Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Home About Us Laboratory Services Biometric Analysis CODIS Database-QAS-Audit-9-1-11

Database-QAS-Audit-9-1-11

The FBI Quality Assurance Standards
Audit for
 DNA Databasing Laboratories
Print version (pdf)

In Accordance with 
The Quality Assurance Standards
for
 DNA Databasing Laboratories

Effective September 1, 2011

An Audit of:

  

Dates of Audit:

  

  

  

  

Auditor(s):

  

  

  

(Name) 

  

(Signature) 

  

  

  

(Name) 

  

(Signature) 

  

  

  

(Name) 

  

(Signature) 

 

Table of Contents

Introduction
Instructions for AuditorsChecklist of General Laboratory Information
Standard 1 - Scope
Standard 2 - Definitions
Standard 3 - Quality Assurance Program
Standard 4 - Organization and Management 
Standard 5 - Personnel
Standard 6 - Facilities 
Standard 7 - Sample Control
Standard 8 - Validation
Standard 9 - Analytical Procedures
Standard 10 - Equipment Calibration and Maintenance
Standard 11 - Documentation / Reports
Standard 12 - Review
Standard 13 - Proficiency Testing
Standard 14 - Corrective Action
Standard 15 - Audits
Standard 16 - Safety
Standard 17 -Outsourcing
Appendix A:  Findings And Responses
Appendix B:  Technical Leader Contingency Plan Notification
Appendix C:   Auditor Self-Certification
Appendix D:  Personnel Qualifications
Appendix E:  Approved Validations

Quality Assurance Audit Document

Introduction

The DNA Identification Act of 1994 required the formation of a panel of distinguished professionals, from the public and private sectors, to address issues relevant to forensic DNA applications.  This panel, titled the DNA Advisory Board (DAB), first convened in 1995.  An early mission of the DAB was to develop and implement quality assurance standards for use by forensic DNA testing laboratories.  The scope was quickly expanded to include forensic DNA databasing laboratories as well.  The DAB fulfilled this role, recommending separate documents detailing quality assurance standards for both applications.  The "Quality Assurance Standards for Forensic DNA Testing Laboratories" and the "Quality Assurance Standards for Convicted Offender DNA Databasing Laboratories" were issued by the Director of the Federal Bureau of Investigation in October 1998 and April 1999, respectively.  Both documents have become benchmarks for assessing the quality practices and performances of DNA laboratories throughout the country. When the Federal DNA Advisory Board’s statutory term expired, it transferred responsibility for recommending revisions of these Quality Assurance Standards to the Scientific Working Group on DNA Analysis Methods (SWGDAM).

The DNA Identification Act of 1994 also required that the FBI Laboratory ensure that all DNA laboratories that are federally operated, receive federal funds or participate in the National DNA Index System (NDIS) demonstrate compliance with the standards issued by the FBI.  Typically documentation of a laboratory's compliance with a stated Standard has been measured through an audit process.  Such audits have been performed by forensic scientists, either internal or external to the laboratory, and serve to identify compliance with established standards.

Since the issuance of the original Quality Assurance Standards (QAS), the lack of a defined, uniform interpretation guide for such standards presented a potential problem between laboratories and auditors attempting to determine levels of compliance.  In an effort to satisfy the responsibilities assigned through the DNA Identification Act and attempt to minimize interpretation variability, the FBI Laboratory developed an audit document for assessing compliance with the required standards of both documents.  Recognizing the broad application of such an undertaking, the FBI Laboratory solicited input from multiple forensic DNA laboratories when developing the original Audit Document.  This input included collaboration with members from two prominent international inspection/accreditation entities, the American Society of Crime Laboratory Directors/ Laboratory Accreditation Board (ASCLD/LAB) and the National Forensic Science Technology Center (NFSTC)1. To this end, this Audit Document was created by the FBI Laboratory with the input, guidance and consensus from the above-mentioned groups.

The Audit Document defines and interprets each standard, with added discussion points clarifying the criteria necessary for compliance. Additionally, the document is structured such that criteria, which overlap between the FBI issued standards and the corresponding ASCLD/LAB elements, share a consistent interpretative view.

Effective with the July 2009 Audit Documents and for audits conducted in accordance with the Quality Assurance Standards effective July 1, 2009, separate Audit Documents will be used for forensic and databasing laboratories.  If a laboratory performs both functions, each Audit Document must be completed and submitted to the laboratory at the conclusion of the audit process.

The rating system for assessing the laboratory with respect to each Standard contains the choices of "Yes," "No" or "Not Applicable (N/A)." As indicated earlier, discussion sections follow standards, as appropriate, and serve to clarify the interpretation necessary for compliance.  A comment section is also provided following the discussion areas, affording auditors the opportunity to reference information that may have value in the audit process (such as listing the reason for a "No" or "N/A").  In Appendix A, the findings associated with the audit will be detailed and summarized by the auditor, with an area available for response to such findings by the laboratory.  Notes or comments, including observations and recommendations are better suited to be mentioned during the exit briefing with laboratory personnel or in a separate letter/memorandum to the laboratory so that these comments are not confused with comments relating to a Finding or an explanation of why a particular Standard is not applicable.

The revised discussions are not to be applied retroactively and will take effect September 1, 2011.

Instructions to Audit Team Leaders and Auditors

Thank you for participating in this important process intended to evaluate compliance with minimum standards for a quality program for performing DNA databasing analysis. 

In a departure from the practices for completion of an audit under the original Quality Assurance Standards where the FBI Audit Document covered both forensic and databasing laboratories, for audits conducted in accordance with the Quality Assurance Standards effective July 1, 2009, separate Audit Documents will be used for forensic and databasing laboratories.  If a laboratory performs both functions, each Audit Document must be completed and submitted to the laboratory at the conclusion of the audit process.

Once an external audit has been scheduled, the audit team leader should provide the laboratory being audited with the Checklist contained on the following pages and a request to provide this information as soon as possible. The audit team leader shall also request a certification (contained in Appendix C) from each auditor on the team prior to the beginning of the audit. The audit team leader shall review the checklist completed by the laboratory to ensure that the audit team contains the appropriate number of members to audit the laboratory and that the team members possess the necessary expertise required to audit that laboratory. An auditor or his or her employer who has a contractual relationship (exclusive of audits) with the laboratory being audited shall disclose this fact and recuse himself or herself from performing the audit.  The audit team leader shall review the auditors’ certifications for any potential conflicts of interest.

Prior to the commencement of the audit, please provide the laboratory with a copy of the auditor’s certification for each auditor participating in the audit. 

As a general rule, compliance with a Standard is assessed through a review of the laboratory’s documentation and interviews with laboratory staff.  Documents may be in hard copy, electronic or a combination of both formats. Certificates of qualifications shall not be considered documentation of compliance with these Standards.  Laboratory personnel’s compliance with these standards shall be documented by the auditor(s) in Appendix D.  A review of database analyses for the laboratory shall include a representative number of sample sets randomly selected for each analyst.  As appropriate, a minimum of three to five sample sets per analyst should be reviewed.

  When conducting an audit, please keep in mind the following general guidelines:

  • Potential issues concerning compliance should be directed to the laboratory’s designated points of contact.
  • Comments on the laboratory’s operations should be reserved for the audit document if a “No” or “N/A” is marked and/or the exit interview with laboratory management; comments should not be made to laboratory staff.
  • Contested or contentious issues should be brought to the attention of your audit team leader for follow-up, as necessary.

As a general rule,

  • Issues deemed minor by the audit team that are addressed during the course of an audit (for example: date or position revisions of a laboratory’s organizational chart) may be determined by the auditor to satisfy a noncompliance so that a “Yes” is marked for that Standard.
  • Comments should not be included for Standards marked “Yes”.
  • Comments shall be included for Standards marked “No” or “N/A”. 
    • For a Standard marked “No”, the comment shall describe the noncompliance with sufficient detail so that the laboratory can develop an appropriate corrective action for compliance.
    • For a Standard marked “N/A”, the comment shall describe why that Standard is not applicable to that laboratory.

Questions concerning this Audit Document or a specific Standard should be directed to the FBI’s Combined DNA Index System (CODIS) Unit.

After the audit is completed, the audit team leader or auditor(s) briefs DNA laboratory management and the DNA technical leader regarding the results. This briefing should verbally detail specific findings (noncompliances) and observations (general comments and/or recommendations), as well as recognize commendable performances. The written report should be prepared by the audit team leader and/or auditor(s) and sent to the laboratory within 30 days of the audit. The Audit Document Report consists of the completed Audit Document Checklist, with any areas of noncompliance listed under the Findings Section of Appendix A. All findings must be clearly identified and referenced to the appropriate standard.

Recommendations must not be included in the Audit Document Report. Notes or comments, including observations and recommendations are better suited to be mentioned during the exit briefing with laboratory personnel or in a separate letter/memorandum to the laboratory so that these comments are not confused with comments relating to a Finding or an explanation of why a particular Standard is not applicable.

Checklist of General Laboratory Information

1.

Name of Laboratory:

2.

Federal / State / Regional / County / Local / Other:

Laboratory (Choose one)

3.

Approximate Population Size Served:

4.

Uses a Contract Laboratory:  Yes / No 

Name of Contract Laboratory(ies):

5.

NDIS Participant:  Yes / No

6.

Applying for NDIS Participation:  Yes / No / NA (Choose one)

7.

Technologies Used: (Choose those that apply)

STRs

YSTRs

MtDNA

Other:

8.

Number of staff:

DNA analysts:

Staff: Contract employees:

DNA trainees:

Staff:  Contract employees:

DNA technicians:

Staff:  Contract employees:

Laboratory support personnel:

Staff:  Contract employees:

DNA technical leader:

On site:  Yes / No

CODIS administrator:

9.

Last audit conducted on:

External / Internal Audit (Choose one)

Audit Document Discussion Used (Revision Date):

10.

Uses an expert system:  Yes/No

Name & Version of Expert System, Test Kit, Instrument and version of Data Collection

11.

Does the database laboratory process casework known reference samples?  Yes/No

 

Standard 1. Scope

These Standards describe the quality assurance requirements that laboratories performing DNA testing on database, known or casework reference samples for inclusion, as appropriate, in the Combined DNA Index System (CODIS) shall follow to ensure the quality and integrity of the data generated by the laboratory. These Standards also apply to vendor laboratories that perform DNA testing on database, known or casework reference samples in accordance with Standard 17.  These Standards do not preclude the participation of a laboratory, by itself or in collaboration with others, in research and development, on procedures that have not yet been validated.

Standard 2. Definitions

As used in these Standards, the following terms shall have the meanings specified:

Accredited laboratory is a DNA laboratory that has received formal recognition that it meets or exceeds a list of standards, including the FBI Director’s Quality Assurance Standards, to perform specific tests, by a nonprofit professional association of persons actively involved in forensic science that is nationally recognized within the forensic science community in accordance with the provisions of the Federal DNA Identification Act (42 U.S.C. §14132) or subsequent laws.

Accuracy is the degree of conformity of a measured quantity to its actual (true) value.

Administrative review is an evaluation of the report and/or supporting documentation for consistency with laboratory policies and for editorial correctness.

