Tag Archives: information technology


FDA Launches Office of Digital Transformation

By Food Safety Tech Staff
No Comments

Taking a step further in prioritizing technology and data modernization efforts, today the FDA announced the launch of a new Office of Digital Transformation. The office realigns the agency’s information technology, data management and cybersecurity roles into a central office that reports directly to the FDA commissioner. The reorganization will also help FDA further streamline its data and IT management processes, reducing duplication of processes, and promote best practices, technological efficiencies and shared services in a strategic and secure way.

“Good data management, built into all of our work, ultimately helps us meet and advance the FDA’s mission to ensure safe and effective products for American families,” said Acting FDA Commissioner Janet Woodcock, M.D., in an FDA news release. “The agency began these efforts because, as a science-based agency that manages massive amounts of data to generate important decisions and information for the public, innovation is at the heart of what we do. By prioritizing data and information stewardship throughout all of our operations, the American public is better assured of the safety of the nation’s food, drugs, medical devices and other products that the FDA regulates in this complex world. This reorganization strengthens our commitment to protecting and promoting public health by improving our regulatory processes with a solid data foundation built in at every level.”


Arun Apte, CloudLIMS
In the Food Lab

Is Your Food Testing Lab Prepping for an ISO/IEC 17025 Audit?

By Arun Apte
No Comments
Arun Apte, CloudLIMS

With the increasing globalization of the food industry, ensuring that products reaching consumers are safe has never been more important. Local, state and federal regulatory agencies are increasing their emphasis on the need for food and beverage laboratories to be accredited to ISO/IEC 17025 compliance. This complicated process can be simplified and streamlined through the adoption of LIMS, making accreditation an achievable goal for all food and beverage laboratories.

With a global marketplace and complex supply chain, the food industry continues to face increasing risks for both unintentional and intentional food contamination or adulteration.1 To mitigate the risk of contaminated products reaching consumers, the International Organization for Standardization (ISO), using a consensus-based approval process, developed the first global laboratory standard in 1999 (ISO/IEC 17025:1999). Since publication, the standard has been updated twice, once in 2005 and most recently in 2017, and provides general requirements for the competence of testing and calibration laboratories.2

In the recent revision, four key updates were identified:

  1. A revision to the scope to include testing, calibration and sampling associated with subsequent calibration and testing performed by a laboratory.3
  2. An emphasis on the results of a process instead of focusing on prescriptive procedures and policies.4
  3. The introduction of the concept of a risk-based approach used in production quality management systems.2
  4. A stronger focus on information technologies/management systems, specifically Laboratory Information Management System (LIMS).4

As modern-day laboratories reduce their reliance on hard copy documents and transition to electronic records, additional emphasis and guidance for ISO 17025 accreditation in food testing labs using LIMS was greatly needed. Food testing laboratories have increased reliance on LIMS to successfully meet the requirements of accreditation. Food and beverage LIMS has evolved to increase a laboratory’s ability to meet all aspects of ISO 17025.

ISO 17025 requirements
Figure 1. A schematic representation of some of the requirements of ISO/IEC 17025:2017 compliance. (Figure courtesy CloudLIMS)


Chain of Custody
A key element for ISO 17025 accredited laboratories is the traceability of samples from accession to disposal.5 Sometimes referred to as chain of custody, properly documented traceability allows a laboratory to tell the story of each sample from the time it arrives until the time it is disposed of.

LIMS software allows for seamless tracking of samples by employing unique sample accession numbers through barcoding processes. At each step of sample analysis, a laboratory technician updates data in a LIMS by scanning the sample barcode, establishing time and date signatures for the analysis. During an ISO 17025 audit, this information can be quickly obtained for review by the auditor.

Procurement and Laboratory Supplies
ISO 17025 requires the traceability of all supplies or inventory items from purchase to usage.6 This includes using approved vendors, documentation of receipt, traceability of supply usage to an associated sample, and for certain products, preparation of supply to working conditions within the laboratory. Supply traceability impacts multiple departments and coordinating this process can be overwhelming. A LIMS for food testing labs helps manage laboratory inventory, track usage of inventory items, and automatically alerts laboratory managers to restock inventory once the quantity falls below a threshold level.

