Handling of Test and Calibration Items

Let’s move on to a part of the testing process that might not seem exciting—but is absolutely essential: how your lab handles items sent in for testing or calibration. The process requirements of ISO/IEC 17025 place a strong emphasis on this step because it directly affects the reliability of your results.

Think about it—if a sample is mislabeled, contaminated, or stored incorrectly, your test results might be off even before you start the analysis. That’s why Clause 7.4 of ISO/IEC 17025 lays out clear expectations for the handling, transportation, storage, and tracking of all incoming items.

According to the process requirements of ISO/IEC 17025, your lab should have a procedure that ensures:

• Every item is uniquely identified (with labels, barcodes, or tracking numbers)

• The condition of the item is checked upon receipt—any damage or issues are recorded

• Items are stored properly to prevent deterioration, contamination, or mix-ups

• The handling process maintains traceability from receipt through to final report

Let’s say you receive a biological sample that needs refrigeration. If it sits at room temperature for a few hours before someone logs it in, your results could be compromised—and that’s a problem both for your lab and your client. The process requirements of ISO/IEC 17025 are there to prevent these kinds of risks by making sure everyone knows exactly how to care for the materials coming through your doors.

Your lab’s procedure should also include:

• How to separate similar samples to avoid confusion

• How to manage hazardous or fragile items

• What to do if there’s a delay in testing and storage is required longer than expected

Good handling isn’t just about logistics—it’s part of your lab’s quality promise. Following the process requirements of ISO/IEC 17025 helps ensure that every item you work with is treated with care, kept in the right condition, and clearly tracked from start to finish. And when all of that is under control, your results are more reliable—and your clients are more confident in your work.

Technical Records and Result Traceability

Here’s something we all know but sometimes underestimate: if it’s not recorded, it didn’t happen. That’s the mindset behind another essential part of the process requirements of ISO/IEC 17025—keeping clear, complete, and traceable technical records for every test or calibration your lab performs.

This isn’t just about jotting down numbers in a notebook. ISO/IEC 17025 requires labs to maintain records that tell the full story behind each result. That includes what was tested, how it was tested, who did the work, what equipment was used, and—most importantly—how the final result was calculated or interpreted.

Let’s look at what the process requirements of ISO/IEC 17025 expect your records to include:

• The identification of the item tested or calibrated

• The date and time of the activity

• The name of the person who performed the task

• The equipment and software used

• Environmental conditions, if they influence the result

• All observations, calculations, and derived data

• Any nonconformities, deviations, or corrections made during the process

This level of detail might seem like a lot, but it’s what allows anyone (including an auditor or another technician) to trace the result back through every step of the process. That’s the whole point of result traceability—and it’s a major pillar of the process requirements of ISO/IEC 17025.

Here’s a simple way to think of it: if a client ever asks, “How did you get this result?”—you should be able to hand them a clear record that explains it, step by step. No guesswork, no gaps.

It also helps protect your lab. If there’s ever a dispute, complaint, or review, your records serve as evidence that everything was done according to procedure—and that your results are valid and defensible.

So whether you’re recording electronically or on paper, the message is the same: be thorough, be consistent, and be traceable. That’s how you meet the process requirements of ISO/IEC 17025 and build trust in every result you produce.

Ensuring Result Validity and Quality Control

Now that we’ve talked about how to record results, let’s talk about how to make sure those results are actually valid. One of the most practical parts of the process requirements of ISO/IEC 17025 is the expectation that labs don’t just do the work—they continually check that it’s being done right.

Think of this as your lab’s built-in quality control system. You’re not just trusting that methods work—you’re monitoring them in real time to confirm they’re delivering reliable results.

Here are a few of the key activities the process requirements of ISO/IEC 17025 call for:

• Use of control charts to track performance over time

• Replicate testing to check consistency

• Blank tests or spiked samples to detect contamination or bias

• Intermediate checks on equipment to confirm it’s still functioning as expected

These are all ways your lab can catch issues early, before they affect your final report. And they’re not just for show—ISO wants to see evidence that you’re doing this on a regular basis and using the results to adjust your processes if needed.

Another important piece of this puzzle? Participation in proficiency testing or interlaboratory comparisons. These are external checks where your lab tests the same sample as other labs, and the results are compared. It’s one of the best ways to validate your lab’s performance and show that your work holds up to industry standards.

