ISO 17025 Vertical Audit Requirements: How to Trace One Job from Request to Report

If your lab wants ISO/IEC 17025 accreditation, you’ll need to run internal audits to show you’re up to scratch on technical requirements. A vertical audit is one of the three main audit types you can use to check compliance. Unlike horizontal audits, which sweep across one requirement for all methods, or witnessing audits that just watch a specific activity, ISO 17025 vertical audit requirements take a different route.

A group of professionals discussing audit documents and data in a modern office with charts and digital screens in the background.

With an ISO 17025 vertical audit, you start with a single test report or result and trace every related activity either backward to sample registration or forward to the final report, checking compliance with ISO/IEC 17025:2017 requirements—but only for that specific test. This approach lets you see if all the technical steps for producing a particular result actually happened as they should. You can dig into everything from how staff handled the sample to calibration, training, and quality control for that one result.

Labs usually work vertical audits into their yearly audit plans, right alongside witnessing and horizontal audits. Most places do at least one vertical audit per year, setting aside a half day or maybe a full day to get it done. This focused approach really helps pinpoint process gaps and demonstrates to your accreditation body that you’re keeping technical competence sharp across your testing work.

Key Takeaways

  • Vertical audits track a single test result through all related lab activities to check ISO/IEC 17025:2017 technical requirements
  • Plan for at least one vertical audit a year, which takes about half to a full day
  • This audit looks at sample handling, equipment calibration, staff competency, and quality control for one reported result

Watch the Video: ISO 17025 Vertical Audit Requirements Explained

In this video walkthrough, Ralph Martin explains how to perform an ISO 17025 vertical audit by tracing one actual laboratory job from the original customer request through technical records, sample handling, personnel competence, equipment calibration, quality control, measurement uncertainty, and final reporting.

Use this video as a companion to the written guide below. The goal is to show how a vertical audit follows the real evidence trail for one job and helps determine whether the laboratory’s ISO/IEC 17025 process is working in practice.

Need help building an ISO 17025 internal audit program?

RJ Quality Consulting helps testing and calibration laboratories prepare for ISO/IEC 17025 accreditation, improve internal audits, address corrective actions, and strengthen technical records. A vertical audit is often one of the best ways to identify whether your laboratory process is truly working from request to report.

What Is an ISO 17025 Vertical Audit?

Vertical audits are one of three technical audit types for checking ISO 17025 standards in your lab. They focus on a single test result or report and follow it through your whole testing process.

Usually, the auditor picks a specific report or result, then works backward from that report to when you first got the sample—or sometimes starts at sample registration and moves forward to the final report.

During a vertical audit, you’ll check:

  • Sample registration and handling
  • The test methods you used
  • Equipment (and calibration records) involved
  • Environmental conditions during testing
  • Personnel training and authorization for that test
  • How you recorded data and did calculations
  • Internal quality control results
  • Final reporting

Remember, the auditor only cares about records for that one test. They won’t dig through every activity in the lab. If they’re looking at a water quality test, for example, they’ll only check the training records for folks who worked on that sample.

Vertical audits usually take a half day to a full day. Most labs make sure to include at least one in their annual audit plan. It’s a solid way to see how your quality system holds up for real testing, start to finish. Before performing a vertical audit, it helps to understand how it fits into the larger ISO 17025 internal audit process.

What is the ISO 17025 Vertical Audit Requirements and Why Do They Matter?

Scientists in a laboratory conducting equipment inspections and reviewing data on digital devices discussing ISO 17025 Vertical Audit Requirements.

With vertical audits, you can trace a whole path through your lab’s processes. You start with the final report and work backward, step by step, to the original sample. It’s a way to see how a result really moves through your system.

Why bother? Here’s what you get:

  • You’ll catch gaps between departments or stages
  • You can check if your procedures actually fit together
  • You’ll see if staff really follow the workflow
  • You can test if documentation matches reality

ISO/IEC 17025 requires internal audits, and vertical audits give you a practical way to tick that box. They often reveal issues that other audits miss.

