Understanding the Scope – Why ISO 15189 Was Updated

Every major update in an ISO standard happens for a reason—and ISO 15189:2022 is no exception.
The world of clinical laboratories has changed dramatically since 2012. Digital systems now drive data management, automation is everywhere, and patient safety expectations are higher than ever.

The old version simply couldn’t keep up. The 2022 edition closes that gap. It aligns laboratory accreditation with modern realities—risk-based thinking, information security, and continuous competence.

Here’s what really pushed the revision:

• Technological change: Labs now rely on LIS/LIMS platforms, remote access, and electronic records that weren’t fully covered in 2012.

• Patient safety focus: Instead of assuming safety through procedure, the 2022 version measures it through outcomes and risk prevention.

• Global harmonization: The structure now matches ISO/IEC 17025 and ISO 9001, making integrated quality systems easier for organizations handling multiple standards.

• Competence and impartiality: These aren’t optional topics anymore—they’re built into the core of the standard.

This revision moves laboratories from compliance-based systems to performance-based systems. It’s no longer about whether you have a document; it’s about whether your process delivers reliable, traceable, and safe results.

Pro Tip: Don’t think of ISO 15189:2022 as “new paperwork.” Think of it as a chance to modernize your QMS to reflect how your lab actually operates today.

Common Mistake: Some labs assume the 2022 update just reorganized the clauses. In reality, it redefined how compliance is demonstrated—and that affects every part of your quality system.

Major Differences Between 2012 and 2022 Versions

When labs first open ISO 15189:2022, many expect a simple format change. But within a few pages, it becomes clear — this isn’t a rewrite, it’s a re-design.
The structure, terminology, and even the philosophy of the standard have evolved.

Let’s break it down clearly.

1. Structure and Alignment

The 2012 edition was split into two sections: Management Requirements and Technical Requirements.
The 2022 version reorganizes everything into four clauses (5–8):

• Clause 5: Structural Requirements

• Clause 6: Resource Requirements

• Clause 7: Process Requirements

• Clause 8: Management System Requirements

This mirrors ISO/IEC 17025 and ISO 9001, making it easier for labs with integrated systems to manage one cohesive QMS.

Pro Tip: Update your quality manual to follow this new structure. It helps assessors navigate your documentation effortlessly.

2. Risk Management – From Optional to Mandatory

Risk-based thinking is no longer a suggestion—it’s the backbone of the new standard.
Every process must show how risks are identified, assessed, and controlled.

Example:
Instead of saying “samples must be transported within 2 hours,” your procedure should explain why that time frame protects result validity and how deviations are handled.

Common Mistake: Treating risk as a one-time form. ISO 15189:2022 expects it to be a continuous review process tied to audits, incidents, and management reviews.

3. Competence and Impartiality

Clause 6 puts strong emphasis on competence as measurable proof—not just training certificates.
Labs must show:

• Ongoing evaluation of staff performance

• Clear criteria for authorizing tasks

• Evidence of impartiality in decisions and results

Pro Tip: Link competence evaluations to risk areas. It demonstrates that your lab manages performance where it matters most.

4. Information Management Systems

This is one of the biggest changes.
The 2022 version recognizes digital operations fully—your LIS, LIMS, or electronic databases are now subject to validation, data integrity, and security controls.

You’ll need records showing:

• Validation of system functionality

• Backup and recovery testing

• Access controls and audit trails

Common Mistake: Assuming IT handles it. The responsibility lies with the laboratory to prove these controls are working.

5. Patient Safety and Outcome Focus

In 2012, patient safety was implied. In 2022, it’s explicit.
Every process—from sample collection to reporting—must show how it protects the patient.

Assessors now ask: “How does this process ensure accurate and safe results?” not “Do you have a procedure?”

At a Glance: ISO 15189 2012 vs 2022

Area	ISO 15189:2012	ISO 15189:2022	Key Impact
Structure	Management + Technical	Clauses 5–8	Integrated and aligned with ISO 17025
Risk Management	Limited references	Mandatory and integrated	Preventive approach
Competence	One-time training	Ongoing assessment	Continuous evaluation
Information Systems	Not emphasized	Fully validated & secured	LIS/LIMS under audit scope
Patient Safety	Implied	Explicit focus	Outcome-based performance

Understanding these changes is the first real step in your transition.
Now that you see what’s new, let’s talk about how to measure where you stand — through a proper gap analysis.

