Review Checklist

ISO/IEC 17020:2012

REVIEW CHECKLIST

The ISO/IEC 17020 Review Checklist is designed to help you review systemdocumentation to ensure that it complies with all relevant clauses of ISO/IEC 17020. Thechecklist can be used as preparation tool for all initial assessment and reassessment visits.

Assessment team members can also use it during the assessment visit to facilitate the

collection of relevant data.

The checklist includes all ISO/IEC 17020 clauses from clause 4 onwards. Clauses 1 to 3 have

been omitted as they contain scope, reference and definition clauses only.

In the checklist, the major relevant issue of each clause is summarised in a few words as an

aide memoire. There is provision for you to note the reference point in your own system

covering the issue and/or explanatory comment

Some sections of this document may not apply to all inspection bodies.

In the International Standard, the following verbal forms are used:

“shall” indicates a requirement;

“should” indicates a recommendation;

“may” indicates a permission;

“can” indicates a possibility or a capability.

No. Clause summarised / YourSystem
Reference / Other Comment

Scope - this document assumes inspection body A

Includes references in the Standard

Definitions are those in standard 17000

4 General requirements

No. Clause summarised / Your
System
Reference / Other Comment
4.1 Impartiality and independence
4.1.1 Inspection activities shall be
undertaken impartially.
4.1.2 Responsible for impartiality of
inspection activities.
Commercial, financial or other
pressures not to compromise
impartiality.
If IB is a part of a larger organisation demonstrate no Conflict of Interest.Relevant information on activities of larger organisation shall be maintained up to date.
Guidance should be providedregarding behaviours if undue
pressure is applied.
Records of situations where unduepressure has been applied to
inspectors should be kept.
Requirements relating to impartialityare also applicable to subcontractors(See 6.1.12).
4.1.3 Identify risks to its impartiality on an ongoing basis. Consider activities,
relationships.
NOTE relationships can include ownership, governance,
management, personnel, shared resources, finances, contracts, marketing (including branding), commissions or other inducement, etc.
Periodic formal review may partiallyaddress this.IB should anticipate staff willencounter undue pressure, andrespond, including:Guidance to staff on acceptablebehaviour;
Creation of systems to record andrespond to undue pressure (from any source).
If assessment finds failure around impartiality, investigate to confirm that control over potential conflicts of interest has been re-established.
4.1.4 If a risk to impartiality is identified, demonstrate how eliminated / minimised.
4.1.5 Top management commitment to impartiality.
4.1.6 Independent to the extent
needed
4.1.6.a Type A requirements Clause A.1
Fully independent of all involvement
Consider
Internal structures
Consider design, manufacture, supply, installation, purchase, ownership, use or maintenance of inspected items.
Ownership andmanagement
Linked companies
No. Clause summarised / Your System
Reference / Other Comment
4.1.6b – type B & 4.1.6.c – not relevant to LA NB’s
4.2 Confidentiality
4.2.1 responsible, through legally
enforceable commitments, for the management of information obtained or
created.
Inform client, in advance, of information open to public.
Generally information is proprietary and confidential.
Requirements relating to confidentiality are also applicable to
sub-contractors (See 6.1.13)
4.2.2 Client notified of the
information made public.
4.2.3 Information about the client
obtained from other sources
also confidential.

5 Structural requirements

No. Clause summarised / Your System
Reference / Other Comment
5.1 Administrative requirements
5.1.1 Legal entity, can be held legally responsible for inspection activities.
NOTE A governmental IB is a legal entity due to governmental status.
5.1.2 If part of a legal entity involved in activities other than inspection then
identifiable within that entity.
5.1.3 Documentation outlining
competence.
5.1.4 Adequate provision (e.g. insurance or reserves) to cover liabilities.
NOTE The liability can be assumed by other parties.
Show factors considered re level of provision. Also cover sub-contracting activities.
Insurance, Insurer Policy No, Value, Expiry, Prof.indemnity, Public Liability, Other
5.1.5 Documentation describing the
contractual conditions for service, except for services to parent entity.
5.2 Organisation and management
5.2.1 Structured, managed to
safeguard impartiality.
5.2.2 Organised, managed to
maintain inspection capability.
NOTE Inspection schemes can require exchange of technical experience.
Consider competence re infrequent
inspections
5.2.3 Define and document the
responsibilities and reporting
structure.
5.2.4 Relationships within broader
legal entity.
5.2.5 Technical manager(s), responsible for inspection activities. Technical manager available,competent and experienced.
Consider factors in appropriate “availability”.
5.2.6 Deputies for technical
manager.
5.2.7 “job description” for each position involved in inspection activities.