Analyst (or equivalent role, position, or title as designated by the Laboratory Director) is an employee or contract employee that has successfully completed the laboratory’s training requirements for database, known or casework reference sample analysis, passed a competency test, and has entered into a proficiency testing program according to these Standards. This individual conducts and/or directs the analysis of database, known or casework reference samples and interprets the resulting data from these samples.

Analytical documentation is the documentation of procedures, standards, controls and instruments used, observations made, results of tests performed, charts, graphs, photos and other documentation generated which are used to support the analyst’s conclusions.

Analytical procedure is an orderly step-by-step process designed to ensure operational uniformity and to minimize analytical drift.

Annual is once per calendar year.

Audit is an inspection used to evaluate, confirm, or verify activity related to quality.

Biochemistry is the study of the nature of biologically important molecules in living systems, DNA replication and protein synthesis, and the quantitative and qualitative aspects of cellular metabolism.

Calibration is the set of operations which establish, under specified conditions, the relationship between values indicated by a measuring instrument or measuring system, or values represented by a material, and the corresponding known values of a measurement.

Casework reference sample is biological material obtained from a known individual and collected for purposes of comparison to forensic samples.

CODIS is the Combined DNA Index System administered by the FBI.  CODIS links DNA evidence obtained from crime scenes, thereby identifying serial criminals.  CODIS also compares crime scene evidence to DNA profiles obtained from offenders, thereby providing investigators with the identity of the putative perpetrator. In addition, CODIS contains profiles from missing persons, unidentified human remains and relatives of missing persons.  There are three levels of CODIS: the Local DNA Index System (LDIS), used by individual laboratories; the State DNA Index System (SDIS), used at the state level to serve as a state’s DNA database containing DNA profiles from LDIS labs; and the National DNA Index System (NDIS), managed by the FBI as the nation’s DNA database containing all DNA profiles uploaded by participating states.

CODIS administrator (or equivalent role, position, or title as designated by the Laboratory Director) is an employee of the laboratory responsible for administration and security of the laboratory’s CODIS at a laboratory that owns the database and/or known samples.

Competency test(s) is a written, oral and/or practical test or series of tests designed to establish that an individual has demonstrated achievement of technical skills and met minimum standards of knowledge necessary to perform database DNA analysis.

Competency is the demonstration of technical skills and knowledge necessary to perform database DNA analysis successfully.

Contamination is the unintentional introduction of exogenous DNA into a DNA sample or PCR reaction.

Continuing education is an educational activity (such as a class, lecture series, conference, seminar, or short course) that is offered by a recognized organization or individual that brings a participant up to date in his/her relevant area of knowledge.

Contract employee is an individual that provides DNA typing and/or analytical support services to the NDIS participating laboratory.  The person performing these services must meet the relevant qualifications for the equivalent position in the NDIS participating laboratory.  A contract employee cannot serve as CODIS Administrator or technical leader and cannot be counted as a full-time qualified DNA analyst for purposes of satisfying the definition of a laboratory.  Employment of a contract employee by multiple NDIS participating and/or vendor laboratories shall be disclosed and shall only be permitted subject to approval by the technical leader of the NDIS participating laboratory for which the contract employee is performing DNA typing and/or analytical services. 

Coursework is an academic class officially recognized and taught through a college or university program in which the participating student successfully completed and received one or more credit hours for the class.

Critical equipment or instruments are those requiring calibration or a performance check prior to use and periodically thereafter.

Critical reagents are determined by empirical studies or routine practice to require testing on established samples before use on database or known samples.

Database or databasing refers to the DNA analysis of database samples for entry into CODIS and, if eligible, for upload to the National DNA Index System (NDIS).

Database sample is a sample obtained from an individual who is legally required to provide a DNA sample for databasing purposes and whose identity is established at the time of collection of the sample.

Developmental validation is the acquisition of test data and determination of conditions and limitations of a new or novel DNA methodology for use on database and known samples.

DNA record is a database record that includes the DNA profile as well as data required to manage and operate NDIS; i.e., the Originating Agency Identifier which serves to identify the submitting agency; the Specimen Identification Number; and DNA personnel associated with the DNA profile analyses.

DNA type (also known as a DNA profile) is the genetic constitution of an individual at defined locations (also known as loci) in the DNA.  A DNA type derived from nuclear DNA typically consists of one or two alleles at several loci (e.g., short tandem repeat loci).  The DNA type derived from mitochondrial DNA is described in relation to the revised Cambridge Reference Sequence (Nature Genetics 1999, 23, 147).

Employee is a person: (1) in the service of the applicable federal, state or local government, subject to the terms, conditions and rules of federal/state/local employment and eligible for the federal/state/local benefits of service; or (2) formerly in the service of a federal, state or local government who returns to service in that agency on a part-time or temporary basis.  For purposes of a vendor laboratory, an employee is a person in the service of a vendor laboratory and subject to the applicable terms, conditions and rules of employment of the vendor laboratory.

Expert System is a software program or set of software programs that interprets the data generated from a DNA analysis instrument platform in accordance with laboratory defined quality assurance rules and accurately identifies the data that does and does not satisfy such rules.

FBI is the Federal Bureau of Investigation, the Federal agency authorized by the DNA Identification Act of 1994 to issue quality assurance standards governing forensic testing and DNA databasing laboratories and to establish and administer the National DNA Index System (NDIS).

Genetics is the study of inherited traits, genotype/phenotype relationships, and population/species differences in allele and genotype frequencies.

Guidelines are a set of general principles used to provide direction and parameters for decision making.

Integral component is that portion of an academic course that is so significant and necessary to the understanding of the subject matter as a whole, that the course would be considered incomplete without it.

Internal validation is the accumulation of test data within the laboratory to demonstrate that established methods and procedures perform as expected in the laboratory.

Known sample is biological material whose identity or type is established. An example of a known sample is a sample contributed by the close biological relative of a missing person.

Laboratory is a facility: (1) employing at least two full time employees who are qualified DNA analysts; and (2) having and maintaining the capability to perform the DNA analysis on database and/or known samples at that facility. 

Laboratory support personnel (or equivalent role, position, or title as designated by the Laboratory Director) are employees or contract employees who perform laboratory duties exclusive of analytical techniques on database and/or known samples.

LDIS is the Local DNA Index System; please see definition of CODIS.

Methodology is used to describe the analytical processes and procedures used to support a DNA typing technology: for example, extraction methods (manual vs. automated); quantitation methods (slot blot, fluorometry, real-time); typing test kit; and platform (capillary electrophoresis, real-time gel and end-point gel systems).

Molecular biology is the study of the theories, methods, and techniques used in the study and analysis of gene structure, organization, and function.

Multilaboratory system is used to describe an organization that has more than one laboratory performing database DNA analysis.

Multiplex system is a test providing for simultaneous amplification of multiple loci that is either prepared commercially or by a laboratory.

Negative amplification control is used to detect DNA contamination of the amplification reagents.  This control consists of only amplification reagents without the addition of template DNA. 

NDIS is the National DNA Index System.  NDIS is one component of CODIS – the national and highest level index containing the DNA records contributed from participating federal, state and local laboratories. 

NIST is the National Institute of Standards and Technology.

Offender is an individual who is required by statute to submit a sample for DNA analysis and databasing. The term “offender” includes individuals who are convicted of or arrested for a crime or juveniles adjudicated delinquent for an offense and required by state or federal law to provide a DNA sample for analysis and databasing.

On-site visit is a scheduled or unscheduled visit to the vendor laboratory work site by one or more representatives of an NDIS participating laboratory who is (are) a qualified or previously qualified DNA analyst(s) in the technology, platform and typing amplification test kit used to generate the DNA data, or designated FBI employee(s), to assess and document the vendor laboratory’s ability to perform analysis on outsourced database, known or casework reference samples.

Outsourcing is the utilization of a vendor laboratory to provide DNA services in which the NDIS participating laboratory takes or retains ownership of the DNA data for entry into CODIS, when applicable. Outsourcing does not require the existence of a contractual agreement or the exchange of funds.

Ownership occurs when any of the following criteria are applicable:

(1)  the originating laboratory will use any samples, extracts or any materials from the vendor laboratory for the purposes of database testing (i.e. a vendor laboratory prepares an extract that will be analyzed by the originating laboratory);

(2)  the originating laboratory will interpret the data generated by the vendor laboratory;

(3)  the originating laboratory will issue a report on the results of the analysis; or

(4)  the originating laboratory will enter or search a DNA profile in CODIS from data generated by the vendor laboratory.

Performance check is a quality assurance measure to assess the functionality of laboratory instruments and equipment that affect the accuracy and/or validity of database, known or casework reference sample analysis.

Platform is the type of analytical system utilized to generate DNA profiles such as capillary electrophoresis, real-time gel, and end-point gel instruments or systems.

Polymerase Chain Reaction (PCR) is an enzymatic process by which a specific region of DNA is replicated during repetitive cycles which consist of the following:

(1) denaturation of the template;
(2) annealing of primers to complementary sequences at an empirically determined temperature and;
(3) extension of the bound primers by a DNA polymerase.

Positive amplification control is an analytical control sample that is used to determine if the PCR performed properly.  This control consists of the amplification reagents and a known DNA sample.

Precision characterizes the degree of mutual agreement among a series of individual measurements, values and/or results.

Preferential amplification is the unequal sampling of the two alleles present in a heterozygous locus primarily due to stochastic (random) fluctuation arising when only a few DNA molecules are used to initiate the polymerase chain reaction.

Procedure (protocol, SOP or other equivalent) is an established practice to be followed in performing a specified task or under specific circumstances.

Proficiency testing is a quality assurance measure used to monitor performance and identify areas in which improvement may be needed. Proficiency tests may be classified as:

(1) An internal proficiency test, which is produced by the agency undergoing the test.
(2) An external proficiency test, which may be open or blind, is a test obtained from an approved proficiency test provider.

Qualified auditor is a current or previously qualified DNA analyst who has successfully completed the FBI DNA Auditor’s training course.

Quality system is the organizational structure, responsibilities, procedures, processes and resources for implementing quality management.

Quantitative PCR is a method of determining the concentration of DNA in a sample by use of the polymerase chain reaction.

Reagent blank control is an analytical control sample that contains no template DNA and is used to monitor contamination from extraction to final fragment or sequence analysis. This control is treated the same as, and parallel to, the database, known or casework reference samples being analyzed.

Reference material (certified or standard) is a material for which values are certified by a technically valid procedure and accompanied by, or traceable to, a certificate or other documentation that is issued by a certifying body.

Reproducibility is the ability to obtain the same result when the test or experiment is repeated.

Review is an evaluation of documentation to check for consistency, accuracy, and completeness.

SDIS is the State DNA Index System; please see definition of CODIS.

Second agency is an entity or organization external to and independent of the laboratory.

Semiannual is used to describe an event that takes place two times during one calendar year, with the first event taking place in the first six months of that year and the second event taking place in the second six months of that year and where the interval between the two events is at least four months and not more than eight months.

Service is the performance of those adjustments or procedures specified which are to be performed by the user, manufacturer or other service personnel in order to ensure the intended performance of instruments and equipment.

State CODIS administrator is the CODIS Administrator who serves as the central point of contact for a State with the NDIS Custodian and is responsible for ensuring other participating laboratories in that State comply with the terms and conditions for participation in the National DNA Index System.