Step 1 – Conduct a Gap Analysis

Before making any updates, you need to see where you stand.
A proper gap analysis is the foundation of a smooth transition—it tells you exactly what needs to change, what can stay, and what’s already aligned with ISO 15189:2022.

In every lab I’ve worked with, this step saves weeks of rework later.

1. Map Your Current System to the New Clauses

Start by listing every process and document under the 2012 version—your Quality Manual, SOPs, forms, training records, and management-review templates.
Then, compare them against the 2022 clauses (5–8).
This isn’t just about matching numbers—it’s about matching intent.

Example:
Clause 4.1 in the old version covered management responsibility. In the 2022 structure, those responsibilities are distributed across Clauses 5 and 8.
If your documentation still follows the old layout, you’ll need to re-map it so nothing gets missed.

Pro Tip: Create a simple table with four columns—Clause, Description, Current Practice, Gap.
It keeps everything visual and prevents overlap between departments.

2. Evaluate Compliance Level

For each clause, classify your current status as:

• Compliant – Fully meets the new requirement.

• Partially Compliant – Exists, but needs update or stronger evidence.

• Not Compliant – Missing or outdated.

This simple traffic-light approach gives management an instant snapshot of where to focus resources.

Common Mistake: Auditing only documents.
The new standard emphasizes outcomes—so observe actual practice, not just what’s written.

3. Assign Actions and Responsibility

Once gaps are clear, assign owners to close them.
Each action should have a target date and be tracked through your quality-improvement log.
That record becomes proof of transition planning when your assessor asks, “How did you move from 2012 to 2022?”

Pro Tip: Link every action item to risk.
If a gap could affect patient safety or data integrity, mark it as high priority. It shows you understand impact, not just compliance.

4. Verify and Update as You Go

A gap analysis isn’t a one-time project—it evolves as you learn more about the new standard.
Revisit it after internal audits or training sessions to confirm that updates were effective.

Performing this analysis early gives you control over the transition timeline.
Instead of scrambling before your assessment, you’ll have a clear, evidence-based map showing progress, accountability, and readiness.

Step 2 – Update Your Quality Manual and Procedures

Once you’ve completed your gap analysis, the next step is turning those insights into updated, audit-ready documentation.
This is where most labs underestimate the work. ISO 15189:2022 doesn’t just want you to adjust headings — it expects your documentation to reflect a completely new mindset: risk-based control and demonstrated competence.

1. Start with the Quality Manual

Your Quality Manual is still the backbone of your management system, but its structure now needs to align with the four new clause areas:

1. Structural Requirements

2. Resource Requirements

3. Process Requirements

4. Management System Requirements

That means removing the old “Management vs. Technical” separation.
The content doesn’t need to double in size — it just needs to show how your laboratory meets each new requirement in practice.

Pro Tip: Keep your manual concise and cross-reference your procedures. Assessors don’t need 100 pages; they want clarity and traceability.

2. Rewrite Procedures for Risk and Effectiveness

ISO 15189:2022 puts more emphasis on why procedures exist, not just how tasks are done.
Each procedure should now:

• Identify potential risks and how they’re controlled

• Show clear competence requirements for those performing the task

• Define how effectiveness is evaluated (e.g., monitoring, QC trends, or audits)

Example:
An old calibration procedure might simply describe the steps to record readings.
The revised one should also explain the rationale — how calibration accuracy prevents diagnostic error and ensures valid results.

3. Update Specific Procedures Affected by the 2022 Changes

Focus first on areas where the new standard added or redefined expectations:

• Competence & Impartiality (Clause 6.2): Add continuous performance reviews and impartiality safeguards.

• Risk and Opportunity Management (Clause 8.5): Define how risks are logged, reviewed, and mitigated.

• Information Management Systems (Clause 7.11): Add system validation, data integrity, and access-control steps.

• Patient Safety & Confidentiality: Include traceability and safety checkpoints at each process stage.

