Standard Operating Procedure: ISO/IEC 17025 Internal Audit

This SOP establishes the framework for conducting internal audits to ensure the laboratory’s management system complies with ISO/IEC 17025:2017 requirements. The goal is to verify that laboratory operations, technical competence, and quality management systems are functioning as documented, identifying non-conformities before external accreditation assessments, and fostering continuous improvement.

1. Resource and Management Requirements

• Organizational Structure: Verify that the organizational chart is current and all roles, responsibilities, and authorities are defined.
• Impartiality & Confidentiality: Review signed impartiality statements for all personnel and verify documented procedures for managing conflicts of interest.
• Document Control: Ensure all internal documents (SOPs, test methods, forms) are under a version-controlled system and obsolete documents are removed from workstations.
• Risk and Opportunities: Review the risk registry to ensure actions taken to address identified risks have been implemented and their effectiveness evaluated.

2. Technical Competence & Equipment

• Personnel Records: Verify that training records, competency assessments, and authorization to perform specific tests are current for all staff.
• Method Validation/Verification: Audit validation reports for non-standard methods and verification reports for standard methods to confirm fitness for purpose.
• Equipment Calibration: Review the master equipment list. Confirm all items are calibrated, calibration certificates are valid, and labels are visible and current.
• Traceability: Ensure all measurements are traceable to the International System of Units (SI) through an unbroken chain of calibrations.

3. Sampling and Handling of Items

• Sampling Plan: If sampling is performed, verify that the sampling plan is based on appropriate statistical methods and is documented.
• Sample Receipt & Handling: Audit the chain-of-custody process. Confirm that unique identifiers are applied upon receipt and that storage conditions prevent degradation.
• Environmental Monitoring: Check logs for temperature, humidity, and cleanliness, ensuring they meet the requirements for the specific test methods performed.

4. Measurement Uncertainty and Quality Assurance

• Uncertainty Budgets: Verify that measurement uncertainty has been estimated for all quantitative tests and that the budget includes all significant sources of error.
• Internal QC: Examine charts or logs for proficiency testing (PT) results and inter-laboratory comparisons.
• Non-conforming Work: Audit the log of non-conformities. Ensure that root cause analysis (RCA) was performed and corrective actions were effectively implemented.

5. Pro Tips & Pitfalls

• Pro Tip: Trace the "Golden Thread": When auditing, pick a single completed test report and trace it all the way back to the raw data, the calibration record of the instrument used, the training record of the analyst, and the specific version of the SOP used. If the thread breaks, you have a non-conformity.
• Pitfall: The "Silo" Audit: Many auditors focus solely on technical staff. Ensure you also audit management reviews, customer complaint handling, and purchasing/procurement to capture the full scope of the standard.
• Pro Tip: Objective Evidence Only: Avoid asking "Do you do this?" Instead, ask "Show me the record where this was done." Verbal confirmation is not considered objective evidence under ISO 17025.
• Pitfall: Neglecting the "Plan-Do-Check-Act": Ensure the audit doesn't just identify the problem, but verifies that the corrective action successfully closed the loop.

6. Frequently Asked Questions (FAQ)

Q: How often must an internal audit be performed? A: ISO/IEC 17025 requires audits to be conducted at planned intervals. Most laboratories adopt an annual cycle, but the schedule should be risk-based; high-risk areas may require more frequent auditing.

Q: Can a laboratory staff member audit their own work? A: No. A fundamental requirement of ISO 17025 is impartiality. Auditors must be objective and independent of the specific activity being audited to ensure the integrity of the process.

Q: What happens if an internal audit uncovers a major non-conformity? A: You must initiate a corrective action process. Document the issue, determine the root cause, implement a permanent fix, and verify that the fix is effective. The accreditation body will expect to see that you identified the issue yourself and handled it properly.

<script type="application/ld+json"> { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [ { "@type": "Question", "name": "What is the primary goal of an ISO/IEC 17025 internal audit?", "acceptedAnswer": { "@type": "Answer", "text": "The primary goal is to verify that laboratory operations, technical competence, and quality management systems comply with ISO/IEC 17025:2017 requirements and to identify non-conformities before external accreditation assessments." } }, { "@type": "Question", "name": "Which areas must be audited for technical competence?", "acceptedAnswer": { "@type": "Answer", "text": "Technical competence audits focus on personnel training records, method validation/verification, equipment calibration status, and measurement traceability to the SI." } }, { "@type": "Question", "name": "How is document control managed under this SOP?", "acceptedAnswer": { "@type": "Answer", "text": "All internal documents such as SOPs, test methods, and forms must be under a formal version-controlled system, with obsolete documents strictly removed from all workstations." } } ] } </script> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "SoftwareApplication", "name": "ISO/IEC 17025 Internal Audit SOP Framework", "applicationCategory": "Quality Management System", "operatingSystem": "All", "description": "A comprehensive framework for laboratories to execute internal audits, ensuring adherence to ISO/IEC 17025:2017 standards for management and technical requirements.", "offers": { "@type": "Offer", "category": "Documentation" } } </script>