<?xml version="1.0" encoding="UTF-8"?><?xml-stylesheet type="text/xsl" href="https://www.cloudtheapp.com/wp-content/plugins/rss-feed-styles/public/template.xsl"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	xmlns:rssFeedStyles="http://www.lerougeliet.com/ns/rssFeedStyles#"
>

<channel>
	<title>laboratory QMS Archives | Cloudtheapp</title>
	<atom:link href="https://www.cloudtheapp.com/tag/laboratory-qms/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.cloudtheapp.com/tag/laboratory-qms/</link>
	<description>Configurable Quality Management &#38; Regulatory Compliance SaaS built on our Validated &#34;No-Code&#34; platform.</description>
	<lastBuildDate>Sat, 11 Jul 2026 12:11:14 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0.1</generator>

<image>
	<url>/wp-content/uploads/3.svg</url>
	<title>laboratory QMS Archives | Cloudtheapp</title>
	<link>https://www.cloudtheapp.com/tag/laboratory-qms/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>Laboratory QMS: ISO 17025 vs ISO 13485 — Which Standard Applies and When</title>
		<link>https://www.cloudtheapp.com/laboratory-qms-iso-17025-vs-iso-13485-which-standard-applies-and-when/</link>
		
		<dc:creator><![CDATA[Cloudtheapp Inc.]]></dc:creator>
		<pubDate>Sat, 11 Jul 2026 12:11:04 +0000</pubDate>
				<category><![CDATA[General]]></category>
		<category><![CDATA[ISO 13485]]></category>
		<category><![CDATA[ISO 17025]]></category>
		<category><![CDATA[lab accreditation]]></category>
		<category><![CDATA[laboratory QMS]]></category>
		<category><![CDATA[medical device quality]]></category>
		<category><![CDATA[Quality Management System]]></category>
		<category><![CDATA[Testing Laboratory]]></category>
		<guid isPermaLink="false">https://www.cloudtheapp.com/laboratory-qms-iso-17025-vs-iso-13485-which-standard-applies-and-when/</guid>

					<description><![CDATA[<p>Quality managers in regulated industries eventually hit the same question: the laboratory runs tests that feed into device submissions, pharmaceutical batch releases, or supplier qualification decisions — so which quality standard governs it? ISO/IEC 17025 and ISO 13485 look related on the surface, but they address fundamentally different problems. Choosing the wrong one, or assuming [&#8230;]</p>
<p>This post created by and appeared first on <a href="https://www.cloudtheapp.com">Cloudtheapp</a></p>
]]></description>
										<content:encoded><![CDATA[<p><![CDATA[

<p>Quality managers in regulated industries eventually hit the same question: the laboratory runs tests that feed into device submissions, pharmaceutical batch releases, or supplier qualification decisions — so which quality standard governs it? ISO/IEC 17025 and ISO 13485 look related on the surface, but they address fundamentally different problems. Choosing the wrong one, or assuming one replaces the other, creates compliance gaps that surface during audits and regulatory inspections at the worst possible time.</p>





<p>This article walks through what each standard requires, where their scopes overlap, where they diverge, and how to determine which one applies to your laboratory — or whether you need both.</p>





<h2>What ISO/IEC 17025 is</h2>





<p>ISO/IEC 17025:2017, published by the <a href="https://www.iso.org/ISO-IEC-17025-testing-and-calibration-laboratories.html" target="_blank" rel="noopener noreferrer">International Organization for Standardization</a>, is the global standard for the competence of testing and calibration laboratories. It covers any organization that performs testing or calibration and produces results in the form of a test report or calibration certificate.</p>





<p>The standard operates on two structural pillars: management requirements (covering document control, complaint handling, internal audits, and management review) and technical requirements (covering personnel competence, equipment, measurement traceability, method validation, and reporting). The 2017 revision added a risk-based thinking requirement aligned with ISO 9001:2015, making the standard more flexible but also more demanding in how laboratories justify their operational decisions.</p>





<p>Compliance with ISO/IEC 17025 leads to accreditation, not certification. Accreditation is granted by a national accreditation body — the American Association for Laboratory Accreditation (A2LA) and ANAB in the United States, UKAS in the United Kingdom, DAkkS in Germany — that assesses the laboratory&#8217;s technical competence through witnessed testing and proficiency testing participation. The resulting accreditation scope lists exactly which tests or calibrations the lab is accredited to perform, down to the method reference and measurement range.</p>





