Questions regarding Impartiality

In summary, if the only interaction with the supplier organisation is the provision of goods or services and the laboratory’s role is limited to verifying the supplier’s certificate or specifications, the main risk relates to the acceptance of those supplied items. In such cases, the laboratory should ensure that the review of supplier certificates, acceptance of supplied goods, and any related technical decisions are performed by competent personnel who are independent of the supplier organisation.

More broadly, the laboratory must still retain full technical independence for method selection, data interpretation, and the approval and reporting of results, and should not rely solely on the shared CTO when a supplier relationship exists.

You asked: 1. Is it acceptable under ISO/IEC 17025 for a laboratory CTO to simultaneously hold the CTO role in a critical supplier organisation?

ISO/IEC 17025 does not prohibit a person from holding senior roles in more than one related organisation. A CTO serving both the laboratory and a supplier organisation can therefore be acceptable. However, the laboratory must identify and manage the resulting risk to impartiality (section 4.1). In the scenario you describe, where the CTO is involved as the analyst reviewing the supplier’s certificate or specifications for supplied goods, accreditation bodies would expect the laboratory to ensure that the final acceptance of supplied items and related technical decisions are made independently of the supplier organisation.

You asked: 2. What risks to impartiality would an accreditation body likely expect us to identify and control in this situation?

The main risks relate to potential influence over the acceptance of supplied goods or services, including reliance on supplier certificates without independent review, preferential acceptance of the supplier’s products, or pressure to accept goods that do not fully meet requirements. There may also be perceived conflicts of interest if the same individual has responsibilities in both organisations. ISO/IEC 17025 requires laboratories to identify and control both actual and perceived risks to impartiality.

You asked: 3. What types of governance or structural controls would typically be expected to mitigate this arrangement?

Controls typically include documenting the supplier relationship as an impartiality risk; conflict of interest declarations; ensuring that the review of supplier certificates and the acceptance of supplied goods are carried out by competent personnel independent of the supplier; and maintaining laboratory authority over method selection, data interpretation, and approval and reporting of results. The supplier should also be evaluated independently through the laboratory’s normal process for control of externally provided products and services.

You asked: 4. Are there examples of acceptable structures where a laboratory shares senior technical leadership with a supplier or related organisation?

Yes. Similar arrangements occur where laboratories operate within engineering or technical organisations that also supply products or services used by the laboratory. Accreditation bodies generally accept these structures provided the laboratory demonstrates that decisions affecting the acceptance of supplied items, testing activities, and reporting of results are independent from the supplier’s commercial interests and appropriately controlled through the laboratory’s impartiality and supplier management processes.

Lastly, you asked:  

Any guidance on how accreditation bodies typically view this structure would be greatly appreciated."

Accreditation bodies generally do not prohibit shared roles between related organisations, but they will expect the laboratory to clearly identify the relationship as a potential impartiality risk and demonstrate that appropriate controls are in place. Their primary concern is that the laboratory retains independent authority over technical decisions and the acceptance of supplied goods or services.

Where a shared CTO is involved, they will normally look for evidence that the review of supplier certificates, acceptance of supplied items, and the approval and reporting of laboratory results are performed by competent personnel who are independent of the supplier organisation. If these controls are clearly defined and implemented, such structures are commonly accepted during accreditation assessments.