Do calibration certificates need measurement uncertainty?

Yes. Calibration certificates must include measurement uncertainty (with coverage). For testing, report uncertainty when it is relevant to validity or a conformity decision.

What is a decision rule in ISO/IEC 17025?

A decision rule defines how results and their uncertainty are used to make pass/fail or conformity statements. It must be established at contract review and communicated on reports where applicable.

How are methods approved under ISO/IEC 17025?

Standard or compendial methods must be verified for use in your lab. Modified or lab-developed methods require validation covering specificity, range, accuracy, precision, detection limits, robustness, and other relevant characteristics.

What records are required to maintain accreditation?

Controlled procedures, method validation/verification reports, uncertainty budgets, equipment files and calibration records, environmental monitoring, QC and proficiency testing results, contract reviews, complaints and nonconforming work logs, and internal audits and management review records.

Do I need ISO 9001 if I have ISO/IEC 17025?

No. ISO/IEC 17025 Option A includes necessary management system elements. Option B allows integration with an ISO 9001 system if present.

ISO/IEC 17025 – Testing & Calibration Lab CompetenceGlossary

ISO/IEC 17025 – Testing & Calibration Lab Competence

Q: Is ISO/IEC 17025 a certification or an accreditation?

It is an accreditation. A recognized accreditation body assesses the lab's competence against ISO/IEC 17025 and grants accreditation for a defined scope.

This topic is part of the SG Systems Global regulatory & operations glossary.

Updated October 2025 • Lab Competence & Accreditation • Quality, Regulatory, Metrology, Testing

ISO/IEC 17025 is the global playbook for proving a laboratory is competent to produce valid test and calibration results. It’s not a generic quality certification; it’s an evidence‑driven system that demands impartiality, technical mastery, metrological traceability, and defensible measurement uncertainty. In regulated industries, it dovetails with ISO 13485, FDA’s legacy 21 CFR 820, GLP (21 CFR 58), and pharmacopeial expectations (USP), and it relies on hard controls for Data Integrity.

“If your uncertainty budget is a guess and your traceability is a hope, you’re not 17025‑competent—you’re lucky.”

TL;DR: Define impartiality, scope, and methods; validate methods (TMV); quantify measurement uncertainty with real data (MSA, X‑bar/R); maintain metrological traceability to national standards (e.g., NIST) via calibrated equipment and CRMs; run ongoing QC and proficiency testing; control data in a validated LIMS/ELN with Part 11/Annex 11 controls; report results with uncertainty and a clear decision rule; fix nonconforming work through CAPA. Keep everything under Document Control with audit trails and ALCOA(+) integrity.

1) What ISO/IEC 17025 Covers—and What It Does Not

Covers: competence to perform tests/calibrations; impartiality and confidentiality; resources (people, environment, equipment, traceability); process controls (requests/review, method selection/validation, sampling, handling, technical records, uncertainty, QC, reporting, complaints, nonconforming work, data management); management‑system controls.

Does not cover: product certification or inspection bodies; it’s not a substitute for a full manufacturing QMS like ISO 13485 or ISO 9001—though it must integrate with them where labs support production release (QC release).

2) Accreditation & Regulatory Intersections

Labs are accredited to ISO/IEC 17025 by recognized bodies, often under ILAC MRAs. In medical device supply chains, 17025 supports equipment calibration and test validity demanded by 21 CFR 820/ISO 13485, and for nonclinical studies, GLP under Part 58 may also apply. Pharmacopeial work should track USP methods with documented verification/validation.

3) The 17025 Framework—What You Actually Build

Impartiality & confidentiality: conflict‑of‑interest controls and information protection.
Structure: defined roles, authority, and freedom from undue pressure; competency‑based training matrices.
Resources: qualification of personnel, environmental controls (EM, temperature mapping), equipment fitness and status (calibration status), metrological traceability, and control of external providers (supplier qualification).
Processes: request review, method selection/verification/validation (TMV), sampling and handling, records, uncertainty, QC & PT, reporting with decision rules, complaints, nonconforming work, and record retention.
Management system: Option A (17025 clauses) or Option B (integrated with ISO 9001). Either way: internal audits and management reviews are mandatory.

4) Scope, Decision Rules & Statements of Conformity

Accreditation lives and dies on scope clarity. Define ranges, CMCs (best achievable uncertainties), and decision rules for pass/fail calls. Guard‑band where risk warrants it, and make the decision rule explicit on reports. If the customer dictates a rule, document it at contract review and ensure capability.

5) Methods: Selection, Verification & Validation

Use recognized methods (standards or pharmacopeias) or develop fit‑for‑purpose methods. For compendial/standard methods, perform verification; for lab‑developed/modified methods, perform full validation with specificity, range, accuracy, precision, LoD/LoQ, robustness, etc. Lock methods under Document Control and manage revisions via Change Control.

6) Equipment, Qualification & Metrological Traceability

Qualify critical instruments (IQ/OQ/PQ) against a VMP. Maintain calibration with traceability to national standards (NIST) and CRMs. Show status at point‑of‑use (Calibration Status) and control environmental factors (Temperature Mapping, EM).

