Preparing for an ISO 15189 surveillance audit does not have to be a scramble. A structured 90-day approach gives pulmonary function labs enough runway to close gaps in documentation, validate quality controls, and demonstrate the kind of continuous improvement that auditors actually look for. The difference between a lab that passes confidently and one that scrapes through is rarely technical competence. It is almost always the quality system behind the work.

TL;DR

• ISO 15189 surveillance audits assess ongoing compliance, not just a snapshot. Preparation should be continuous, not last-minute.

• The three highest-risk areas for PFT labs are ISO 15189 document control, clinical lab quality control records, and staff competency evidence.

• A 90-day checklist breaks preparation into manageable phases: audit, fix, and verify.

• A purpose-built lab quality management system dramatically reduces the administrative burden of maintaining compliance.

• Labs that embed ISO 15189 requirements into daily workflows outperform those that treat accreditation as a periodic event.

About the Author: This article was written by the Rezibase team, specialists in respiratory and sleep lab software with over 37 years of combined experience supporting accredited clinical physiology labs across Australia, New Zealand, the UK, and Ireland.

What Does an ISO 15189 Surveillance Audit Actually Assess?

An ISO 15189 surveillance audit is a periodic review conducted between full accreditation cycles to confirm that a laboratory continues to meet the standard's requirements. It is not a re-accreditation. Auditors are not starting from scratch. They are looking for evidence that your quality system is alive and functioning, not frozen in time from your last major audit.

For pulmonary function labs specifically, auditors will focus on:

• Whether your ISO 15189 quality manual reflects current practice (not the practice you had two years ago)

• Whether non-conformances have been identified, documented, and genuinely resolved

• Whether staff training and competency records are current

• Whether clinical lab quality control data is being monitored and acted upon

• Whether your ISO 15189 document control processes are being followed, not just documented

The audit is essentially asking: "Is this lab actually running the quality system it says it runs?"

Why Do PFT Labs Specifically Struggle with ISO 15189 Compliance?

Pulmonary function testing has unique compliance pressures that general laboratory standards do not fully anticipate. Patient preparation protocols, for example, vary by test type and must be clearly documented and consistently applied.

According to the American Lung Association, patients should not smoke for at least six hours before testing and should continue daily medications unless specifically instructed otherwise. UCLA Health adds that bronchodilator medications should be withheld for four hours before testing, and tight clothing should be avoided. Cleveland Clinic similarly advises wearing loose, comfortable clothing and stopping certain breathing medicines for a short period before testing.

These preparation requirements must be reflected in your patient instructions, your staff protocols, and your quality records. If any of these are out of alignment, it becomes a document control finding.

Beyond patient prep, PFT labs must manage:

• Equipment calibration records for spirometers, body boxes, and DLCO equipment

• Biological quality control using reference subjects or control materials

• Reference range validation tied to recognised equations (such as GLI)

• Test technique standards aligned with ATS/ERS guidelines

The ATS Pulmonary Function Laboratory Management and Procedure Manual (3rd Edition) is the field's most authoritative procedural reference and is frequently cited by accreditation bodies when assessing whether a lab's procedures meet current standards.

What Should a 90-Day ISO 15189 Audit Readiness Plan Look Like?

The following checklist is structured across three 30-day phases. Each phase builds on the last.

Days 1 to 30: Internal Audit and Gap Analysis

Key actions:

• Assign a lead person for each gap area

• Log all findings in your non-conformance system immediately

• Do not wait to fix things before logging them. Auditors want to see the system working, including how you find and resolve problems.

Days 31 to 60: Remediation and Documentation Update

• Update any procedures that have drifted from current ATS/ERS or NATA/TSANZ standards

• Revise patient preparation instructions to reflect current guidance from recognised sources

• Close outstanding non-conformances with documented root cause analysis and corrective actions

• Ensure your ISO 15189 quality manual has been reviewed and signed off within the required timeframe

• Verify that your lab quality management system is capturing QC data in a reviewable format

• Conduct a staff training refresh on any updated procedures and record attendance and competency outcomes

Days 61 to 90: Verification and Mock Audit

• Run a mock audit using the same criteria your accreditation body will apply

• Review the output of your clinical lab quality control monitoring for the past 12 months. Look for trends, not just individual failures.

