ISO/IEC 17020 Gap‑Analysis Checklist
Last Updated on October 14, 2025 by Melissa Lazaro
Why a Gap Analysis Is Your ISO/IEC 17020 Starting Point
If you’re preparing for ISO/IEC 17020 accreditation, the smartest move you can make right now is to start with a gap analysis.
I’ve worked with plenty of inspection bodies who tried skipping this step, and almost all of them ended up doubling their workload later.
A gap analysis is like holding up a mirror to your current system. It shows you what’s strong, what’s missing, and what needs refining before the auditors ever walk through your door.
Here’s what this guide will help you do:
-
Understand what an ISO/IEC 17020 gap analysis actually is.
-
Use a checklist to identify your biggest compliance gaps.
-
Turn your findings into a clear, step-by-step improvement plan.
By the end, you’ll know exactly where your inspection body stands — and what to fix first to get audit-ready faster.
What an ISO/IEC 17020 Gap Analysis Actually Does
Here’s how I explain it when I’m talking to clients: a gap analysis is like a health check for your management system.
It doesn’t solve problems yet — it simply tells you where they are.
Think of it as comparing two things:
-
Where you are right now, and
-
Where ISO/IEC 17020 expects you to be.
The goal is to close that space between the two.
A good gap analysis helps you:
-
Get clarity — You’ll see exactly which clauses you already comply with and which ones need work.
-
Prioritize efforts — Instead of trying to “fix everything,” you’ll focus on what matters most.
-
Build confidence — When it’s time for your accreditation audit, you’ll know there are no surprises waiting.
Pro Tip: Involve both your technical and quality teams in this process. They see different sides of the system — one focuses on procedures, the other on field execution. Together, they paint the full picture.
Common Pitfall: Treating the gap analysis as just paperwork. If it’s rushed or incomplete, your first audit will quickly expose what you skipped.
Now that you know what it does, let’s talk about how to actually conduct one effectively.
How to Conduct an ISO/IEC 17020 Gap Analysis Step by Step
Running a gap analysis doesn’t need to be complicated. The key is to break it into small, focused steps that your team can actually follow. Here’s how I guide inspection bodies through it:
Step 1: Gather Your Tools
Before you start, make sure you have:
-
A copy of ISO/IEC 17020:2012 (the full standard).
-
Your current management system documents — policies, procedures, and forms.
-
A gap-analysis checklist (Excel works fine).
This is your foundation. Without these, you’re guessing instead of assessing.
Step 2: Go Clause by Clause
Review every clause of the standard and ask yourself:
-
Do we have a documented process for this?
-
Is that process being followed consistently?
-
Do we have records to prove it?
Then rate each requirement:
Fully Conforms | Partially Conforms | Does Not Conform
Be honest here — pretending something is fine only hurts later when an assessor asks for evidence you don’t have.
Step 3: Assign Responsibility
Each needs someone’s name beside it. Who’s going to fix it, and by when? That’s how you turn insight into action.
Step 4: Validate Your Findings
Don’t rely on assumptions. Check real evidence — training records, calibration certificates, audit reports.
Pro Tip: Use color coding in your checklist. Green means compliant, yellow needs improvement, and red means critical. The visual makes it easy to see where you should focus first.
Once your review is done, you’ll have a clear snapshot of your system’s health — and a solid starting point for improvement.
Key Clauses to Include in Your ISO/IEC 17020 Gap-Analysis Checklist
Not every clause in ISO/IEC 17020 carries the same weight. Some have a bigger impact on your inspection body’s credibility, and that’s where your checklist should focus first.
Here’s a practical breakdown of the main sections you’ll want to include and what to check in each:
| Clause | Focus Area | What to Check |
|---|---|---|
| 4 – Impartiality and Independence | Conflict of interest controls | Do you have clear, documented policies to ensure inspections are objective and free from external influence? |
| 5 – Confidentiality | Information protection | Are confidentiality agreements signed and are client records securely stored and handled? |
| 6 – Organization and Management | Structure and authority | Are job roles, responsibilities, and reporting lines clearly defined and up to date? |
| 7 – Inspection Methods and Procedures | Technical operations | Are all inspection methods validated, controlled, and reviewed regularly for effectiveness? |
| 8 – Management System Requirements | Quality assurance | Are internal audits, management reviews, and corrective actions performed and recorded consistently? |
This is where many teams discover their biggest blind spots—especially in Clause 7. I’ve seen inspection bodies with solid documentation but weak implementation in technical control areas.
Pro Tip: Make sure every inspection method in your scope is backed by records showing how it was validated or approved. Assessors look closely at this.
Common Pitfall: Forgetting to evaluate subcontractors or external calibration providers. They’re part of your inspection process, so their competence must be reviewed too.
Now that you’ve identified the clauses to check, it’s time to turn your findings into a focused improvement plan.
