ISO 15189:2022 is the latest international standard defining the quality and competence requirements for medical laboratories. It focuses on risk management, point-of-care testing (POCT), and patient-centered lab operations. The goal is simple: ensure reliable, accurate results and continuous quality improvement that supports better patient outcomes. Applicable to all types of medical labs, from traditional testing facilities to POCT environments, ISO 15189 audits and certification help build strong management systems and clinical credibility.
In this article, we’ll cover how internal audits support ISO 15189 certification, key requirements, and practical steps to prepare your lab for success, along with free ISO 15189 audit checklists to help you get started.
What are the ISO 15189 Standard Requirements?
The ISO 15189:2022 standard outlines the requirements for quality and competence in medical laboratories. The standard is grouped into five main areas: general requirements, structural and governance requirements, resource requirements, process requirements, and management system requirements. Here’s an overview of key requirements for each area:
1. General Requirements
- Laboratories must ensure impartiality, safeguarding their results from any external influences that could compromise quality.
- Confidentiality of patient data is mandatory, with strict procedures to protect information integrity and privacy.
- The laboratory should uphold patient rights and focus on safety and well-being across all activities.
2. Structural and Governance Requirements
- A clear organizational structure, defined responsibilities, and legal accountability are required.
- The laboratory director and management must oversee quality management, risk assessments, and continuous improvements.
- There should be documented policies, objectives, and procedures to guide laboratory governance and meet user needs.
3. Resource Requirements
- Staff must be qualified, trained, and regularly evaluated for competence.
- Facilities should be safe, properly maintained, and environmentally controlled.
- Equipment must be suitable for use, calibrated, and subject to ongoing maintenance and traceability.
- There should be clear processes for the management of reagents, consumables, and service agreements.
4. Process Requirements
- The standard covers the entire analytical cycle: pre-examination (sample collection and handling), examination (analysis), and post-examination (result reporting).
- All procedures, from sample acceptance to reporting, must be documented, validated, and continuously evaluated for accuracy.
- Systems for managing complaints, nonconforming work, and quality control (both internal and external) are required to ensure patient safety and result reliability.
5. Management System Requirements
- Implementation of a documented quality management system (QMS) is required, covering policies, objectives, and document control.
- The QMS must include risk management practices, internal audits, management reviews, continual improvement, and an active process for addressing nonconformities.
- Control of management-system documents and records retention must be explicitly managed, as should actions to address risks and improvement opportunities.
ISO 15189 Audits: An Overview
An ISO 15189 audit reviews all elements of the laboratory’s QMS, covering managerial and technical components, as well as pre-examination, examination, and post-examination processes. They check whether procedures are documented, effective, and implemented.
Who Needs ISO 15189 Audits?
ISO 15189 applies specifically to medical laboratories, such as hospital labs, diagnostic centers, blood banks, or contract labs handling human biological samples for diagnosis, monitoring, or treatment. Laboratories offering point-of-care testing (POCT), operating in hospital settings, or performing medical analyses to inform patient care are all within scope.
When are ISO 15189 Audits Performed?
Audits under ISO 15189 must be performed regularly, usually at least annually, as part of maintaining accreditation and promoting continuous improvement. Internal audits are mandated before the initial accreditation assessment and repeated periodically to verify ongoing conformance to QMS procedures and effective operation. Accreditation bodies conduct external audits during the initial assessment and routine surveillance to verify compliance and address any nonconformities. Management reviews are also typically required yearly to support patient care and ongoing effectiveness.
Why are ISO 15189 Audits & Certification Important?
Here are some reasons why the ISO standard for medical laboratories is important:
- Strengthens the accuracy and consistency of laboratory results by ensuring validated testing methods, proper documentation, and standardized processes.
- Demonstrates your laboratory’s commitment to internationally recognized quality standards, building confidence among patients, healthcare providers, and stakeholders.
- Reduces diagnostic errors by enforcing stringent quality control measures, accurate reporting, and traceability throughout the testing process.
- Streamlines workflows through systematic process evaluation, minimizing waste, reducing turnaround times, and improving overall laboratory performance.
- Aligns laboratory operations with national and international regulatory requirements, reducing risks of non-compliance and associated penalties.
- Differentiates your laboratory in the healthcare market by showcasing excellence in quality management and continuous improvement.
Free Audit Checklist Templates for Laboratories
Use this free, comprehensive ISO15198 audit checklist to conduct internal audits and gap analysis, and ensure compliance with ISO 15189 standard requirements.