So, how does this all tie back to the process requirements of ISO/IEC 17025?

Simple: it’s about showing that your lab’s results aren’t just accurate once—they’re accurate every time. The standard wants labs to be proactive, not reactive. And that’s exactly what these quality control measures are for.

By building these checks into your routine, you create a feedback loop that strengthens your entire system. You gain confidence in your methods, trust in your results, and peace of mind that your lab is delivering the quality your clients count on. And yes, it keeps you right in line with the process requirements of ISO/IEC 17025 every step of the way.

Reporting of Results and Decision Rules

Alright, so you’ve done the work, recorded it properly, and double-checked its validity—what’s next? Time to report the results. And yes, even this part comes with specific expectations under the process requirements of ISO/IEC 17025.

Reporting might seem straightforward—you run the test, then send the client the numbers, right? But ISO/IEC 17025 takes it a step further. The standard wants your reports to be clear, complete, and meaningful, so the person receiving them can understand exactly what was tested, how it was done, and what the outcome means.

Here’s what should typically be included in your reports according to the process requirements of ISO/IEC 17025:

• A unique report identifier (so nothing gets mixed up)

• The name and address of the lab

• Client information

• Description and identification of the item tested

• Date of receipt and date of testing

• The method used

• The results, clearly presented

• Who authorized the report

But here’s where it gets a bit deeper—the part about decision rules. This is one of the more technical updates in the 2017 version of the standard, and it’s now a required part of the process requirements of ISO/IEC 17025 when you’re making statements of conformity (like pass/fail or compliant/non-compliant).

A decision rule defines how uncertainty is taken into account when determining if a result meets a specified requirement. And yes, this needs to be defined before the test and agreed upon with the client if applicable.

For example, if a client needs a result to meet a regulatory limit, your decision rule should clearly state how measurement uncertainty is factored into that decision. Are you using a simple acceptance zone, a guard band, or some other approach? It should be transparent.

So why does this matter? Because two labs could get the same test result but give different pass/fail decisions depending on the decision rule they apply. That’s why the process requirements of ISO/IEC 17025 ask labs to define and apply these rules consistently—and to communicate them clearly in reports.

In short, reporting isn’t just about delivering data—it’s about delivering clarity. And when your lab takes the time to follow the process requirements of ISO/IEC 17025 for reporting and decision rules, it shows your clients that you’re not just compliant—you’re reliable, transparent, and professional in every detail.

Handling Complaints, Nonconformities, and Data Integrity

Even the best labs run into issues now and then—whether it’s a customer complaint, an unexpected error during testing, or a slip in how data is handled. That’s why the process requirements of ISO/IEC 17025 include clear expectations for dealing with these situations professionally, transparently, and consistently.

Let’s start with complaints. ISO/IEC 17025 wants labs to have a documented process for receiving, evaluating, and resolving complaints from customers or stakeholders. This doesn’t just protect your lab—it builds trust. When clients know you take their concerns seriously, they’re more likely to stick with you.

Here’s what the process requirements of ISO/IEC 17025 expect you to do:

• Record the complaint and all related details

• Evaluate the issue fairly and objectively

• Decide on any necessary actions or investigations

• Communicate the outcome to the person who raised it

• Keep records of how it was handled and resolved

Next up: nonconforming work. If something doesn’t go according to plan—whether it’s a failed control, a procedural error, or unexpected results—you need to take action. The standard doesn’t expect perfection, but it does expect accountability.

Your lab’s system should:

• Detect and record the nonconformity

• Stop or withhold the affected work if needed

• Evaluate the impact (on the item tested and on the client)

• Take correction and corrective action

• Review and document everything

And then there’s data integrity—a critical part of the process requirements of ISO/IEC 17025. Your lab must ensure that data is secure, authentic, and traceable at all times. This includes protecting it from unauthorized changes, accidental deletion, or loss during storage or transfer.

Whether you’re using paper logs or digital systems, you need to have:

• Access controls (like passwords or permissions)

• Backup and recovery methods

• Procedures to track edits or corrections

• Validated software for critical calculations or reporting

Think of it this way: your lab’s results are only as good as the systems that support them. If you can’t show how you handle complaints, fix problems, or protect your data, it’s hard to prove you’re meeting the process requirements of ISO/IEC 17025.