Turning Findings into an Action Plan
A gap analysis means nothing if it just sits in a spreadsheet. The real progress starts when you turn findings into actions.
Here’s how I usually help teams do it:
Step 1: Prioritize Your Gaps
Not every gap carries the same risk. Start with anything that directly affects impartiality, competence, or the validity of inspection results.
Those are the areas assessors scrutinize first.
Step 2: Assign Accountability
Every gap needs an owner. Decide who’s responsible, set a realistic deadline, and make sure the person understands the context behind the finding. Accountability turns “we should fix this” into “we are fixing this.”
Step 3: Track Progress Transparently
Keep it visual. I recommend creating a simple corrective action tracker like this:
| Finding | Clause | Action Required | Responsible | Due Date | Status |
|---|---|---|---|---|---|
| No impartiality policy | 4.1 | Develop and approve impartiality procedure | Quality Manager | March 15 | In Progress |
| Missing training records | 6.2 | Update competence matrix and training logs | Technical Manager | March 22 | Planned |
| Outdated calibration certificates | 7.1 | Renew calibration with accredited lab | Technical Manager | March 29 | Not Started |
Pro Tip: Don’t wait until every issue is closed before updating your management review. Accreditation bodies like to see that you’re monitoring progress in real time.
Common Pitfall: Trying to fix everything at once. Focus on the high-impact issues first. Small, consistent progress is far more effective than a one-week documentation sprint.
Once your action plan is in place, you can start seeing real improvement — not just on paper, but in how your system actually performs.
Example from the Field – The “Hidden Gap” Story
A few years ago, I worked with a small inspection body that was sure they were ready for accreditation. Their documentation was neat, their procedures looked polished, and they’d even conducted internal audits. On paper, everything looked solid.
But during their gap analysis, one simple question exposed a major issue:
“How do you handle client complaints?”
There was silence.
They did handle complaints — informally. Inspectors talked directly to clients and resolved issues right away. But there was no written procedure, no log, and no evidence of how complaints were tracked or reviewed.
That single missing piece would have led to a major nonconformity during their accreditation audit.
We fixed it quickly.
-
Wrote a formal complaints procedure.
-
Created a complaint log with status tracking.
-
Trained inspectors to record even verbal feedback.
Two weeks later, they were audit-ready. And during their actual assessment, the assessor even commended them for having a clear, traceable complaints-handling process.
That’s the power of a gap analysis. It doesn’t just expose problems — it gives you the chance to fix them before they count against you.
FAQs – Common Questions About Gap Analyses
Q1: How often should we perform a gap analysis?
At minimum, once before your initial accreditation. But the best inspection bodies repeat it annually — especially before surveillance or reassessment audits. It keeps your system aligned with any new processes, staff changes, or regulatory updates.
In my experience, organizations that do a quick gap review every year find far fewer nonconformities later. It’s preventive maintenance for your management system.
Q2: Who should conduct the gap analysis?
Ideally, someone who understands both your inspection process and the ISO/IEC 17020 standard.
A mix works best — internal staff who know the details, plus an external consultant who brings a fresh, unbiased view. Internal teams see day-to-day realities; consultants catch blind spots you might overlook.
Q3: Is a gap analysis the same as an internal audit?
Not quite.
A gap analysis checks whether required processes and documents exist — it’s about readiness.
An internal audit checks if those processes are being followed effectively — it’s about performance.
Think of it this way:
-
Gap analysis = What’s missing.
-
Internal audit = What’s working (or not).
Doing the gap analysis first gives your internal audit something solid to measure against.
From Gaps to Growth
An ISO/IEC 17020 gap analysis isn’t just another form to complete — it’s your strategic starting point.
It gives you a clear, honest picture of where your inspection body stands and exactly what needs attention before you move toward accreditation.
What I’ve seen time and again is that teams who take this step seriously feel calmer, more organized, and far more confident when auditors arrive. They already know their weak spots, and more importantly, they’ve already fixed them.
Your checklist isn’t just about compliance — it’s about building a stronger, more consistent organization. Every time you close a gap, you make your system easier to manage and your inspections more reliable.
So, take your findings, build that action plan, and start ticking them off one by one. You’ll be surprised how quickly momentum builds once clarity replaces uncertainty.
Next Step:
Download the ISO/IEC 17020 Gap-Analysis Checklist Template or get in touch with QSE Academy to transform your checklist into a full implementation plan that leads you confidently to accreditation success.
Melissa Lavaro is a seasoned ISO consultant and an enthusiastic advocate for quality management standards. With a rich experience in conducting audits and providing consultancy services, Melissa specializes in helping organizations implement and adapt to ISO standards. Her passion for quality management is evident in her hands-on approach and deep understanding of the regulatory frameworks. Melissa’s expertise and energetic commitment make her a sought-after consultant, dedicated to elevating organizational compliance and performance through practical, insightful guidance.
Related Posts