Common Mistake: Labs update procedures but forget to modify related records or templates.
If you change a process, update the forms that record it — otherwise you’ll create inconsistencies during audit review.

4. Revise Document Control and Version History

Every updated procedure must include the reason for revision, version number, and ISO 15189:2022 clause reference.
This tells assessors you didn’t just reword your old documents — you systematically transitioned them.

Pro Tip: Maintain a “Document Change Log” showing which clauses drove each update.
It’s one of the most valuable audit tools you can have during transition.

When your documentation reflects the 2022 intent — competence, risk awareness, and effectiveness — your QMS stops feeling like paperwork and starts functioning as proof of control.

Step 3 – Train and Engage Your Team

Here’s something I’ve learned from every ISO transition project — a lab can update all its documents perfectly, but if the staff don’t understand what changed, the audit will still fall apart.
ISO 15189:2022 isn’t just a documentation update; it’s a mindset shift. That means your people need to get it, not just hear about it.

1. Make Training Practical, Not Theoretical

Forget about long PowerPoint sessions filled with clause numbers.
Your team doesn’t need to memorize the standard — they need to understand how it affects their daily work.

Example:
Instead of explaining “Clause 8.5 – Risk Management,” show your staff how to identify risks in their section and record them in your risk log.
Walk through one real example together, like “What happens if a reagent expires during testing?”

That approach makes training stick.

Pro Tip: Break training into short, focused sessions — one topic per week or per department. People absorb more in 20 minutes of discussion than in two hours of lecture.

2. Focus on Role-Based Competence

Each role in your lab interacts with the standard differently.

• Technicians need to know how risk and impartiality apply to daily testing.

• Supervisors need to manage competence and evaluate performance.

• Quality officers need to link evidence, audits, and risk management.

Tailor your training sessions accordingly. It saves time and ensures relevance.

Common Mistake: Running a single “all-staff training” and expecting everyone to retain what applies to them. That approach leads to confusion during audits.

3. Introduce Risk and Impartiality Awareness Early

For many lab staff, “risk management” sounds abstract.
Translate it into everyday decisions:

• How do we prevent sample mix-ups?

• How do we protect patient data when using electronic systems?

• How do we maintain impartiality when under pressure from clients?

Pro Tip: Encourage staff to contribute risk examples during meetings. It builds ownership and shows assessors that risk-based thinking lives in your culture, not just your manual.

4. Keep Records of Awareness

Auditors love evidence — and staff training is one area where most labs lose points.
Keep simple attendance sheets, signed acknowledgments, or even screenshots of online sessions.

If you held short toolbox talks, summarize the topic and date. That’s enough to prove that awareness activities are ongoing and relevant.

5. Make Engagement Continuous

Training shouldn’t end after the rollout.
Build ISO 15189:2022 awareness into your monthly meetings, internal audits, and management reviews.
That consistency keeps knowledge fresh and reinforces your lab’s commitment to competence and continual improvement.

When your team understands the why behind the standard, they start living it daily.
That’s when you move from “ISO compliance” to genuine quality culture — and that’s what assessors notice immediately.

Step 4 – Update Records and Evidence

Here’s something auditors often point out during transitions:
“You’ve updated the procedure — but where’s the proof it’s being used?”
That’s why updating your records is just as important as updating your documentation.

ISO 15189:2022 wants evidence that your new system doesn’t just exist — it works.
So, as you revise your Quality Manual and procedures, make sure your records reflect the same changes in practice.

1. Identify Which Records Need Updating

Start with your master list of records and review which ones are still relevant under the new standard.
You’ll likely need to update or add records for:

• Risk and opportunity assessments (Clause 8.5)

• Competence evaluations and authorizations (Clause 6.2)

• Impartiality declarations (Clause 5.3)

• Information management validation reports (Clause 7.11)

• Management review inputs and outputs (Clause 8.9)

Example:
If you added a new section on data integrity under your Information Management Procedure, you’ll also need validation and backup test records to match it.

Pro Tip: Keep your record titles identical to your procedures. It helps assessors trace documents quickly during audits.2. Create Evidence of Risk-Based Thinking

The 2022 version expects you to demonstrate awareness of risks — not just list them once a year.
That means recording decisions, changes, and incident responses in a way that shows preventive thinking.