Sometimes, problems only show up when you follow one sample all the way through. Maybe sample handling works, but the handoff between teams is shaky. Vertical audits catch those awkward gaps.

You’ll be looking at things like:

  • Sample registration and tracking
  • Environmental controls during testing
  • Equipment calibration status at the time of use
  • Personnel competency for each task
  • Quality control results for that test
  • Calculations and data handling
  • Final report accuracy

Vertical audits let you test your whole system with real-life examples. They show if your processes actually deliver valid results. When you mix vertical audits with other audit types, you get a much fuller picture of your lab’s ISO/IEC 17025 compliance.

ISO/IEC 17025 is designed to help laboratories demonstrate that they operate competently and generate valid results, which is why a vertical audit is so useful for tracing whether real laboratory work is properly controlled from request to report.

What Should a Vertical Audit Cover?

A group of professionals reviewing documents and data in an office with laboratory equipment and audit materials on the table discussing ISO 17025 Vertical Audit Requirements.

Vertical audits follow one specific test result from start to finish, checking every technical requirement that applies to that activity. You’ll need to look at personnel competence, equipment calibration, environmental conditions, and technical records—just for the test you picked.

Clause 6.2 – Personnel Competence

Make sure everyone involved in the test was actually trained and authorized for what they did. Check training records for each person who handled the sample, ran the test, or reviewed the results.

Look for real proof of training, ongoing assessments, and official authorization. Training records should show staff finished required training before they worked on the test you’re auditing.

Confirm that competence checks are up-to-date and specific to the method you’re tracing. Generic training records won’t cut it. You want to see method-specific training that lines up with the actual work done.

Clause 6.3 – Facilities and Environmental Conditions

Check that the facilities met requirements for the test you’re auditing. Review environmental monitoring records from the date of the test.

Make sure temperature, humidity, lighting, or whatever else mattered stayed within limits. Confirm that you recorded environmental data often enough, and that you spotted and fixed any issues.

Was the testing area suitable? Enough space, clean, separated from incompatible stuff? If the method needed special environmental controls, check that these were working when you ran the test.

Clause 6.4 – Equipment

Verify all equipment used for the test was maintained and working. Check maintenance logs, service records, and status docs for each instrument.

Match equipment IDs to what’s in the test records. Confirm routine maintenance was current at the time of testing.

Look for records of performance checks. These should show equipment worked properly when you used it for your test. If there were any problems, they should be documented and fixed before testing continued.

Clause 6.5 – Metrological Traceability

Check metrological traceability for all measurements in your test. Look at calibration records for every instrument—balances, thermometers, pipettes, analyzers, all of it.

Make sure calibrations were valid when you did the test. Confirm you didn’t go over calibration intervals and that calibration status is clear on the equipment or in records.

Review calibration certificates for traceability to SI units or recognized references. Check that standards and reference materials were stored and handled right. Look for evidence of quality control checks between calibrations.

Clause 7.1 – Review of Requests, Tenders, and Contracts

Verify that the lab reviewed and approved the customer request before starting. Check that the lab had the capability, resources, and competence for the test.

Look for proof of the review process: that you picked the right method and understood customer requirements.

Confirm any deviations from standard methods were approved and documented. If there were limitations or concerns, the lab should’ve told the customer before starting the work.

Clause 7.2 – Selection, Verification, and Validation of Methods

Check that the test method used was suitable and validated. Make sure the lab picked a method that fit the customer’s needs and the sample type.

Review validation records to confirm the method was up to the task. Make sure verification or validation happened before the method was used for customer work.

Performance specs—accuracy, precision, detection limits, range—should be documented and meet requirements. Staff should follow the documented procedure without unauthorized tweaks.

Clause 7.3 – Sampling

If sampling was part of the test, check that it followed documented procedures. Was the sampling plan right for the test and the customer?

Review records for sample ID, location, and quantity. Check that sampling equipment was clean, calibrated if needed, and fit for the sample.

If environmental conditions mattered during sampling, confirm they were recorded. Make sure samples were labeled and chain of custody was kept. Any deviations should be documented and explained.

