Search the Elsmar Cove!
**Search ALL of** with DuckDuckGo Especially for content not in the forum
Such as files in the Cove "Members" Directory
Social Distancing - It's not just YOUR life - It's ALL of OUR lives!
Me <——————— 6 Feet ———————-> You

ISO 17025 8.8 Internal Audits in a segmented company


Involved In Discussions
Hi fellows,

I have a confusion about the Clause 8.8: Internal Audit. In our case the calibration laboratory 'C' is part of a section 'B' of an organization 'A'.
'A' is ISO 9001, 'B' is ISO 17020 and 'C' intends to apply for ISO 17025.

Now, Clause 8.8.1. stipulates internal audits:
The laboratory shall conduct internal audits at planned intervals to provide information on whether the management system:
conforms to:
the laboratory’s own requirements for its management system, including the laboratory activities;
the requirements of this document;
So, does it mean to have an internal audit mechanism solely meant for the Calibration Laboratory? Or, the auditing processes done by the parent section 'B' and organization 'A' will suffice?

Thanks and looking forward....
maybe by the processes you covered it all , but I assume that this is not enough (you need to prove to the auditor that you check and comply to the all requirements). The same situation we have in our company (testing laboratory). We have separate checklist and audit schedule ( due to the specific business). Maybe you can make one checklist with merged 9001 and 17025 requirements and thats how you can deal with "one" audit which will cover all requirements. We have also this situation, but we do not apply to the testing laboratory ( we do that for 9001, GSR Part 2, 10 CFR 50 and NQA-1)

John Broomfield

Staff member
Super Moderator

The scope of each internal audit is determined by whatever is necessary to fulfill each audit’s objective.

Ideally you want one internal audit team with all team members competent to audit your one management system using the audit criteria that are relevant to the part of the management system being audited. That way you can assign any auditor to plan, investigate and report any internal audit.

Do you have the training budget to achieve this ideal?

Or will you have to start out with auditors who specialize in each of the three standards? If so then your goal could be to cross-train your auditors so you have the flexibility necessary to objectively and impartially verify the effectiveness of your organization's management system.

I do not recommend three separate subsystems or three separate teams. I do recommend that some of your audit objectives come from top management.

Best wishes,

For "C", the ISO 17025 organization, you will need to perform an internal audit specific to the 17025 requirements.
You can certainly include 9001 and 17020 elements in the audit, but you must cover the complete 17025 document in your internal audit.


Starting to get Involved
Yeah, you absolutely have to do an 17025 Audit, in case you are being accredited by an outside Body i would highly recommend to hire an external consultant to perform the first "full" internal Audit, afterwards maybe you can get training to get your quality manager to perform the audits but at least in my experience the most strict auditors don't consider internal personnel qualified to perform the internal audit.

it only my recommendation though, but its a YES on doing a 17025 specific audit for your lab, having an ISO 9001 parent organization has its benefits , but internal audits is not one of them in my experience


Involved In Discussions
I perform the annual internal audit of the ISO 17025 requirements of our lab and utilize a checklist based on the requirements in 17025. I also audit the tests that are under the scope of accreditation on a two year cycle. We have an integrated management system consisting of 9001, TL9000, ISO 17025 and ISO 27001. However, I do not utilize the 9001 audit to cover the 17025 as there are too many specialized clauses that are not covered in 9001. So the lab gets it's own stand alone internal audit. I request a SME for complicated internal compliance testing that I am not technically qualified to audit, it is helpful to have others who are willing to dedicate a few hours of their time annually to assist. I have not had any difficulties with external auditors reviewing my audit records or scope of my audits - we are audited on average 6-8 times by external organizations including our accreditation agency.
Top Bottom