All blog posts.


Succeeding in laboratory quality management

Laboratory Quality HelpWe see that many laboratory quality managers inadvertently waste time due to misinformation and misunderstandings about  NATA requirements. They may do too much, creating unnecessary or inefficient processes in an effort to please the NATA assessor. Or they may do too little in the areas that really matter – the things that will actually affect test results. Or they may simply hit their head against a brick wall trying to change lab processes that don’t really need to change.

If only these well-meaning, conscientious (but often over-worked) lab quality managers had inside access to the tools and tips of others who have walked the same or a similar path with NATA. If only they could pick the brains of their peers in exchange for sharing their own insights.

Well that’s what the Australian Organisation for Quality’s new Special Interest Group aims to provide for labs. The Laboratory SIG is a virtual space where labs can speak openly about issues, pitfalls and wins with NATA and beyond. The idea of the group is not just about getting the NATA “tick” but about helping labs succeed in all areas of quality that determine their lab’s success.

Bringing Australian labs together over discussion and professional development 

When it comes to negotiating NATA issues such as the seemingly “new” requirement about addressing risk and opportunity in ISO 17025, there are common traps and common work-arounds across different kinds of testing. Beyond that, implementing excellence and continual improvement in your quality system is not something you can do alone, or by guesswork. 

Collaborative exchange with peers is one of the most valuable learning resources we have at our disposal – successful organisations and managers understand this well. The SIG serves to facilitate this exchange, linking you up with other labs as well as NATA accreditation and quality experts on a monthly Zoom call. Each call has a focus topic, with time for breakout groups to get to the more granular level of the discussion. You can opt-in to follow the discussion topic offline in a chat group where participants post further questions and answers. 

Labs discuss their approach to risk and opportunity management

The AOQ kicked off their first Laboratory SIG in June, focusing on the topic of Risk and Opportunity Management. A range of participants were eager to join the first discussion including 8 from medical, metallurgical, paint and workplace health and safety labs, as well as  6 consultants from across Australia. Various approaches to managing risk were shared with some using purpose-built enterprise-wide systems, some using commercial software, and others using home-built systems that didn’t seem to meet the business risks terribly well. For some it has been a case of bolting it onto the existing CAPA process and escalating it as appropriate to those higher up the tree, depending on the identified risk. For others, it is just a part of their everyday work.

The key take-homes were: 

  • Labs taking on riskier work due to increased competition in the CoVID 19 economy. Therefore, adequately addressing risk and opportunity in the tender process is increasingly critical for labs.  
  • Some risk is inherent in lab work. i.e. risk is not a bad thing per se but it is important that it is known and addressed.
  • Need to consistently account for and address known risks, expose hidden risks, and simultaneously identify opportunities.
  • The requirement to addressrisk and opportunity is aimed at ensuring test results are as reliable as possible for the customer (which is essential for lab’s viability/business). It can be addressed in a range of ways:
    • Treating all risks and opportunities through the same system, to evaluate and ultimately come up with an action plan.
    • The bottom-up approach where you follow a process through end-to-end and identify the risks that exist in the “live” process 
    • The “top-down” approach, common in larger organisations, where broad categories of risk are identified such as equipment functionality, resource availability and staff training and addressed in procedures documents.
    • Approaches such as “safety notes” for a safety risk
    • Complicated spreadsheets depending on the type of task and the level of the organisation
    • Creating a risk register and populating it with identified risks 
    • Acknowledging that the purpose of measurement uncertainty calculations is to identify major sources of error in methods.
  • Some difficulties with NATA include:
    • understanding the requirements to address opportunity & risk
    • NATA putting unreasonable requirements on labs
    • the benefits of option A or B Management systems (with B sometimes causing labs to get non-conformances even though they have identified and are addressing a shortfall in their system)
  • Common difficulties for auditors & quality managers
    • Explaining to lab management the level of risk in a certain activity. Lab management saying “it’s never happened so it will never happen”. How to clearly flag risks in audit reports.
    • Getting management buy-in for the risk assessment process. Management leaving it up to the quality manager to deal with.

The aims of the Laboratory Special Interest Group: 

  • To bring together laboratories across Australia to learn from each other on matters to do with quality and laboratory accreditation.
  • To provide a place where laboratory quality managers can openly share issues they are facing with respect to quality and accreditation.
  • To provide a setting for professional development of laboratory quality professionals through formal learning seminars with experts in various aspects of quality.

How to join the laboratory SIG 

Membership of this group is open to AOQ members only. Join AOQ for a very reasonable annual fee, then request to join the Laboratory SIG. 

If you’re already a member of AOQ and didn’t receive an invitation to the last SIG, email to request membership.

Creeping criteria: when auditors stray

Creeping criteria: this wonderful term was coined by my old boss at NATA (Helen Liddy) for those times we put a “condition” in an assessment report that was almost a requirement (but really an opinion on how to address a requirement), or when we had taken a criterion from one part of the accreditation documents and applied it to a completely different situation. It also referred to when we heard something from a technical assessor and applied it without looking up the standard.

Whether you work for NATA or as an internal auditor, you will almost certainly fall prey to creeping criteria from time to time. Luckily most internal auditors have their work checked by the quality manager before the audit report is issued. The same cannot be said for NATA auditors, many of whom have approval to issue assessment reports without review by another staff member.

What you need to know to successfully respond to audit and NATA reports 

To avoid wasting time on unnecessary tasks, you need to be fully across what really constitutes a requirement and what does not. You cannot rely on auditors to know every detail of how the requirements apply to your lab. 

But aren’t the auditors and NATA the experts, I hear you ask? Don’t they know?

NATA-auditorsThe truth is that auditors have a huge amount of information to deal with and process, particularly when auditing in labs they’re unfamiliar with, so sometimes they get it a little bit wrong, or even a lot wrong. It can really pay to look up the documents that they reference in the assessment/audit report to get a better idea of what they are referring to and what the real requirements actually are before responding to the report.

Here are some examples of how creeping criteria happens and the best way to respond:

Clause creep

Taking a requirement from one part of the standard and applying it to another part, or from one piece of equipment and applying it to other pieces of equipment. This real scenario happened many years ago during a NATA assessment:

Condition: Whiteout must not be used in controlled documents. Methods in the Serum Rhubarb section contain multiple examples of use of whiteout.