Clause 7.4 – Handling of Test or Calibration Items

Check that the sample was handled correctly from receipt to disposal. The lab should have recorded its condition on arrival and noted any issues.

Review storage records to see if the sample was kept under the right conditions. Storage temps, container types, and holding times should meet requirements and protect sample integrity.

Sample ID must be maintained throughout. Avoiding mix-ups is key. Check that sub-sampling or prep steps were done right and documented.

Clause 7.5 – Technical Records

Make sure all technical records for the test are complete, accurate, and traceable. Raw data, observations, calculations, and results should all be there.

Records should have enough detail to repeat the test if needed. Entries should be legible, dated, and tied to specific staff.

Corrections or changes should be made using approved methods—single-line cross-outs with initials and dates, or proper electronic controls like audit trails.

Records must be stored securely and kept for the required period. They should show the lab followed all method requirements and quality controls for the test you’re auditing.

Clause 7.6 – Evaluation of Measurement Uncertainty

Check that measurement uncertainty was evaluated for your test result. The lab should’ve identified all significant sources of uncertainty for the measurement.

Review the uncertainty budget or calculation—does it fit the method and range? Uncertainty values should be based on validation data, QC results, or other solid evidence.

Reported uncertainty should match what was calculated and meet customer or regulatory needs. Staff should know which factors contribute most to uncertainty for this test.

Clause 7.7 – Ensuring the Validity of Results

Check that the lab used proper quality control to ensure valid results. QC samples should’ve been analyzed at the right frequency during your test batch.

Step-by-Step Process for Performing a Vertical Audit

In a vertical audit, you follow a single job or sample through each technical step, from receipt all the way to the final report. This lets you see if your lab really follows its documented procedures and meets ISO 17025 technical requirements at every stage.

Step 1 – Select a Representative Job, Sample, Test, or Calibration

Pick a recent job that reflects your lab’s typical work—something from the last few months that actually shows the test or calibration methods on your scope.

Stick with jobs showing standard complexity, not weird edge cases. You want to see your team’s real workflow and how they handle the usual ISO 17025 technical requirements. If you’ve got several major test methods, grab one sample for each.

Don’t go for the easiest or most flawless example. The goal is to see how things really run day to day, not just your highlight reel.

Step 2 – Start with the Customer Request or Work Order

Kick off your audit trail where the customer first got in touch. Find the original request, quote, or contract that kicked things off.

Make sure the request spells out what testing or calibration the customer wanted. Check that your lab wrote down the method to use, any special instructions, and agreed delivery dates. Did staff clear up any confusion before saying yes to the work?

The work order should match what the customer actually asked for. Look for proof that your lab checked technical capability and resources before taking the job.

Step 3 – Trace the Item or Sample Through the Laboratory

Follow the sample or equipment from the moment it arrived to when you finished with it. Start with chain-of-custody or sample login records.

Did staff give the item a unique ID number? Check that storage conditions fit the method requirements and that you monitored the environment if needed. Look for records of sample prep, transfers between people, and any sub-sampling.

Handling procedures should prevent contamination or damage. Check if staff documented storage spots and noted any departures from normal handling.

Step 4 – Verify Personnel, Equipment, and Environmental Evidence

Dig into technical records to see who did what. Each staffer should have up-to-date training and be authorized for the tasks they did.

Look at calibration certificates for all equipment used. Was calibration current on the day of use? Did equipment meet specs? Check maintenance logs and any pre-use functional checks.

If your method needs controlled conditions, review environmental monitoring. Temperature, humidity, or cleanliness records should stay in acceptable ranges during testing.

Step 5 – Review Raw Data, Calculations, and Technical Records

Go through the original data sheets, instrument printouts, or digital files from testing. Did staff record all the observations and measurements needed?

Check that calculations follow your procedures. Double-check key results for accuracy. Did staff use the right formulas, conversion factors, and significant figures? Confirm that measurement uncertainty was figured out the way your procedure says.

See if staff noted any odd observations or deviations. Technical records should be clear enough for another qualified person to follow what happened and repeat the results.

