Last Updated on May 15, 2026 by Hafsa J.
How to Upgrade Your Quality System for ISO 15189:2022 Without Starting Over
Letโs be realโwhen a new version of a standard drops, panic tends to follow. Iโve heard it more times than I can count:
โAre we going to have to rewrite everything?โ
Short answer? No, you donโt.
In my experience helping dozens of labs through ISO 15189 transitions, most of your current QMS can stay exactly where it isโwith a few smart upgrades. The labs that get this right arenโt the ones who start from scratch. Theyโre the ones who know what to keep, what to tweak, and what actually needs a full rewrite.
Hereโs what this guide is really about: helping you upgrade your QMS without overcomplicating the process or burning out your team. Iโll walk you through whatโs changed, how to identify what still works, and how to make the right updatesโquickly and confidently.
If youโre feeling overwhelmed or unsure where to begin, youโre not alone. But you’re also not behind. Youโre right on timeโand this article will show you exactly how to move forward without starting over.
Letโs dive in.
Whatโs New in ISO 15189:2022
Hereโs what Iโve noticedโwhen labs hear thereโs a new version of ISO 15189, the first instinct is to assume everything needs to be overhauled. But thatโs not how this works.
ISO 15189:2022 builds on the foundation you already have. Itโs an update, not a teardown. Yes, there are important changesโbut a lot of your existing system can stay intact if itโs already doing its job.
Letโs break it down.
Whatโs Actually New:
-
Risk-based thinking is now everywhere. Instead of just reacting to problems, you need to show youโre anticipating themโand building that into your processes.
-
Point-of-Care Testing (POCT) is officially in scope. If your lab is involved in POCTโeven indirectlyโyouโll need documented control over it.
-
Data integrity and IT system validation are no longer optional. Think audit trails, LIS security, and access control.
-
Top management accountability is clearer. Itโs not just about policiesโitโs about how leadership supports quality every day.
But hereโs the good news:
What You Can Keep:
-
Document control, internal audits, nonconformity handlingโthese still work the same in principle.
-
Your corrective and preventive action system? Likely still solid, just make sure it integrates risk.
-
Many technical procedures remain compliant with minor tweaksโif theyโre already aligned with best practices.
One of the labs I worked with recently expected to replace half their documentation. After doing a structured clause comparison, we found that nearly 75% of their QMS was still relevant. We only had to update the structure and layer in a few new risk and POCT elements.
This is important because the last thing you want is to waste time rewriting procedures that already meet the intent of the new standard. Upgrading isnโt about overhaulingโitโs about being strategic.
Now that weโve clarified whatโs changing (and whatโs not), letโs move into how to perform a smart gap analysis without overcomplicating it. Thatโs where real clarity starts. Ready? Letโs go.
How to Perform a Gap Analysis
Letโs be honestโโgap analysisโ sounds more complicated than it needs to be. Iโve had lab teams freeze up at the very mention of it. But in practice? Itโs just a structured way to figure out what you already have, whatโs missing, and what needs a tweak.
Hereโs how I explain it to clients: Itโs like checking your ingredients before making a new recipe. You donโt throw out your pantryโyou check what you already have and make a smart shopping list for the rest.
Step 1: Use a Clause-by-Clause Comparison
Grab the 2022 standard and compare it directly with your current QMS. Go clause by clause. You donโt need fancy softwareโjust a spreadsheet with columns like:
-
Current system status (Fully covered, Partially covered, Not covered)
-
Gaps or risks
-
Action needed
-
Owner
-
Deadline
If you’re not sure how to start, ISOโs table of contents is your best friend. I always recommend highlighting changes in yellow, new content in red, and keepers in green. Visual cues keep it manageable.
Step 2: Focus First on the Big Shifts
If you try to assess every minor clause at once, you’ll drown in details. Start with the areas that changed the most:
-
Risk management
-
POCT oversight
-
Data integrity and information systems
-
Leadership responsibilities and competence frameworks
These are where the bulk of your updates will likely happen.