Clause referenced: Medical Testing FAD section 4.13.

Investigation: Clause 4.13 is about test records. It is talking about making sure that all original test data is preserved in a way that is permanent and legible. We then spoke to the lab manager concerned, who explained that she can’t stand having typos in the bench copies of test methods. She just has to fix them & doesn’t want to print them out again.

Response: Gently pointed out the reference was to test records, not controlled documents. 

Corrective action: None required. However we did update our document control procedure to define how hand-written and white-out changes to documented procedures could be accommodated.

Take-away: Always look up the requirements if a non-conformance does not make good solid sense. If we had followed through with this for controlled documents, we would have prohibited a practice that is in fact allowed.

Context creep

This happens when an auditor hears something during an audit of one laboratory and applies that to another laboratory. This can be a battle you have with staff who are technical assessors and come back from assessments and apply these criteria during internal audits. A simple example that happened to me once:

Condition: Each line in the training records must be individually dated and initialled – you can’t draw a bracket around a group of training topics and mark them with one date and initials.

Clause referenced: ISO 17025: 6.2.6 & 8.4.1

Response: We don’t see in those clauses that it says we can’t record training this way.

Auditors response: But the NATA lead auditor at the lab assessment I did last week said that they couldn’t do this. I thought it was “a thing”.

Quality manager’s response: You’re asking them to do busy work. What is the benefit for them? There’s nothing specific in the requirements to prohibit this unless you are saying it’s not clear when or what training was done because of the way they’ve recorded it?

Take-away: This may be a requirement for the other lab because of the way their system is designed, or the way they have approached their training. All non-conformances, whether raised by NATA or others, are highly influenced by context and even the questions that we asked at the time. The NATA auditor may also express thoughts during the audit that do not end up in the assessment report.

The never-ending story

Something along the lines of this scenario happens to one of our clients every now and again:

Condition: “Staff member Orange at lab G conducted testing to method One; however, records to indicate whether the staff member had been assessed for competence or authorised to conduct the testing were not available.”

Response: Sent in the training records for the whole lab (as an extract from the database, the easiest way to do it).

Auditor’s response: Thank you but there do not appear to be records to show that staff member Brown or Green have been approved to do test methods Two, Four or Seven.

Response a: Staff member Brown does not do methods Two, Four or Seven as he is mainly out on field work. Staff member Green was trained at one of the other labs – her records are in their system. Attach copies of training records for Green.


Response b: We have supplied the training records for staff member Orange and are unsure why you are asking for other training records which were available at the assessment. (This response is for those who are feeling assertive)

Corrective action: non required 

Root cause analysis: the lab manager didn’t know where to find the training records for staff she hadn’t trained herself. 

Take-away: Audits and assessments are finished when the audit team leaves the building (whether that be literally or figuratively). You do not have to keep answering additional questions after the assessment. 

Implied corrective action

Sometimes an auditor tells you what to do instead of what is wrong. In this case the message came through from a combination of what was discussed at the assessment and what ended up in the assessment report.

Condition: “The lab has held two meetings in the past 7 months, about 4 months apart.” (No indication of what was wrong with that.)

Clause referenced: ISO 15189 Communication (closest clause in ISO 17025 is 5.2.7a)

Laboratory management shall have an effective means for communicating with staff. Records shall be kept of items discussed in communications and meetings.

Laboratory management shall ensure that appropriate communication processes are established between the laboratory and its stakeholders and that communication takes place regarding the effectiveness of the laboratory’s pre-examination, examination and post-examination processes and quality management system.

The lab was planning to reply that they would hold lab meetings every month. This seemed to be what the auditor was asking for. The quality officer investigated:


  • A small lab with 4 staff members who all work day shift and infrequent changes to methods or processes. They see and speak to each other 5 days a week. There was no problem with the meeting frequency given these factors, the scope and stability of the lab.
  • The quality manual did not mention lab meetings, nor how often they should be.
  • We looked at the clause mentioned, and saw that it is about communication, not meetings per se. 
  • We discussed what communication needs the lab has other than the things they normally cover in staff meetings and how these can be recorded. Some examples include:
    • Notices
    • Read receipts for document updates

Response to NATA: Reported on our investigation and advised that current meeting frequency is sufficient for the needs of the lab. Refrained from pointing out that the condition reads like an observation. To be a condition there must be a specific example of something that is wrong.

Corrective action: Maintain informal approach to scheduling meetings as required. Keep copies of notices and read receipts in a dedicated folder.

Take-away: Always look up the original requirements if a non-conformance does not make sense for your laboratory. Don’t jump too quickly to adopt whatever the auditor seems to be suggesting!

Giving extra backbone to the requirements

Condition: The laboratory must document a procedure for addressing risks and opportunities

Clauses referenced: ISO 15189 4.14.6 or ISO 17025 8.5.


  • A small lab with very limited capacity to carry out additional administrative processes.
  • Part of a larger organisation with risk management processes that can be accessed if needed. Required to consider risk when deciding on corrective action.
  • Risks have been identified and controls put in place – these are detailed in the regular data review processes, management review, internal audit program, and extensive QC checks.
  • We read through all of the clauses mentioned by the assessor and found no reference to formal risk management systems. You have to DO risk management, not write about how to do it.

Response: we can’t find any requirement for a formal risk management system in the documents referenced.

Auditor’s response: nil 

Take-away: Standards say we have to use risk based thinking and evaluate risks but they don’t say we have to have a formal system or procedure for doing this.


There are many similar examples, especially arising from more recent ISO 17025 assessments, which is much less prescriptive of procedures. You have DO your processes, not write so much about them. If your processes are well designed, they will be visible and easy to follow without having to write procedures for them.

Other helpful articles on dealing with audit non-conformances.

Are you wasting time and money on NATA requirements?

10 tips to avoid NATA paper warfare

Impartiality in the new ISO 17025

Get help with ISO 17025 transition

The new ISO 17025 puts a bigger emphasis on impartiality and managing conflicts of interest than the previous standard. This is to address an issue that can be particularly problematic in competitive industries such as construction.