Example:
Instead of filing a nonconformity report saying “Sample labeling error corrected,” include a note:

“Risk evaluated — added barcode double-check step to reduce future occurrence.”

This single sentence proves risk awareness in action.

3. Strengthen Competence and Impartiality Evidence

Your competence matrix should now include more than training history.
It should record:

• Observation or practical evaluations

• Periodic re-assessments

• Retraining actions and follow-ups

• Impartiality confirmation (especially for staff with dual roles)

Common Mistake: Relying only on training certificates.
Assessors now want proof that competence is verified through performance, not attendance.

4. Modernize Information Management Records

If your lab uses digital systems, ISO 15189:2022 considers them part of your quality infrastructure.
You’ll need documented evidence for:

• System validation and test results

• Access control and user list updates

• Backup and restore verification

• Software change or patch review logs

Pro Tip: Maintain a one-page summary of each LIS/LIMS validation. It helps you respond quickly when assessors ask, “How do you know your system is reliable?”

5. Keep Record Control Simple and Consistent

Apply the same control principles to records as you do to documents — unique ID, retention period, responsible owner, and access control.
Avoid overcomplicating record formats. What matters most is that evidence is accurate, complete, and retrievable when needed.

Updating your records is where theory meets reality.
It’s how you prove that your laboratory doesn’t just comply with ISO 15189:2022 — it lives it every day.

Step 5 – Perform Internal Audits and Management Reviews

Internal audits and management reviews are the two most revealing tools you have during a transition.
They show how well your system works under the new standard — and they uncover what still needs attention before your external audit does.

Most labs treat these activities as administrative. But under ISO 15189:2022, they’re strategic. They connect everything you’ve done so far — from updated procedures to competence and risk management — into one clear picture of system performance.

1. Update Your Internal Audit Program

Your audit program should now follow risk-based scheduling instead of an annual routine.
Focus first on processes that changed under the 2022 standard:

• Risk management

• Competence and impartiality

• Information management systems

• Patient safety and data protection

Pro Tip: Plan at least two internal audits during your transition — one early to identify gaps, and one near the end to verify readiness.
Treat the second one like a “mock accreditation assessment.”

2. Train Auditors on the 2022 Focus Areas

Auditors must understand how the standard’s intent has shifted.
They’re no longer just checking whether procedures exist — they’re checking if those procedures are effective.

Key focus areas:

• Can staff explain how their process supports patient safety?

• Are risks identified and acted on in real time?

• Do competence records show ongoing evaluation?

Common Mistake: Using an old audit checklist. Update your questions to match the 2022 mindset — effectiveness, risk, and awareness.

3. Link Audit Findings to Your Transition Plan

Don’t let audit reports sit in isolation.
Each finding should feed back into your transition action log.
That way, assessors can clearly see how audit outcomes drove improvement.

Example:
If an internal audit notes that LIS validation records are incomplete, your transition plan should show how that issue was corrected, who verified it, and when.

4. Expand Management Review Inputs

Management reviews now require broader inputs under Clause 8.9.
You’ll need to include:

• Risk and opportunity outcomes

• Internal audit results

• Competence and training performance

• Supplier performance and data integrity issues

• Continual improvement actions and their effectiveness

Pro Tip: Use visual summaries — trend charts, risk heat maps, or training statistics.
They make management reviews more engaging and help leadership see progress at a glance.

5. Verify and Close the Loop

After each management review, assign follow-up actions and track them through closure.
This is one of the biggest signs of maturity assessors look for — that your lab doesn’t just review performance but acts on it.

Example:
If your review shows recurring delays in test validation, management should assign an action, define a deadline, and verify effectiveness at the next meeting.

When audits and reviews are done this way, they stop feeling like chores.
They become your best proof of control, competence, and continual improvement — exactly what ISO 15189:2022 is designed to promote.

Step 6 – Work With Your Accreditation Body

Transitioning to ISO 15189:2022 isn’t just an internal project — it’s a coordinated process with your accreditation body.
Your progress means little if your documentation updates, audits, and timelines don’t align with their official transition requirements.The good news? Accreditation bodies want your lab to succeed. The smoother your preparation, the easier their review becomes.