Step 6 – Confirm QC, Validity Checks, and Acceptance Criteria

Find the quality control records for your chosen job. Did staff run blanks, duplicates, reference materials, or control standards as your QC plan demands?

QC results need to meet acceptance criteria before anyone releases results. Look for signs that someone reviewed control charts or statistical monitoring. If things went out of control, did staff take documented corrective actions?

Check if your lab did proficiency testing for this method. Compare with reference values or inter-lab data to back up your results’ validity.

Step 7 – Compare the Final Report to the Technical Record

Put the customer report next to the full technical record. Do all the reported values match your technical records?

Does the report hit all the must-haves from ISO 17025 clause 7.8? That means lab ID, unique report number, customer info, method ID, and a statement of conformity if needed. Measurement uncertainty should show up where required.

Was the report reviewed by a qualified person before it went out? The reviewer needs to check technical accuracy and completeness against your requirements.

Step 8 – Document Findings, Gaps, and Opportunities for Improvement

Write down all audit findings in a format that captures both compliance and nonconformities. Link each finding to the relevant ISO 17025 clause.

Make a table or checklist for each technical requirement, showing if you found evidence of compliance. Note missing records, incomplete docs, or any deviations. Don’t forget to jot down what’s working well and what could use a boost.

Common audit findings include:

  • Missing signatures or dates on technical records
  • Calibration certificates that expired before use
  • Incomplete measurement uncertainty evaluations
  • QC results not reviewed before releasing results
  • Reports missing required information elements

Give each gap a severity level based on how much it could mess with result quality. Even if it’s not a full-blown nonconformity, note opportunities for improvement. These records feed into your corrective action process and help drive continuous improvement.

ISO 17025 Vertical Audit Checklist Example

A vertical audit checklist tracks a single test or calibration as it moves through your lab process. You follow one sample from start to finish, checking compliance with ISO 17025 at each step.

Start your checklist with the customer request and contract review, because a vertical audit follows actual laboratory work from request to report, it naturally touches many of the ISO 17025 Clause 7 process requirements. Make sure your lab actually documented what the client wanted and confirmed you could deliver.

Then, see how your lab handled the test item. Check chain of custody, storage conditions, and labeling. These steps keep the sample safe and sound.

Key technical areas to include:

  • Personnel competence records for staff who performed the work
  • Equipment calibration status and maintenance logs
  • Method validation documentation and proper procedures
  • Environmental conditions during testing
  • Raw data and calculation worksheets
  • Measurement uncertainty calculations

Your ISO 17025 internal audit checklist should also cover the test report. Look for accuracy, clarity, and completeness. Make sure results mention measurement uncertainty when needed.

The checklist needs to show traceability to measurement standards. You have to verify calibrations link back to national or international standards.

Vertical audits aren’t like horizontal ones. Horizontal audits look at one clause across the whole lab; vertical audits follow one job through every relevant clause.

Most internal audit checklists have space for observations, evidence, and findings. Note any nonconformities and improvement ideas as you move through each step.

Frequently Asked Questions

Vertical audits trace a single test or calibration from start to finish, checking all the ISO 17025 requirements that matter along the way. Knowing how to set these up helps labs verify compliance and get ready for external assessments.

What is a vertical audit in a laboratory management system, and how does it differ from a horizontal audit?

A vertical audit follows one sample or test all the way through your lab process. You pick a single report or result and trace it back to the sample’s arrival or forward from receipt to the final report.

A horizontal audit looks at one requirement across everything your lab does. You check compliance with specific ISO 17025 clauses for all your accredited activities. For example, you might review environmental controls or staff competency across all test methods, instead of following one sample.

The big difference? Vertical audits go deep into one workflow; horizontal audits go wide across many processes.

Which ISO/IEC 17025 clauses should be traced during a vertical audit of a single test or calibration from request to report?

Trace clause 6.2 for staff training, competency, and authorization records for whoever handled your chosen sample. Clause 6.3 covers the facilities and environment for the work.

Clauses 7.3 and 7.4 deal with how your lab sampled and handled the specific test or calibration item. Don’t forget clause 7.2 for method selection and 7.6 for measurement uncertainty evaluation.