Technical leader (or equivalent role, position, or title as designated by the Laboratory Director) is an employee who is accountable for the technical operations of the laboratory and who is authorized to stop or suspend laboratory operations.

Technical review is an evaluation of reports, notes, data, and other documents to ensure there is an appropriate and sufficient basis for the scientific conclusions.

Technical reviewer is an employee or contract employee who is a current or previously qualified analyst in the methodology being reviewed that performs a technical review of analytical results and is not an author of the applicable report.

Technician (or equivalent role, position, or title as designated by the Laboratory Director) is an employee or contract employee who performs analytical techniques on database, known or casework reference samples under the supervision of a qualified analyst. Technicians do not interpret data, reach conclusions on typing results, or prepare final reports.

Technology is used to describe the type of DNA analysis performed in the laboratory, such as RFLP, STR, YSTR or mitochondrial DNA.

Test kit is a pre-assembled set of reagents that allows the user to conduct a specific DNA extraction, quantitation or amplification.

Traceability is the property of a result of a measurement whereby it can be related to appropriate standards, generally international or national standards, through an unbroken chain of comparisons.

Underlying scientific principle is a rule concerning a natural phenomenon or function that is a part of the basis used to proceed to more detailed scientific functions.

Validation is a process by which a procedure is evaluated to determine its efficacy and reliability for DNA database analysis and includes the following:

(1) Developmental validation is the acquisition of test data and determination of conditions and limitations of a new or novel DNA methodology for use on database, known or casework reference samples.
(2) Internal validation is an accumulation of test data within the laboratory to demonstrate that established methods and procedures perform as expected in the laboratory.

Vendor laboratory is a government or private laboratory that provides DNA analysis services to another laboratory or agency and does not take ownership of the DNA data for purposes of entry into CODIS.

Work product is the material that is generated as a function of analysis, which may include extracts, amplified product and amplification tubes or plates as defined by the laboratory.

Standard 3.  Quality Assurance Program

Yes

No

N/A

3.1

For the DNA laboratory’s quality assurance program:




  

a.  Does the DNA laboratory have an established and maintained documented quality system that is appropriate to the testing activities? 




b.  Is the quality system equivalent to or more stringent than what is required by these Standards?

 

Discussion

To successfully satisfy Standard 3.1, compliance must be demonstrated with all of the subcategories of Standard 3.1.1.

A laboratory must have and follow a documented quality system.

A quality system is the organizational structure, responsibilities, procedures, processes, and resources for implementing quality management.  This system must be appropriate to the testing activities performed by the laboratory.  Various approaches may be used to demonstrate how a laboratory may accomplish this, as long as the system is clearly defined.  A laboratory may have any of the following: (1) a system-wide quality manual; (2) multiple manuals that address individual elements of the quality system; or (3) a unit-specific quality manual that may reference the elements that are not contained within its unit’s quality manual, but are contained within the system-wide manual.  A laboratory may choose the format in which it maintains its quality system, as long as it is on-site and readily available to DNA personnel.

 A laboratory’s quality manual must be equivalent to or more stringent than the “Quality Assurance Standards (QAS) for DNA Databasing Laboratories.” If a laboratory has requirements more stringent than the QAS, it must be audited to the more stringent requirements. For example, if a laboratory is in compliance with these standards, but is not adhering to its own more stringent requirements, a “No” shall be marked.

Comment


Yes

No

N/A

3.1.1

Is the quality system documented in a manual that includes or references the following elements:

3.1.1.1  Goals and objectives?

3.1.1.2  Organization and management?

3.1.1.3  Personnel?

3.1.1.4  Facilities?

3.1.1.5  Sample control?

3.1.1.6  Validation?

3.1.1.7  Analytical procedures?

3.1.1.8  Equipment calibration and maintenance?

3.1.1.9  Documentation/Reports?

3.1.1.10  Review?

3.1.1.11  Proficiency testing?

3.1.1.12  Corrective action?

  

3.1.1.13  Audits?

  

3.1.1.14  Safety?

  

3.1.1.15  Outsourcing?

 

Discussion

Standards 3.1.1.1 through 3.1.1.15 are elements of the quality system that a laboratory must ensure are documented or referenced in a quality manual(s). The laboratory may rely on laboratory-wide policies, procedures, and guidelines that address such elements, but must ensure that the laboratory references them.  A laboratory must remember that any document referenced within the quality manual must be available on-site.  The following are the elements as defined by 3.1.1.1 through 3.1.1.15 and what should be addressed within each of those elements.  Further requirements for each element will be found within the corresponding standard.

  • Goals and objectives must define, establish, or reference the goals and objectives for the laboratory. 
  • Organization and management must define, establish, or reference the organization and management structure of the laboratory, the interrelationship of the various DNA positions, as well as the responsibilities of personnel.
  • Personnel must define, establish, or reference the training and qualifications required for each position within the laboratory and describe the continuing education program for the laboratory.
  • Facilities must define, establish, or reference the laboratory’s practices or procedures for laboratory security and its approach for maintaining the integrity of DNA analyses.
  • Sample control must define, establish, or reference the laboratory’s procedures for handling and preserving database, known and/or casework reference samples as well as the laboratory’s definitions for what constitutes work product and evidence (if the database laboratory processes evidence).
  • Validation must define, establish, or reference the practices and procedures for implementing new methods used by the laboratory and the process for incorporating those new procedures.
  • Analytical procedures must define, establish, or reference the use of current and approved Standard operating procedures for validated methods.
  • Equipment calibration and maintenance must define, establish, or reference the laboratory’s program for conducting performance checks and calibrations of equipment and instruments and the laboratory must maintain a list of its critical instruments and/or equipment.
  • Documentation/Reports must define, establish, or reference written procedures for taking and maintaining records and documentation for database, known or casework reference samples, and its policy for describing how the laboratory maintains confidentiality and privacy when applicable to reports, files, and DNA records and databases.
  • Review must define, establish, or reference how the laboratory performs its technical and administrative review of all data, the qualifications of personnel who perform reviews, review procedures associated with the upload of DNA data, as well as include a documented program for the annual testimony monitoring of its analysts.
  • Proficiency testing must define, establish, or reference the laboratory’s program for administering external proficiency tests to DNA personnel to the full extent in which they participate in database analysis.
  • Corrective action must define, establish, or reference the laboratory’s process for corrective action in database analysis and proficiency testing.
  • Audits must define, establish, or reference the laboratory’s program for participation in internal and external DNA audits.
  • Safety must define, establish, or reference the laboratory’s safety program.
  • Outsourcing must define, establish, or reference the laboratory’s procedures for outsourcing samples and ensuring the integrity of those samples.  Laboratories shall address this element, regardless of whether or not the laboratory outsources. For example, outsourcing may be referenced in the quality manual as “Not Applicable or NA” if the laboratory does not outsource any analyses.

Comment

Yes

No

N/A

3.2

Does the laboratory maintain and follow a procedure regarding document retention that specifically addresses:

 

  

  

a.  Proficiency tests? 

Yes


No


  

  

b.  Analytical Results?

Yes


No


  

  

c.  Sample receipt and processing records?

Yes


No


  

  

d.  Sample retention?

Yes


No


  

  

e.  Hit confirmation?

Yes


No


  

  

f.  Corrective action?

Yes


No


  

  

g.  Audits?

Yes


No


  

  

h.  Training records?

Yes


No


  

  

i.  Continuing education?

Yes


No


  

  

j.  Court testimony monitoring?

Yes


No


  

 

Discussion

To successfully satisfy Standard 3.2, compliance must be demonstrated with all of the subcategories of Standard 3.2 (a-j).

The laboratory may address document retention through a single policy or a combination of several policies.  However, document retention regarding each of the above-listed documents must be addressed. 

Comment

Yes

No

N/A

3.3

Is the quality system as applicable to DNA reviewed annually (calendar year) independent of the audit required by Standard 15, and is the review performed under the direction and documented approval of the technical leader?

 

Discussion

The laboratory must demonstrate that an annual review of its quality system is performed under the direction and documented approval of its technical leader. This review must include the review of the quality manual, training manual, and procedures used by the laboratory and must be independent of the required annual audit.  Annual review reports may identify areas in need of attention and provide the basis for changes to the quality system.  Such changes may include new or improved quality-control activities for monitoring the quality of the laboratory work product.  Additionally, significant modifications to DNA testing, such as the incorporation of a new technology (technology is used to describe the type of forensic DNA analysis performed in the laboratory, such as RFLP, STR, YSTR, or mitochondrial DNA), may necessitate reviewing or updating the quality system.

An annual review of the quality system is important for ensuring that measures are being taken by the laboratory to continually provide the highest quality of service.

This review must be independent of the audit requirement as stated in Standard 15.

Comment

Standard 4.  Organization and Management

  

  

Yes

No

N/A

4.1 

Does the laboratory have:

  

4.1.1  A managerial staff with the authority and resources needed to discharge its duties and meet the requirements of the Standards in this document?

  

4.1.2  A technical leader who is accountable for the  technical operations? 

  

a.  Have at least one technical leader in a multi -laboratory system?

  

4.1.3  A CODIS administrator who is accountable for CODIS on-site at each individual laboratory facility using CODIS?

  

4.1.4  At least two full-time employees who are qualified DNA analysts?

  

4.1.5  Documentation that specifies the responsibility, authority, and interrelation of all personnel who manage, perform, or verify work affecting the validity of the DNA analysis?

  

4.1.6  A documented contingency plan that is approved  by laboratory management if the technical leader position is vacated?

 

Discussion

Laboratory is a facility: (1) employing at least two full time employees who are qualified DNA analysts; and (2) having and maintaining the capability to perform the DNA analysis on database and/or known samples at that facility. 

To successfully satisfy Standard 4.1, compliance must be demonstrated with all of the subcategories of Standard 4.1.

As a tool in the evaluation of the management standards, laboratories must maintain a current organizational chart.  The organizational chart may reference specific personnel by name with their specific position assignments (e.g., technical leader, CODIS administrator), or the organizational chart may reference the specific position assignments.  If the organizational chart references the specific position assignments, it must be augmented with the job description for the member of the laboratory assigned to the specific position.  Job descriptions must be current and available for all laboratory personnel, accurately defining the technical and/or administrative responsibilities associated with each position (see Standard 5 - Personnel).

The role of a technical leader does not preclude, for example, the existence of additional program or technical leaders, each of whom may be assigned a subset of clearly defined duties (e.g., training program manager, quality assurance program manager).  However, a single DNA technical leader, as defined in the laboratory’s organizational chart, will retain the ultimate DNA-related authority and oversight responsibility.  Standard 5.2.3.1 and its subcategories must be satisfied in order to demonstrate that the technical leader is accountable for the technical operations. 

Standard 5.3.5 must be satisfied in order to demonstrate that the CODIS administrator is accountable for CODIS operations on-site at each individual laboratory facility using CODIS. 

If the same individual performs the CODIS administrator duties for both casework and database, it shall be noted on the organizational chart and/or job description and this individual shall meet the minimum Standard requirements for the casework CODIS administrator found in the Quality Assurance Standards for Forensic DNA Testing Laboratories.