A food LIMS can ensure that materials are ordered from approved vendors only, flagging items purchased outside this group. As supplies are inventoried into LIMS, the barcoding process can ensure accurate storage. A LIMS can track the supply through its usage and associate it with specific analytical tests for which inventory items are utilized. As products begin to expire, a LIMS can notify technicians to discard the obsolete products.

One unique advantage of a fully integrated LIMS software is the preparation and traceability of working laboratory standards. A software solution for food labs can assist a technician in preparing standards by determining the concentration of solvents needed based on the input weight from a balance. Once prepared, LIMS prints out a label with barcodes and begins the supply traceability process as previously discussed.

Quality Assurance of Test and Calibration Data

This section of ISO 17025 pertains to the validity of a laboratory’s quality system including demonstrating that appropriate tests were performed, testing was conducted on properly maintained and calibrated equipment by qualified personnel, and with appropriate quality control checks.

Laboratory Personnel Competency
Laboratory personnel are assigned to a specific scope of work based upon qualifications (education, training and experience) and with clearly defined duties.7 This process adds another layer to the validity of data generated during analysis by ensuring only appropriate personnel are performing the testing. However, training within a laboratory can be one of the most difficult components of the accreditation process to capture due to the rapid nature in which laboratories operate.

With a food LIMS, management can ensure employees meet requirements (qualifications, competency) as specified in job descriptions, have up-to-date training records (both onboarding and ongoing), and verify that only qualified, trained individuals are performing certain tests.

Calibration and Maintenance of Equipment
Within the scope of ISO 17025, food testing laboratories must ensure that data obtained from analytical instruments is reliable and valid.5 Facilities must maintain that instruments are in correct operating condition and that calibration data (whether performed daily, weekly, or monthly) is valid. As with laboratory personnel requirements, this element to the standard adds an additional layer of credibility that sample data is precise, accurate, and valid.

A fully integrated software solution for food labs sends a notification when instrument calibration is out of specification or expired and can keep track of both routine internal and external maintenance on instruments, ensuring that instruments are calibrated and maintained regularly. Auditors often ask for instrument maintenance and calibration records upon the initiation of an audit, and LIMS can swiftly provide this information with minimal effort.

Figure 2. A preconfigured food LIMS to manage instrument calibration and maintenance data. (Figure courtesy of CloudLIMS)

Measurement of Uncertainty (UM)
Accredited food testing laboratories must measure and report the uncertainty associated with each test result.8 This is accomplished by using certified reference materials (CRM), or known spiked blanks. UM data is trended using control charts, which can be prepared using labor-intensive manual input or performed automatically using LIMS software. A fully integrated food LIMS can populate control data from the instrument into the control chart and determine if sample data analyzed in that batch can be approved for release.

Valid Test Methods and Results
Accurate test and calibration results can only be obtained with methods that are validated for the intended use.5 Accredited food laboratories should use test methods that are current and contain embedded quality control standards.

A LIMS for food testing labs can ensure correct method selection by technicians by comparing data from the sample accession input with the test method selected for analysis. Specific product identifiers can indicate if methods have been validated. As testing is performed, a LIMS can track time signatures to ensure protocols are properly performed. At the end of the analysis, results of the quality control samples are linked to the test samples to ensure only valid results are available for clients. Instilling checks at each step of the process allows a LIMS to auto-generate Certificates of Analysis (CoA) knowing that the testing was performed accurately.

Data Integrity
The foundation of a laboratory’s reputation is based on its ability to provide reliable and accurate data. ISO 17025:2017 includes specific references to data protection and integrity.10 Laboratories often claim within their quality manuals that they ensure the integrity of their data but provide limited details on how it is accomplished making this a high priority review for auditors. Data integrity is easily captured in laboratories that have fully integrated their instrumentation into LIMS software. Through the integration process, data is automatically populated from analytical instruments into a LIMS. This eliminates unintentional transcription errors or potential intentional data manipulation. A LIMS for food testing labs restricts access to changing or modifying data, allowing only those with high-level access this ability. To control data manipulation even further, changes to data auto-populated in LIMS by integrated instrumentation are tracked with date, time, and user signatures. This allows an auditor to review any changes made to data within LIMS and determine if appropriate documentation was included on why the change was made.