Clauses 6.4 and 6.5 mean you need to check metrological traceability via equipment calibration records and reference material certificates. Clause 7.7 is all about quality control results for that test.

Review clause 7.5 for technical records and calculations. Clause 7.8 applies to how you reported the final results.

How should a laboratory define the scope, sampling approach, and evidence requirements for a vertical internal audit?

Set your scope by picking the test method, sample type, and time frame you’ll audit. Choose a finished report or result that shows typical lab activities within your accredited scope.

Pick samples based on risk—maybe complex methods, recent complaints, or jobs handled by newly trained staff. You can trace things backward from the report or forward from sample receipt.

Decide what evidence you need before you start. That means the test method docs, sample records, staff training files, equipment calibration certs, and QC data. Record version numbers and dates for everything you review. Because a vertical audit depends heavily on the evidence trail, laboratories should also understand the ISO 17025 technical records requirements that support each result.

What documentation and records are typically reviewed during a vertical audit to demonstrate competence and traceability?

Start with initial sample registration and any related customer requests or contracts. Chain of custody records show how you handled and stored the sample.

Personnel records prove operators were trained and authorized for the method. Environmental logs confirm you met requirements during testing.

Equipment maintenance, calibration certificates, and check results show metrological traceability. You’ll also need reference material certificates and storage records.

Quality control charts and acceptance criteria prove the test stayed under control. Raw data, calculations, and the final report round out the audit trail from sample to result.

How can clause 7.7 (ensuring the validity of results) be effectively evaluated during a vertical audit trail?

Check that your lab did the right quality control activities for the test you’re auditing. Did staff run control samples, duplicates, or reference materials alongside the sample?

Look at whether QC results stayed within acceptance criteria. If controls failed or showed warning signs, did the lab document what they did about it?

See how measurement uncertainty was worked out and if it fits the intended use. Any method validation data should back up the measurement range and accuracy in the report.

How can clause 6.6 (externally provided products and services) be verified within a vertical audit of an end-to-end work process?

Spot any externally provided products used in the test—like reagents, reference materials, or consumables. Make sure your lab approved these suppliers and kept qualification records.

If external services played a role—like subcontracted calibrations or sample prep—your lab needs to show how it checked those providers’ competence.

Review purchase orders and receiving inspection records for materials used in your audited test. Confirm that you got and reviewed certificates of analysis or calibration before using them.

Conclusion

Vertical audits play a big role in keeping your ISO 17025 compliance on track. When you dig into a specific test method or process from start to finish, you get a clear look at whether each step actually meets the standard’s requirements—or if something’s slipping through the cracks.

Labs get a lot out of these audits. You can spot gaps in technical know-how, equipment calibration, and how you’re calculating measurement uncertainty. It’s a chance to see if your team’s really following procedures and if your results will actually hold up when someone checks the records.

Key elements assessed during vertical audits include:

  • Sample handling and identification procedures
  • Equipment calibration status and maintenance records
  • Personnel competency documentation
  • Method validation and verification data
  • Measurement uncertainty calculations
  • Result reporting accuracy

By tackling vertical audits regularly, you give your quality management system a fighting chance. It’s easier to catch issues before they mess with customer results or your accreditation. These deep dives add a technical layer that horizontal audits just can’t match.

It’s smart to mix in scheduled vertical audits with extra reviews whenever you roll out new methods or bring in unfamiliar equipment. Write down what you find—warts and all—and don’t let nonconformities linger. That’s how you keep your lab’s technical reputation (and customer trust) intact.

Vertical audits work best when you’ve got assessors who actually get both the standard and your day-to-day testing. Build up your internal audit skills, or pull in outside experts if you need to. Showing you take vertical audits seriously? That’s a mark of real professionalism and care for quality results.

🕒 Book Your Free 45-Minute Consultation

Have questions about ISO/IEC 17025 or ISO 9001 implementation or accreditation? Schedule a free 45-minute consultation with me to discuss your Company or laboratory’s needs and how we can achieve compliance together.

Schedule Your Consultation

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *