Last Updated on September 24, 2025 by Melissa Lazaro

Implementing Competence Management in Line with ISO 15189:2022

Let’s be real—when ISO 15189:2022 rolled out its updated requirements, a lot of lab managers I’ve worked with had the same reaction: “Competence management? We’ve got training records, we’re good.” But here’s what I’ve noticed after working with over thirty medical labs across different countries—most confuse training with true competence, and that gap can lead to major non-conformities during audits.

In my experience as an ISO consultant, the labs that thrive (not just survive audits) are the ones that treat competence like a living, breathing system—not a dusty file full of certificates. They know who can do what, where the gaps are, and they’ve got a plan to keep everyone sharp, especially when procedures change or new tech rolls in.

So, if you’re wondering how to actually implement a competence management system that aligns with ISO 15189:2022, you’re in the right place. This guide will walk you through exactly what the standard expects, how to build a system that works in real labs (not just in theory), and how to avoid the compliance traps that trip up so many teams.

Whether you’re updating your QMS, preparing for re-accreditation, or building your system from scratch—this post will give you the clarity and confidence to get it right.

Let’s dive in.

What ISO 15189:2022 Actually Says About Competence (Without the Jargon)

Alright, before we build the system, we need to understand what ISO 15189:2022 actually expects. And trust me, it’s more than just hiring qualified people and handing out SOPs.

So, what does the standard really want?

ISO 15189:2022—especially in Clause 5.2—puts a strong emphasis on competence, not just qualification. That’s a big distinction.

Here’s the breakdown:

• Qualification is what someone has—like a diploma or certificate.

• Competence is what someone can actually do—how well they perform in real situations, following procedures correctly, using equipment properly, and making sound decisions when things get tricky.

In other words, just because someone is qualified on paper doesn’t mean they’re competent in practice. The standard is crystal clear: labs need to actively verify that staff are competent to perform their tasks. That means assessments, observations, and ongoing checks—not just one-time onboarding.

Key phrases you’ll see in the standard:

• “Personnel shall be competent…”

• “Demonstrate ongoing competence…”

• “Documented evaluations…”

It sounds a little formal, but here’s the takeaway: you need a system to define, assess, document, and maintain staff competence—not just hope for the best.

And that’s exactly what we’ll build step by step in the sections that follow.

How to Map Roles, Responsibilities, and the Right Competence (Without Losing Your Mind)

Now that we’ve unpacked what the standard says, let’s get practical. Because here’s the truth: you can’t manage competence if you don’t know what “competent” looks like for each role in your lab.

In my consulting work, this is one of the first things we fix—no more vague job descriptions or one-size-fits-all assessments.

Start with a Competence Matrix

Think of it like this: for every role in the lab, you want to list:

• Key responsibilities

• Tasks they perform regularly

• Skills, knowledge, and behaviors required

• Relevant equipment, tests, and methods they need to be trained on

A simple spreadsheet can do the trick—one that maps roles across the top and required competencies down the side.

Here’s a real-world example from a lab I helped in the Philippines:
For a Microbiology Lab Tech, the matrix included:

• Aseptic technique

• Gram staining accuracy

• Use of biosafety cabinet

• Identification of organisms

• Proper waste disposal

While a Molecular Diagnostics Analyst had items like:

• PCR setup and contamination control

• Thermocycler programming

• RNA extraction procedures

• Interpretation of amplification curves

Totally different roles—totally different competence profiles.

Match Responsibilities to Actual Risks

This is key. ISO 15189:2022 expects you to align competence not just with job titles, but with risks to patient safety and quality of results. So, if someone’s role involves critical tests like HIV or blood typing, their competence requirements—and verification methods—should be dialed up accordingly.

Pro Tip: During internal audits, I often flag when labs use the same training checklist for everyone. Don’t do that. It’s a red flag for auditors—and honestly, it’s not fair to your staff either.

Methods to Assess and Verify Competence (This Is Where Most Labs Get It Wrong)

Let’s be honest—most labs think they’re assessing competence, but what they’re actually doing is just documenting training. And while training is part of the picture, it’s not the full story.