Standards 5.4 and 5.4.1 and its subcategories must be satisfied in order to demonstrate that the DNA analysts are full-time employees and are qualified.  Contract employees cannot be counted when determining if a laboratory satisfies the two full-time employee requirement of Standard 4.1.4.

The laboratory must have a documented contingency plan in place, approved by laboratory management, for a vacancy in the technical leader position. This plan may be a single policy or a combination of several policies.  A contingency plan should include or address the appropriate notifications naming an individual who may serve in this position, the time period that individual may serve, and how the laboratory will proceed if no one is qualified.

Comment

Standard 5.  Personnel 

Yes

No

N/A

5.1

Do laboratory personnel have the education, training, and experience commensurate with the examination and testimony provided?

 

Discussion

To successfully satisfy Standard 5.1, compliance must be demonstrated with all of the subcategories of Standard 5.

A list of the individuals in compliance with Standard 5.1 and the position with which they are in compliance will be incorporated by the auditor into Appendix D.  Appendix D shall be completed by auditors conducting external QAS audits.  The credentials for those individuals found to be in compliance with Standard 5.1 after two successive external audits are not required to be reviewed in subsequent audits. However, this in no way prohibits the auditor from performing such additional reviews as that auditor(s) may deem appropriate or necessary.

Comment

Yes

No

N/A

5.1.1

Does the laboratory have written job descriptions for all personnel to include responsibilities, duties, and skills?

 

Discussion

Written job descriptions that are augmented by other documentation that includes responsibilities, duties, and skills are acceptable.

Comment


Yes

No

N/A

5.1.2

Does the laboratory have a documented training program for qualifying all analyst(s) and technician(s)?

5.1.2.1

Does the training program contain at a minimum the following components:

  

a.  A training manual that covers all applicable DNA analytical procedures that the analyst/technician will perform?

  

b.  Practical exercises that include the DNA methodologies used in the laboratory’s database program?

  

5.1.2.1.1 If the databasing laboratory is processing known or casework reference sample(s) as evidence, does the laboratory’s training program also include evidence handling and courtroom testimony?

5.1.2.2

Does the laboratory’s training program teach and assess the technical skills and knowledge required to perform DNA analysis and include, at a minimum, the following?

  

5.1.2.2.1  Does the training program require the documentation of the successful completion of a competency test(s)?

  

5.1.2.2.2  For an analyst or technician with previous forensic or DNA database experience:

  

a.  Did the technical leader assess and document the adequacy of the previous training of the analyst and/or technician?

  

b.  Did the analyst and/or technician complete a modified training program that was assessed and documented by the technical leader? 

  

5.1.2.2.3  Prior to participating in independent database analysis did all analysts and technicians, regardless of previous experience, successfully complete a competency test(s) covering the routine DNA methodologies to be used?

 

Discussion

A laboratory’s training program must teach and assess the skills and knowledge required to achieve the minimum standards of competence and good laboratory practice in a specific area of work. Training must include all methodologies that the analyst will perform in database analysis. Methodology is used to describe the analytical processes and procedures used to support a DNA-typing technology: for example, extraction methods (manual vs. automated), quantification methods (slot blot, fluorometry, real-time); typing test kit; and platform (capillary electrophoresis, real-time gel and end-point gel systems). 

Any newly validated methodology implemented by the laboratory (as defined by Standard 8) must be incorporated into the laboratory’s training program prior to the training of personnel in the new methodology or during the next annual review (whichever is earliest). 

The laboratory must have available for review a documented training program that includes training records for each trainee.  If a databasing laboratory processes known or casework references as evidence, the training program must include evidence handling and courtroom testimony.  Additionally, the laboratory must have documentation that provides a formal means for recognizing an individual’s successful completion of the training program (e.g., certificate, letter, memoranda) and demonstration of competency, typically through a test.

The measure of an individual’s competency should be defined within the laboratory’s training program.  

A competency test(s) is a written, oral, and/or practical test or series of tests designed to establish that an individual has demonstrated achievement of technical skills and met minimum standards of knowledge necessary to perform forensic DNA analysis.  Such a test serves to test an individual’s knowledge, skills, and abilities as they relate to his or her individual position. A laboratory may select from a variety of approaches for administering a competency test, including but not limited to a written, oral, or practical examination. If a laboratory uses an internal or external proficiency test as a competency test, the laboratory must have the DNA typing results to assess an individual’s performance. The date of qualification of an individual must be documented. The qualification date has particular relevance to proficiency testing requirements discussed in Standard 13 (Proficiency Testing), which requires that newly qualified individuals participate in an external proficiency test within six months of qualification date.

It is the technical leader’s responsibility to evaluate, approve and document the adequacy of previous training for any staff member who has not otherwise completed the laboratory’s formal training program. Examples may include, but are not limited to, the hiring of fully trained personnel from a separate organization or the assignment of experienced DNA analysts to validate a new DNA testing procedure. All individuals, regardless of previous training and experience, must successfully complete a competency test for the specific DNA methodology to be used at the current laboratory prior to assuming database responsibilities. Additionally, the contract employee must complete or be deemed to have satisfied the portions of the training program that are relevant to the duties/services he/she will be performing for the NDIS laboratory.  Successful completion of an employee’s or contract employee’s competency test must be documented.

Qualified analysts who have been on leave for a period that takes them out of the proficiency test cycle, must be evaluated and complete any necessary training, as well as a competency test, prior to resuming database analysis.

Comment

Yes

No

N/A

5.1.3

Does the laboratory have a documented program to ensure that technical qualifications are maintained through continuing education?

5.1.3.1

Does the technical leader, CODIS administrator, and each analyst have documented attendance at seminars, courses, professional meetings, or documented training sessions/classes that consist of:

a.  Subject areas relevant to the developments in DNA typing? 

Yes


No


b.  Cumulative minimum of eight hours per calendar year? 

Yes


No


5.1.3.1.1

For continuing education conducted internally, does the laboratory's retained documentation include the following:

  

a.  Title of the program?

Yes


No


  

b.  A record of the presentation?

Yes


No


  

c.  Date of the training?

Yes


No


  

d.  Attendance list?

Yes


No


  

e.  Curriculum vitae of the  presenter(s)?

Yes


No


5.1.3.1.2

For continuing education conducted externally, does the laboratory’s retained documentation include one or more of the following: 

a.  Certificate of attendance? 

b.  Program agenda/syllabus? 

c.  Travel documentation? 

5.1.3.1.3

For continuing education that is based on multimedia or Internet delivery: 

  

a.  Was the training subject to the review of, and approved by, the technical leader? 

  

Yes


No


  

b.  Was the time required to complete the program formally recorded in the laboratory's retained document?

  

Yes


No


  

c.  Was the completion submitted to the technical leader for review and approval?

  

Yes


No


5.1.3.2

For the review of scientific literature:

  

a.  Does the laboratory have a program, approved by the technical leader, for the annual review of scientific literature that documents the ongoing reading of scientific literature?

b.  Does the laboratory maintain or have physical or electronic access to a collection of current books, reviewed journals, or other literature applicable to DNA analysis?

 

Discussion

Continuing education is an educational activity (such as a class, lecture series, conference, seminar, or short course) that is offered by a recognized organization or individual that brings participants up-to-date in their relevant area of knowledge.  Journal or other review sessions (i.e., meetings or literature) are not considered continuing education.

The laboratory’s continuing education program must be documented. To comply with this Standard, laboratory management must provide technical personnel with the opportunity to stay abreast of new developments and issues in the field of DNA analysis. The laboratory must provide the technical leader, CODIS administrator, and all analysts with continuing education in a subject area related to DNA analysis annually.

Generally, regardless of where the continuing education takes place, internally provided continuing education would be presented by members of the laboratory system and externally provided continuing education would be presented by persons external to the laboratory.

Although such continuing education should be formalized, this does not necessarily require earned credit hours or grade evaluations, although this would be acceptable. Attendance at, and appropriate content to meet this criteria, may be documented through certificates of attendance, program agenda/syllabi or travel authorizations.  Participation and completion of programs based on multimedia or Internet delivery must be formally recorded and approved by the technical leader. This documentation must include the time required to complete the program.

The continuing education must consist of a cumulative minimum of eight hours annually.  Attendance at regional, national, or international meetings or conferences shall be deemed to provide a minimum of eight hours of continuing education.

The laboratory must describe its process for the annual review of scientific literature, including how personnel will document their ongoing reading of the literature.

Comment

Yes

No

N/A

5.1.4

Does the laboratory maintain records on the relevant qualifications, training, skills, and experience of all technical personnel?

 

Discussion

The laboratory must verify the degree obtained and coursework completed for technical personnel. Transcripts and other appropriate documentation must be available to the auditors for assessing an individual’s qualifications.  Technical personnel’s skills and experience must be documented through a curriculum vitae or other means, such as a statement of qualifications.

Comment

Yes

No

N/A

5.2

Does the technical leader satisfy the requirements for degree/education, experience, and duties listed in Standards 5.2.1 through 5.2.4.1?

5.2.1

Does the technical leader of the laboratory meet or exceed the following degree/educational requirements?

a.  A master's degree in a biology-, chemistry-, or forensic science-related area or have a waiver as stated in Standard 5.2.1.4?

b.  Twelve semester hours or equivalent credit hours including a combination of graduate and undergraduate course work or classes covering the following subject areas:

1.  Biochemistry? 

Yes


No


2.  Genetics? 

Yes


No


3.  Molecular biology? 

Yes


No


4.  Statistics or population  genetics? 

Yes


No


5.2.1.1

Of the 12 semester or equivalent credit hours required, do they include at least one graduate-level course registering 3 or more semester or equivalent credit hours?

5.2.1.2

Do each of the specific subject areas listed in Standard 5.2.1 constitute an integral component of any coursework used to demonstrate compliance with this Standard?

5.2.1.3

For individuals who have completed coursework with titles other than those listed in Standard 5.2.1, have they successfully demonstrated compliance with this Standard through a combination of pertinent materials such as a transcript, syllabus, letter from the instructor, or other documentation that supports the course content?

 

Discussion

For technical leaders appointed or hired on or after July 1, 2009, a minimum of four courses (biochemistry, genetics, molecular biology and statistics or population genetics) totaling at least 12 semester or equivalent credit hours must be completed successfully (college- or university-determined passing grade). 

Biochemistry is the study of the nature of biologically important molecules in living systems, DNA replication and protein synthesis, and the quantitative and qualitative aspects of cellular metabolism.

Genetics is the study of inherited traits, genotype/phenotype relationships, and population/species differences in allele and genotype frequencies.

Molecular biology is the study of the theories, methods, and techniques used in the study and analysis of gene structure, organization, and function.

Integral component is that portion of an academic course that is so significant and necessary to the understanding of the subject matter as a whole that the course would be considered incomplete without it.

Each of the required subject areas must be in the form of academic coursework for credit.  Coursework is an academic class officially recognized and taught through a college or university program in which the participating student successfully completed and received one or more credit hours for the class.

A variety of college course work may apply toward satisfying this Standard and is not limited exclusively to the course titles listed.  Coursework in Standard 5.2.1.2 shall be considered as meeting the integral component requirement if the coursework consists of the title listed in Standard 5.2.1b (biochemistry, genetics, molecular biology and statistics or population genetics).

