In Clause 4.1.3 it is stated that if a risk to impartiality is identified, the inspection body shall be able to demonstrate how it eliminates or minimizes such risk. Does this mean that all identified risks need to be eliminated or minimised? What would be an adequate approach for an inspection body to manage identified risks?
STANDARD: ISO/IEC 17020 · CLAUSE: Clause 4.1.3 · TOPIC: Risk Management
|The structure and processes used by inspection bodies in the management of impartiality threats varies with the size of, and services provided by, the inspection body. In smaller organisations specific threats may be identified, while in larger organisations threats may be clustered by source or type and treated “generically”. In larger inspection bodies, threats to impartiality may be addressed by multiple systems, with distinct and separate reporting processes. The standard does not nominate or preference techniques in the identification and response to threats to impartiality. Any response to eliminate or minimise a risk will leave a residual risk. The inspection body should be able to demonstrate how it established that the residual risk was acceptable and remains at an acceptable level.|