<p>Regulatory bodies and customers request ISO/IEC 17025 accreditation specifically because it provides documented, third-party evidence that a laboratory&#8217;s test data is technically valid and traceable to recognized measurement standards.</p>





<h2>What ISO 13485 is</h2>





<p>ISO 13485:2016 is the quality management system standard for organizations involved in one or more stages of the lifecycle of a medical device. It specifies requirements for a QMS that demonstrates the ability to consistently provide medical devices and related services that meet customer and regulatory requirements.</p>





<p>ISO 13485 is not specifically about laboratory competence. It covers product quality throughout design, production, storage, distribution, and post-market activities. A laboratory that operates within a medical device manufacturer exists as one functional element within the broader ISO 13485 QMS — alongside design controls, production, servicing, and supplier management.</p>





<p>ISO 13485 certification is granted by accredited certification bodies such as BSI, TUV SUD, SGS, and Bureau Veritas. Certification confirms that the organization&#8217;s QMS meets the standard&#8217;s requirements — it does not assess the technical competence of specific laboratory methods the way ISO 17025 accreditation does.</p>





<h2>The core difference: scope of application</h2>





<p>ISO/IEC 17025 governs a laboratory&#8217;s technical competence for the test or calibration activities it performs. ISO 13485 governs a medical device organization&#8217;s quality management system across its entire product lifecycle.</p>





<p>A pharmaceutical QC laboratory embedded within a drug manufacturer operates inside a GMP-regulated environment. Its practices are governed by 21 CFR Part 211 and EU GMP Annex 15, not by ISO 17025, unless the company chooses to seek accreditation or a customer or regulatory body requires it for specific data.</p>





<p>A contract testing laboratory that analyzes materials, performs biocompatibility tests, runs sterility tests, or calibrates instruments for medical device companies has no product of its own. Its product is the test report. ISO/IEC 17025 is the appropriate governing standard because accreditation provides the independent technical credibility that the client&#8217;s regulatory submission requires.</p>





<p>The question of which standard applies therefore depends on what the laboratory is and whom it serves — not simply on what tests it runs.</p>





<h2>When ISO/IEC 17025 applies</h2>





<p>ISO/IEC 17025 applies when the laboratory:</p>





<ul>


<li>Operates as an independent or contract testing or calibration organization</li>




<li>Issues test reports or calibration certificates that third parties rely on for regulatory or commercial decisions</li>




<li>Performs tests whose results will be submitted to a regulatory authority — FDA, EMA, Health Canada, or a notified body — as part of a device, drug, or food safety submission</li>




<li>Is required by a customer or procurement specification to demonstrate accreditation</li>




<li>Participates in proficiency testing schemes where accreditation is a prerequisite</li>


</ul>





<p>Common examples include contract research organizations performing biocompatibility studies per ISO 10993, environmental monitoring laboratories, calibration houses maintaining reference standards, and food safety testing labs submitting results to regulatory agencies.</p>





<h2>When ISO 13485 applies</h2>





<p>ISO 13485 applies to any organization that participates in the design, development, production, installation, or servicing of a medical device, or in the design, development, or provision of associated services. This includes:</p>





<ul>


<li>Medical device manufacturers operating in-house quality control laboratories</li>




<li>Contract manufacturers producing devices or components under a quality agreement</li>




<li>Sterilization service providers</li>




<li>Distributors with labeling or repackaging activities</li>




<li>Organizations providing post-market surveillance services</li>


</ul>





<p>For a manufacturer&#8217;s in-house lab, ISO 13485 sets the surrounding QMS framework — document control, training, <a href="https://www.cloudtheapp.com/glossary-audits/" target="_blank" rel="noopener noreferrer">audits</a>, <a href="https://www.cloudtheapp.com/glossary-deviation-capa/" target="_blank" rel="noopener noreferrer">deviation CAPA</a>, and management review. The lab&#8217;s day-to-day technical activities are subject to ISO 13485 requirements for control of monitoring and measuring equipment (section 7.6) and control of records (section 4.2.5), but those requirements are less technically detailed than the metrological requirements in ISO/IEC 17025.</p>