For a technical leader who possesses a waiver (Standard 5.2.1.4) but does not satisfy the required graduate coursework in Standard 5.2.1.1, then Standard 5.2.1.1 shall be marked “N/A.”

The DNA training program previously offered by the FBI Laboratory, with graduate credit hours from the University of Virginia, may be applied toward the molecular biology coursework requirement associated with this Standard.  Unless specifically stated by the FBI, other FBI courses do not fulfill this requirement.  

A list of the individuals in compliance with Standard 5.2 and the position with which they are in compliance will be incorporated by the auditor into Appendix D for external QAS audits.

Comment

Yes

No

N/A

5.2.1.4

If the degree requirements of Standard 5.2.1 are not met, does the technical leader possess a waiver from the American Society of Crime Laboratory Directors (ASCLD)?

 

Discussion

Compliance with Standard 5.2.1.4 is necessary only if criteria 5.2.1a has not otherwise been satisfied. Otherwise, the response to 5.2.1.4 shall be marked “N/A.” 

The ASCLD waiver is permanent and portable.  Documentation of the waiver must be available.

Comment

Yes

No

N/A

5.2.2

Technical leader minimum experience requirements:

a.  Does the technical leader have three years of forensic, databasing or human identification DNA laboratory experience obtained at a laboratory where DNA testing was conducted for identification, databasing or forensic purposes?

b.  Does any technical leader, appointed or hired on or after July 1, 2009, have a minimum of three years human-DNA experience (current or previous) as a qualified analyst on database or forensic samples?

c.  Has the technical leader successfully completed, or will successfully complete within one year of appointment, the FBI-sponsored auditor training? 

 

Discussion

Technical leaders appointed or hired on or after July 1, 2009 must have a minimum of three years of human-DNA experience (current or previous) as a qualified analyst on database or forensic samples.

Technical leaders appointed or hired prior to July 1, 2009, must have a minimum of three years of forensic DNA experience (current or previous). This would include criminal justice agencies where forensic research/training and caseworking laboratories are separate entities but reside under the same facility-wide organizational umbrella. It is not necessary for the technical leader to function (or to have functioned) as a qualified analyst if appointed or hired prior to July 1, 2009. If the technical leader was appointed or hired prior to July 1, 2009, satisfaction of the minimum experience requirements shall only be applicable to the specific laboratory system where the technical leader is employed prior to July 1, 2009 and shall not be portable.

It should be noted that the experience time frame is measured not by the number of years with any particular employer but rather by the number of years in a position specific for gaining the experience necessary to satisfy this Standard.

Technical leaders appointed or hired on or after July 1, 2009 must demonstrate compliance with Standard 5.2.2b through documented employment as a qualified analyst.  Documentation may include previous audit documentation of qualifications.  If no technical leader was appointed or hired on or after July 1, 2009, then Standard 5.2.2b shall be marked “N/A.”

For those instances in which a technical leader has an experience base in a specific DNA technology that is different from the DNA technology currently used in database analysis, the laboratory must demonstrate that the technical leader has fulfilled his or her defined duties and keeps abreast of technical developments.

The technical leader shall have previously completed, or will successfully complete within one year of his or her appointment, the FBI sponsored auditor training. Evidence of successful completion of the FBI DNA Auditor training will be assessed through an FBI-issued certificate.  If the technical leader has recently been appointed to the position and the applicable time period for the training has not expired, then Standard 5.2.2c shall be marked “N/A.”

Comment 

Yes

No

N/A

5.2.3

Does the technical leader of the laboratory have responsibility for the following:

5.2.3.1  Does the technical leader have the following general duties and authority:

5.2.3.1.1  Oversee the technical operations of  the laboratory?

5.2.3.1.2  Authority to initiate, suspend, and  resume DNA database operations for the laboratory or an individual?

5.2.3.2  Does the technical leader perform the following specific responsibilities:

5.2.3.2.1  Evaluate and document approval of all validations and methods used by the laboratory and propose new or modified database procedures to be used by analysts?

5.2.3.2.2  Review and document the review of  the academic transcripts and training records for newly qualified analysts and approve their qualifications prior to their conducting independent database analysis?

5.2.3.2.3  Approve the technical specifications for outsourcing agreements?

5.2.3.2.4  Review and document the review of internal and external DNA  audit documents and, if applicable, approve corrective action(s).

5.2.3.2.5  Review annually the procedures of  the laboratory and document such review?

5.2.3.2.6  Review and approve the training,  quality assurance, and proficiency testing programs in the laboratory?

5.2.3.2.7  Review requests by contract employees for employment by multiple NDIS participating and/or vendor laboratories and, if no potential conflicts of interest exist, may approve such requests?

 

Discussion

To successfully satisfy Standards 5.2.3.1 through 5.2.3.1.2, the laboratory must clearly define and document the technical leader’s duties and authority.

Standard 5.2.3 contains the minimum responsibilities of the technical leader and may be exceeded as determined by laboratory management.

To successfully satisfy Standard 5.2.3, compliance must be demonstrated with all of the subcategories of Standard 5.2.3. Auditors may assess whether a laboratory has satisfied the requirements through a review of laboratory documentation (e.g., protocols, quality manual).

A contract employee shall disclose any employment with another laboratory to the NDIS participating laboratory.  The technical leader shall review such employment for any potential conflicts of interest.  If there are no potential conflicts of interest, the technical leader may approve the employment by multiple NDIS participating and/or vendor laboratories.  For example, Vendor Laboratory A performs the DNA database analysis of samples for State Laboratory Z.  An employee of Vendor Laboratory A shall not perform technical review services for State Laboratory Z as this would constitute a conflict of interest.

Comment

  

Yes

No

N/A

5.2.4

Technical leader accessibility:

  

a.  Is the technical leader accessible to the laboratory to provide on-site, telephonic, or electronic consultation as needed?

b.  If the technical leader oversees a system of separate laboratories, has the technical leader conducted semiannual on-site visits of each of the laboratories?

5.2.4.1

Is the technical leader a full-time employee of the laboratory or laboratory system?

5.2.4.1.1

a.  If the technical leader position of the laboratory had been vacant since the last audit, was there a qualified individual immediately appointed as technical leader? 

b.  If a qualified individual was not available/ appointed, did the laboratory immediately contact the FBI and submit its contingency plan within 14 days of the vacancy for the FBI’s approval?

c.  Was all new database DNA analysis suspended until the plan was approved by the FBI?

5.2.5

Did each technical leader appointed or hired on or after July 1, 2009, document  a review of the following:

5.2.5.1  Validation studies and methodologies currently used by the laboratory? 

5.2.5.2  Educational qualifications and training records of currently qualified analysts?

 

Discussion

The technical leader must be a full-time employee (employee is a person (1) in the service of the applicable federal, state, or local government, subject to the terms, conditions, and rules of federal, state, or local employment and eligible for the federal, state, or local benefits of service…) of the laboratory although not required to occupy physical (on-site) facility space. For purposes of a vendor laboratory, an employee is a person in the service of a vendor laboratory and subject to the applicable terms, conditions, and rules of employment of the vendor laboratory. Full-time shall be considered the Standard work week as defined by the laboratory.

However, if the technical leader oversees a system of separate laboratories, a minimum of two semiannual on-site visits must be conducted and documented for each laboratory. The technical leader must demonstrate knowledge and oversight of the DNA program sufficient to ensure that each laboratory is following standards and written protocols.

If a contingency plan was submitted to the FBI, then documentation must be reviewed to ensure that DNA analytical procedures on new database analyses were not initiated until FBI approval was granted.  New database analyses are DNA analytical procedures that have not been initiated at the time of the technical leader’s vacancy.  Please refer to Appendix B for the Notification Form for Technical Leader Contingency Plan.

If the technical leader position has not been vacant since the last audit, then Standard 5.2.4.1.1 shall be marked “N/A.”  If the technical leader position was vacant but filled by a qualified individual, then Standards 5.2.4.1.1 b and c shall be marked “N/A.”

If the technical leader position has not been assumed by a newly appointed technical leader since the last audit, then Standards 5.2.5, 5.2.5.1 and 5.2.5.2 shall be marked “N/A.”

Comment

Yes

No

N/A

5.3

Is the CODIS administrator an employee of the laboratory and does he or she meet the following qualifications?

5.3.1

Education:

Does the CODIS administrator meet the minimum education requirements?

  

a.  Does the CODIS administrator meet the minimum education requirements as defined in Standard 5.4 

  or

b.  Was the CODIS administrator appointed or hired prior to July 1, 2009, with supporting documentation from the FBI?

5.3.2

Experience:

  

Does the CODIS administrator meet the experience requirements?

a. Is a current or previously qualified casework or database  DNA analyst with documented mixture interpretation training 

or

b. Was the CODIS administrator appointed or hired prior to July 1, 2009 with documented mixture-interpretation training and completion of FBI-sponsored CODIS training?

 

Discussion

If performing an audit of a vendor laboratory, the auditor shall mark Standard 5.3 and all of its subcategories shall be marked “N/A.”

The CODIS administrator shall be an employee of the laboratory and shall occupy physical facility space and be on-site. Employee is a person (1) in the service of the applicable federal, state, or local government, subject to the terms, conditions, and rules of federal, state, or local employment and eligible for the federal, state, or local benefits of service; or (2) formerly in the service of a federal, state, or local government who returns to service in the agency on a part-time or temporary basis. For purposes of a vendor laboratory, an employee is a person in the service of a vendor laboratory and subject to the applicable terms, conditions, and rules of employment of the vendor laboratory.

If a CODIS administrator appointed or hired prior to July 1, 2009, has the appropriate supporting documentation from the FBI, Standard 5.3.1 and 5.3.2 shall be marked “YES.”  Satisfaction of these minimum education and experience requirements shall be applicable to the specific laboratory system where the CODIS administrator is employed by prior to July 1, 2009 and shall not be portable.

A CODIS administrator appointed or hired on or after July 1, 2009, must be, or have been, a qualified DNA analyst.  CODIS administrators appointed or hired on or after July 1, 2009, and not otherwise grandfathered as a qualified analyst, will be assessed to the educational requirements of the FBI Quality Assurance Audit Document for DNA Databasing Laboratories dated July 1, 2009. For CODIS administrators appointed or hired on or after July 1, 2009, and not previously qualified as a DNA analyst in that laboratory, a minimum of three courses (biochemistry, genetics, and molecular biology) totaling at least nine semester or equivalent credit hours must be completed successfully (college- or university-defined passing grade) and coursework or training in statistics and/or population genetics. 

If the same individual performs the CODIS administrator duties for both casework and database, it shall be noted on the organizational chart and/or job description and this individual shall meet the minimum Standard requirements for the casework CODIS administrator found in the Quality Assurance Standards for Forensic DNA Testing Laboratories.

CODIS administrators may satisfy the statistics and/or population genetics coursework or training requirement of Standard 5.4.1 through internal or external training.  For external statistics and/or population genetics training, a variety of methods may be used, including academic coursework; workshops at local, national, or international meetings or symposia; or other external, technical leader-approved, training courses. The laboratory must maintain documentation of such attendance.  For internal statistics and/or population genetics training, the documentation must comply with Standard 5.1.3.1.1.

Mixture interpretation training may be provided by the laboratory in-house and must be documented.