1. Confirm Your Transition Timeline Early

Most accreditation bodies have set a three-year transition window from the publication of ISO 15189:2022 (December 2022).

That means all labs must be fully transitioned by the end of 2025.But here’s the catch — each accreditation body sets its own cut-off dates for application, document submission, and assessment scheduling.

So, confirm your deadlines early to avoid last-minute pressure.Pro Tip: Add your accreditation body’s key transition dates to your project tracker.

That keeps your internal milestones aligned with their requirements.

2. Submit a Formal Transition Plan

Accreditation bodies typically ask for a transition plan outlining:

• Gap-analysis summary
• Planned actions and responsible persons
• Expected completion dates
• Evidence of internal audits and management reviews

This plan is more than paperwork — it demonstrates control and commitment.

It also helps your assessor understand your approach when reviewing documentation.Example:

A private clinical lab submitted their transition plan as a simple two-page summary linked to their gap-analysis spreadsheet.

Their assessor called it “one of the most practical submissions” because it was clear, concise, and evidence-backed.

3. Communicate Changes Before Your Next Assessment

If you’re scheduled for a surveillance or reassessment audit during the transition period, notify your accreditation body that you’ve updated to the 2022 version.

They’ll adjust the audit scope accordingly.Common Mistake: Waiting until audit day to tell assessors you’ve switched to 2022.

That causes confusion and can delay reporting.

4. Provide Updated Documentation

Before your transition assessment, you’ll need to submit:

• Updated Quality Manual and key procedures
• Completed gap-analysis and action log
• Results of transition-specific internal audits
• Evidence of management review covering 2022 updates

Pro Tip: Keep everything in one folder or shared drive labeled “ISO 15189:2022 Transition Documents.”

Assessors appreciate clear organization — and it shows professionalism.

5. Use the Assessment as a Learning Opportunity

Your first ISO 15189:2022 audit isn’t just a test; it’s a chance to validate your work.
Listen closely to feedback, ask clarifying questions, and document everything.

Example:
One laboratory’s assessor recommended merging two overlapping SOPs on sample traceability and data integrity.
They implemented it immediately — and during their next visit, the assessor noted significant improvement in efficiency and clarity.

Working with your accreditation body early and transparently builds trust and saves time.
When they see that your transition is structured, documented, and well-communicated, your assessment turns from an inspection into a collaboration.

Common Pitfalls to Avoid

Every ISO 15189:2022 transition looks different, but the same mistakes show up again and again.
They usually don’t happen because labs lack effort—they happen because teams rush updates without seeing the bigger picture.
Here’s what I’ve seen most often (and how to stay clear of them).

1. Updating the Quality Manual but Not the Procedures

Many labs start strong—reformatting their Quality Manual to match the new clauses—but forget to update the procedures underneath it.
Assessors will catch that immediately.
If your manual says you conduct risk assessments, there should be a matching SOP and record to prove it.

Pro Tip: Every statement in your Quality Manual should point to a procedure or record. If it doesn’t, it’s just theory.

2. Ignoring Information Management Requirements

This is the area most labs underestimate.
ISO 15189:2022 treats your LIS, LIMS, or any digital record-keeping tool as part of your quality system. That means you need documented validation, data integrity, access control, and security procedures.

Common Mistake: Saying “IT handles that.” The responsibility still lies with the laboratory.
Make sure your IT and QA teams collaborate on system validation and record retention plans.

3. Overlooking Staff Awareness

You can’t assume that staff “know” about the transition just because it was discussed once.
If someone can’t explain how risk, competence, or impartiality applies to their work, auditors will mark it as a finding.

Pro Tip: Add a five-minute ISO 15189:2022 awareness recap to your weekly or monthly meetings.
It’s simple, free, and strengthens your culture of quality.

4. Updating Without Evidence

Auditors don’t just check what you wrote—they check what you can prove.
If you revise a procedure or add a new control, make sure there’s a record to support it: a training log, test validation, or meeting note.
The standard doesn’t reward changes—it rewards verified effectiveness.