In ISO 15189:2022, the expectation is clear: you must actively verify that your staff can do their job accurately and reliably. That means going beyond certificates and sign-offs.

So, how do you actually verify competence?

Here are the core methods I’ve used with client labs—and seen work well during audits:

• Direct Observation
  Watch the person perform the task in real time. Not just once, but enough to be confident they know what they’re doing—especially for high-risk or high-volume procedures.

• Blind Sample Testing
  This one’s great for diagnostic accuracy. You give them a sample with a known result (but don’t tell them the answer), then check their outcome. Perfect for things like microscopy, culture interpretation, or PCR.

• Written or Oral Exams
  Especially helpful for procedures that require critical thinking, troubleshooting, or understanding the theory behind the work—not just the steps.

• Peer Reviews or Supervisor Evaluations
  Sometimes the best way to catch competence gaps is by asking those who work closest with the staff member. Peer input can be really insightful when done constructively.

• Review of Work Over Time
  Audit their test results, turnaround times, error rates, and documentation quality. Patterns don’t lie.

How often should you reassess?

That depends on the task’s complexity and risk. But generally:

• At hire

• After significant training

• When procedures change

• On a regular schedule (often annually)

• And after any serious error or incident

In one lab I worked with in Singapore, we implemented a color-coded system to track when each team member’s next competence review was due. Not fancy software—just a shared spreadsheet. But it worked. Auditors loved it. Staff felt seen. Win-win.

Insight: It’s not about overloading your team with assessments—it’s about being intentional and risk-based. Focus your efforts where they matter most.

Using Training and Development to Fill Competence Gaps (Without Wasting Time or Budget)

Once you start assessing competence seriously, you’re going to find gaps. That’s not a bad thing—it’s normal. What matters is how you respond.

Too often, I see labs panic and throw people into generic training sessions. But here’s what I tell my clients: training isn’t a checkbox—it’s a strategy. And if you use it right, it can boost both compliance and morale.

Step One: Identify the Real Gap

Let’s say a staff member struggles with interpreting Gram stain results. Don’t just retrain them on the whole microbiology process. Pinpoint the issue:

• Is it a technique problem?

• A confidence issue?

• A misunderstanding of what to look for?

The more specific you are, the more targeted (and effective) your training can be.

Step Two: Choose the Right Format

Different gaps call for different approaches. Here’s what works:

• Hands-on refreshers with a lead tech or supervisor
  Ideal for technique issues like pipetting, slide prep, or handling new analyzers.

• E-learning modules
  Great for foundational knowledge or staying current on updated methods.

• Shadowing or mentoring
  For staff newer to the lab, pairing them with an experienced peer can build both competence and confidence.

• Workshops or vendor-led training
  Especially useful when new equipment or software is introduced.

Quick story: In a lab I worked with in the Middle East, we identified that three staff were struggling with the updated PCR protocol. Instead of repeating the full training, we recorded a short in-house video showing the exact procedure with voiceover from their own lead tech. Within a week, everyone was up to speed.

Step Three: Document It All

Training without documentation? Might as well not happen—at least in the eyes of an auditor.

Make sure every session, demo, refresher, or online course is recorded:

• What was covered

• Who delivered it

• Who attended

• How you confirmed the learning stuck

Pro Tip: Always include some form of post-training evaluation. A short test, a checklist observation, or a practical task review seals the deal.

How to Document and Keep Competence Records (Without Drowning in Paperwork)

Now let’s talk documentation—because if it’s not documented, it didn’t happen. That might sound harsh, but every lab manager who’s been through an ISO 15189 audit knows it’s true.

Still, I get it. You don’t want to turn your QMS into a monster of binders and spreadsheets. So here’s how to keep it lean, organized, and audit-proof.

What You Actually Need to Keep

Here’s the short list I always recommend to clients:

• Training records – Signed by both trainer and trainee, with dates and topic clearly stated.

• Competence assessment forms – Think observation checklists, test results, blind sample logs, etc.

• Qualifications – Diplomas, licenses, certificates… these still matter, just not on their own.

