On September 30th, we sat down with Roger Brauninger, the Technical Training Consultant at A2LA WorkPlace Training to discuss section 7.7 of the ISO/IEC 17025:2017 standard. In his current role, he provides technical training and consulting, primarily for organizations involved in the life sciences. Mr. Brauninger has conducted numerous management system assessments to ISO/IEC 17025 and ISO/IEC 17020, and has evaluated other assessors in this role. He also maintains recognition as an APAC and IAAC peer evaluator.
If you’re interested in seeing what other topics we’ve covered so far during this series, you can find the recorded webinars here.
Simply put, it’s all about risk management! The activities that are performed in section 7.7 are meant to reduce the liability of having a test result that’s incorrect or misapplied.
But don’t panic! You can take comfort in the fact that the various activities required in the standard are designed as a risk reduction tool for you and your organization.
As opposed to the 2005 standard where risk was managed by ISO, the 2017 version is really where risk became the organizations’ responsibility. Another difference between the two versions of the standard is that, in the 2017 version, there are fewer procedures required, so the laboratory incurs an increased burden to determine what kinds of risk and opportunities need to be addressed. Now, your organization is required to plan and implement actions to address risks and opportunities. So if you find a risk, it’s your job to mitigate it.
This shift to risk-based thinking has enabled some reduction in prescriptive requirements and has been replaced by performance-based requirements. This gives your laboratory a lot more flexibility in deciding the requirements for processes, procedures, documented information and organizational responsibilities.
So, the bottom line is that there’s no singular way to address risk.
There are more risks than we can list in this blog, but a few Roger brought to the table in the presentation are:
The list goes on and on.
Roger requested a deficiency distribution from A2LA based on the assessments they completed in 2019.
In total, there were 489 findings in the 7.7 sub-clause. That’s a pretty big figure!
By far, the largest number of findings (60%) were from 7.7.1. That concentration makes sense when you realize that 7.7.1 has the most number of elements associated with it.
Many of those findings happened because the organization didn’t have a procedure for monitoring the validity of results. They were not recorded in a way that could be trended, or statistical monitoring techniques were not applied.
In the standard, 7.7.1 states that the laboratory shall have a procedure for monitoring the validity of results. The resulting data shall be recorded in such a way that trends are detectable and, where practicable, statistical techniques shall be applied to review the results. This monitoring shall be planned and reviewed.
But if we break it down, there are 7 separate elements here. Which explains why there were so many findings among those assessed. See the presentation slides for more details.
If we were to break down deficiencies within 7.7.1 even further, we would see spikes around:
These subcategories had the highest frequencies of nonconformities.
One of the biggest changes in ISO/IEC 17025:2017 is it’s focus on risk mitigation.
There are a lot of activities we do for risk-mitigation that involves section 7.7. This is where PT testing and inter-laboratory comparisons come into play. We need to make sure that the lab can handle the test material properly and produce acceptable results.
Section 7.7 acts to reduce risk of invalid test results, details a variety of means to ensure the validity of tests, addresses both ILC and PT, and requires statistically-based actions to demonstrate the methods are in control.
Additionally, it requires that organizations partake in an ongoing monitoring plan to be defined and continuously updated. The data from monitoring activities must be used to control and improve the laboratory’s activities.
Again, this was only a summary of the great presentation that Roger gave, which can be viewed in full here.
At the end of the webinar, we demoed the Qualtrax software and explained the role it plays in helping organizations mitigate risk. If you’d like to hear more about how Qualtrax can help your organization, reach out to us! We’d love to speak with you.