In some industries there are practices that aren’t ideal for maintaining impartiality and it can be a difficult environment for testers. In the construction industry the laboratory is at the end of a long chain of sub-contractors and regulations and is often squeezed on price. There’s pressure from clients, overbearing contractors or even internal management for the “right” test results or pressure to collect samples from one location only. Similar pressures can exist in other sectors too.

Expect tough questions

The tougher requirements regarding impartiality mean you should now expect NATA to ask you about these issues at assessments. If you’re like many lab managers, this is a difficult subject to talk about, and just assuming that your staff “wouldn’t dare” will not cut it. How do you design an effective policy that will address the real risks due to conflicts of interest and undue influence in your organisation?

Situations of undue influence, or conflicts of interest can lead to test results being either intentionally or unintentionally incorrect! If this is discovered after the results have been issued, it could not only be devastating to your business but it could also potentially have criminal implications.

So, what can be done to protect the reputation and integrity of your business? After all, reliability of test results is likely to be central to your business model.  

Know the warning signs

Identify what situations could arise in your organisation and write them down.  Think broadly. While many situations may seem unlikely it is still useful to get them out there. There are many different situations that can lead to compromised testing.

Here are just a few:

  • Testing for compliance on an in-house product – compliance, especially if the tester also has production responsibilities?
  • Getting on site and being given a limited available area for testing, or an overbearing site manager who just insists testing is done at a specific location.
  • Being pressured to give a pass result or repeat the test until you get a pass result.
  • Conflicts of interest due to shareholdings, family relationships, second jobs, etc.
  • Under-pricing jobs.
  • Details in contracts that present a risk to your laboratory such as: site selection; financial penalties if testing causes delays; methods specified that do not match the materials to be tested.
  • Over – testing to the extent that the tests staff are doing literally have no significance.
  • Media interest in a project or product.

Any of these issues, combined with self-interest (let’s face it, we all want to cover our own backsides) or an over-developed sense of helpfulness could lead to someone being tempted to alter or ignore certain test results. But a lot can be done to protect your lab from this scenario. Read on for a step-by-step approach to reducing or eliminating risks to impartiality. (You can also get in touch to find out how we can help).

6 ways to reduce risks to impartiality 

1.  Technology

Removing the possibility for results to be changed or left out is a complex task that may require a number of measures to be put in place, such as the following: 

  • Processes to ensure that all samples are individually logged and sample numbers cannot be reused – e.g. bar-coded sample labels.
  • Direct capture of test data in the lab – newer balances and load cells can be hooked up to a computer and directly record readings, also eliminating the risk of transcription errors.
  • Logging field data directly into the laboratory information system.
  • Automation of testing – explore any possibilities, as they will likely improve your process efficiencies at the same time.

These steps don’t need to involve expensive software packages.  An in-house system that captures the on-site or lab data and stores this in a secure way can also be an option. Don’t forget to make sure the data storage is secure and that there is an audit trail for any changes made.

Are there other technical advances in equipment that would allow for further automation that the industry could look at? Can your laboratory be a leader in introducing this? 

2.  Quality Culture

This comes from Top Management. Instilling a culture of openness, honesty and integrity goes a long way towards protecting your company’s reputation. These values need to be lived and breathed through the organisation at all levels.

A quality culture of “this is the way we do it here” will help protect your company and staff from undue pressure.

Start with your induction process and continue to emphasise your values throughout a staff member’s time with your company. Make sure they know that they can speak up if they don’t feel something is right. Talking about recent incidents or problems at regular meetings is a useful way to remind your staff that they have your support.

Your quality system, which should be seamlessly integrated with the day-to-day work, is crucial to developing a culture of commitment to quality best-practice. Staff should know to look up your organisation’s methods or procedures when they’re not sure what to do. This helps develop a “this is the way we do it here” culture. It also empowers staff as there is a clear process in place if they feel pressured to change results, or test only at a specific location. Who should they report this to? When should they stop testing and leave the site? Make sure your staff learn about these policies when they join your company and design opportunities to revisit the policies on a regular basis.

3.  Checking data & reports

An independent review of results introduces a level of impartiality as well as the benefits of a fresh set of eyes for errors. If work is being done remotely on a site lab, introducing back-to-base reporting will reduce any undue pressure on the technicians on-site.

Where possible, automated checks can include a comparison against expected results for that type of sample and previous results.

4.  Managing Conflicts of Interest

Review the structure and reporting lines: look for potential conflicts of interest (such as results being used within your company). This can be an issue for production-related organisations and those involved in design engineering. Where possible, remove direct reporting lines. For instance,the laboratory technician or manager should not report directly to the Production Manager or Design Engineer. 

Potential conflicts of interest related to external relationships should be declared upon employment and confirmed again on a regular basis. (This particularly applies for company directors). Build any such disclaimers into your induction process. Some organisations do this annually, in conjunction with Management Review or performance management. 

5.  Contract review

Technical review of contracts is critical in industries where pressure may be applied to get favorable results. Clients may want to minimise testing costs as they are seen as an overhead. Checking the technical, as well as financial details of the contract will help make sure you are not left out of pocket or pressured to complete inadequate testing due to time or financial constraints. If a client insists on an inadequate testing regime, it might be time to re-consider whether you really need to work with that client.

6.      Training and education

Make sure you and your staff are well-versed in the critical importance of the test results. What happens if a structure fails and it is found that testing was not accurate? What if your product gets released and is found to be non-compliant? The implications of failure at this late stage are massive! If you identify and deal with a compromised result immediately, any short-term pain from dealing with someone who doesn’t want the true result is no matter compared to the long-term consequences for your business.

Training also needs to include how to confirm that the test being done has worked correctly and what results to expect for different types of materials.

Get extra help

We have been providing guidance on dealing with impartiality and other changes to ISO 17025 to our clients since the changes came in. We can give you peace of mind that you are doing what you need to without reinventing the wheel or making unnecessary wholesale changes. If you need this kind of help, get more details here or contact us via our contact page.


How to write great SOPs and declutter systems

The art of tidying up your SOPs

When was the last time you thoroughly sorted through and updated your laboratory’s standard operating procedures? Perhaps

procedure-writing, how to write great SOPs
Procedural clutter weighing you down? It’s time to Marie Kondo your SOPs!

you have some great procedures buried in long-winded prose that should be converted into a flowchart or diagram and proudly displayed around the workplace? 