Biochemistry is the study of the nature of biologically important molecules in living systems, DNA replication and protein synthesis, and the quantitative and qualitative aspects of cellular metabolism.

Genetics is the study of inherited traits, genotype/phenotype relationships, and population/species differences in allele and genotype frequencies.

Molecular biology is the study of the theories, methods, and techniques used in the study and analysis of gene structure, organization, and function.

Integral component is that portion of an academic course that is so significant and necessary to the understanding of the subject matter as a whole that the course would be considered incomplete without it.

Each of the required subject areas must be in the form of academic coursework for credit.  Coursework is an academic class officially recognized and taught through a college or university program in which the participating student successfully completed and received one or more credit hours for the class.

A variety of college course work may apply toward satisfying this Standard and is not limited exclusively to the course titles listed.

A list of the individuals in compliance with Standard 5.3 and the position with which they are in compliance will be incorporated by the auditor into Appendix D for external QAS audits.

Comment

Yes

No

N/A

5.3.3

Has the CODIS administrator:

  

a.  Successfully completed the FBI auditor training within one year of appointment, if not previously attended such training?

  

b.  Participated in the FBI sponsored CODIS software training within six months of appointment, if not previously attended such training?

5.3.4

Is the CODIS administrator responsible for the following:

5.3.4.1  Administering the laboratory’s CODIS network?

5.3.4.2  Scheduling and documenting the CODIS computer training of database analysts?

5.3.4.3  Assuring that the security of data stored in CODIS is in accordance with state and/or federal law and NDIS operational procedures?

5.3.4.4  Assuring that the quality of data stored in CODIS is in accordance with state and/or federal law and NDIS operational procedures?

5.3.4.5  Assuring that matches are dispositioned in accordance with NDIS operational procedures?

5.3.5

Is the CODIS administrator authorized to terminate an analyst’s or the laboratory’s participation in CODIS until the reliability and security of the computer data can be assured if an issue with the data is identified?

  

5.3.5.1 Does the state CODIS administrator have the authority over all CODIS sites under his/her jurisdiction to terminate an analyst’s or laboratory’s participation in CODIS until the reliability and security of the computer data can be assured in the event an issue with data is identified?

5.3.6

If the CODIS administrator position has been unoccupied since the last audit, has the laboratory refrained from uploading new DNA profiles to NDIS during the vacancy?

 

Discussion

If the CODIS administrator has recently been appointed to the position and the applicable time periods for the training have not expired, then Standard 5.3.3a and/or 5.3.3b shall be marked “N/A.”

Standards 5.3.4 and 5.3.5 are the minimum responsibilities of the CODIS administrator.

To successfully satisfy Standard 5.3.5, the laboratory must clearly define and document the CODIS administrator’s duties and authority.  The state CODIS administrator shall hold ultimate authority over the reliability and security of the computer data.  Auditors may assess whether a laboratory has satisfied the requirements through a review of laboratory documentation (e.g., protocols, quality manual).

If the CODIS administrator position has not been vacant since the last audit, then Standard 5.3.6 shall be marked “N/A.”  If there has been a period of time since July 1, 2009 during which the position has been vacant, the auditor may review/request to see CODIS upload records or contact the NDIS Custodian for confirmation. 

Comment

Yes

No

N/A

5.4

Is each analyst an employee or contract employee of the laboratory and does he or she meet or exceed the following qualifications?

5.4.1

Does each analyst meet or exceed the following degree and educational requirements:

a.  B.A./B.S. or advanced degree or its equivalent in a biology-, chemistry-, or forensic science- related area?

b.  College coursework or classes covering the subject areas of:

1.  Biochemistry? 

Yes


No


2.  Genetics? 

Yes


No


3.  Molecular biology?  

Yes


No


c.  College course work or training that covers the subject areas of statistics and/or population genetics?

 

  

5.4.1.1

Does each of the specific subject areas listed in Standard 5.4.1 constitute an integral component of any coursework used to demonstrate compliance with this Standard?

5.4.1.2

For analysts appointed or hired on or after July 1, 2009, do the required subject areas consist of nine or more cumulative semester or equivalent hours?

5.4.1.3

For individuals who have completed coursework with titles other than those listed in Standard 5.4.1:

  

a.  Have they successfully demonstrated compliance with this Standard through a combination of pertinent materials such as a transcript, syllabus, letter from the instructor, or other documentation that supports the course content?

  

b.  Has the technical leader documented his or her approval of compliance with this Standard? 

 

Discussion

Analysts who were appointed or hired prior to July 1, 2009, will be assessed according to the educational requirements of the FBI Quality Assurance Audit Document dated July 1, 2004, which required a minimum of six cumulative semester hours or equivalent that covered the required subject areas. 

Analysts appointed or hired on or after July 1, 2009, will be assessed according to the educational requirements of the FBI Quality Assurance Audit Document dated July 1, 2009.  For analysts appointed or hired on or after July 1, 2009, a minimum of three courses (biochemistry, genetics, and molecular biology) totaling at least nine semester or equivalent credit hours must be completed successfully (college or university defined passing grade) and coursework or training in statistics and/or population genetics. Analysts may satisfy the statistics and/or population genetics coursework or training requirement of Standard 5.4.1 through internal or external training.  For external statistics and/or population genetics training, a variety of methods may be used, including academic coursework; workshops at local, national, or international meetings or symposia; or other external, technical leader-approved training courses. The laboratory must maintain documentation of such attendance.  For internal statistics and/or population genetics training, the documentation must comply with Standard 5.1.3.1.1.

Contract employee is an individual that provides DNA typing and/or analytical support services to the NDIS participating laboratory.  The person performing these services must meet the relevant qualifications for the equivalent position in the NDIS participating laboratory.  A contract employee cannot serve as CODIS Administrator or technical leader and cannot be counted as a full-time qualified DNA analyst for purposes of satisfying the definition of a laboratory.  Employment of a contract employee by multiple NDIS participating and/or vendor laboratories shall be disclosed and shall only be permitted subject to approval by the technical leader of the NDIS participating laboratory for which the contract employee is performing DNA typing and/or analytical services. 

A contract employee shall disclose any employment with another laboratory to the NDIS participating laboratory.  The technical leader shall review such employment for any potential conflicts of interest.  If there are no potential conflicts of interest, the technical leader may approve the employment by multiple NDIS participating and/or vendor laboratories.

Biochemistry is the study of the nature of biologically important molecules in living systems, DNA replication and protein synthesis, and the quantitative and qualitative aspects of cellular metabolism.

Genetics is the study of inherited traits, genotype/phenotype relationships, and population/species differences in allele and genotype frequencies.

Molecular biology is the study of the theories, methods, and techniques used in the study and analysis of gene structure, organization, and function.

Integral component is that portion of an academic course that is so significant and necessary to the understanding of the subject matter as a whole that the course would be considered incomplete without it.

Each of the required subject areas must be in the form of academic coursework for credit.  Coursework is an academic class officially recognized and taught through a college or university program in which the participating student successfully completed and received one or more credit hours for the class.

A variety of college course work may apply toward satisfying this Standard and is not limited exclusively to the course titles listed.

If no new analysts have been appointed or hired on or after July 1, 2009, then Standard 5.4.1.2 shall be marked “N/A.”

The DNA training program previously offered by the FBI Laboratory, with graduate credit hours from the University of Virginia, may be applied toward the molecular biology coursework requirement associated with this Standard.  Unless specifically stated by the FBI, other FBI courses do not fulfill this requirement.  

A list of the individuals in compliance with Standard 5.4 and the position with which they are in compliance will be incorporated by the auditor into Appendix D for external QAS audits.

Comment

Yes

No

N/A

5.4.2

Does each analyst have six months of documented, human-DNA laboratory experience with at least three months in a forensic or database DNA laboratory?

5.4.2.1

Prior to independent work using DNA technology, has each analyst completed the analysis of a range of samples routinely encountered in database analysis?

5.4.2.2

Has each analyst successfully completed a competency test before beginning independent DNA analysis?

 

Discussion

Analysts shall meet all of the requirements in the above standard.  An analyst must have six (6) months of documented, human DNA laboratory experience with at least three (3) months in a forensic or database DNA laboratory.  The experience time frame is measured not by the length of time spent with any particular employer, but rather by the number of months/years in a position specific for gaining the experience necessary to satisfy this Standard. The experience gained by an individual must include the successful analysis of a range of samples typically associated with database analysis. An individual’s participation after appointment or hiring in a formal database DNA training program is acceptable for fulfilling or being applied toward fulfilling the experience requirement of this Standard.

If prior human-DNA laboratory experience is accepted by a laboratory, the prior experience shall be documented and augmented by additional training, as needed, in the analytical methodologies, platforms, and interpretations of human-DNA results used by the laboratory. 

Competency is the demonstration of technical skills and knowledge necessary to perform forensic DNA analysis successfully.

A competency test(s) is a written, oral, and/or practical test or series of tests designed to establish that an individual has demonstrated achievement of technical skills and met minimum standards of knowledge necessary to perform forensic DNA analysis.  Such a test serves to test an individual’s knowledge, skills, and abilities as they relate to his or her individual position. A laboratory may select from a variety of approaches for administering a competency test, including but not limited to a written, oral, or practical examination. If a laboratory uses an internal or external proficiency test as a competency test, the laboratory must have the DNA typing results to assess an individual’s performance. The date of qualification of an individual must be documented. The qualification date has particular relevance to proficiency testing requirements discussed in Standard 13 (Proficiency Testing), which requires that newly qualified individuals participate in an external proficiency test within six months of qualification date.

Comment

Yes

No

N/A

5.5

Is each technical reviewer an employee or contract employee of the laboratory and does he or she meet or exceed the following qualifications?

5.5.1

Is each technical reviewer a current or previously qualified analyst in the methodologies being reviewed?

5.5.2

Has each technical reviewer successfully completed a competency test prior to participating in the technical review of DNA data?

5.5.3

Does each technical reviewer participate in an external proficiency testing program at an NDIS participating laboratory on the same technology, platform and typing amplification test kit used to generate the DNA data being reviewed?

 

Standard 5.5 and its subcategories shall be marked “N/A” for non-NDIS participating- laboratories.

Technical reviewer is an employee or contract employee who is a current or previously qualified analyst in the methodology being reviewed that performs a technical review of, and is not an author of, the applicable report or its contents.

Contract employee is an individual that performs DNA typing and/or analytical support services to the NDIS participating laboratory.  The person performing these services must meet the relevant qualifications for the equivalent position in the NDIS participating laboratory.  A contract employee cannot serve as a casework CODIS Administrator or technical leader and cannot be counted as a full-time qualified DNA analyst for purposes of satisfying the definition of a laboratory.  Employment of a contract employee by multiple NDIS participating laboratories and/or vendor laboratories shall be disclosed and shall only be permitted subject to approval by the technical leader of the NDIS participating laboratory for which the contract employee is performing DNA typing and/or analytical services.   

A contract employee shall disclose any employment with another laboratory to the NDIS participating laboratory.  The technical leader shall review such employment for any potential conflicts of interest.  If there are no potential conflicts of interest, the technical leader may approve the employment by multiple NDIS participating and/or vendor laboratories.

Competency is the demonstration of technical skills and knowledge necessary to perform forensic DNA analysis successfully.