GoAudits offers free, customizable audit checklists to help you easily manage quality and safety in your laboratory, drive improvements, and stay ready for audits or accreditation. You may also be interested in these additional checklists:
Types of ISO 15189 Audits
ISO 15189 audits are typically conducted in two styles: horizontal audits and vertical audits, each serving distinct quality assurance purposes in medical laboratory management.
ISO 15189 Horizontal Audits
A horizontal audit reviews a specific process, procedure, or quality management system element across multiple departments or sections within the laboratory.
For example, auditing report generation or document control practices in all sections (e.g., hematology, microbiology, administration) to check for consistent application and interpretation of procedures.
The goal is to identify differences in procedure adherence or system implementation between departments, improving standardization and compliance.
ISO 15189 Vertical Audits
A vertical audit focuses on all processes surrounding a single specimen, test, or department, from initiation to result reporting, by following a sample through every phase (pre-analytical, analytical, and post-analytical).
It audits inputs, operations, records, staff competency, equipment, document control, and result accuracy for one particular sample or procedure.
Vertical audits evaluate interactions among processes and are well-suited to trace quality and procedural implementation for one complete workflow cycle.
Steps to Perform Internal ISO 15189 Audits
Performing internal audits under ISO 15189 helps you evaluate the effectiveness of your laboratory’s quality management system and ensure compliance with the standard’s requirements. Follow these steps to perform them effectively:
1. Define Audit Objectives and Scope
Start by clearly defining what you want to achieve with the audit. Objectives may include verifying compliance with ISO 15189, identifying process gaps, or evaluating the effectiveness of corrective actions. Define the scope by specifying which departments, activities, or processes will be audited. Ensure the scope aligns with the laboratory’s overall quality objectives.
2. Develop an Audit Plan
Create a detailed audit plan outlining the audit’s timeline, areas to be assessed, and responsible auditors. Include key dates, audit methods, and sampling strategies. Share the plan with relevant personnel in advance to ensure preparedness and cooperation during the audit.
3. Select and Train Internal Auditors
Choose auditors who are independent of the activities being audited to maintain objectivity. Provide them with training on ISO 15189 requirements, auditing techniques, and reporting procedures. Trained auditors can identify nonconformities accurately and provide valuable insights for improvement.
4. Review Documentation and Records
Before the on-site audit, review relevant documents such as ISO standard operating procedures (SOPs), quality manuals, and previous audit reports. Examine records like test results, maintenance logs, and training files. This helps auditors understand the processes and identify potential areas of concern.
5. Perform On-Site Audit Activities
Conduct the on-site audit by observing operations, interviewing staff, and examining records and equipment. Follow the audit plan to ensure all key requirements are evaluated, focusing on gathering factual evidence.
6. Record Findings and Evidence
Document all observations, including both conformities and nonconformities. Record objective evidence such as document numbers, record identifiers, or direct observations. Classify findings based on their severity, including major, minor, or observation, to help prioritize corrective actions.
7. Prepare and Distribute the Audit Report
Compile the findings into a clear and concise audit report. The report should include the audit objectives, scope, criteria, observations, nonconformities, and recommendations. Share it with management and relevant personnel promptly to initiate corrective and preventive actions.
8. Implement Corrective and Preventive Actions
Address nonconformities by determining their root causes and implementing corrective and preventive measures. Assign responsibilities and deadlines to ensure timely resolution. Keep detailed records of the actions taken to demonstrate compliance and improvement.
9. Verify the Effectiveness of Actions
Follow up to confirm that corrective and preventive actions have effectively resolved the identified issues. Review updated records, observe processes, or conduct follow-up audits. Verification ensures that improvements are sustainable and that similar issues will not recur.
ISO 15189 Certification Process
The ISO 15189 certification process typically takes a few months to over a year, depending on laboratory size, complexity, and existing quality systems. Once obtained, the certification is valid for three years, after which medical laboratories must undergo a recertification audit to maintain accreditation.
👉 Medical laboratories accredited under ISO 15189:2012 must transition to the 2022 standard by December 2025.
Below is a clear breakdown of the ISO 15189 certification process:
1. Understand the ISO 15189 Standard Requirements
Begin by studying ISO 15189:2022 in detail. Understand its two core sections: management requirements and technical requirements. These cover areas such as personnel competence, equipment calibration, document control, and quality assurance. You must ensure that all processes align with these criteria before starting the certification journey.
2. Conduct a Gap Analysis and Management Reviews
Perform a gap analysis to compare current laboratory practices against ISO 15189 requirements. Identify gaps in documentation, processes, or resources. Following the analysis, conduct a management review to evaluate overall readiness, resource needs, and improvement priorities.