Likewise, perhaps it’s time you finally culled those overly complex multi-page procedures and instead replaced them with visually clear and useful working documents. Below are our top tips on how to write great SOPs and declutter your documents (Marie Kondo-style). 

What is an SOP?

An SOP refers to any of the routine steps staff carry out. The how-to’s, the contingency plans, the checklists. We may also call them procedures, methods or instructions. These critical documents are not just there to cover the organisation when it comes to the bare minimum of compliance, output and OHS. They exist to streamline and thus improve the way individuals and departments carry out their tasks, minimise errors, identify opportunities and communicate with each other. Not only that, when SOPs contain information that makes the procedure relevant, i.e, linking it to an overall quality outcome, staff are more autonomously engaged in continual improvement. 

Decluttering paperwork to find procedural gold for your laboratory

Just as having a tidy home free of unwanted parafernalia brings more “joy” (as the famous decluttering expert would have it), having slick, relevant, visible SOPs can bring more sanity and productivity to the workplace. 

Many labs have SOPs that were written by previous managers or years ago and have out-of-date or excessive details. Or they might have been written by a consultant who doesn’t really understand what SOPs laboratories need. These are often just “official” documents for accreditation purposes, not prominently shown around the workplace as an ever-present prompt and check on quality. Or when they are displayed, the information is poorly communicated and out-of-date, resulting in the key point of the process being lost. 

If quality systems are key to your organisation’s business model, then you can’t afford to acquire the equivalent of procedural paperwork “junk”. For an SOP to achieve its aims of ensuring service quality and staff safety, minimising risk and conflict, and boosting efficiency, they must be:

  • Frequently reviewed and updated. Organisations and accreditation requirements are frequently adapting and with them, requirements for their processes. 
  • Up-to-date 
  • Visible
  • Goal-oriented. It should be clear why a certain procedure is required 
  • Addressed to a specific team member or members

“Tidy” SOPs are critical when it comes to systemising and documenting your processes, and they improve your organisation. 

Consider the value of each SOP

While we won’t dare to recommend holding each procedure and asking yourself “it is bringing the workplace joy?”, we do suggest the systematic approach of the “KonMari method”. Take an inventory of your SOPs and really consider their relevance and quality to ensure your lab is free of distracting procedural clutter.

While it’s tempting to jump straight in and start updating those SOPs you know are out of date, some planning will lead to lasting improvements. Put your SOPs through the following tests to assess whether it’s time to make changes to them or even let them go! 

  • Is it on high rotation with front-line staff? 
  • Do staff value it? Ask if they really need and appreciate the content. 
  • Is the process described highly operator-dependent?
  • Does it describe a step-by-step process or just one aspect of a process (such as safety)
  • Does it make a complex process clear and easy to follow?
  • Does it contain key data that must be used in day-to-day testing?
  • Would bringing the procedure up-to-date be relatively simple and quick? 

Use the answers to prioritise how you spend your time. 

Plan a structure 

If you want your organisation’s SOPs  look slick (think handy visual charts), work effectively and achieve their ends, make the process  easier by planning out a structure based on your key processes. Using the process approach makes the path to decluttering SOPs so much clearer. It gives you a clear structure and a way to decide WHERE, WHEN and by WHOM each piece of information is needed.

  • Draft flowcharts of all your main processes and link ONE procedure to each step. (If there are multiple SOPs, you might have more than one process at work or you may need to combine some.)
    • This process may need to be repeated in each department or section if you’re part of a large laboratory.
  • Arrange detailed instructions and methods linked to the relevant SOPs.

Problem SOPs and what to do with them

  • The SOP is a total mess. It’s out of sequence, with an excruciating level of detail, and seems to have been written by multiple authors over time. Start again and just borrow lines from it where needed to fill in details.
  • It is a “must-have” procedure in accreditation requirements, but it’s rarely referred to. Try to deal with these in a high-level operations/ quality manual.
  • Rarely used, but important technical procedures. Write these in a good amount of detail and clearly reference them in other procedures at the point that the operator will decide they need to use the process/method.
  • SOP describes safety precautions or environmental measures only. Safety and environmental requirements for specific processes should not exist as stand-alone documents. Include the information on how to comply in the process document (SOP) at the relevant point in the process. Or even better, use official signage and provide the safety equipment at the point where the process is conducted!
  • Long wordy descriptions of times, requirements, decisions and options. See if you can extract data and put into tables that can be displayed in the laboratory.
  • Very long and wordy SOPs, with excessive amounts of detail for well-established processes. Remove obvious, superfluous or repetitious information, otherwise this detail distracts staff from the more important detail they may need to look up. Check with staff how much information they need.
  • Memo announcing a change in process issued as a controlled SOP, instruction or method. Find the SOP it belongs in and include at the correct point in that process.
  • Generic ISO9001 SOPs that, combined with all the test methods, forms, templates and quality manual, add up to an overwhelming number of pages. Get rid of the generic ISO 9001 SOPs and replace with a few lines in the quality manual, and/or add instructions to the forms.

When you’ve transformed your procedures / manuals from a huge pile of unrelated documents to a manual or set of SOPs that describes what you actually do, you’ll find it’s easier to update them when processes change and new requirements are introduced. You’ll find the internal audit program can focus on quality outcomes, rather than getting bogged down with out-of-date instructions.

Drawing on our combined experience with NATA and various fields of testing, our team has helped many laboratories to replace the proverbial “300-hundred page tome” gathering dust with 30 pages of relevant information that staff actually refer to! Contact us today for a chat about how we can help.

4 Steps to Reducing The Mental Load of Lab Managers

Following on from our previous post on the topic, here’s a step-by-step guide to show you how to implement the process approach. 

How to implement the process approach

1. Start at the top:

Getting your team to embrace the process approach starts with YOU

Do you like the sound of having more time to focus on the work you enjoy most instead of a disparate array of management responsibilities? Then it’s time to get serious about fully implementing the process-approach. 

