If you manage calibration at a manufacturing company, you've encountered both ISO 17025 and ISO 9001. You probably know one is about laboratories and the other is about quality management. But when it comes to calibration specifically, the relationship between these two standards causes genuine confusion — confusion that leads to over-engineering your calibration programme, under-engineering it, or building processes that satisfy neither standard properly.
This post clarifies what each standard requires for calibration, where they overlap, where they diverge, and what this means practically for a manufacturer managing instruments on the factory floor.
The Fundamental Difference
ISO 9001 is a quality management system standard. It tells your organisation how to build and run a system that consistently delivers products and services meeting customer and regulatory requirements. Calibration appears within ISO 9001 as one element of a broader quality system — specifically under clause 7.1.5, Monitoring and measuring resources.
ISO/IEC 17025 is a laboratory competence standard. It specifies requirements for testing and calibration laboratories to demonstrate they operate competently and can generate valid results. If ISO 9001 is about running a quality business, ISO 17025 is about performing technically competent measurements.
The confusion arises because both standards address calibration, but from fundamentally different perspectives. ISO 9001 asks: are your measuring instruments suitable and properly maintained? ISO 17025 asks: are your calibration processes technically competent and do they produce valid, traceable results?
As a manufacturer, you're typically certified to ISO 9001 (or a sector-specific derivative like AS9100, IATF 16949, or ISO 13485). You're probably not certified to ISO 17025 unless you operate an in-house calibration laboratory. But you interact with ISO 17025 every time you send an instrument to an external calibration provider — because that provider's competence is (or should be) demonstrated through their ISO 17025 accreditation.
What ISO 9001 Requires for Calibration
ISO 9001:2015, clause 7.1.5 (Monitoring and measuring resources), sets out calibration requirements for any organisation running a quality management system. The requirements are intentionally broad because they apply across every industry, from software companies to steel mills.
The Core Requirements
Your monitoring and measuring resources must be suitable for the specific type of monitoring and measurement activities being undertaken. They must be maintained to ensure their continued fitness for purpose. You must retain documented information as evidence of fitness for purpose.
When measurement traceability is a requirement — whether specified by the customer, by regulation, or by your own quality system — measuring equipment must be calibrated or verified at specified intervals or prior to use against measurement standards traceable to international or national measurement standards. When no such standards exist, the basis used for calibration or verification must be retained as documented information.
Equipment must also be identified to determine its status, and it must be safeguarded from adjustments, damage, or deterioration that would invalidate the calibration status and subsequent measurement results.
What ISO 9001 Doesn't Specify
Notice what ISO 9001 doesn't tell you: it doesn't specify calibration intervals, it doesn't define how calibration should be performed, it doesn't require specific levels of measurement uncertainty, and it doesn't mandate accredited calibration providers.
These omissions are deliberate. ISO 9001 sets the "what" — your instruments must be calibrated and traceable. The "how" is left to you, based on your specific requirements, risks, and regulatory context.
This flexibility is both the strength and the weakness of ISO 9001's calibration requirements. It allows the standard to apply universally, but it leaves manufacturers to determine their own calibration programme details. For organisations without deep metrology expertise, this can result in either over-calibrating everything "just to be safe" or under-specifying the programme and creating gaps that surface during audits.
The ISO 9001:2026 revision is tightening some of these areas, particularly around digital readiness and data-driven quality management. The intent is that manufacturers demonstrate more explicitly how their calibration data connects to quality decisions.
What ISO 17025 Requires for Calibration
ISO/IEC 17025:2017 goes much deeper than ISO 9001 on calibration. This is expected — it's a standard specifically for laboratories performing calibrations.
Technical Requirements
ISO 17025 requires laboratories to have documented methods for every calibration they perform. These methods must be validated or verified as fit for purpose. The laboratory must understand and quantify the sources of measurement uncertainty in their calibration processes.
Staff performing calibrations must be competent, with documented evidence of their training, qualifications, and ongoing competence assessment. Equipment used as reference standards must be calibrated with traceability to the International System of Units (SI) through national metrology institutes or other appropriate means.
