Pathology In Practice October 2025

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

RISK MANAGEMENT

Risk-based audit schedules and periodic review of examinations

In this seventh article in his series on risk management, Stephen MacDonald moves on to consider internal audits and periodic reviews of examinations, which are fundamental to delivering safe and reliable laboratory services.

Auditing in the medical laboratory is more than a regulatory obligation – it is a critical tool for safeguarding patients. When poorly targeted, audits can provide reassurance on paper while failing to uncover risks that directly affect clinical care. For example, an audit may confirm that refrigerator temperature logs are signed off each day yet fail to consider whether excursions in storage conditions have impacted reagent stability and therefore patient results. Similarly, a review might check that staff have signed acknowledgements of standard operating procedures, while overlooking persistent failures in the laboratory information system that delay the reporting of critical results. Compliance alone does not guarantee patient safety.

The shift to risk-based auditing reflects

the requirements of ISO 15189:2022, which mandates internal audits and periodic review of examinations, and ISO 22367:2020, which frames monitoring

Audit type Assay-based

Process-based Examples Troponin, INR, D-dimer, Factor VIII

Sample transport, LIS critical value reporting, analyser–LIS interface

and control measures in proportion to the potential risk of patient harm; we have discussed these documents throughout our series on risk so far. Together, these standards move the purpose of audit beyond documenting conformity and towards systematically identifying and addressing the areas of greatest risk. This article explores how laboratories can achieve that in practice. We examine how to design audit schedules proportionate to clinical risk, how to conduct meaningful periodic reviews of examinations, and how to evaluate residual risk in the context of patient safety.

Designing a risk-based audit schedule Audit programmes in medical laboratories must go beyond a fixed timetable and instead reflect the clinical risk associated with both assays and processes. ISO 15189:2022 requires

Risk factors

High clinical impact, narrow decision limits, urgent reporting requirements

System-wide consequences, reduced detectability, hidden failures

laboratories to carry out internal audits and to review examination procedures for their continued suitability, while ISO 22367:2020 emphasises that monitoring and control activities must be proportionate to the potential risk of patient harm. Together, these standards shift the focus away from routine calendar-based audits towards risk-based schedules that prioritise areas of greatest clinical impact.

A risk-based audit schedule must

recognise two equally important domains: n Assay-based audits, where the focus is on tests with direct and immediate impact on patient care, such as troponin, INR or D-dimer. These assays carry a high risk of harm if performance deteriorates or if processes are not followed, and therefore often warrants closer and more frequent review (Table 1). In contrast, lower-volume or less critical assays may justifiably be reviewed less often, provided there is evidence of stable performance and sufficient indirect assurance from platform or process audits.

n Process-based audits, which address system-level functions such as sample transport, LIS result reporting, or communication of critical values. While less visible than assay performance, failures in these processes can have consequences that are just as serious, affecting multiple assays or delaying time-critical results across the service.

Scheduling approach*

More frequent if high-risk; less frequent if low-risk but still within accreditation cycle

Scheduled to ensure all processes covered within accreditation cycle

Table 1. A dual focus for designing a risk based audit schedule. (* Schedules must be determined locally, reflecting the scope of the repertoire, the complexity of platforms in use, and the accreditation cycle.)

WWW.PATHOLOGYINPRACTICE.COM OCTOBER 2025 23

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44 | Page 45 | Page 46 | Page 47 | Page 48 | Page 49 | Page 50 | Page 51 | Page 52 | Page 53 | Page 54 | Page 55 | Page 56