In case you missed our last post, the process approach is a revolutionary management strategy where every single process in an organisation is frequently reviewed and given a clearly defined purpose that relates to other processes in the organisation. In other words, it guards against inertia ensuring that all of your systems are feeding into each other and working well together. 

The result? Better output, happy customers, engaged staff and business gains. But let’s rewind this scenario because none of that is going to happen without the 100 per cent commitment of one key individual at the outset. 

Managers must take the time to evaluate, review and update processes, as well as engage others in doing so. It might seem counter-intuitive , but it is a fact that the more engaged senior management is in the quality system, the more freedom they have to walk away. Why?

Cultural change begins with key decision-makers who are the link between departments, the ones to invest in training or call interdepartmental meetings.

If you are a manager, you are the figurehead who sets the tone of the organisation.

Working in competitive and rigorously-regulated fields, laboratories must find smarter ways of doing things, and doing them well. And they must do so exponentially, year on year.

In order to set your business up for long-term success and to ensure it doesn’t fall behind or stagnate, you have to bake excellence and continual improvement into all of your operations. A best-practice, business-savvy quality system won’t happen by accident or from the bottom up.

If you communicate about your organisational vision and quality system well, your staff will also communicate with each other well. It is a virtuous cycle – one that may in turn help you refine your vision and open you up to new fields of testing and service areas.

If you truly embrace the process-approach (and the powerful Plan-Do-Check-Act cycle) and embed it into every level of the organisation, continual improvement will take care of itself.

Talk to your staff in terms of processes, measures, inputs and outputs and ask for all documentation to be presented in process format. Use flowcharts to show how processes link together and engage your staff in making sure these are correct. Talk about why a process exists – what it is supposed to achieve.

Weave the process approach into the everyday, combine it with continual improvement, and your team will be on quality-system cruise control.

You’ll have staff suggesting efficiencies and pointing out risks and opportunities not just for compliance’s sake, but because they are intrinsically motivated towards continual improvement and understand the rationale behind all of your laboratory processes.

2. Take a closer look at the purpose of accreditation and recent ISO changes.

Once you have the fundamentals of the process approach and continual improvement in place you are ready to really reap the benefits of accreditation.

To understand how to go about gearing the process-approach towards long-term success for your laboratory, it helps to take a close look at new requirements around risk and opportunity.

Continual improvement and operational excellence are not just about complying with the bare minimum requirements of ISO’s increased emphasis on risk-based thinking.

By making the continual assessment of risk and opportunity central to your operations, the ISO standards are setting you up to become more efficient and competitive as a business (now and in the future). 

The fact is businesses need to remain efficient in the face of 21st century challenges such as increased competition, new technology, and higher customer expectations. The new requirements are a recognition of this. 

So bear in mind, when it comes to complying with the risk-based thinking requirement, the process-approach is your friend. Don’t be intimidated! Having a clear view of your key processes makes it so much easier to identify opportunities and risks. This is where things get exciting from a business point of view.

Managing risk effectively while always seeking opportunities will actually enable you to take risks and chase bigger goals – whether that’s for your organisation and team (moving into new service areas and fields for instance) or for you personally in your life (think more holidays, earlier retirement!).

3. Tailor how you meet requirements:

Develop your own approach to risk-based thinking for the purpose of bigger goals (not just compliance)

How strategically you meet the requirements of the new ISO standards is up to you.

Perhaps your organisation is already well within the bounds of what NATA expects you to be doing (as a bare minimum) regarding the process-approach and risk-based thinking.

But as the new standard also provides increased autonomy in the amount of  documentation you use to meet these requirements, it really is up to you how fully you embrace the opportunity. You don’t need to write long involved procedures to meet these requirements – it’s about thinking and designing in a process-orientated way and ensuring that risks and opportunities are considered and taken account of. 

Placing the process approach  at the heart of your systems with risk-based thinking will unlock a new level of freedom in your role. 

It will also provide career development and fulfillment for your staff, and this will flow back to your business, customers, and again, YOU. You’ve worked hard to get your organisation to this point. Don’t you want the peace of mind of being able to delegate and reduce your own mental clutter, and the freedom to grow or sell your business if you desire?

4. Make yourself more-or-less replaceable.

(Your business will flourish!)

One of the key purposes of having a defined quality system is that it doesn’t depend on just one person.

Instead of holding all the pieces of the puzzle, unable to step aside in case it all falls apart, ensure the processes that make up your laboratory slot together without constant oversight.

With a manager-led improvement culture (based on the process approach), your quality system will become highly-valued by your team.

Silos between departments will be broken down, ensuring everyone is continually kept on the same page about organisational processes.

Your quality system then becomes a dynamic, defining and tangible part of your organisation, not just words in a quality manual. That way you can leave the organisation in the safe hands of your staff and your system, and maybe even take that long overdue email-free holiday?

Here’s those details again in a printable PDF for those of you who like visual reminders. Click here for a downloadable copy.

Get support

We help managers and teams implement all of the above and more. The time involved in establishing the process-approach throughout your organisation is often less than managers expect. However, without a dedicated day or team member to do this critical work, the day-to-day takes over and plans for improvement are shelved.

Check out our courses and consulting services below if you or your staff require extra facilitation to implement the process approach and improve your quality system.

Transition with Confidence

The Best-Practice Internal Audit Program Your Lab Needs

Or sign up to our email list for regular tips and insights about how to ensure your accreditation is serving your business goals.

Tools and Tips for NATA-Ready Cause Analysis 

How to get root cause analysis right for NATA

We allSuccessful NATA Response love that feeling when NATA accepts our first response to an assessment report! But since NATA introduced their new reporting format, we’re seeing NATA reject many responses from labs because they haven’t included an adequate root cause analysis.

If you’re struggling to understand what NATA expects for cause analysis, you are not alone.

The new reporting format, introduced in February this year, requires a detailed root cause analysis for any non-conformity. This is a good thing because without an adequate root cause analysis the same issues crop up again and again. But many labs are stumped as to how to get root-cause analysis right for NATA and the betterment of their quality system.