6 Resourcerequirements

No. Clause summarised / Your System
Reference / Other Comment
6.1 Personnel
6.1.1 Competence requirements for
all personnel involved in
inspection activities:
education,
training,
technical knowledge,
skills,
experience.
NOTE See also 5.2.7 (jobdescription).
6.1.2 Sufficient number of
competent persons, for type,
range and volume of work
6.1.3 The personnel:
•qualifications,
•training,
•experience, and
•satisfactory knowledge .
relevant knowledge of:
•technology, processes,
•delivery of services,
•use of products,
•operation of processes,
•delivery of services,
•defects, failures and deficiencies, and
•significance of deviations.
Where relevant, inspection body staff must have:
relevant qualifications or assessed as competent;
completed relevant in-house training;
familiar with principles & practices of inspections performed / supervised;
familiarity with inspection equipment, including its performance, use and calibration;
knowledge of standards / specifications used;
knowledge of management system;
can record findings and write clear and appropriate reports and/or certificates;
understand legal significance of approving and issuing reports;
know ISO/IEC 17020, UK verification Rules, this document, and relevant Regulations and Documents;
participate in continuing professional development.
Management of Inspector and staff competence
Staff may be appointed / authorised.
documented policy and procedure.
covers all staff affecting outcomes, inspectors, clerical, ancillary and service personnel.
may cover all, or limited elements or process steps associated with the inspection.
demonstrate that reports get appropriate technical review prior to issue.
The following matters are required:
1. Identify the minimum qualification and experience necessary
2. Manage the development and appointment of staff and procedures must be documented.
3. Develop and implement competency assessment criteria for staff covering responsibilities, expectations on conduct of work, field activities, code interpretation.
4. Staff must participate in professional development
5. Records of qualification, professional development, experience and training kept for each staff member.
6. Appointment dates and coverage and withdrawal date must be kept.
7. A system to assure confidence in inspections conducted by different inspectors must be developed & used at intervals throughout the employment of the inspector.
Records of outcomes and any associated corrective actions must be retained.
Records
Facilities should hold a current listing of staff authorised to issue reports, including as appropriate the range of activities for which they are approved.
6.1.4 Duties, responsibilities and
authorities clear to each
person
6.1.5 Documented procedures for
selecting,
training,
formally authorising, andmonitoring inspectors andpersonnel involved in
inspection activities.
Training records must be able toconfirm the competency level of anindividual for a given task
6.1.6 Procedures cover:
a) an induction period;
b) a mentored working period;
c) continuing training.
6.1.7 The training requirements
consider ability, qualifications
and experience of each
person and the results of
monitoring (see 6.1.8).
6.1.8 Monitoring
monitors familiar with theinspection methods andprocedures,
for satisfactoryperformance,
results of monitoring shallbe used as a means ofidentify training needs
(6.1.7).
NOTE Monitoring can include acombination of techniques suchas on-site observations, report reviews, interviews, simulatedinspections and other techniquesto assess performance, and willdepend on the nature ofinspection activities.
6.1.9 Each inspector shall beobserved on-site unless ….
NOTE on-site observationsshould minimise disturbance of
the inspections.
6.1.10 records of

monitoring,
education,
training,
technical knowledge,
skills,
experience and
authorisation

of each person in inspectionactivities.
Consider health records andspecialist licences systems to prompt
when checks or renewal due.
6.1.11 Remuneration not to
influence the results of
inspections
6.1.12 All personnel (internal and
external) shall act impartially.
6.1.13 All personnel (internal andexternal) shall maintainconfidentiality