But when you do? You’re not just meeting the standard—you’re building a reputation for quality and professionalism that people can count on.

Control of Data and Information Management

Let’s wrap up the technical flow with one of the most important (and increasingly digital) topics in ISO/IEC 17025—data and information management. In today’s labs, whether you’re using spreadsheets, custom software, or a full-fledged LIMS, controlling your data is no longer optional. And as you might expect, the process requirements of ISO/IEC 17025 cover this in detail.

Why? Because even if everything else goes smoothly—from sampling to testing to reporting—none of it matters if your data isn’t secure, traceable, or reliable. That’s why Clause 7.11 of ISO/IEC 17025 focuses entirely on how labs manage their data and ensure its integrity.

Here’s what the process requirements of ISO/IEC 17025 ask for when it comes to information control:

• Data must be protected from unauthorized access, alteration, or loss

• Backups should be performed regularly, and recovery plans should be in place

• Access controls must be in place so only authorized personnel can make changes

• Electronic systems (like LIMS or spreadsheets) need to be validated for accuracy

• Changes to data must be tracked with audit trails, so nothing slips through unnoticed

Now, this doesn’t mean you need the latest high-tech system. Whether your lab is mostly paper-based or fully digital, what matters is that your system is controlled, consistent, and documented.

Let’s say you’re using Excel to manage some of your results. To meet the process requirements of ISO/IEC 17025, you’d need to make sure:

• The file is password protected

• Only approved versions are used

• Any changes are logged (even manually, if needed)

• There’s a backup stored safely in case something goes wrong

And remember—this applies to both raw data (like instrument readings) and final results, including anything shared with clients. You need to show that your lab has a system in place to protect this information every step of the way.

In short, good data management isn’t just about avoiding mistakes—it’s about building trust. When your lab follows the process requirements of ISO/IEC 17025 for information control, you’re showing auditors, clients, and your own team that the numbers don’t just look good—they’re backed by solid, secure systems you can rely on.

Final Notes on Process Requirements of ISO/IEC 17025

So, after walking through every step of the lab workflow—from receiving requests to handling data—we’ve seen just how detailed and practical the process requirements of ISO/IEC 17025 really are. They’re not just a list of rules to follow for the sake of compliance—they’re a structured way to make sure your lab consistently delivers valid, reliable, and technically sound results.

What makes these requirements so powerful is how they connect. Every part of the process supports the next:

• Reviewing client requests ensures you start on the right foot

• Selecting and verifying methods makes sure you use the right tools

• Handling samples and recording data creates traceability

• Quality checks and data control protect your results from start to finish

And together, all of these actions fulfill the broader goal of the process requirements of ISO/IEC 17025—building confidence in your lab’s work.

Whether you’re preparing for accreditation, updating procedures, or just trying to better understand what’s expected, it helps to remember: ISO/IEC 17025 isn’t about making things more complicated—it’s about making them more consistent and credible. Every lab is different, but the foundation laid out in the process requirements of ISO/IEC 17025 gives you a flexible, reliable structure to build on.

So take it step by step. Review your workflows, talk with your team, and make sure each process aligns with the standard. Because when your lab gets these processes right, everything else—from customer satisfaction to audit readiness—starts falling into place naturally.

Levy M.

I hold a Master’s degree in Quality Management, and I’ve built my career specializing in the ISO/IEC 17000 series standards, including ISO/IEC 17025, ISO 15189, ISO/IEC 17020, and ISO/IEC 17065.

My background includes hands-on experience in accreditation preparation, documentation development, and internal auditing for laboratories and certification bodies.

I’ve worked closely with teams in testing, calibration, inspection, and medical laboratories, helping them achieve and maintain compliance with international accreditation requirements.

I’ve also received professional training in internal audits for ISO/IEC 17025 and ISO 15189, with practical involvement in managing nonconformities, improving quality systems, and aligning operations with standard requirements.

At QSE Academy, I contribute technical content that turns complex accreditation standards into practical, step-by-step guidance for labs and assessors around the world.

I’m passionate about supporting quality-driven organizations and making the path to accreditation clear, structured, and achievable.