Environmental conditions must be monitored and controlled to the extent required by the calibration method. The laboratory must maintain records of environmental conditions during calibration.
Measurement Uncertainty
This is where ISO 17025 diverges most significantly from ISO 9001. ISO 17025 requires laboratories to evaluate measurement uncertainty for every calibration they perform. The uncertainty must be calculated, documented, and reported on calibration certificates.
Measurement uncertainty is the quantified doubt about a measurement result. When a laboratory reports that your gauge block measures 25.0003 mm with an expanded uncertainty of 0.0001 mm (k=2), they're telling you they're 95% confident the true value lies between 25.0002 mm and 25.0004 mm.
ISO 9001 doesn't require you to evaluate measurement uncertainty for your own measurement processes (though the 2026 revision strengthens expectations in this area). But when you receive a calibration certificate from an ISO 17025 accredited laboratory, the uncertainty is there — and you should understand what it means for your measurement decisions.
Traceability Requirements
Both standards require traceability, but ISO 17025 is far more prescriptive. Under ISO 17025, traceability must be to the SI through national metrology institutes or through calibration laboratories that can demonstrate their own traceability. The unbroken chain of comparisons must be documented. Reference standards must be calibrated before and after use for critical measurements.
Under ISO 9001, traceability simply means your instruments are calibrated against "measurement standards traceable to international or national measurement standards." The standard doesn't specify how that traceability chain should be documented or maintained — only that it exists.
Decision Rules
ISO 17025:2017 introduced the concept of decision rules — the methodology for how measurement uncertainty is accounted for when declaring whether an instrument passes or fails its calibration specification. This is a technical area that most manufacturers don't need to evaluate themselves, but understanding that your calibration provider applies decision rules helps you interpret the results on your certificates more accurately.
Where the Standards Overlap
Despite their different scopes, ISO 9001 and ISO 17025 share several core principles when it comes to calibration.
Both require metrological traceability to recognised measurement standards. Both require documented procedures for calibration activities. Both require records of calibration results. Both require that measuring equipment is identified and its calibration status is determinable. Both require that out-of-tolerance equipment is evaluated for the impact on previous measurements.
The last point is particularly important. Both standards expect you to investigate what happens when an instrument is found out of tolerance. ISO 9001 says you must "determine if the validity of previous measuring results has been adversely affected." ISO 17025 requires laboratories to evaluate the impact of non-conforming work on previously issued results.
For manufacturers, this means your OOT response process needs to satisfy your ISO 9001 obligations. When your calibration provider finds an instrument out of tolerance, they handle their ISO 17025 obligations. You handle yours. The hand-off between these two is where things often go wrong — the provider reports the OOT finding, and the manufacturer fails to investigate the impact on their own products.
Which Standard Applies to You?
If You're a Manufacturer (ISO 9001 / AS9100 / IATF 16949 / ISO 13485)
Your calibration programme is governed by your management system standard. ISO 9001 (or its sector derivative) defines what you need to do. ISO 17025 is relevant to you as a customer of calibration services — you should be sending your instruments to ISO 17025 accredited laboratories, and you should understand the certificates they send back.
You don't need to implement ISO 17025 yourself unless you operate an in-house calibration laboratory and want to demonstrate its competence to the same standard as external providers.
If You Operate an In-House Calibration Laboratory
This is where the standards intersect directly. If your in-house lab calibrates instruments that are used in production and your company is ISO 9001 certified, you need to satisfy ISO 9001's calibration requirements at a minimum.
Whether you also need ISO 17025 accreditation for your in-house lab depends on your industry and customer requirements. Aerospace manufacturers under AS9100 often need accredited in-house calibration. Medical device manufacturers under ISO 13485 may need it for critical measurements. Automotive manufacturers under IATF 16949 typically require accredited calibration for key measurement equipment.
If you're not required to have accredited in-house calibration, you can still benefit from applying ISO 17025 principles — particularly around measurement uncertainty, staff competence, and environmental controls — without pursuing formal accreditation.
