The definition of policy is: A proposed or adopted course or principle of action. This differs from a procedure (A series of actions conducted in a certain order or manner) in that specific steps are not provided in a policy, but the principle which the lab intends to follow is identified and recorded. According to clause 4.2.1, "The laboratory shall document its policies, systems, programmes, procedures and instructions to the extent necessary to assure the quality of the test and/or calibration results".
These policies are listed in Table 1 below along with the clauses mandating their use. Most of them have a corresponding procedure to accommodate their implementation. The content of some of these policies may be as simple as "The corresponding procedure shall be followed by all lab personnel", or they may provide more detail regarding the scope of the policy. Either way, the listed policies within ISO/IEC 17025 must exist somewhere within the laboratory's quality system.
|*||1||The protection of a customers' confidential information and proprietary rights||4.1.5(c)|
|*||2||Avoiding involvement in any activities that would diminish confidence in the labs' competence, impartiality, judgement or operational integrity||4.1.5(d)|
|3||Quality Policy Statement||4.2.2|
|*||4||Review of requests, tenders, and contracts||4.4.1|
|*||9||Identifying and providing training||5.2.2|
* Policy has a related procedure
In addition to the policies that are required through phrases such as "the laboratory shall have a policy(ies) and procedure(s)...", policies can also be documented to make the implementation of other clauses easier to communicate to lab personnel, some of these are shown in Table 2. The use of these implied policies is one method that can be used to streamline the quality manual and ensure that the intention of laboratory's top management is presented to the laboratory staff. Depending on the activities of the laboratory, other policies could also be implemented to show that there are certain arrangements between the employees of an organization and the quality system.
|4||Use of Accreditor's logo||---|
Although ISO/IEC 17025 does not provide a long list of required policies, each one is quite important to the operation of any laboratory and auditors are not only checking whether or not they exist, but also checking to make sure they are followed. Policies are meant to reinforce the importance of many required procedures and should be given extra consideration in the daily laboratory operations. The purpose of a quality system is to say what you do and do what you say, and the policies are a fundamental part of this philosophy.