NATA tells us that some labs are just skipping this section and submitting responses with NO cause analysis at all. These responses are automatically rejected by NATA and will lead to an extra round of correspondence

Meanwhile, those that do fill it out, even labs accredited for many years, are often failing to identify the root cause of an issue raised by NATA. So what is NATA looking for in this section of the non-conformance report? Here’s some root cause analysis tools and tips that will help you please NATA, while also improving your quality system.

1. Tell the truth 

You don’t have to have some amazing technological problem that caused the issue they found. It could be that the person simply did not know they were supposed to do a particular step and the root cause would then be “ lack of training”, “poor work instructions”, or “lack of communications about changes introduced while staff away on holidays”. Or in some cases, it could simply be human error. Whatever the cause, put it plainly. There is no need to window-dress what happened. 

Often the issues identified by NATA are potential problems, i.e. someone COULD get in and inadvertently change some test results. So your root cause analysis for this might say that you did not think the risk of that happening was high enough to address the issue previously. Or you might say that you had overlooked this risk when you designed the process.

Another common cause for non-conformity is when new requirements are put out by standards-writing bodies or regulators. Be honest and explicit – write; “had not updated the system to new regulatory requirement” or “was unaware of new regulatory requirement”. These are root causes that you can address effectively and simply, through your internal audit program for example.

2. Make sure the answer is something that can be addressed

There’s no point telling NATA that the root cause of everything was “human error”, even if human error played a part. To err is human, and we can’t have full control over that. Focus your investigation on the PROCESS and see what could be changed to make it easier to get it right every time. Fixes for human error generally fall into categories such as adding checklists, extra checks, removing the step from the process, incorporating automation, etc.

If you can’t think of a possible fix for the root cause, it’s probably not worth documenting.

3. As many causes as necessary

Most of us know that when something REALLY goes wrong, there are multiple steps that have failed. Even in the most straight-forward laboratory processes, there are always checks in place that will pick up errors. So at least one step, plus the checking step must have failed for an error to occur.

4. Use these tools to help you

If you’re really stuck, there are some tools that provide a structure for doing a root cause analysis. Here’s our top 3:

1.  The 5 Whys

Simply asking why until you get to a cause that can be fixed is often all that’s needed. Five Whys is a questioning technique used to highlight the cause-and-effect relationships leading to a particular problem. The goal of the technique is to determine the root cause of a defect or problem by progressively repeating the question “Why?”. Each answer provides the basis for the next question. Here’s a simple example:

Often you will identify several possible causes and perform Five Whys on each of those causes. And of course you may end up asking fewer or more than five questions!

2. Fishbone analysis

A cause-and-effect diagram that resembles a fish’s skeleton. This visual tool helps managers pinpoint the reasons for imperfections, variations, defects, or failures. The problem is at the head and the causes for the problem feed into the spine leading to the head. This illustrates point 3 above about multiple causes leading to an error. 

3. Flowcharting

When you can’t identify a particular cause, flowcharting the process can be a good place to start. By flowcharting the complete process involved in the non-conformance, you can pinpoint where the weak points in the process could be (this can be at more than one point). You then identify who has involvement at each step and all the inputs. Often, just creating this flowchart will be enough to inform management of the problems with the process and clarify what needs to be tightened up.

With all of the approaches and tools outlined above, keep in mind that the purpose of a root cause analysis is to minimise the probability of an issue occurring again. It is an important process aimed at getting to the bottom of problems, safeguarding quality and creating a more reliable and efficient laboratory. 


From busy to business-mastery

Process approach

Why all lab managers should fully embrace the process approach outlined in ISO17025, ISO9001 and ISO15189

No email-free holiday in years? Scared to take a day off? Alarm bells should be ringing.

It may be the last thing you want to hear, but if you are overworked, always too busy or want bigger things for your laboratory business, there is one thing you really need to start doing. Now.

To reduce the risk and burden of one person holding too much responsibility in your organisation, you need to fully embrace the process approach.

You know the term well. It pops up all through ISO 17025 and 9001 but perhaps you’re not too sure what it means? It’s more than just quality-compliance jargon. It’s a piece of quality wisdom that will help you spread the load of leadership in your organisation.

It’s your ticket to greater freedom in your management role.

Freedom to think big, but also freedom to take a break or step aside.

Pay-off for pro-active managers

In many years helping labs design, tweak and implement optimal quality systems that meet (and exceed) NATA’s expectations, I have seen first-hand that a bit of lifting early on has a surprisingly big-pay off later.

The trouble is, managers often don’t believe what is possible or don’t know where to start with what may seem like big or difficult changes. As a result, they unconsciously hold on to knowledge that should be shared.

Starting with a proven strategy for improvement – the process approach – will help you get the ball rolling. You’ll begin to move towards new possibilities you previously couldn’t see on the horizon. Not least – freedom to take a solid break!

The process approach in a nutshell

The process approach is a management strategy in which managers decide on, “manage and control the processes that make up their organisations, the interactions between these processes, and the inputs and outputs that tie these processes together.” (The Process Approach, Praxiom Research Group)

This means every process has a reason behind it and no process occurs in isolation to the whole, or without being reviewed. Learning how to see your laboratory business as a series of processes instead of a series of departments, people or isolated tasks is liberating. It becomes easy to see what is happening and how to measure the success of it.

A process diagram for a laboratory looks something like this:Process-Approach-ISO 17025

The inputs to the whole process are user requirements, and the outputs are customer satisfaction. Each step in this process can also be treated as a separate process, and measures put in place to make sure they are working effectively. When aligned with the organisation’s vision and communicated effectively to staff, the process approach boosts staff engagement and performance by giving your staff more responsibility and more opportunity for recognition.

This enhances intrinsic motivation and initiative among staff, making you a happy and proud manager who is free to walk away and take a break.

Tip: Many managers get into a habit of holding important information in their heads or just not adequately training up other senior staff to take over the reins. This is both a business risk and an unnecessary burden on you.

Stay tuned for our follow-up post on this topic : 4 Steps to Reducing Reliance on Constant Management Oversight

Check out our courses and consulting services below if you or your staff require extra facilitation to implement the process-approach and improve your quality system.

Transition with Confidence

The Best-Practice Internal Audit Program Your Lab Needs

Or sign up to our email list for regular tips and insights about how to get the most out of your accreditation.