<h2>Where the standards overlap</h2>





<p>Both standards share structural DNA from the ISO 9001 process approach. Both require:</p>





<ul>


<li>Document and record management</li>




<li>Internal audits</li>




<li>Management review</li>




<li>Corrective and preventive action processes</li>




<li>Control of nonconforming outputs</li>




<li>Personnel competence and training</li>




<li>Equipment calibration and maintenance</li>


</ul>





<p>The overlap creates opportunities for integrated implementation when an organization operates under both. Document control procedures, audit schedules, and calibration records can serve both standards simultaneously if designed correctly.</p>





<p>Where they diverge: ISO/IEC 17025 goes substantially deeper on measurement uncertainty, method validation, proficiency testing, and the technical review of results. ISO 13485 goes substantially deeper on product realization — design controls, production and process controls, sterilization requirements, and post-market surveillance. Each standard fills gaps the other leaves open.</p>





<h2>When you need both</h2>





<p>Several real-world scenarios require compliance with both standards simultaneously.</p>





<p><strong>Scenario 1 — In-house lab at a medical device manufacturer that also accepts external testing orders.</strong> The manufacturer&#8217;s QMS runs under ISO 13485. When the lab begins issuing test reports to external clients — for example, performing biocompatibility tests for a third-party device company — those clients and their regulatory submissions require ISO/IEC 17025 accreditation for the data to carry regulatory weight. The lab must build on its ISO 13485 foundation and layer in the additional technical requirements of ISO/IEC 17025.</p>





<p><strong>Scenario 2 — Contract testing lab that manufactures reference materials.</strong> A laboratory that produces certified reference materials has a product in the ISO 13485 sense if those materials are used in medical device testing or calibration. Depending on its classification, it may need to operate under both standards.</p>





<p><strong>Scenario 3 — FDA submissions requiring accredited test data.</strong> FDA guidance on biocompatibility (aligned with ISO 10993) and sterilization validation (ISO 11135, ISO 11137) strongly prefers — and in some pathways effectively requires — that test data come from ISO/IEC 17025-accredited laboratories. A device manufacturer using an in-house lab for submission-critical testing faces pressure to achieve accreditation, even while maintaining ISO 13485 certification for the broader QMS.</p>





<h2>Key technical differences that matter in practice</h2>





<p><strong>Measurement uncertainty.</strong> ISO/IEC 17025 requires laboratories to identify and report measurement uncertainty for all test and calibration results. ISO 13485 does not require this level of metrological detail. For analytical chemistry, physical testing, and calibration, this is a significant operational difference — labs transitioning from ISO 13485-only to dual compliance typically find measurement uncertainty estimation to be the most technically demanding addition.</p>





<p><strong>Method validation.</strong> ISO/IEC 17025 requires formal validation of non-standard methods and verification of standard methods before use. ISO 13485 section 7.5.6 requires validation of processes for production and service provision when output cannot be verified by subsequent monitoring, but does not prescribe the same level of method validation documentation that ISO/IEC 17025 demands for analytical methods.</p>





<p><strong>Proficiency testing.</strong> ISO/IEC 17025 requires laboratories to participate in proficiency testing or interlaboratory comparisons as a demonstration of ongoing technical competence. ISO 13485 has no equivalent requirement. Proficiency testing participation is often one of the first visible additions when an ISO 13485-certified in-house lab pursues accreditation.</p>





<p><strong>Accreditation scope.</strong> ISO/IEC 17025 accreditation is granular — each test method, measurement range, and matrix is listed explicitly in the scope. Claims of accreditation apply only within that scope. ISO 13485 certification applies to the entire organization&#8217;s QMS scope as described in the certificate. This means an ISO/IEC 17025 laboratory must carefully control which results it issues under its accredited scope versus outside it, a distinction that ISO 13485 certification does not require.</p>





<h2>Audit trail and record management</h2>





<p>Both standards require robust records. ISO/IEC 17025 section 8.4 specifies requirements for technical records, including original observations, derived data, and information to identify factors affecting measurement results. Records must be such that any test could be reconstructed from the documented information.</p>





<p>ISO 13485 section 4.2.5 requires records to remain legible, readily identifiable, and retrievable throughout their defined retention period. The standard specifies retention periods tied to device lifetime — at minimum the life of the device or applicable regulatory requirement.</p>