A competency test(s) is a written, oral, and/or practical test or series of tests designed to establish that an individual has demonstrated achievement of technical skills and met minimum standards of knowledge necessary to perform forensic DNA analysis.  Such a test serves to test an individual’s knowledge, skills, and abilities as they relate to his or her individual position.  A laboratory may select from a variety of approaches for administering a competency test, including but not limited to a written, oral, or practical examination.  If a laboratory uses an internal or external proficiency test as a competency test, the laboratory must have the DNA typing results to assess an individual’s performance.  The date of qualification of an individual must be documented.

A technical reviewer must be qualified or previously qualified in the technology, platform, and typing amplification test kit used to generate the data being reviewed.  A technical reviewer must also participate in an NDIS laboratory’s external proficiency testing program to the full extent in which he or she participates in the review of the DNA data.  The intent is that any contract employee hired to conduct technical reviews participates in an external proficiency testing program administered by an NDIS participating laboratory for the technology, platform and amplification test kit used to generate the data being reviewed and that the term of the employment does not impact or negate the requirement to participate in such external proficiency testing.  For example, an analyst or technical reviewer participates and is proficiency tested on database samples using one type of amplification test kit and performs the technical review of outsourced database samples which was analyzed using a different technology, platform and/or amplification test kit.  Such analyst or technical reviewer must also be proficiency tested on the technology, platform and/or amplification test kit used by the laboratory generating the DNA data under review to the extent he/she participates in or performs the technical review of the DNA data.   

Comment

Yes

No

N/A

5.6

Has each technician successfully completed each of the following:

5.6.1  Documented training specific to his or her job function(s)?

5.6.2  A competency test before participating in DNA analysis?

5.7

Do all laboratory technical support personnel have documented training specific to their job function(s)?

 

Discussion

A technician (or equivalent role, position, or title as designated by the Laboratory Director) is an employee or contract employee who performs analytical techniques on database, known or casework reference samples under the supervision of a qualified analyst. Technicians do not interpret data, reach conclusions on typing results, or prepare final reports. 

Laboratory support personnel (or equivalent role, position, or title as designated by the Laboratory Director) are employees or contract employees who perform laboratory duties exclusive of analytical techniques on database and/or known samples.

These personnel will be documented on the organizational chart. 

Comment

Standard 6.  Facilities

Yes

No

N/A

6.1

Is the laboratory designed to ensure the integrity of the analyses and the samples?

6.1.1

Is access to the laboratory controlled and limited in a manner that prevents access by unauthorized personnel?

  

a.  Do all exterior entrance/exit points have security control?

  

b.  Is the distribution of all keys, combinations, and other security devices, documented and limited to the personnel designated by laboratory management?

 

Discussion

To successfully satisfy Standard 6.1, the laboratory must demonstrate compliance with all of the subcategories of Standard 6.

Clearly written and well-understood procedures must exist for laboratory security. The laboratory's security system must control access and limit entry to the operational areas. Internal controlled areas shall limit access to only authorized personnel. The distribution system of all keys, combinations, etc. must be current, accurate, clearly documented, and available for review. Many other control systems-- which include card keys, surveillance cameras, and intrusion alarms-- are acceptable when they complement the laboratory's security system by controlling unauthorized access and/or limiting authorized access to the operational laboratory and sample/evidence storage areas.

Comment

Yes

No

N/A

6.1.2

Except as provided in Standard 6.1.4, are techniques performed prior to polymerase chain reaction (PCR) amplification-- to include sample accessioning, DNA extractions, and PCR setup-- conducted at separate times or in separate spaces from one another?

6.1.3

Except as provided in Standard 6.1.4, is amplified DNA product-- including real-time PCR-- generated, processed, and maintained in a room(s) separate from the sample accessioning, DNA extractions, and PCR-setup areas?

  

a.  Are the doors between rooms containing amplified DNA and other areas closed at all times except for passage?

6.1.4

If a robotic workstation is used to carry out DNA extraction, quantification (if applicable), PCR setup, and/or amplification in a single room, has the laboratory validated the analytical process in accordance with Standard 8? 

  

a.  If the robot performs analysis through amplification, is the robot housed in a separate room from that used for initial sample accessioning? 

 

Discussion

Through a combination of clearly written analytical procedures, notes, and/or personal observation, the laboratory’s approach to sample processing for PCR-based procedures (sample accessioning, extractions and PCR setup) must demonstrate a separation in time or physical space for each activity. The laboratory’s design must demonstrate that evidence/sample flow, through the various steps of DNA processing, does not compromise the integrity of the sample. The amplification room must be enclosed with walls from the floor to the ceiling and door(s) for passage. The amplification room(s) must physically separate amplified DNA from all other areas of the laboratory by keeping doors in the closed position.

When robotic workstations are used to carry out DNA extractions through PCR setup and/or amplification on samples, a single room may be used. Internal validation must show that if contamination occurs, it is minimized, addressed, and less than or equal to that observed when these procedures are performed manually in separate rooms. When robotic workstations are not used to carry out DNA extractions through PCR setup on samples in a single room, Standard 6.1.4 shall be marked “N/A.”

Comment

Yes

No

N/A

6.1.5

Does the laboratory have and follow written procedures for cleaning and decontaminating facilities and equipment?

 

Discussion

A laboratory may employ a variety of methods to monitor, clean, and decontaminate its facilities, such as the use of appropriate controls in the analysis process. This may be accomplished through a variety of ways at the discretion of the laboratory; the method(s) used by the laboratory must be documented.

Comment 

Standard 7.  Sample Control

Yes

No

N/A

7.1

Does the laboratory have and follow a documented sample inventory control system to ensure the integrity of database and known samples?

7.1.1

For evidence and sample identification: 

  

a.  Are all database, known and casework reference samples  marked with a unique identifier?

  

b.  Does the laboratory have and follow a method to distinguish each sample throughout processing?

 

Discussion

To successfully satisfy Standard 7.1, the laboratory must demonstrate compliance with all of the subcategories of Standard 7.

The database laboratory must have clearly written well-understood procedures which address sample handling, sample inventory control, and preserving the integrity of samples.  Key components of such a sample control procedure include proper labeling and storage in secure areas.  In addition the laboratory shall have a method to distinguish each sample throughout processing (such as uniquely identified plate or rack mapping) that may not require the assignment of unique identifiers or individual seals for each sample.

A database laboratory that performs known or casework reference sample analysis must have clearly written well-understood procedures that address handling and preserving the integrity of these evidence samples.  Key components of such an evidence-control procedure include proper labeling and sealing of evidence, a documented chain-of-custody record, and a secure area designated for evidence storage.  Each item of evidence (and/or its container) must be marked with a unique identifier.  Such laboratories shall clearly define what constitutes evidence and what constitutes work product. Work product is the material that is generated as a function of analysis, which may include extracts, amplified product, and amplification tubes or plates as defined by the laboratory.

The laboratory shall have a method to distinguish each sample throughout processing (such as plate or rack mapping) that may not require the assignment of unique identifiers or individual evidence seals for each sample. 

Comment

Yes

No

N/A

7.1.2

Does the laboratory maintain documentation of sample identity, collection, receipt, storage, and disposition?

  

7.1.2.1 If the databasing laboratory is processing known or casework reference sample(s) as evidence, does the laboratory document and maintain a chain of custody in hard or electronic format, to include the following:

  

a.  Signature or initials or the electronic equivalent of each individual receiving or transferring the known or casework reference sample(s)? 

  

Yes


No


b.  The corresponding date for each transfer? 

  

Yes


No


  

c.  The known or casework reference sample(s) transferred? 

  

Yes


No


 

Discussion

The laboratory shall document the identity, collection, receipt, storage, and disposition of database samples. Documentation may be in hard copy or electronic format.

If the laboratory is processing casework knowns or reference samples it shall address how it handles the chain of custody for evidence samples (must document all that is listed under 7.1.2.1.  If the database laboratory does not process casework known or reference samples, 7.1.2.1 shall be marked “N/A”).  A written chain-of-custody record must include the signature or initials (written or electronic) of each individual receiving or transferring evidence, with the corresponding date for each transfer and a corresponding identifier that specifies each evidentiary item. This record must provide a comprehensive, documented history for each evidence transfer over which the laboratory has control. Electronic tracking of evidence is an acceptable alternative to a written record as long as the computerized data are sufficiently secure, detailed, and accessible for review and can be converted to a hard copy when necessary.

Comment

Yes

No

N/A

7.1.3

Does the laboratory have and follow documented procedures designed to minimize loss, contamination, and/or deleterious change of samples and work product in progress?

7.1.4

Does the laboratory have secure, controlled-access areas for sample storage, including environmental control, consistent with the form or nature of the sample?

 

Discussion

The database laboratory shall have and follow procedures regarding sample storage.  The laboratory must ensure that samples stored are protected from loss, contamination and/or deleterious change.  Secure areas for sample storage must exist within the laboratory.  This may include the use of temporary or short-term storage, demonstrating proper security through defined, controlled access to the sample storage area.

If the laboratory processes casework known or reference samples, then the laboratory must ensure that evidence stored under its custody is properly sealed and protected from loss, contamination, and/or deleterious change.  An evidence container is sealed properly if its contents cannot escape readily and if opening the container results in a detectable alteration to the container or seal.  The seal must be labeled in a manner that identifies the individual responsible for sealing the evidence. The immediate container need not be sealed (but securely closed) if it is enclosed in a larger container that meets the requirements of a proper seal. In such instances, the container must be closed securely such that its contents are protected from loss, contamination, and/or deleterious change.

If the laboratory processes casework known or reference samples, then secure areas for evidence storage must also exist within the laboratory. The laboratory may demonstrate compliance with Standard 7.1.4 by specifying short-term and long-term storage that demonstrate proper security through defined, controlled access to the evidentiary storage area at stopping points in the procedure.  Short-term storage areas may vary from a locked file cabinet to an entire examination room temporarily housing large or bulky items of evidence.

Comment

Yes

No

N/A

7.2

Does the laboratory retain the database sample for retesting for quality assurance and sample confirmation purposes where possible?

 

Discussion

Samples shall be retained for hit confirmation and quality assurance purposes, such as quality control, validation, and future testing when new technologies are available, unless prohibited by law or consumed in analysis.

Comment

Standard 8.  Validation

Yes

No

N/A

8.1 

Does the laboratory use validated methods for DNA analyses?

 

Discussion 

To successfully satisfy Standard 8.1, the laboratory must demonstrate compliance with all of the subcategories of Standard 8.

Validation is the process by which a procedure is evaluated to determine its efficacy and reliability for forensic DNA database analysis. It is the accumulation of test data within the laboratory to demonstrate that established methods and procedures perform as expected.

Comment 

Yes

No

N/A

8.2

Have developmental validation studies preceded the use of a novel methodology for DNA database analysis? 

 

Discussion

Developmental validation is the acquisition of test data and determination of conditions and limitations of a new or novel DNA methodology for use on database, known or casework reference samples. Methodology is used to describe the analytical processes and procedures used to support a DNA-typing technology: for example, extraction methods (manual vs. automated), quantification methods (slot blot, fluorometry, real-time); typing test kit; and platform (capillary electrophoresis, real-time gel and end-point gel systems).