Designed to benefit: Risks & Opportunities in ISO 17025

A good system recognises the strategic benefit of minimising risk and maximising opportunity.

The new ISO/EIC 17025: 2017 standard puts extra emphasis on this by promoting risk-based thinking, preventive action and process design. It is about optimising your organisation’s overall strategy by planning, taking, and recording actions that prevent risk and enhance opportunity.

There is no need for a formal risk assessment process (although these can be very useful and even fun to do). The implication is that your system will alert you to risks and opportunities because it will be based on a proactive, risk-based approach embedded into your operations.

It’s a balancing act

Risk and opportunity is not an either or thing  – you are weighing both all of the time as one usually corresponds with the other. If I avoid x I will attain y. If I attain y I will avoid x. Likewise, assessing risk in the context of a laboratory must be viewed with the organisation’s overall strategy in mind.

The concept in the new requirement (clause 8.5.1) about action on risks and opportunity comes from ISO 9001:2016, which has a strong customer focus. ISO 17025 and ISO 15189 are standards written by laboratory people experienced in what can go wrong. They are designed to ensure that testing-related risks are managed, including business risks such as reputational damage. By complying with these international standards and having accreditation, you are addressing all the areas of risk (and opportunity) for a testing service.

To give you an idea of some relevant risks and opportunities, below is an example of factors that would need to be assessed by senior management if you received a request to do on-site testing for the first time. As you will see, many of these are interrelated and require consideration of the bigger picture.

These are just some of the risks and opportunities that might typically be identified before embarking on a new area of testing. Once these have been identified, measures will be put in place to manage, revisit and continue to identify risks and opportunities going forward.

It is likely that your laboratory is already employing actions stipulated by the new standard. But how do you demonstrate to NATA that you have addressed the new requirement (clause 8.5.1) for action to be taken on risks and opportunities, and if your system needs updating to meet the requirement, how extensive an overhaul does it need and what are some approaches to take? Below, we’ve outlined three ways that we’ve seen laboratories address the “new” requirement in ISO 17025 and (not-so-new) in ISO 15189:

1. Explain how you already control risks

Include a section in the quality manual outlining the measures already in place to manage known risks and to identify new or unidentified risks. Bear in mind that any risks and opportunities identified through these processes must have corresponding records to show what decisions were made about actions to address these.

A laboratory within a larger organisation may find this is enough, as bigger picture risks will be handled by the company.

2. SWOT analysis

Many of our clients run their own SMEs. They may do a SWOT analysis every couple of years and find them to be useful tools that ensure they have taken some time to think outside the square about risks and opportunities. They may then decide to put some of the issues identified on the agenda of their management review meetings. This way they do get followed up periodically, and perhaps incorporated into plans for business growth. The important thing to bear in mind with a SWOT analysis is that it is a creative task that works best when you do it quickly, preferably under some time pressure.

The SWOT analysis ties into the ISO 9001 theme of identifying external (as well as internal) factors when considering the context of the organisation. Other useful tools include PEST and PESTLE, which provide more prompts for where the opportunities or risks may lie.

3. Formal risk assessment

Some (usually larger) organisations who are introducing new tests all the time find doing a risk assessment for each new technique or test is a reliable way to ensure they don’t head down a path that is only going to waste time and money. These risk assessments need to cover all conceivable risks, not just safety. If you have to produce a business case for the new tests, much of the information will overlap. Although this may sound like a huge task, once you’ve done one, the others will be much quicker, and if you are using established systems, many of the risks will already be controlled.

How to make sure you’ve got everything covered? Use the headings from the laboratory accreditation standard of course!

Take-home message

The key to all of this is to have records of what action you have decided to take on any risks and opportunities identified, and ultimately how well you did in controlling that risk. Does this sound a bit like a corrective action report (or your equivalent)? Do you have a form where you record staff suggestions too?

We know some labs that use these types of reports to cover off on any actions arising out of management reviews – that way they don’t have multiple systems to keep track of things and their NCA, CAR, CAPA, OPI, QIP or MAD system gets a good work-out.

Review how you are currently running your business in terms of managing risks and opportunities and you might find you don’t need to implement anything new, or you might just need to tweak a current process here or there.

Reporting Compliance in ISO 17025

Do you report results as pass or fail on test reports? As normal, high or low? Within spec, outside spec, complying or not complying? Would your clients like you to report with a statement of conformity? Then you need to know about decision rules in the new ISO 17025.

While you have utmost confidence in your laboratory’s test results, no test result is exact: there is always a band of uncertainty around it.  If the result is close to the limit do you really know if it passes or fails when you consider the band of uncertainty? Is this a decision or risk you are willing to take?

Uncertainty of Acceptance

The drawing shows

  • The tolerance limits: allowable results, normal range, standard specification, etc. Any result within this range is acceptable to the customer.
  • Four possible laboratory results  obtained, with the 95% confidence intervals shown.


We need a way of deciding if we will report the results as pass, fail, or even indeterminate.

The old approach

Using a standard decision rule that the results will be reported as pass or fail based on the numerical result, with 95% certainty:

A can be reported as a pass with a 95% confidence interval.

B can be reported as a fail, or above spec with a 95% confidence interval.

C can be reported as a pass, with a 95% confidence interval.

D can be reported as a fail, or below spec with a 95% confidence interval.

The new approach

The revised ISO/IEC 17025 uses the term “decision rule”and emphasises the need to communicate clearly with your clients about the strengths and limitations of the testing (clause 7.1.3) and to formally document decision rules (clause  7.8.6).

It might be more relevant to explain to your clients that:

A is a pass with a 95 or even 99% confidence interval.

B there is only 60% certainty that B is a fail, 20% of products that get this result could pass.

C There is a 2.5% chance that C is a fail.

D can be reported as a fail, or below spec with a 95 or 99% confidence interval.

Then you can discuss setting “grey zones” where results may be reported with additional comments to highlight that they fall close to the cut-off.

How you handle this depends on a range of factors, including the industry your clients are in, the uncertainty inherent in your method, the regulatory environment, the cost of false passes or fails to you and your clients and perceptions of risk.

Do we need a decision rule?