<p>For laboratories managing both frameworks, a unified electronic QMS that handles laboratory records, calibration data, test reports, method validation studies, and nonconformance reports in one system eliminates the risk of maintaining two separate record systems that drift out of alignment. Cloudtheapp&#8217;s laboratory management application supports configurable record structures, electronic signatures meeting <a href="https://www.cloudtheapp.com/glossary-21-cfr-part-11/" target="_blank" rel="noopener noreferrer">21 CFR Part 11</a> requirements, and <a href="https://www.cloudtheapp.com/glossary-audit-trail/" target="_blank" rel="noopener noreferrer">audit trail</a> management that satisfies both standards&#8217; record obligations.</p>





<h2>A decision framework for quality managers</h2>





<p>When determining which standard — or combination — applies to a laboratory, work through these questions in sequence.</p>





<p>First: does the laboratory issue test reports or calibration certificates to external parties, or will its data be submitted to a regulatory authority as part of a product application? If yes, ISO/IEC 17025 accreditation is likely required or strongly preferred.</p>





<p>Second: is the laboratory part of an organization that designs, manufactures, or supplies medical devices? If yes, the broader QMS must comply with ISO 13485, and the laboratory operates within that framework regardless of whether it also seeks ISO/IEC 17025 accreditation.</p>





<p>Third: does the laboratory perform both internal quality control testing for its own manufacturing operations and external testing services for other organizations? If yes, it almost certainly needs both standards, implemented in an integrated way to minimize duplicate documentation and audit burden.</p>





<p>Fourth: what do the organization&#8217;s major customers and notified bodies require? Customer requirements and regulatory guidance documents — particularly FDA&#8217;s expectations for data supporting <a href="https://www.cloudtheapp.com/glossary-510k-submission/" target="_blank" rel="noopener noreferrer">510(k) submission</a>, PMA, and Biologics License Applications — often resolve ambiguity faster than reading the standards themselves.</p>





<h2>ISO 15189: the third standard quality managers should know</h2>





<p>Medical and clinical laboratories — those performing diagnostic testing on patient samples — operate under a third standard: ISO 15189:2022. As noted by the <a href="https://blog.johner-institute.com/regulatory-affairs/iso-15189-medical-laboratories/" target="_blank" rel="noopener noreferrer">Johner Institute</a>, ISO 15189 covers medical laboratory quality and competence specifically, adapting ISO/IEC 17025&#8217;s technical requirements for the clinical context with additional requirements for patient safety, pre-examination and post-examination processes, and clinical applicability of results.</p>





<p>Clinical laboratories — hospital labs and reference laboratories running diagnostic tests on human specimens — typically pursue ISO 15189 rather than ISO/IEC 17025. Quality managers responsible for clinical laboratory operations should treat ISO 15189 as the applicable standard unless specific circumstances bring ISO/IEC 17025 back into scope.</p>





<h2>Conclusion</h2>





<p>ISO/IEC 17025 and ISO 13485 govern different domains. ISO/IEC 17025 establishes that a laboratory is technically competent to perform specific tests and produce reliable results. ISO 13485 establishes that a medical device organization has a quality management system capable of consistently producing safe and effective devices. Most in-house manufacturing laboratories need ISO 13485 as the governing framework. Most contract and independent testing laboratories need ISO/IEC 17025 accreditation. Laboratories that do both need both, implemented in an integrated system that avoids parallel documentation and redundant audits.</p>





<p>The practical question for any quality manager: who relies on your test data, for what purpose, and what do they require as proof that the data is trustworthy? The answers determine which standard you need to maintain.</p>





<p>Cloudtheapp&#8217;s platform supports 60+ quality and compliance applications across laboratory management, document control, CAPA, audit management, and supplier qualification. If your organization is evaluating how to align a laboratory QMS with ISO/IEC 17025, ISO 13485, or both, <a href="https://www.cloudtheapp.com/demo/" target="_blank" rel="noopener noreferrer">request a demo</a> to see how a single configured platform can support both frameworks without redundant systems.</p>

]]&gt;</p>
<p>This post created by and appeared first on <a href="https://www.cloudtheapp.com">Cloudtheapp</a></p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