6.2 Facilities andequipment

No. Clause summarised / Your System
Reference / Other Comment
6.2.1 Available, suitable andadequate facilities andequipment
6.2.2 Rules for the access to, andthe use of, specified facilitiesand equipment used toperform inspections.
6.2.3 Ensure the continuedsuitability of the facilities andthe equipment mentioned in6.2.1 for their intended use.
6.2.4 All equipment having a
significant influence on the
results of the inspection shall
be defined and, where
appropriate, uniquely
identified.
6.2.5 All equipment (see 6.2.4)shall be maintained usingdocumented procedures andinstructions.
6.2.6 Where appropriate,measurement equipmenthaving a significant influence
on the results of theinspection shall be calibratedbefore use, and thenaccording to a programme.
Metrologically traceable calibrationsappropriate if
measurements play a significantpart in the inspection findings, or
a measurement is required with aclearly defined accuracy.
The need for accuracy may beimplicit in statements such as “goodengineering practice”. Under suchexpectations measuring equipmentused must meet the requirements of the regulations
6.2.7 Calibration of equipment sothat measurements aretraceable to national orinternational standards ofmeasurement, whereavailable.
6.2.8 Reference standards ofmeasurement held by theinspection body shall be usedfor calibration only
Where calibrations (not checks orverifications) are done in-house
consider thecompetence of calibration staff;
completeness of calibrationprocedures;
suitability of reference standards;
measurement needs.
6.2.9 Where relevant, equipmentgets in-service checks.
6.2.10 Reference materialstraceable to national /international referencematerials.
6.2.11 Where relevant, proceduresfor
a) selection and approval ofsuppliers;
b) verification of incomingitems;
c) appropriate storagefacilities.
6.2.12 Where applicable, thecondition of stored items shallbe assessed at appropriateintervals to detectdeterioration.
6.2.13 Computers or automatedequipment :
a) software is adequate foruse;
NOTE this can be done by the
following:
- validation of calculations beforeuse
- periodic revalidation of hardware /software- revalidation when changes aremade to hardware or software
- software updates implementedas required
b) procedures for protectingthe integrity and security ofdata;
c) equipment is maintained inorder to ensure properfunctioning.
Records of validation and checks onits integrity retained. Checks onsoftware updates before the up-datesare broadly implemented. Identifywhich version of software was or is inuse and be able to confirm thecurrent status of software used bystaff in portable electronic equipment.
Factors that may be considered inprotecting the integrity and security ofdata include (but are not limited to):
backup practices andfrequencies;
effectiveness in restoring datafrom backup;
virus protection;
password protection.
6.2.14 Procedures for dealing with
defective equipment.

removed from service by segregation, labelling or marking.
consider effects on previous inspections.

6.2.15 Equipment and softwarerecords.

identification
information on calibration
information onmaintenance.

Information recorded should, whereappropriate, include:
a) the name of the equipment andits identification;
b) manufacturer’s name;
c) manufacturer’s equipmentidentification such as serial
number;
d) date received and placed inservice;
e) condition when received;
f) maintenance instructions;
g) history of maintenance andcalibration;
h) calibration records;
i) current location or who theequipment has been assigned to;
j) calibration procedures used.
All equipment checks andcalibrations should record the
following information:
a) Name of equipment;
b) Identification of equipment (forexample, a serial number, etc);
c) Location of equipment if relevant;
d) Specification (including year)where appropriate;
e) Indication of the acceptancecriteria used on the records;
f) Identification of personnelcarrying out the work;
g) Identification of referenceequipment used (for example,
Vernier callipers 36101, reference thermometer A227,etc);
h) Procedure used or reference todocumented procedure;
i) Date the check was performed;
j) Results obtained;
k) Statement of acceptability orotherwise of the check;
l) Any follow-up action required tocorrect deficiencies.