3. Develop and Implement a Quality Management System (QMS)
Design and implement a QMS that meets ISO 15189 standards. This system should define responsibilities, procedures, and workflows for all laboratory activities. Ensure that all staff understand the QMS and follow it consistently. Proper documentation and record control are essential at this stage.
4. Conduct Internal Audits
Carry out internal audits to verify whether the QMS is effectively implemented. These audits help identify nonconformities and areas needing improvement. They also demonstrate your commitment to continuous quality improvement before facing the external audit.
5. Choose an Accredited Certification Body
Select a recognized and accredited certification body authorized to assess medical laboratories against ISO 15189. Choosing an accredited body ensures international recognition of your certification and credibility in clinical testing.
6. Undergo the External Assessment (Certification Audit)
The certification body conducts an external audit in two stages:
- Stage 1 Audit: Review of documentation, policies, and readiness.
- Stage 2 Audit: On-site evaluation of laboratory operations, equipment, and staff competence.
The auditors assess compliance with ISO 15189 requirements and provide a detailed report on findings and nonconformities.
7. Implement Corrective Actions
If the audit identifies any nonconformities, develop and implement corrective actions within the specified timeframe. Provide evidence of these actions to the certification body to demonstrate compliance.
8. Obtain Certification
Once all requirements are met and corrective actions verified, the certification body issues the ISO 15189 certificate. This certificate confirms that your laboratory meets the international standard for quality and competence.
9. Maintain and Continually Improve the System
Certification is not a one-time achievement. You must maintain and improve your QMS through regular internal audits, staff training, and management reviews. Continuous monitoring ensures ongoing compliance and operational excellence.
Prepare for ISO 15189 Certification with Internal Audits
Preparing for ISO 15189 certification requires a systematic approach to ensure your medical laboratory meets international quality and competence standards. Conducting effective internal audits helps you identify gaps, strengthen quality management systems, and maintain compliance with ISO 15189 requirements. With GoAudits ISO compliance software, an all-in-one mobile auditing platform, you can streamline audit processes, ensure data integrity, and focus on continuous improvement rather than administrative work.
- Capture audit data, photos, and signatures directly from any device, even offline.
- Create tailored checklists aligned with ISO 15189 standard requirements or use ready-made templates for faster setup.
- Instantly generate professional reports after each audit, complete with photos, timestamps, and corrective actions.
- Assign tasks, monitor completion, and ensure full traceability through a centralized dashboard.
- Analyze historical data and recurring issues to identify trends, drive improvements, and maintain continuous compliance.
- Gain a complete view of audit performance across sites, departments, and processes to make informed, data-driven decisions.
FAQs
ISO 15189 is not legally mandatory for all medical laboratories, but many countries, including Ireland, France, Hungary, and Belgium, require accreditation to ensure consistent quality and reliability in testing. Regulatory authorities, healthcare providers, and patients increasingly prefer labs accredited under ISO 15189 because it demonstrates technical competence, accurate results, and compliance with internationally recognized quality principles. In the United States, CLIA is the mandatory regulatory framework for clinical labs, while ISO 15189 is not a mandatory regulatory requirement.
Common nonconformities during ISO 15189 audits include incomplete documentation, inadequate method validation, and poor control of equipment calibration or maintenance. Labs often fail to ensure staff competency assessments, traceability of measurements, or effective internal audits and management reviews. Other recurring issues involve weak risk management, improper handling of patient samples, and insufficient corrective action processes.
ISO 15189:2022 introduces a stronger focus on risk management, patient-centered outcomes, and data integrity, aligning more closely with ISO/IEC 17025 and ISO 22367 requirements. It removes the separate ISO 22870 standard by integrating POCT requirements directly into the new edition. The updated standard also emphasizes competence-based evaluation, electronic data security, and quality improvement through a risk-based approach. ISO 15189:2012 primarily focused on quality and technical management systems without the enhanced digital and patient-safety considerations now required. ISO 15189:2012 and ISO 22870:2016 have been withdrawn.
ISO 15189 is a voluntary, international standard defining the quality and competence requirements for medical laboratories worldwide. Clinical Laboratory Improvement Amendments (CLIA) is a US federal regulation that ensures laboratory testing quality within the country. ISO 15189 focuses on both management and technical competence, emphasizing continual improvement and global alignment. CLIA, however, specifies minimum operational and testing standards aimed at ensuring accurate and reliable patient results in the US. Laboratories outside the US typically pursue ISO 15189 accreditation, whereas US labs must comply with CLIA regulations to operate legally.