• Skill matrices or dashboards – A visual snapshot of who’s competent in what.

• Corrective actions or retraining logs – When things go wrong, how did you respond?

These records should clearly show how you evaluated, what was found, and what actions were taken—not just that a course was completed.

Don’t Overcomplicate It

You don’t need fancy software to make this work (though it helps if you’ve got it). Many labs I support use:

• A shared drive with organized folders by staff name

• Version-controlled Excel trackers

• PDF forms with electronic signatures

• Labels or color codes to show current vs. expired competence

In a lab I worked with in Malaysia, we created a “Competence Passport” for each staff member—a single PDF with clickable tabs for training, evaluations, and supervisor notes. It made audits a breeze, and staff took ownership of keeping it up to date.

Keep It Accessible (But Controlled)

Auditors love to ask, “Can you show me this staff member’s latest competence review?” You need to be able to pull that up fast—without scrambling through paper piles or locked email threads.

Insider Tip: Store documents by individual staff, not just by training session. It saves time and avoids gaps.

And one last thing—make sure your documentation ties back to your QMS. That means referencing SOP numbers, role descriptions, and assessment tools that are controlled and approved.

How to Audit Your Own Competence System (Before Someone Else Does)

Let’s not wait for the external auditor to tell you what’s broken. One of the smartest moves you can make is to build competence management right into your internal audit plan.

In fact, in labs that consistently pass ISO 15189 audits without findings, this is exactly what they do—they don’t just “check the box” once a year. They pressure test their system from the inside out.

What Should You Be Auditing?

Here’s what I recommend every internal audit team include when reviewing competence:

• Are all staff assessments up to date?
  Go role by role. Don’t assume—verify.

• Is training linked to actual gaps and not just repeated every year?
  Look for evidence that training plans are built around assessment results, not a generic schedule.

• Is documentation complete, accessible, and version-controlled?
  Spot check a few files. Is everything signed? Linked to the right SOPs? Backed by real observations?

• Do records show follow-up on poor performance or incidents?
  If someone made a critical error last quarter, was there retraining or reassessment logged?

• Are temporary or newly hired staff being assessed appropriately?
  I’ve seen more than a few findings come from forgetting to assess short-term or rotational staff.

How Often Should You Audit Competence?

There’s no one-size-fits-all answer—but here’s a solid approach:

• Annually as part of your full internal audit schedule

• When roles, tests, or equipment change significantly

• After incidents, complaints, or near misses involving staff error

In one lab I supported in Eastern Europe, we created a mini “competence spot-check” audit that ran every quarter. Just a sample of two staff from two departments. It took less than a day—but it kept everyone sharp and exposed small issues before they became big problems.

Use a Checklist—But Don’t Treat It Like a Script

Checklists are great. I use them all the time. But they’re a tool—not a crutch. The goal is to ask better questions, not just tick boxes. If something looks off, dig deeper. If something’s unclear, ask for the why behind the process.

Pro Tip: Include competence management in your management review input. That way, top leadership sees where gaps exist—and you can justify more training resources if needed.

How to Tie Competence to Risk (and Why ISO 15189:2022 Cares So Much About It)

One of the biggest shifts in ISO 15189:2022 is how deeply it integrates risk-based thinking—and competence is right in the middle of it.

Let’s break this down. The standard isn’t just asking, “Is your staff trained?” It’s asking, “What happens if they’re not competent—and how are you managing that risk?”

Why Risk and Competence Go Hand in Hand

Think about it. A mismatched blood group. A misread PCR result. A mislabeled sample. These aren’t just human errors—they’re the result of competence gaps that slipped through the cracks.

In my experience, labs that proactively tie competence to risk don’t just meet the standard—they create a safer, more reliable operation overall.

How to Apply This in Practice

Here’s a simple way to embed risk into your competence system:

1. Include competence in your risk assessments
   When you do your annual risk review (or process-level assessments), ask:

   • What happens if this role is undertrained?

   • What’s the potential impact if this test is performed incorrectly?

   • What controls (like supervision, double-checks, or reassessment) reduce that risk?