• Confirm that all corrective actions from your internal audit have been verified as effective

• Prepare your audit folder or system access so that evidence is easy to locate during the real audit

• Brief all staff on what to expect and how to respond to auditor questions

How Does a Purpose-Built Lab Quality Management System Change the Equation?

The biggest compliance risk for most PFT labs is not a lack of knowledge. It is a lack of infrastructure. When quality records live in spreadsheets, shared drives, and paper folders, maintaining ISO 15189 document control becomes a full-time job in itself.

A dedicated lab quality management system designed for respiratory and sleep labs changes this fundamentally. Rezibase, for example, includes an accreditation module built specifically to support TSANZ/NATA and ISO 15189 requirements. It covers document management, staff training records, non-conformance tracking, action plans, audit management, and quality control monitoring using Westgard methods, all within a single cloud-based platform.

For labs currently using a separate or legacy system, transitioning to a purpose-built solution is more straightforward than it might seem. Data migration is handled as part of onboarding, and because Rezibase is vendor-neutral, it imports data from any device type without requiring equipment changes.

Frequently Asked Questions

How often do ISO 15189 surveillance audits occur?
Surveillance audits typically occur annually or biennially between full accreditation cycles, depending on the accreditation body and the lab's history.

What is the most common reason PFT labs receive non-conformances during audits?
Outdated documentation and gaps in ISO 15189 document control are consistently among the most common findings, followed by incomplete staff competency records.

Does our ISO 15189 quality manual need to be updated before a surveillance audit?
Yes. Your quality manual should reflect current practice. If procedures have changed and the manual has not been updated, that is a document control non-conformance.

What QC methods are acceptable for ISO 15189 clinical lab quality control in PFT labs?
Westgard rules are widely recognised and accepted. Your QC programme should include defined rules, regular review, and documented responses to out-of-control events.

How do we handle a non-conformance found during our internal audit?
Log it immediately, assign a root cause, implement a corrective action, and verify effectiveness. The process itself is evidence of a functioning quality system.

Can we use cloud-based software to manage our accreditation documentation?
Yes, and increasingly this is the preferred approach. Cloud-based systems offer version control, access logs, and centralised storage that support ISO 15189 document control requirements.

What should staff know before an audit visit?
Staff should understand the lab's scope of accreditation, where to find relevant procedures, and how to describe their role in the quality system. They do not need to memorise documents, but they should know how to access them.

About Rezibase

Rezibase is Australia's most advanced cloud-based respiratory and sleep reporting and management platform, trusted by over 35 sites including NHS facilities in the UK and NSW Health in Australia. Founded by respiratory scientists and now backed by Cardiobase, Rezibase is built specifically for clinical physiology labs, with an accreditation module that supports ISO 15189 compliance through integrated document control, non-conformance management, training records, and Westgard-based quality control. The platform is vendor-neutral, requires no local servers, and is priced on a transparent monthly model with no lock-in contracts.

Ready to see how Rezibase supports your next audit? Visit rezibase.com to book a demo or start a free 30-day trial.

References

• American Lung Association. Pulmonary Function Tests. https://www.lung.org/lung-health-diseases/lung-procedures-and-tests/lung-function-tests

• UCLA Health. Preparing for Your Pulmonary Function Test. https://www.uclahealth.org/medical-services/respiratory-care/pulmonary-function-lab/preparing-your-pulmonary-function-test

• Cleveland Clinic. Pulmonary Function Test: Purpose, Procedure & Results. https://my.clevelandclinic.org/health/diagnostics/17966-pulmonary-function-testing

• ATS Ed+. ATS Pulmonary Function Laboratory Management and Procedure Manual 3rd Edition. https://atsedplus.thoracic.org/content/ats-pulmonary-function-laboratory-management-and-procedure-manual-3rd-edition-pdf-digital

• NHLBI, NIH. Pulmonary Function Tests. https://www.nhlbi.nih.gov/science/pulmonary-function-lab/tests