Step 3: Involve Your Team Early
Donโt do this in a vacuum. Bring in the people who actually use the systemโtechs, QA leads, even IT. Their feedback will help you avoid over-documenting or missing something crucial.
I worked with a regional lab group that knocked out their initial gap analysis in two weeksโjust by dividing the standard among department leads and regrouping weekly. No consultants, no expensive software. Just clear structure and ownership.
This is key: A good gap analysis doesnโt give you all the answersโit tells you exactly where to focus. And thatโs half the battle when youโre trying to upgrade without starting from scratch.
Now that weโve identified the gaps, letโs talk about how to tackle the upgradesโstrategically, not all at once. Thatโs up next.
Focus on High-Impact Areas First
Now that youโve mapped out whatโs missing, hereโs the key: donโt try to fix everything at once. Thatโs the fastest way to burn out your team and stall progress.
Instead, focus on high-impact areasโthe ones that ISO 15189:2022 has clearly expanded or shifted. These are the updates that auditors are going to care most about. And frankly, theyโre also the ones that protect your labโs reputation the most.
Start Here:
1. Risk Management Integration
This is one of the biggest shifts. ISO wants you to go beyond reactive fixes and actually embed risk thinking into how you plan, operate, and improve.
If youโre not already doing this, start by adding a basic risk assessment step to key processes like sample handling, testing, or reporting.
2. Point-of-Care Testing (POCT)
If POCT happens under your roofโor under your labโs responsibilityโyou need procedures, training, equipment validation, and documentation to prove itโs under control.
One of my clients added POCT to their scope for the first time and had to quickly document oversight for glucose and INR testing in their emergency unit. We didnโt reinvent the wheelโwe mirrored their central lab protocols with a few simple modifications.
3. Information Management & Data Integrity
Nowโs the time to review your LIS, audit trails, access controls, and electronic recordkeeping. If youโre still relying on paper backups or shared logins, those days are numbered.
4. Leadership & Competency Frameworks
This version of the standard holds top management responsible for promoting qualityโnot just signing the quality policy. Also, staff competence needs to be demonstrated through ongoing, role-specific evaluationsโnot just an annual sign-off.
What Not to Prioritize (Yet):
-
Donโt obsess over minor clause numbering or formatting.
-
Donโt rewrite stable SOPs just because the clause header changed.
-
Donโt rush to rebrand your entire QMS until youโve tackled the areas that actually impact compliance.
Hereโs what Iโve learned: Strategic upgrades protect your energy and your outcomes. Youโll avoid creating extra work and stay focused on what really matters under the new version of the standard.
Coming up nextโweโll talk about why training comes before rewriting. Because if your team isnโt on board, none of these upgrades will stick. Letโs dive into that.
ย Why Staff Alignment Comes First
Hereโs something Iโve seen way too often: a lab rewrites its procedures, updates the manual, even builds new formsโbut forgets to train the people who are actually supposed to use them.
Then what happens? The audit rolls around, and staff give the old answers, follow the old processes, or just stare blankly when asked about risk or POCT documentation.
Letโs avoid that.
Before you touch a single SOP, get your people aligned. Hereโs how.
Start with Awareness
You donโt need a massive training session. What you need is clear communication about:
-
Whatโs changed in ISO 15189:2022
-
Why it matters to them
-
What role theyโll play in the transition
Iโve done this with 20-minute team huddles, department-specific walk-throughs, and short recorded videos. Keep it simple and relevant to their day-to-day work.
Focus on Real Examples
Instead of quoting the standard, walk them through scenarios. For example:
-
โIf youโre collecting blood samples at the bedside, hereโs how POCT applies now.โ
-
โWhen you log into the LIS, this is why individual access matters for data integrity.โ
People remember whatโs connected to real tasksโnot whatโs in a policy binder.
Donโt Wait Until the End
A common mistake? Updating everything behind the scenes and then springing changes on staff two weeks before an audit. Thatโs a recipe for confusion and resistance.