5. Treating the Transition as a One-Time Project

The 2022 edition is built for continual improvement, not a single update.
Your first goal is to achieve compliance.
Your second—and more important—goal is to maintain and improve it.

Keep reviewing risks, refining competence assessments, and evaluating processes even after accreditation.
That’s how your system stays strong, long after the transition deadline passes.

Transitioning smoothly is less about avoiding mistakes and more about planning intentionally.
If you stay proactive—reviewing, verifying, and documenting each step—you’ll move through this change confidently and without chaos.

FAQs – ISO 15189:2022 Transition

As labs begin preparing for the 2022 update, a few questions come up in almost every discussion.
Here are the ones I hear most often — along with clear, experience-based answers.

Q1: What’s the official transition deadline for ISO 15189:2022?

Most accreditation bodies have set a three-year transition period from the publication date of the standard (December 2022).
That means laboratories must complete their transition and be fully assessed under ISO 15189:2022 by December 2025.

Pro Tip: Don’t wait until the last year to start. Accreditation bodies may have backlogs, and scheduling late assessments can be difficult.

Q2: Can we still use ISO 15189:2012 during the transition?

Yes—but only temporarily.
Until your accreditation body’s cutoff date, you can maintain compliance with 2012. However, new applications and renewals after mid-2025 will require ISO 15189:2022.

Example:
If your surveillance audit is in early 2025, you can still be audited under 2012, but your next renewal must meet the 2022 version.

Q3: Do we have to rewrite all our documentation from scratch?

No. Most of your system already contains what ISO 15189:2022 requires—it just needs realignment and modernization.
Focus on adding risk management, competence evaluation, impartiality, and information management updates.
You’re evolving your system, not rebuilding it.

Q4: How long does a full transition usually take?

That depends on your lab’s size and readiness, but most laboratories complete the process in 6–12 months.
Here’s a practical breakdown:

• 1–2 months for gap analysis and planning

• 3–6 months for documentation and training

• 2–3 months for internal audits and readiness checks

Pro Tip: Start early enough to run at least one full internal audit cycle before your external assessment.

Q5: Can we integrate ISO 15189:2022 with other standards like ISO 9001 or ISO/IEC 17025?

Absolutely.
That’s one of the biggest advantages of the 2022 revision — its structure mirrors other ISO management system standards.
If you already follow ISO 9001 or 17025, you can now share systems for document control, risk management, and continual improvement.

Q6: How will assessors evaluate risk management and competence?

They’ll look for evidence of application, not just documents.
For risk management, expect questions like:

• “How do you identify risks in daily operations?”

• “Show me how this risk led to a process change.”

For competence, they’ll want to see:

• Observation records

• Training and re-evaluation evidence

• Authorization lists

Common Mistake: Presenting only forms. Assessors want stories backed by records—how a finding led to an improvement.

Transition questions usually boil down to one theme:
Assessors want proof that your lab understands and applies the intent of the 2022 standard.
If you can demonstrate that, your transition will go smoothly.

Plan Early, Transition Confidently

Transitioning to ISO 15189:2022 isn’t about overhauling your system — it’s about evolving it to reflect how modern laboratories actually operate.
If you approach it step by step — understand, analyze, update, train, verify, and communicate — you’ll move through this change smoothly and confidently.

In my experience, the labs that succeed early are the ones that treat the transition as an opportunity, not a burden.
They use it to clean up outdated processes, clarify responsibilities, and strengthen risk awareness across their teams.

Here’s what really matters:

• Start with understanding. Know what changed and why.

• Plan intentionally. Map your gap analysis and timeline early.

• Engage your people. Make the standard part of everyday work, not a once-a-year topic.

• Prove effectiveness. Back every change with evidence and records.

The result?
A system that isn’t just compliant — it’s reliable, responsive, and ready for the next decade of laboratory innovation.

If you want a structured way to manage this, QSE Academy’s ISO 15189:2022 Transition Toolkit includes:

• Gap-analysis and transition tracking templates

• Updated Quality Manual and procedure examples

• Internal audit and management review guides

• Training slide decks for lab staff awareness

It’s everything you need to turn a complex transition into a clear, organized plan.