If You're a Calibration Service Provider
You need ISO 17025 accreditation. Full stop. Your customers rely on your accreditation as evidence of your technical competence. Without it, you're asking them to take your word for the quality of your calibrations, and increasingly, their quality systems and auditors won't accept that.
Common Mistakes Manufacturers Make
Treating All Calibrations the Same
Not every instrument needs the same level of calibration rigour. A torque wrench used on safety-critical fasteners needs accredited calibration with full uncertainty budgets. A thermometer used for ambient temperature monitoring might be adequately served by a verification check against a known reference. ISO 9001 allows this flexibility — but you need documented rationale for the decisions you make.
Ignoring Measurement Uncertainty from Certificates
Many manufacturers receive ISO 17025 accredited calibration certificates with detailed uncertainty statements and promptly ignore them. The uncertainty information is there because it's relevant to your measurement decisions. If your process tolerance is tight relative to the calibration uncertainty, you may need to account for it. If there's a comfortable margin, you can note this in your records and move on. Either way, demonstrating that you've considered uncertainty strengthens your quality system.
Not Verifying Provider Accreditation Scope
Sending an instrument to an ISO 17025 accredited laboratory doesn't automatically mean the calibration is accredited. The laboratory's accreditation covers specific measurement types and ranges. If your instrument falls outside their scope, the calibration may be performed under their quality system but outside their accreditation. The certificate should state this clearly — but not all laboratories are transparent about it. Check the scope before you send the instrument, not after you receive the certificate.
Confusing Calibration with Verification
ISO 9001 mentions both calibration and verification. Calibration determines the measurement error of an instrument by comparing it against a reference standard. Verification confirms that an instrument meets a specified requirement. You can verify without calibrating (for example, using a go/no-go gauge), and you can calibrate without verifying (for example, characterising an instrument's performance without making a pass/fail judgement).
Understanding the distinction helps you build a calibration programme that's appropriate for each instrument rather than applying the same approach to everything.
Why This Fails in Audits
Auditors at ISO 9001 surveillance audits regularly probe calibration because it's a concrete, auditable process with clear documentation requirements. Common failure points include not being able to explain why you chose your calibration intervals (lack of documented rationale), not being able to demonstrate traceability for instruments in use (missing or expired certificates), not investigating the impact of out-of-tolerance findings on product (the most common gap, particularly for small manufacturers), and using non-accredited calibration providers without documented justification.
These failures aren't about misunderstanding ISO 17025. They're about not fully implementing ISO 9001's calibration requirements. The fix is usually process improvement and better documentation rather than technical metrology expertise.
How Scopax Bridges the Gap
For manufacturers, the practical challenge isn't understanding the theoretical differences between ISO 9001 and ISO 17025. It's building a calibration management system that satisfies your management system requirements while properly handling the outputs from your calibration providers.
Scopax is built for exactly this use case. The platform manages your calibration programme to ISO 9001 requirements — scheduling, tracking, documentation, and audit readiness — while properly integrating the technical data from your ISO 17025 accredited providers.
When a certificate arrives from your calibration provider, Scopax links it directly to the instrument record. Calibration results are tracked over time so you can trend instrument performance across calibration cycles — the kind of data-driven approach that ISO 9001:2026 is moving toward as a baseline expectation.
When an out-of-tolerance event is reported, the system's mandatory impact assessment workflow ensures you meet ISO 9001's requirement to evaluate the validity of previous measurements. You can't close an OOT event without documenting which products were measured, which batches are potentially affected, and what corrective action was taken.
The audit pack generator pulls together everything an auditor needs for any instrument or group of instruments — certificates, calibration history, OOT investigations, traceability records — in seconds rather than hours.
If you want to see how your current calibration programme measures up, the audit readiness checklist takes five minutes and highlights gaps against both ISO 9001 and common industry expectations. Or get in touch for a walkthrough of how Scopax handles the day-to-day reality of calibration management for manufacturers.