One lab I worked with trained each department before rewriting their procedures. They got better suggestions, avoided irrelevant edits, and cut their transition time by almost half.
This is important because your QMS is only as strong as the people using it. If your team understands the “why,” theyโll support the “how”โand that makes everything smoother, from implementation to audit day.
Now that your teamโs aligned, letโs talk about one of the most overlooked strengths in a transition: what you can reuse without reinventing the wheel. Thatโs next.
Reuse & Adapt Proven Procedures
Letโs get one thing straightโyou donโt have to rebuild your entire quality system from the ground up. In fact, doing that usually causes more problems than it solves.
In my experience, some of the best-run labs already have strong procedures that align perfectly with ISO 15189:2022โthey just donโt realize it because the clause numbers changed or the format looks different.
So before you start rewriting, ask yourself:
Is this procedure actually broken? Or does it just need a light update?
Hereโs What You Can Usually Reuse:
-
Document control processes โ Still essential, still valid.
-
Internal audit checklists โ Just add a few items based on the new clauses.
-
Corrective action forms โ Likely still usable; just ensure root cause analysis considers risk now.
-
Competency assessments โ If they’re role-specific and up to date, youโre ahead of the game.
One lab I worked with was ready to toss their entire document control procedure because โit wasnโt labeled for ISO 15189:2022.โ After reviewing it, we realized all it needed was a two-sentence addition about digital signatures and system access. That saved them hoursโand avoided confusing the staff who were already using it well.
When You Should Adapt (Not Rewrite):
-
If terminology has changed, update the language but keep the structure.
-
If the process is sound but doesnโt reference risk, add a brief risk consideration step.
-
If you’re adding POCT, mirror existing test management procedures and tailor as needed.
Think of it like renovating a house. You donโt demolish the entire thing just because the kitchen needs new cabinets. You upgrade where it countsโand keep the solid foundation intact.
This is how you upgrade your QMS without creating unnecessary work (and without overwhelming your team).
Now that weโve covered what you can keep, itโs time to talk about the most common traps labs fall intoโand how to avoid them. Letโs go there next.
Frequently Asked Questions
Q1: Do we need to replace our old SOPs with brand new ones?
No. In most cases, you can keep your existing SOPs if they still meet the intent of the 2022 standard. Just add or revise where neededโespecially around risk, data handling, and POCT.
Q2: How long does a typical upgrade take if we donโt start over?
For most labs Iโve worked with, a focused transition takes three to six monthsโsometimes less if your system was already in good shape under ISO 15189:2012.
Q3: Can we transition without using a consultant?
Absolutelyโif youโve got the internal expertise and enough time. That said, bringing in an experienced guide can speed things up and help you avoid common pitfalls, especially when you’re short on resources.
Upgrade Smart, Not from Scratch
Hereโs the bottom lineโyou donโt need to start over to align with ISO 15189:2022. Most of what your lab already has in place can absolutely be reused, adapted, and strengthened. You just need a smart, structured planโand the clarity to know where to focus.
๐ Hi, Iโm HAFSA, and for the past 12 years, Iโve been on a journey to Whether itโs ISO 9001, ISO 22000, or the cosmetics-focused ISO 22716, Iโve spent my career Iโm not here to call myself an expertโI prefer โenthusiastโ because I truly love what I do. When Iโm not writing about standards, youโll probably find me playing Piano ๐น, connecting with people, or diving into my next big project๐ซ. Iโm an engineer specialized in the food and agricultural industry
make ISO standards less intimidating and more approachable for everyone.
turning complex jargon into clear, actionable steps that businesses can actually use.
Thereโs something incredibly rewarding about helping people navigate food safety and quality management systems
in a way that feels simple, practical, and even enjoyable.
I have a Masterโs in QHSE management and over 12 years of experience as a Quality Manager
Iโve helped more than 15 companies implement ISO 9001, ISO 22000, ISO 22716, GMP, and other standards
My clients include food producers, cosmetics manufacturers, laboratories, and service companies
I believe quality systems should be simple, useful, and efficient.