Before you get into the details, there is an easy and safe way out:  Don’t report pass or fail and let the client make the decision. You could report the tolerance and specification alongside the results to help the client make the decision, and reduce your risk in taking that final decision.


Developing a decision rule

Go to your client/s armed with some facts and thoughts on the following:

  • How big is the band of uncertainty? (i.e. what is the uncertainty of measurement). How does this compare to the tolerance?  Is that overlap in the band of uncertainty and tolerance likely to occur regularly?
  • Is it more important for the property to not exceed the limit or to fall below it? Or does it really need to hit the mark?
  • When you talk in terms of probability of a false positive/pass/accept versus probability of a false negative/fail/reject, how does you client see it?
  • Can they place a cost or risk assessment on the value of false passes or false fails?

You’ll get some other ideas by searching the internet with the following search phrases:

Accuracy Method

Consumer’s Risk

Shared Risk

Global Risk

Producer’s Risk

Guard Bands

Reporting compliance statements

If you are reporting compliance or non-compliance, make sure the reports are clear about exactly what you are passing or failing. The report also needs to clearly state:

  • Which results the statement of conformity applies to
  • Which specification/standard is met / not met
  • The decision rule applied (unless it is part of the specification/standard)

Examples of Decision Rules

The PME Services Decision Rule

The IKEA Test Laboratory Decision Rule

WADA Decision Rules

While these examples make interesting reading, you must get agreement from your customers for the decision rule/s you select. If you have significant customers, I would suggest conferring with them and getting their agreement before publishing a blanket rule on your website.

Useful Resources

An accessible and informative webinar put together by Fluke

NATA’s slide set on the new standard: look at slides 43-48.

EUROLAB’s Cook Book No.8 Determination of Conformance with Specifications

OIML Guide 19 on conformity assessment decisions in legal metrology

Addressing impartiality in the new ISO 17025

Get help with ISO 17025 transition

A guest post from Karen Moore, originally posted on LinkedIn August 2018

The ISO 17025:2017 has a bigger emphasis on impartiality and managing conflicts of interest. How do you plan to address these issues in a way that you can discuss with NATA? If you’re like most lab managers, this is a difficult subject to talk about, and just saying “they wouldn’t dare” may not cut it. Read on to find out some of the methods that labs use to manage these issues.

It’s also a reality that some of the practices in the construction industry aren’t ideal and it can be a difficult environment for testers. There’s pressure from clients, overbearing contractors or even internal management for the “right” test results. And similar pressures exist in many other sectors too.

Situations of undue influence, conflicts of interest can lead to test results being either intentionally or unintentionally incorrect! If this is discovered after the results have been issued, it could not only be devastating to your business but potentially have criminal implications.

So, what can be done to protect the reputation and integrity of your business?

Identify what situations could arise in your organisation and write them down.  Think broadly and while many situations may seem unlikely it is still useful to get them out there.

Risks to impartiality

1.      Testing for compliance on an in-house product – what if the test result shows non-compliance, especially if the tester also has production responsibilities?

2.      Getting on site and being given a limited available area for testing, or an overbearing site manager who just insists testing is done at a specific location.

3.      Being pressured onsite to give a pass result, repeat the test, probably with instruction for a slightly different location.

4.      Conflicts of interest due to shareholdings, family relationships, etc.

5.      Under-pricing jobs, putting time pressures on staff while allowing full processes to be completed.

6.      Details in contracts or requests for testing that present a risk to your laboratory: site selection; financial penalties for delays in construction; methods specified not not match the materials

Now that these have been identified, read on to find out what can be done to reduce or eliminate these risks or find out how we can help.

6 ways to reduce risk of impartiality effecting reliability of test results

1.      Technology

  • Direct capture of test data in the lab – for example newer balances and load cells can be hooked up to a computer and directly record readings, also eliminating the risk of transcription errors.
  • Directly logging data in the field into a tablet.
  • Is automation an option? – Explore any possibilities, as they will likely improve you process efficiencies at the same time

These steps don’t necessarily need one of the off the shelf expensive software packages.  An in-house system that captures the on-site or lab data and stores this in a secure way so there is no question on the integrity of the data can also be an option.

Are there other technical advances in equipment that would allow for further automation that the industry could look at? Can your lab be a leader in introducing this? What an opportunity!

2.      Training and education

Make sure your staff know the implications of the test results. What happens if a structure fails and it is found that testing was not accurate? What if your product gets on site and is found to be non-compliant? The implications of finding failure at this point are massive! If a failure is identified and dealt with immediately, any short-term pain dealing with someone who doesn’t want the true result is negligible by comparison.

Let your staff know what to do if they experience pressure to change results, or less obvious pressure such as to test at a specific location. Who should they report this to? When should they stop testing and leave the site? Look at formally incorporating these policies into your training program.

3.      Organisational structure and reporting lines

Review the structure and reporting lines: look for potential conflicts of interest (such as results being used internally). This is common for production related organisations but also those involved in design engineering. Where possible, removing direct reporting lines such as the laboratory technician or manager reporting directly to the Production Manager or Design Engineer. It may be an option to look at alternate reporting lines for different aspects of a position for smaller organisations.

4.      Checking the data

An independent review of results introduces a level of impartiality as well as the benefits of a fresh set of eyes for errors. If work is being done remotely on a site lab, perhaps introducing back to base reporting will reduce any undue pressure on the technicians on-site as well?

5.      Contract review

Technical review of contracts is important. Many clients want to minimise testing costs for what is seen as an overhead. Checking the technical, as well as financial details of the contract will help make sure you are not left out of pocket or pressured to complete inadequate testing (see point 6 above for a couple of examples).

6.      Quality Culture

This comes from Top Management and installing a culture of openness, honesty and integrity goes a long way. Make sure employees know that they can speak up if they don’t feel something is right without the worry of some form of repercussion. No specific system can cover this, it is something that needs to be lived and breathed through the organisation at all levels.

Having a quality system that is integrated with the day to day work is an important part of this: encouraging non-conformances to be raised or renaming them to reflect a positive change approach can help; highlighting the benefits of processes such as internal audits are just some examples of how you can help instil a culture of quality within your organisation.

Getting help

We have been giving guidance on dealing with impartiality and other changes to ISO 17025. Get more details here or contact us via our contact page.