7) Measurement Uncertainty—Quantify, Don’t Assume

Build uncertainty budgets from actual components: reference standards, calibration certificates, resolution, repeatability/reproducibility (MSA), environmental effects, bias. Use SPC (σ, X‑bar/R, control limits) to keep estimates current. Report uncertainty with coverage factor and decision rule where applicable.

8) Sampling, Handling & Integrity of Items

When sampling is in scope, use statistically sound plans (Sampling Plans). Control chain‑of‑custody, ID, and storage; prevent cross‑contamination; respect hold times. For receiving/ID checks tie to Identity Testing and Incoming Inspection where relevant.

9) Ensuring Validity of Results—QC That Actually Catches Drift

Run controls with every batch/shift as appropriate: blanks, spikes, CRMs, duplicates, control charts (SPC). Participate in proficiency testing/inter‑lab comparisons on a plan matched to risk and scope. Trend biases and trigger CAPA when signals go out of control.

10) Data & Information Management—Integrity or Bust

Operate a validated LIMS/ELN aligned with 21 CFR 11, Annex 11, and GAMP 5. Enforce ALCOA(+), robust audit trails, role‑based access, backup/restore tests, and retention/archival. Validate interfaces to instruments; no manual re‑keying where it can be avoided.

11) Reporting—Say Exactly What You Did

Reports and calibration certificates must state method, sample/item ID, results with units, uncertainty (and coverage) where appropriate, decision rule and conformity statement when applicable, environmental conditions (if relevant), and traceability references (standards/CRMs). No copy‑paste edits—reports are controlled records under Document Control.

12) Nonconforming Work, Complaints & CAPA

Detect, contain, and disposition nonconforming work; notify customers when results are suspect. Drive root cause with RCA and fix via CAPA. Track through NCR/Deviations, then verify effectiveness. Close the loop in management review and internal audits.

13) Metrics That Prove Competence

Uncertainty budget freshness: % of methods with MU re‑justified from current data in last 12 months.
PT/ILC performance: success rate and bias trend for proficiency tests by analyte/measurand.
Out‑of‑control rate: SPC signals per 100 runs; time to containment.
Calibration/traceability latency: days from calibration due to completion; % instruments with current status visible.
Nonconforming work cycle time: detection → customer notification → corrective action close.
Audit/CAPA closure: median days to close; recurrence rate.

14) Common Pitfalls & How to Avoid Them

“Calibrated, therefore compliant.” Calibration alone doesn’t prove traceability or fitness—show method MU and ongoing QC.
Borrowed uncertainty. Using vendor specs as MU is lazy and wrong—build budgets from your data.
Unvalidated spreadsheets. Move to validated LIMS/ELN; if spreadsheets remain, validate and control them.
Method drift without monitoring. Lock in SPC, CRMs, and PT plans tied to risk.
Scope creep. Don’t accept work outside accredited scope without explicit classification and controls.
Weak data integrity. No shared logins, no editable raw data trails—enforce ALCOA(+).

15) What Belongs in the Lab’s 17025 File

Accreditation scope; impartiality/confidentiality controls; org chart/roles; competency matrix and training records; method procedures and verification/validation reports; uncertainty budgets; QC plans and SPC records; PT/ILC program and results; equipment files (IQ/OQ/PQ, calibrations, maintenance); environmental monitoring; supplier/CRM control; contract reviews; complaints & nonconforming work logs; audit trails; internal audits and management reviews; controlled records/retention.

16) How This Fits with V5 by SG Systems Global

LIMS + Evidence Backbone. The V5 platform manages methods, versions, and MU budgets under Document Control, with instrument interfaces and tamper‑evident audit trails.

Traceability & Calibration. V5 tracks standards/CRMs, links calibrations to assets (Calibration Status), and enforces due‑date blocks.

QC & Trending. Control charts, PT tracking, and alerts integrate with CAPA and Internal Audit.

GxP‑Ready Data. Part 11/Annex 11 controls, e‑signatures, and ALCOA(+) support pass 17025 reviews and device inspections without duplicate systems.

Bottom line: V5 makes 17025 execution measurable and inspection‑ready—no spreadsheet archaeology, no paper chases.

17) FAQ

Q1. Is ISO/IEC 17025 a certification or an accreditation?
Accreditation. A competent body assesses your lab against the standard and grants scope‑specific accreditation.

Q2. Do I have to report measurement uncertainty?
For calibrations: yes. For testing: where it impacts validity or a conformity decision—especially when a decision rule is applied.

Q3. Can we use customer‑specified methods?
Yes, but you must verify you can meet performance (and uncertainty) on your equipment with your people.

Q4. Do I need ISO 9001 too?
Not strictly. 17025 Option A stands alone. Option B lets you leverage an ISO 9001 system if it fully covers 17025 requirements.

Q5. How often should we do proficiency testing?
On a risk‑based schedule appropriate to your scope—enough to prove ongoing competence for each critical measurand.

Q6. What systems must be validated?
Anything that captures, transforms, calculates, or reports lab data—LIMS/ELN, instrument software, and critical spreadsheets—per GAMP 5 and Part 11/Annex 11.