ISO 17025:2017 requires all food testing laboratories to have a documented sampling plan for the preparation of test portions prior to analysis. Within the plan, the laboratory must determine if factors are addressed that will ensure the validity of the testing, ensure that the sampling plan is available to the laboratory (or the site where sampling is performed), and identify any preparation or pre-treatment of samples prior to analysis. This can include storage, homogenization (grinding/blending) or chemical treatments.9

As sample information is entered into LIMS, the software can specify the correct sampling method to be performed, indicate appropriate sample storage conditions, restrict the testing to approved personnel and provide electronic signatures for each step.

Monitoring and Maintenance of the Quality System

Organization within a laboratory’s quality system is a key indicator to assessors during the audit process that the facility is prepared to handle the rigors that come with accreditation.10 Assessors are keenly aware of the benefits that a food LIMS provides to operators as a single, well-organized source for quality and technical documents.

Document Control
An ISO 17025 accredited laboratory must demonstrate document control throughout its facility.6 Only approved documents are available for use in the testing facility, and the access to these documents is restricted through quality control. This reduces the risk of document access or modification by unauthorized personnel.

LIMS software efficiently facilitates this process in several ways. A food LIMS can restrict access to controlled documents (both electronic and paper) and require electronic signatures each time approved personnel access, modify or print them. This digital signature provides a chain of custody to the document, ensuring that only approved controlled documents are used during analyses and that these documents are not modified.

Software, LIMS
Figure 3. A software solution for food labs helps manage documents, track their revision history, and ensure document control. (Figure courtesy of CloudLIMS)

Corrective Actions/Non-Conforming Work
A fundamental requirement for quality systems is the documentation of non-conforming work, and subsequent corrective action plans established to reduce their future occurrence.5

A software solution for food labs can automatically maintain electronic records of deviations in testing, flagging them for review by quality departments or management. After a corrective action plan has been established, LIMS software can monitor the effectiveness of the corrective action by identifying similar non-conforming work items.


Food and beverage testing laboratories are increasingly becoming accredited to ISO 17025. With recent changes to ISO 17025, the importance of LIMS for the food and beverage industry has only amplified. A software solution for food labs can integrate all parts of the accreditation process from personnel qualification, equipment calibration and maintenance, to testing and methodologies.11 Fully automated LIMS increases laboratory efficiency, productivity, and is an indispensable tool for achieving and maintaining ISO 17025 accreditation.


  1. Spink, J. (2014). Safety of Food and Beverages: Risks of Food Adulteration. Encyclopedia of Food Safety (413-416). Academic Press.
  2. International Organization for Standardization (October 2017). ISO/IEC 17025 General requirements for the competence of testing and calibration laboratories. Retrieved from: https://www.iso.org/files/live/sites/isoorg/files/store/en/PUB100424.pdf
  3. 17025 Store (2018). Transitioning from ISO 17025:2005 to ISO/IEC 17024:2017. Standards Store.
  4. Perry Johnson Laboratory Accreditation (2019). An Overview of Changes Between 17025:2005 and 17025:2017. ISO/IEC 17025:2017 Transition. https://www.pjlabs.com/downloads/17025-Transition-Book.pdf
  5. Analytical Laboratory Accreditation Criteria Committee. (2018). AOAC INTERNATIONAL Guidelines for Laboratories Performing Microbiological and Chemical Analyses of Food, Dietary Supplements, and Pharmaceuticals, An Aid to Interpretation of ISO/IEC 17025. Oxford, England: Oxford University Press.
  6. Cokakli, M. (September 4, 2020). Transitioning to ISO/IEC 17025:2017. New Food Magazine.
  7. ISO/IEC 17025:2017. General requirements for the competence of testing and calibration laboratories.
  8. Bell, S. (1999). A Beginner’s Guide to Uncertainty of Measurement. Measurement Good Practice Guide. 11 (2).
  9. 17025Store (2018). Clause 7: Process requirements. Standards Store.
  10. Dell’Aringa, J. (March 27, 2017). Best Practices for ISO 17025 Accreditation: Preparing for a Food Laboratory Audit (Part I). Food Safety Tech.
  11. Apte, A. (2020). Preparing for an ISO 17025 Audit: What to Expect from a LIMS?
Rajan Gupta, Enexas
FST Soapbox

