ISO 17025 Documented Procedure for 6.2.5.e - authorization of personnel

SeanN

Involved In Discussions
Hi everyone,
I am a newbie to this forum and experiencing a similar issue that JClarke had back in Jul 2019 (the discussion between JClarke and dwperron, topic "ISO 17025 Documented Procedure for 6.2.5 - Determining competency"). Although we have an SOP defining titles and authorizing personnel at different levels to perform different tasks or activities, an assessor still notes that "No document is currently in place that clearly demonstrates the laboratory's development and documentation of a procedure for authorizing personnel, implementation of the procedure, maintenance of records for the authorization process of each employee and monitoring of compliance with the procedure." So, it sounds like the SOP alone is insufficient (to be compliant with ISO17025, section 6.2.5.e), and that we may need more papers such as Authorization Form for specific cases in our daily activities? Any suggestions on how to improve this area? Many thanks in advance!
 

Enghabashy

Quite Involved in Discussions
e) authorization of personnel should be clear in procedure ; job description of technical Mgr., Q Mgr, technical personnel , --etc.
*it should be clear for personnel who perform verification & validation of test results " cl. 6.2.6
** it should be clear in 4.1 Impartiality statement of manual '
 

Jen Kirley

Quality and Auditing Expert
Leader
Admin
Welcome SeanN!

Not being present at audit time and not having seen your documentation, it is difficult to respond precisely. However, I am very concerned about how this NC is worded. It sounds like the CB was expecting a procedure for making and maintaining a procedure. Maybe they meant process...

Anyway, UKAS has published guidance on the clauses. For this question, see page 6 where they said (emphasis mine)
There will be a need for specific procedures and records to demonstrate how competence requirements are determined as well as competence monitoring, authorisation and training. There will need to be specific authorisation records for personnel that give opinions and interpretations
So it is not enough to have documented evidence of competency having been determined (a requirement of ISO 9001:2015); ISO/IEC 17025:2017 also wants the process to be proceduralized for determining competence requirements (what is expected of your lab personnel), how their competence will be monitored for ongoing adequacy, how they are to be authorized to perform their lab tasks and how they are to be trained.

I would reach out to your CB's customer service and ask for clarity on the NC. The wording as I see it is not really asking for 6.5, but for control of documents.

I am not affiliated with UKAS.
 

SeanN

Involved In Discussions
e) authorization of personnel should be clear in procedure ; job description of technical Mgr., Q Mgr, technical personnel , --etc.
*it should be clear for personnel who perform verification & validation of test results " cl. 6.2.6
** it should be clear in 4.1 Impartiality statement of manual '
Thanks Enghabashy! The issue is probably with how 'clear' is defined as 'clear enough' here. I am still struggling to determine the appropriate level of detail required. Do you think there is a need for a more detailed authorization, such as specifying names, tasks, or time periods, instead of relying on an Authorization SOP, training records, and job descriptions?
 

DblHelixx

Starting to get Involved
I'm fairly new to ISO 17025 myself, but I can at least share how I handled this clause.
I tackled competency and authorization together as they're so closely related in my opinion. I keep a skill matrix that ranks each employee by if they are authorized to perform a process either with supervision, without supervision, or if they are able to train others on that process. The rank that the employee gets in the skill matrix is determined by their competency - this line is included in my procedure to answer the question of how employees are authorized. Initial competency requirements are listed in the job description, and this includes defined requirements for education, technical knowledge, skills, experience, etc. Employees also have to go through activity training for specific processes. During and after activity training, competency is evaluated and results of this monitoring determine authorization. I have written in my procedure that "qualification consists, at a minimum, of reading and understanding the laboratory method. Evidence of this is the employee's closely supervised operation, verbal reviews, question and answer sessions, and in some cases, successful completion of proficiency testing." Every time I do an evaluation activity like this, I record it and indicate what rank/authorization the employee gets, and I update the skill matrix accordingly.
 

Enghabashy

Quite Involved in Discussions
as above also :
*The management of the laboratory shall communicate to personnel their duties, responsibilities and authorities6.2.4
** specify the responsibility, authority and interrelationship of all personnel who manage, perform or verify work affecting the results of laboratory activities b-5.5 ;--therefore :
***formal signed lists for the responsible & the delegated personnel which specifying names, tasks ; the formal signatures --- this lists could be documented in the SOP;
**** the employment contracts of Lab. personnel could reflect also the confidentiality & impartiality statements as well ;
 

qualitymanagerTT

Involved In Discussions
Hi everyone,
I am a newbie to this forum and experiencing a similar issue that JClarke had back in Jul 2019 (the discussion between JClarke and dwperron, topic "ISO 17025 Documented Procedure for 6.2.5 - Determining competency"). Although we have an SOP defining titles and authorizing personnel at different levels to perform different tasks or activities, an assessor still notes that "No document is currently in place that clearly demonstrates the laboratory's development and documentation of a procedure for authorizing personnel, implementation of the procedure, maintenance of records for the authorization process of each employee and monitoring of compliance with the procedure." So, it sounds like the SOP alone is insufficient (to be compliant with ISO17025, section 6.2.5.e), and that we may need more papers such as Authorization Form for specific cases in our daily activities? Any suggestions on how to improve this area? Many thanks in advance!
I don't think anybody has addressed the records part of the NC, so I'll add this "6.2.5 The laboratory shall have procedure(s) and retain records for:...".

So yes - the SOP alone is not sufficient.
 
Top Bottom