6.3 Subcontracting

No. Clause summarised / Your System
Reference / Other Comment
6.3.1 The inspection body shallitself normally perform thecontracted inspections.
Demonstrate subcontractorcompetent, complies withrelevant standards.
Subcontractors do not operate under the NB managementsystem. (see 6.1.2)
6.3.2 Client informed ofsubcontracting
6.3.3 Responsibility for anydetermination of conformityremains with the inspectionbody.
6.3.4 Records of investigation ofthe competence ofsubcontractors and of theirconformity with relevantconformity assessmentstandards.
Register of all subcontractors.

7 Process requirements

7.1 Inspection methodsand procedures

No. Clause summarised / Your System
Reference / Other Comment
7.1.1 Uses methods andprocedures of therequirements.
Where these are not defined,the inspection body shalldevelop specific methods andprocedures to be used (see
7.1.3).
Inform client if proposedmethod is consideredinappropriate.
7.1.2 Have and use adequatedocumented instructions on
inspection planning
sampling and
inspection techniques,where needed for effectiveinspection.
Sufficient knowledge ofstatistical techniquessupporting
sound samplingprocedures,
correct data processing,
interpretation of results.
7.1.3 Non-standard methodsappropriate and fullydocumented.
7.1.4 All instructions, standards orwritten procedures,worksheets, check lists andreference data needed shall
be maintained up-to-date andavailable.
7.1.5 The inspection body shallhave a contract or work order
control system which ensuresthat:
a) work is within its expertiseand that the organisationhas adequate resources tomeet the requirements;
b) the requirementsadequately defined special conditions are understood,
allowing unambiguousinstructions;
c) work is controlled byregular review andcorrective action;
d) the requirements of thecontract or work orderhave been met.
Consider change management andrecording changes. Verbally
established agreements, requestsand changes to the scope of worksalter the contract and must bedocumented, included in contractreview processes and confirmed inwriting with the client.
7.1.6 Integrity of informationsupplied by any other partyas part of the inspection
process, shall be verified.
7.1.7 Observations recorded in atimely manner to preventinformation loss.
7.1.8 Calculations and data transfer
checks.
NOTE Data is anythingtransferred where errors could
be introduced in transfer.
The policy and system for checkingcalculations and data transfers mustbe documented. Corrections tooriginal inspection records shall beinitialled and dated by the amending
officer.
7.1.9 The inspection body shallhave documented instructionsfor carrying out inspection ina safe manner.
Safety clauses in codes listed in thescope of accreditation must beobserved by the inspection body.
Inspection bodies visiting clients andother organisations must alsoobserve site specific safetyrequirements.

7.2 Handling inspectionitems and samples

No. Clause summarised / Your System
Reference / Other Comment
7.2.1 Items and samples to beinspected are uniquelyidentified in order to avoid
confusion regarding identity
7.2.2 Establish whether the item tobe inspected has beenprepared.
7.2.3 Abnormalities recorded.
If item doubtful or not as
described, client contacted
Inspection records should detailclient decision.
7.2.4 Procedures and facilities toavoid deterioration or damageto items

7.3 Inspection records

No. Clause summarised / Your System
Reference / Other Comment
7.3.1 The inspection body shallmaintain a record system(see 8.4) to demonstrate theeffective fulfilment of theinspection procedures andenable an evaluation of theinspection.
The following must, whereappropriate and/or relevant, be
considered as inspection records:
a) contract review negotiations;
b) client/work instructions(preferably written, with all oral
instructions from the client to berecorded);
c) all original notes and calculationstaken by the inspector and/or
other staff during an inspection;
d) original copies or negatives ofphotographs (including electronic
retention of original digitalphotographic data);
e) the identity of the staffundertaking part(s) or the whole
of the inspection;
f) computer data files and/orsoftware programs;
g) reports on sampling, tests andmeasurements including copies
of reports on sub-contractedinspection, sampling and/or
testing work conducted;
h) a copy of the inspection reportand a record of its distribution;
i) records of all discussions withclients during or after the
inspection relevant to thepreparation of the inspection
report;
j) date and time of inspection.
7.3.2 The inspection report orcertificate shall be internallytraceable to the inspector(s)who performed theinspection.

