This is an old revision of the document!
ISO/IEC 17025:2017 Objective Evidence Requirements: Part 1 Documentation
ISO/IEC 17025 is a much more technical QMS standard that ISO 9001. And while previous versions were better written, the 2017 version still offers significant value. This article discusses the minimum “Objective Evidence” actually required by the standard. Any interpretations beyond these minimum requirements (e.g., by an internal or external auditor) are based purely on subjective opinion.
Unlike ISO 9001:2015 & AS9100:2016, ISO/IEC 17025:2017 is much more clear in stating its requirements relating to documentation (e.g., procedures). Hence the reason it doesn't need a definition for “documented procedure”. These include:
| # | Documents & Procedures | Sec. |
|---|---|---|
| 1 | The laboratory shall define and document the range of laboratory activities for which it conforms with this document. The laboratory shall only claim conformity with this document for this range of laboratory activities, which excludes externally provided laboratory activities on an ongoing basis. | 5.3 |
| 2 | The laboratory shall: c) document its procedures to the extent necessary to ensure the consistent application of its laboratory activities and the validity of the results. [SUBJECTIVE REQUIREMENT - while “the extent necessary” is completely subjective, this requirement can only be verified through confirming “consistent application” of the laboratories “activities and the validity of the results.”] | 5.5c |
| 3 | The laboratory shall document the competence requirements for each function influencing the results of laboratory activities, including requirements for education, qualification, training, technical knowledge, skills and experience. | 6.2.2 |
| 4 | The laboratory shall have procedure(s) and retain records for: a) determining the competence requirements; b) selection of personnel; c) training of personnel; d) supervision of personnel; e) authorization of personnel; f) monitoring competence of personnel. | 6.2.5 |
| 5 | The requirements for facilities and environmental conditions necessary for the performance of the laboratory activities shall be documented. | 6.3.2 |
| 6 | The laboratory shall have a procedure for handling, transport, storage, use and planned maintenance of equipment in order to ensure proper functioning and to prevent contamination or deterioration. | 6.4.3 |
| 7 | When intermediate checks are necessary to maintain confidence in the performance of the equipment, these checks shall be carried out according to a procedure. | 6.4.10 |
| 8 | The laboratory shall have a procedure and retain records for: a) defining, reviewing and approving the laboratory’s requirements for externally provided products and services; b) defining the criteria for evaluation, selection, monitoring of performance and re-evaluation of the external providers; c) ensuring that externally provided products and services conform to the laboratory’s established requirements, or when applicable, to the relevant requirements of this document, before they are used or directly provided to the customer; d) taking any actions arising from evaluations, monitoring of performance and re-evaluations of the external providers. | 6.6.2 |
| 9 | The laboratory shall have a procedure for the review of requests, tenders and contracts. The procedure shall ensure that: a) the requirements are adequately defined, documented and understood; b) the laboratory has the capability and resources to meet the requirements; c) where external providers are used, the requirements of 6.6 are applied and the laboratory advises the customer of the specific laboratory activities to be performed by the external provider and gains the customer's approval; d) the appropriate methods or procedures are selected and are capable of meeting the customers' requirements. | 7.1.1 |
| 10 | The laboratory shall use appropriate methods and procedures for all laboratory activities and, where appropriate, for evaluation of the measurement uncertainty as well as statistical techniques for analysis of data. | 7.2.1.1 |
| 11 | The laboratory shall retain the following records of validation: a) the validation procedure used; | 7.2.2.4 |
| 12 | 8.3.4.1 When tests are necessary for verification and validation, these tests shall be planned, controlled, reviewed, and documented to ensure and prove the following: a. test plans or specifications identify the test item being tested and the resources being used, define test objectives and conditions, parameters to be recorded and relevant acceptance criteria; b. test procedures describe the test methods to be used, how to perform the test, and how to record the results; c. the correct configuration of the test item is submitted for the test; d. the requirements of the test plan and the test procedures are observed; e. the acceptance criteria are met. [While this requirement does not include the words “maintained” or “retained”, it is generally interpreted as applying in part to “test plans” (or specifications), “test procedures”, and to the “test results” (i.e., record)] | 8.3.4.1 |
| 12 | Controlled conditions shall include, as applicable: a. the availability of documented information that defines: 1. the characteristics of the products to be produced, the services to be provided, or the activities to be performed; 2. the results to be achieved; [This documented information may be provided by the customer (e.g., Drawings)] | 8.5.1.a |
| 13 | c. the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; 1. ensuring that documented information for monitoring and measurement activity for product acceptance includes: - criteria for acceptance and rejection; - where in the sequence verification operations are to be performed; - measurement results to be retained (at a minimum an indication of acceptance or rejection); - any specific monitoring and measurement equipment required and instructions associated with their use; | 8.5.1.c1 |
| 14 | The organization’s nonconformity control process shall be maintained as documented information including the provisions for: − defining the responsibility and authority for the review and disposition of nonconforming outputs and the process for approving persons making these decisions; − taking actions necessary to contain the effect of the nonconformity on other processes, products, or services; − timely reporting of nonconformities affecting delivered products and services to the customer and to relevant interested parties; − defining corrective actions for nonconforming products and services detected after delivery, as appropriate to their impacts (see 10.2). | 8.7.1 |
| 15 | The organization shall maintain documented information that defines the nonconformity and corrective action management processes. | 10.2.1 |
<note tip># 2
For guidance on documenting “a general description of relevant interested parties”, read: Context of the Organization... and "Interested Parties"</note>
<note tip># 3
Guidance from ISO on crafting an acceptable QMS “scope” can be found online in the: ISO 9001 Auditing Practices Group Guidance on: "Scope of ISO 9001, Scope of Quality Management System (QMS) and Scope of Certification"</note>
<note important># 3
When asked “Is it allowable for an organization to claim non-applicability with any sub-clause or sub-paragraph of 9100-series?”, the response contained in the IAQG official "AS 9100:2016 Series Clarifications" stated:
“Yes. Organizations can claim non- applicability even down to a shall statement or portions of a shall statement.”
Also, when asked “Is it required that any non-applicability with a requirement be documented in the scope section of the Quality Manual?”, the response contained in the IAQG official "AS 9100:2016 Series Clarifications" stated:
“No. It is required that any non-applicability with a clause or “shall” statement be documented information but does not have to be documented in the scope section of a Quality Manual.”</note>