My IT Department Doesn’t Understand Me or My Business

By Rajan Gupta
No Comments
Rajan Gupta, Enexas

Despite much progress in technology, information technology departments (IT) continue to lack credibility with business leaders and despite spending significant costs, many “IT” projects continue to “fail” in the eyes of the very users that IT tries to support. In this article, I will share the common challenges that contribute towards perceived and actual misalignment between IT and business.

We know that technology is at the core of every business process and is the primary driver of competitive advantage. However, studies suggest that most business leaders do not feel comfortable with the direction for their IT and digital transformation. As business leaders focus more on IT costs and not how IT can transform the business, IT is pushed more towards daily operations versus long-term strategy. Dave Aron of Gartner Research, says that “Buying a piece of technology does nothing by itself. It’s how you use the technology that matters the most. But we must make sure that what we buy satisfies the business needs.”

During my many interactions with business and IT leaders, I normally ask questions like:

  1. Explain the core business of the organization?
  2. Have IT resources spent anytime working in the day of life of an average business user doing daily tasks as if they were in that role?
  3. Do business and IT teams communicate in the same language (i.e., Does IT communicate in a manner that a business user will understand technology), or does IT use technical jargon that goes over the heads of most people?
  4. Are you comfortable that your IT and business strategies are aligned?
  5. Do IT leaders actively participate in senior leadership meetings and define business strategy?

Not surprisingly, the answers to these questions are on opposite ends of the spectrum between the business and IT leaders. In spending more than two decades of providing technical solutions to business problems, I have found that such divide is only expanding as technology becomes increasingly complex each day. A global economy puts increasing pressure on business to stay competitive and drive growth at a rapid pace, especially as it relates to food safety, regulatory and quality. Food is now globally sourced and the processes require innovative technical solutions in assisting food safety and regulatory compliance of foreign suppliers. Many IT organizations do not have a deep understanding of the business of food safety, leaving a gaping hole in deploying solutions that keep our food chain supply safe.

Defining a Bridge

So how do we effectively tackle this divide between IT and business leaders? I often call myself the “bridge” between business and IT. For those that understand technology, it is your role to ensure that what we do with technology satisfies the business need! Ultimately, it is the business that will succeed with our support, because technology by itself is not successful. But wait, not every IT staff member can be expected to understand the business and technology. What I often observe is that most IT organizations lack a leader who has the business, technical, interpersonal, innovative and customer-centric skills. Such people are certainly not growing on trees. Business and IT leaders must establish a group of resources that act as the “bridge” for their organization. By identifying these resources, you can focus on providing them with the appropriate skills and training to work jointly with business and IT to deliver solutions that drive the overall business strategy. Finally, I must point out that this group is normally led by the chief information officer (CIO), who is more importantly a business leader with technical acumen and not a hardcore technologist.

CIO as a Business Leader First

The role of a CIO is perhaps the most complex of all C-Level executives. CIO is expected to manage daily IT operations, contain costs, increase efficiencies, provide valuable insights through factual data, partake actively in business strategy, align the IT strategy with the business, and innovate at the speed of business. Not to mention, do all this while increasing overall customer experience. CIOs must tighten the connection of their IT teams to the business!

IT Drives Project Prioritization Aligned to Business Strategy

How can CIOs, IT, and business leaders close this fundamental gap between their IT and business organizations? Let’s first start with prioritization. How often do you find yourself saying that I must have something completed by IT yesterday? If you are like most people, you would probably challenge yourself in whether you demand IT to be reactionary to your needs. Most IT organizations fail to understand the true impact of user requests to the business. Usually, project prioritization comes down to cost, who will pay for it, and what may be defined as the “cool” factor.

