of the new standard here.
  2. Have a look through NATA’s ISO/IEC 17025:2017 Transition Policy and use the final column of the transition worksheet to record the policies, procedures and practices you currently have in place that may meet the intent of the clause.
  3. Decide whether you need to change what you are doing now. Be conservative about making too many changes – you will already have processes in place to meet many of the new requirements (see Risk & Opportunities below).  Avoid putting something in place just to meet the new standard, unless you can see how it will benefit your business.
  4. Check the wording of AS/NZS ISO 17025 carefully to see if you need to write procedures to support your new process.
  5. Start making the changes and try to have them completed before your next NATA assessment / surveillance visit.  Keep a copy of the transition worksheet for your reference.

If you are ready for a major revamp of your quality system, take the next step: do a full gap analysis against the new standard and determine which procedures you can retire.

Risk & opportunities: Tweaks only

Looking at the new section in AS/NZS ISO 17025 titled, ‘actions to address risks and opportunities’ this might seem like a big change, requiring yet another new process. On a closer examination there is actually no need for a formal risk assessment process.

You are very likely already doing activities that could be used to demonstrate compliance. Such as:

  • a rolling internal audit schedule that focuses on areas that present greatest risk to your business
  • as part of accepting new work, you consider:
    –   is the information from your client clear enough?
    –   are there any conflicts of interest or other things that need to be considered to protect your integrity?
    –   Is there the potential for further opportunities to work with the client?
  • When reviewing any changes to the volume/type of work as part of your management review process, you look at:
    –   what risks there are to your business
    –   what resources you may need to look at to minimise any risks and maximise opportunities.

So, consider how you are currently running your business in terms of risk and you might find you don’t need to implement anything new. Or you might just need to tweak a current process here and there.

If you would like some help reviewing your quality management system against the new standard or need advice on how you can meaningfully fill any gaps in your systems contact us now.