2. Use risk levels to prioritize reassessments
   Not every role needs annual full assessments. But high-risk functions should be reviewed more often.

3. Link incident reports to competence reviews
   If something goes wrong, ask—was this a one-off, or is it tied to a lack of skill, knowledge, or oversight? Build that into your CAPA process.

Here’s a quick story: A genetics lab I worked with had one staff member consistently making minor errors during sequencing prep. Nothing catastrophic, but it delayed turnaround times. We flagged it, retrained him using a hands-on mentor system, and his error rate dropped to zero within a month. That action alone removed a moderate-level risk from their risk register—and impressed the accreditation assessor.

What Auditors Want to See

When ISO auditors talk about risk-based competence management, they’re looking for:

• Evidence that staff competence is reviewed during risk analysis

• Documentation that shows high-risk tasks have tighter controls

• Adjustments made to training or supervision in response to actual incidents or changes

Pro Tip: Add a “risk impact” column to your competence matrix. This tiny change shows you’ve linked competence to patient safety and QMS risk. It’s a small detail that speaks volumes.

Common Mistakes and FAQs About Competence Management in ISO 15189:2022

By now, you’ve seen what a solid competence system looks like. But let’s talk about where things usually go sideways—because I’ve seen even the most well-intentioned labs get tripped up by a few avoidable mistakes.

Common Mistakes Labs Make (and How to Avoid Them)

Mistake 1: Confusing Qualifications with Competence
Just because someone has a degree or certificate doesn’t mean they’re currently competent for the job. The standard wants proof of actual performance—not paper credentials.

Mistake 2: Treating Training and Assessment as the Same Thing
Training is the input. Competence is the outcome. You need both. Logging that someone attended a workshop isn’t enough. You need to show they can apply what they learned.

Mistake 3: Using the Same Checklist for Everyone
This one shows up all the time during audits. Generic checklists don’t reflect the specific skills, tasks, and risks tied to each role. Customize your tools—or risk a non-conformity.

Mistake 4: Forgetting Temporary or Rotating Staff
If someone’s doing the work, they need to be assessed—period. Auditors will ask to see evidence even for part-time or contract staff.

Mistake 5: Not Following Up on Incidents
If there’s a recurring error or a serious lab event, and it’s tied to human error, you need to revisit that person’s competence. Not doing so is a big red flag.

Frequently Asked Questions

Q1: How often should staff competence be reassessed?
It depends on the complexity and risk of the role. Some labs do it annually, others biannually. What matters is that you have a documented rationale—and that you reassess after any major change, error, or incident.

Q2: Do we have to reassess competence after every SOP update?
Not necessarily. If the change is minor and doesn’t affect how the task is performed, a briefing might be enough. But if it impacts technique, interpretation, or safety—you should reassess.

Q3: What if we outsource training—can we rely on the provider’s certificate?
You can accept the training, but you’re still responsible for verifying competence internally. Certificates are a nice start, but ISO 15189:2022 wants local, task-specific assessment.

Build a Competence System That Actually Works

If there’s one thing I want you to take away from this—it’s that competence management isn’t about more paperwork. It’s about protecting your lab’s integrity, your staff, and ultimately, your patients.

ISO 15189:2022 doesn’t just want to know if your team was trained. It wants to know if they can do the job—right now, under pressure, and according to current procedures. That takes structure, consistency, and intention.

Let’s recap the essentials:

• Define competence by role—not just by job title.

• Assess performance, not just attendance.

• Document it in a way that’s clean, traceable, and tied to risk.

• Audit your system before the assessors do.

• And most importantly, use every gap as an opportunity to grow—not just a problem to patch.

In my years helping labs across the globe navigate ISO 15189, I’ve seen this done the hard way and the smart way. The smart way builds culture, clarity, and confidence—both in your team and in your quality system.

Want help getting your competence system audit-ready?
Reach out to QSE Academy—we’ve built tools, templates, and frameworks that make this process simple, compliant, and totally tailored to the real world of medical labs.

Let’s make your competence management system one of your lab’s biggest strengths.