IT has the broadest view of all technology projects across the organization and must lead in communicating with all business leaders. A CIO needs to effectively communicate the impact of various projects on each of the business divisions, the impact of the project, the cost/ROI, and help define the prioritization for business projects. IT must play the role of a negotiator and help business leaders in making decisions that provide the greatest impact. Martha Heller in the CIO Paradox says that there are “no IT projects, only business projects!”

As mentioned earlier, IT departments usually lack understanding of the food safety and quality processes. CIOs need to conscientiously understand the business of food safety, as it is not only important to keep our food chain safe but also to protect the organizational brand and ensure that food safety and regulatory groups are able to monitor, assess, and proactively ensure that no harm is introduced to the public through their products. Many organizations rely on recall processes to help contain food safety issues, but that is a reactive approach, which in many cases, tarnishes the brand image and costs the organization more than what was ever expected.

Keeping It Simple

How often do we see technology being deployed because the previous tools were too old or have simply lost their luster? With a constant bombardment of new gadgets and apps, we increasingly find ourselves overwhelmed with the variety of options available for almost any task. But that does not mean that the most advertised, or the one with highest reviews is going to fit your specific business needs. Cookie-cutter approaches do not work in all business environments. IT must assess the business need, challenge the business users on their processes, propose and analyze options, and then actively work with business and software vendors to find the right fit. Sometimes, that means not changing anything at all.

I often see businesses put together selection committees comprised of business and IT teammates. The business leaders each focus on their own silos, and IT focuses on such things as security, infrastructure, demand on their time and support. But no one in the group is looking at the impact across the organization. An IT strategy aligned with business will ensure that IT leadership is able to guide each business user towards the pros/cons of any project impacting their specific business area. IT must be in front of the business and lead business users through all technology choices. CIOs and their IT teams need to learn to convey the messages through examples and language that a business user understands. Help businesses find software vendors that are at the forefront of innovation and have not fallen in the trap of legacy enterprise software companies that are resistant to change.

Another common mistake by IT is asking the business users what they want. IT needs to take the ownership of understanding the business and then innovate in a manner that makes that task/process easy, efficient, accurate, sexy and simple! Be truly disruptive by providing a product that your business users automatically gravitate to that solution. It is the role of the IT departments to understand the business. I am convinced that certain business jargon, like FSMA, FSVP, social responsibility, and sustainability are terms not well understood by most IT organizations. Many food compliance staff members are buried in mountains of paper, PDF and email documentation, leading to selective review and processing of information. Such an approach of sampling only a part of relevant information is a major risk to our food supply chain. In recent years, tools have emerged that allow food safety and regulatory staff to electronically monitor the relevant information and focus their attention on information that really matters. By streamlining the processes through creativity and technology, we can empower the food safety staff to be vigilant and ensuring that only safe, reliable, and high-quality food enters our food chain.

Getting Business to be Comfortable with IT

In an organization, it is easy to find executives and managers who have worked across several departments. A customer service representative may transition to sales, or a vice president of sales becomes a CEO of the company. But not many people crosspollinate with IT. Most people outside of IT do not understand technology at a level to contribute effectively on a technical team. So, you may be saying why can’t the business understand technology? Well that’s because technology is in a supporting role for the business. It’s like a supporting actor helps the lead actor succeed at their role in a movie. It is the job of the IT group to support the business and get them to be comfortable with you. In every project, ensure that there is a business leader who owns the project. Remember that it is a business project, and not an IT project.

The CIO Magazine and other such periodicals are frequently publishing articles on speaking the language of the business. This suggests that IT still does not understand how to communicate with the business. Simplify your communication by removing technical jargon from your communications. Actively participate in business meetings to understand the needs of the business user. Be curious and be a trusted advisor for the business. Remember that you are the bridge and you do not need to explain the underlying infrastructure to you your business peers; you just need to help them do their job effectively, and efficiently. Discuss with them how you can help them win!

IT is about serving the business, being adaptable, innovative, and having its success be defined as only being the success of its business partners. Martha Heller in CIO Paradox states that “[IT] needs to have egos that are big enough to initiate transformative projects but small enough to let someone else take credit.”