7.4 Inspection reports and

inspection certificates

No. Clause summarised / Your System
Reference / Other Comment
7.4.1 The work carried out by the
inspection body shall becovered by a retrievableinspection report orinspection certificate.
Where electronic means are used toapprove an inspection report, accessto the electronic storage mediummust be controlled.
7.4.2.a Inspection reports –Content
Inspection reports may besimple or complex. ISO/IEC17020 identifies the followingpossible elements. Items inbold are requirements of the
standard; items in plain areoptions identified in Annex B,items in italics are NATA’s
reporting requirements.
Designation of thedocument, i.e. as aninspection report or aninspection certificate,(Annex B, a))
7.4.2a. Identification of theissuing body
Identification of the issuingfacility may be by:
the name in which theaccreditation is held or,
the accreditation number, or
the street address.
as required, other uniqueorganisation identification maybe used;
7.4.2b. Unique identification ofthe report.
The report must carry this uniqueidentification on each page
indication of the total number ofpages, each page beingnumbered for multi-page reports;
identification of the client; (Note the owner of the
inspected item can bementioned in the report orcertificate if the owner is notthe client)
description of theinspection work ordered;
7.4.2c. date(s) of the inspection
information on where the inspection was carried out;
identification or briefdescription of theinspection method(s) andprocedure(s) mentioningdeviations from, additionsto or exclusions from theagreed methods andprocedures;
reference to the use of subcontractors(where appropriate)including identification of the subcontractedinspection and/or
testing results;
7.4.2d. identification of theitems inspected
identification of equipmentused for measuring /
testing;
where applicable, and ifnot specified in the
inspection method orprocedure, reference to or
description of thesampling methods andinformation on where,when, how and by whomthe samples were taken;
information onenvironmental conditionsduring the inspection, if relevant;
inspection resultsexcept where detailed in
accordance with clause7.4.3 (7.4.2 g))
Results may include reference tospecifications, defects or other
non-compliances identified;
a statement of conformity whereapplicable; (7.4.2 f))
statement that theinspection results relateexclusively to the workordered or to the items or
lot inspected;
information on what hasbeen omitted from the
original scope of work;
the inspector’s mark or seal;
names (or uniqueidentification) of thepersonnel members whohave performed theinspection and in caseswhen secure electronicauthentication is not
undertaken, theirsignature (See also 7.4.2)
signature or otherindication of approval,by authorisedpersonnel; (7.4.2 e))
date of issue of thereport; (7.4.2 b)
any other information required bythe client;
caveats and assumptions madeby the facility, and the basis for
these (where applicable);
reference to sub-contractor’sattached reports (whereappropriate - see Note below);
clear identification of inspectionand test data from nonaccreditedsources that has beenutilised in the inspection (whereappropriate).
7.4.3 Certificates without results[see 7.4.2g)] only if canproduce report with results,and certificate and reportcross-refer
7.4.4 Reports are

correct,
accurate, and
clear.
subcontractors resultsidentified.

7.4.5 Corrections or additions to an
inspection report orinspection certificate afterissue shall be recorded.
Amended document identifythe replaced document.
Procedures must be documentedcovering the withdrawal and reissueof inspection reportswhen it is required

7.5 Complaints andappeals (C&A)

No. Clause summarised / Your System
Reference / Other Comment
7.5.1 Documented process for C&A

receive,
evaluate
decide

Records (See 8.4) must includeauthentication, investigation and
resolution of complaints.
7.5.2 C&A process available onrequest.
7.5.3 On receiptconfirm relevant and,
if so, dealt with.
7.5.4 Responsible for all decisions
at all levels of handling C&A.
7.5.5 Investigation and decision not
result in any discriminatoryactions.

7.6 Complaints and