A DNA laboratory may rely upon another laboratory’s developmental validation studies; however, the citations and/or publications referencing that validation must be available and accessible to support the underlying scientific basis.  If a laboratory can document the developmental validation through citations and publications, Standard 8.2 shall be marked “Yes.”

Comment


Yes

No

N/A

8.2.1

Have developmental validation studies been performed and documented to include, where applicable:

  

a.  Characterization of  the genetic marker?

Yes


No


N/A


b.  Species specificity? 

Yes


No


N/A


  

c.  Sensitivity studies? 

Yes


No


N/A


  

d.  Stability studies? 

Yes


No


N/A


  

e.  Reproducibility?   

Yes


No


N/A


  

f.  Database-type 

  samples? 

Yes


No


N/A


  

g.  Population studies? 

Yes


No


N/A


h.  Mixture studies? 

Yes


No


N/A


i.  Precision and accuracy studies?

Yes


No


N/A


j.  PCR-based studies to include?

Yes


No


N/A


  

1.  Reaction conditions? 

  

Yes


No


  

  

  

2.  Assessment of differential and preferential  amplification?

  

Yes


No


  

  

  

3.  Effects of multiplexing?

  

Yes


No


  

  

  

4.  Assessment of appropriate controls? 

  

Yes


No


  

  

  

5.  Product detection studies?

  

Yes


No


  

  

8.2.2

Are peer-reviewed publication(s) of the underlying scientific principle(s) of a technology available?

 

Discussion

To successfully satisfy Standard 8.2.1, the laboratory must demonstrate compliance with all of the applicable subcategories of this Standard.

If a DNA laboratory is relying upon another laboratory’s developmental validation, the citations and publications addressing the elements of Standard 8.2.1 (a through j) must be available and accessible. 

If a DNA laboratory has performed its own developmental validation, it must show evidence of how the elements of Standard 8.2.1 (a through j) were addressed.

Comment

  

Yes

No

N/A

8.3

Except as provided in Standard 8.3.1.1, have internal validation of all manual and robotic methodologies been conducted by each laboratory and reviewed and approved by the laboratory’s technical leader prior to use?

8.3.1  

For Internal Validation Studies:

a.  Have internal validation studies been documented and summarized?

b.  Have all internal validation studies conducted on or after July 1, 2009, included, as applicable:

1.  Database type samples?

Yes


No


N/A


2.  Reproducibility and precision?

Yes


No


N/A


3.  Sensitivity and stochastic studies?

Yes


No


N/A


4.  Contamination assessment?

Yes


No


N/A


8.3.1.1 

For multilaboratory systems:

  

a.  Has each laboratory in a multi-laboratory system completed, documented, and maintained applicable site-specific precision, sensitivity, and contamination assessment studies?

b.  Are the summaries of all applicable validation data available at each site?

8.3.2

Have quality assurance parameters and interpretation guidelines been defined pursuant to internal validation?

8.3.3 

If a laboratory has had a change in detection platform or test kit, have internal validation studies been performed?

8.3.4

If the NDIS laboratory has validated an expert system, was it validated in accordance with applicable NDIS operational procedures?

8.3.5

If the laboratory has validated the use of robotics, was the validation conducted and documented to the extent they are used by the database laboratory?

8.4 

Has the analyst or examination team successfully completed a competency test using the DNA analysis procedure prior to its incorporation into database applications?

 

Discussion 

Internal validation is an accumulation of test data within the laboratory to demonstrate that established methods and procedures perform as expected in the laboratory. 

Expert System is a software program or set of software programs that interprets the data generated from a DNA analysis instrument platform in accordance with laboratory defined quality assurance rules and accurately identifies the data that does and does not satisfy such rules.

Prior to implementing a new DNA methodology (methodology is used to describe the analytical processes and procedures used to support a DNA-typing technology: for example, extraction methods [manual vs. automated], quantification methods [slot blot, fluorometry, real-time], typing test kit, and platform [capillary electrophoresis, real-time gel, and end-point gel systems]) or procedure (procedure [protocol, SOP or other equivalent] is an established practice to be followed in performing a specified task or under specific circumstances) or an existing DNA method or procedure developmentally validated by another laboratory, the database laboratory must first demonstrate the reliability of the method or procedure internally for manual and/or robotic methods.

The internal validation studies conducted by the database laboratory should be sufficient to support and document the reliability of the technology (technology is used to describe the type of forensic DNA analysis performed in the laboratory, such as RFLP, STR, YSTR, or mitochondrial DNA) as practiced by that laboratory through demonstrating reproducibility and precision, sensitivity and stochastic studies, mixture studies (if applicable), and contamination assessment.

For internal validation having a completed summary dated prior to July 1, 2009, the laboratory must comply with Standard 8.3.1b (1) and (2), and the remaining subcategories (3 and 4) may be marked “N/A.”  In addition, the studies summarized after July 1, 2009, shall define the quality assurance parameters and interpretation guidelines to support their use in database applications.  Summaries must be written for all internal validation studies, and approval must be documented by the technical leader prior to being incorporated into database analysis.

For laboratory systems that consist of more than one laboratory, each of the laboratories must complete and maintain precision, sensitivity, and contamination assessment studies. Basic validation studies may be shared among all locations in a multi-laboratory system. The internal validation materials must be documented, summarized, and approved by the technical leader. Summaries of a system’s internal validation studies must be available at all sites.

For laboratory systems that have acquired new equipment that leads to a platform change (platform is the type of analytical system used to generate DNA profiles such as capillary electrophoresis, real-time gel, and end-point gel instruments or systems), internal validation studies must be performed.

For laboratory systems that have acquired new test kits (a test kit is a pre-assembled set of reagents that allows the user to conduct a specific DNA extraction, quantification or amplification), internal validation studies must be performed.

A list of the validation studies in compliance with Standard 8.1 will be incorporated by the auditor into Appendix E. The validation studies found to be in compliance with Standard 8.1 after one external audit do not need to be reviewed.

Prior to initiating database applications with any newly validated procedure(s), the DNA laboratory must ensure that its DNA personnel have successfully completed a competency test to the extent of their participation in database applications. A competency test(s) is a written, oral, and/or practical test or series of tests designed to establish that an individual has demonstrated achievement of technical skills and met minimum standards of knowledge necessary to perform database DNA analysis. For DNA personnel intimately involved in a validation, the technical leader may allow the validation to serve as the demonstration of competency. Documentation must be available to indicate that the involvement in the validation was representative of the extent the personnel will be involved in database applications.

If the NDIS participating laboratory uses an expert system to enter data directly into CODIS, it shall use an NDIS approved expert system.  Depending on the rule order and set up of expert system parameters, the laboratory may need to perform developmental validation of that expert system.  Developmental validations of expert systems used by NDIS participating laboratories shall be approved by NDIS.  Standard 8.3.4 shall be marked N/A for non-NDIS participating laboratories and for NDIS laboratories that have not validated an expert system. 

Comment

Yes

No

N/A

8.5

Have modified procedures been evaluated by comparison with the original procedures using similar DNA samples prior to their incorporation into database applications?

8.6 

Has the laboratory evaluated each additional or modified critical instrument by conducting a performance check prior to its use in databasing?

8.7 

Has the laboratory evaluated software upgrades by conducting a performance check prior to use in databasing?

  

a.  Has new software or significant software modifications been documented and subjected to validation testing prior to use in databasing?

 

Discussion 

If a laboratory modifies a procedure that would require a protocol change, the modified procedure shall be evaluated by comparing the original procedure to the modified procedure using similar DNA samples. Modifications must be documented and approved by the technical leader before being implemented in database applications.

Each new instrument or performance-based software change (including upgrades) requires a performance check (performance check is a quality assurance measure to assess the functionality of laboratory instruments and equipment that affect the accuracy and/or validity of forensic sample analysis).  For example, a performance check would be necessary if a laboratory currently used one instrument and added another instrument of the same model number, or if a laboratory was using one instrument and upgraded to a different model of instrument without a change in the analysis software package. If a laboratory upgrades to another instrument and has a change in the analysis software package, then the laboratory must perform an internal validation study.

If acquisition of new equipment leads to a method change (e.g., DNA detection from a gel-based to capillary-based system), internal validation studies must be performed.

New software or significant software changes that would impact interpretation, the analytical process, or sizing algorithms shall require a validation prior to implementation in database applications.  A software upgrade that would not impact interpretation, the analytical process, or sizing algorithms shall require a performance check.

Comment

Standard 9.  Analytical Procedures

Yes

No

N/A

9.1

Does the laboratory have and follow written analytical procedures approved by the technical leader?

  

a.  Are the laboratory’s Standard operating procedures reviewed annually by the technical leader, and is this review documented?

9.1.1

Does the laboratory have a documented Standard operating procedure for each analytical method used?

a.  Do the analytical procedures specify reagents, sample preparation, extraction methods, equipment, and controls that are Standard for DNA analysis and data interpretation?

 

Discussion 

To successfully satisfy Standard 9.1, the laboratory must demonstrate compliance with all of the subcategories of Standard 9.1.

Procedure (protocol, Standard operating procedure, or other equivalent) is an established practice to be followed in performing a specified task or under specific circumstances.

Standard operating procedures must be reviewed by the technical leader annually as described in Standard 3.  This review must be documented and performed independent of the audit required by Standard 15. Standard operating procedures must be readily available to laboratory personnel, reflect the current practices employed by the laboratory, and be supported through a laboratory’s validation.

The laboratory shall have and follow Standard operating procedures for each analytical method used by the laboratory (analytical procedure is an orderly, step-by-step process designed to ensure operational uniformity and to minimize analytical drift).  Each procedure must specify the reagents, sample preparation, extraction method, equipment, and controls used in the analytical process. 

A DNA laboratory must ensure that all of its procedures are current and readily available.

Comment

Yes

No

N/A

9.2

Does the laboratory use reagents that are suitable for the methods employed?

9.2.1

Does the laboratory have written procedures for documenting commercial reagents and for the formulation of in-house reagents?

9.2.2

Are commercial reagents labeled with:

  

a.  The identity of the reagent? 

Yes


No


  

  

  

b.  The expiration date as provided by the manufacturer or as determined by the laboratory? 

Yes


No


  

  

9.2.3 

Are in-house reagents labeled with:

  

a.  The identity of the reagent?

Yes


No


  

  

  

b.  The date of the preparation or expiration or both?

Yes


No


  

  

  

c.  The identity of the individual preparing the reagent?

Yes


No


  

  

9.3

Critical reagents shall include, but are not limited to, the reagents listed in Standards 9.3.1 and 9.3.2.

a.  Has the laboratory identified critical reagents?

b.  Has the laboratory evaluated critical reagents prior to use in databasing?

9.3.1

Has the laboratory identified and evaluated the following:

a.  Test kits or systems for performing quantitative PCR?

Yes


No


N/A


b.  Test kits or systems for performing genetic typing? 

Yes


No


N/A


9.3.2

Has the laboratory identified and evaluated the following:

a.  Thermostable DNA polymerase (if not tested as test kit components under Standard 9.3.1)?

Yes


No


N/A


b.  Primer sets (if not tested as test kit components under Standard 9.3.1)?

Yes


No


N/A


c.  Allelic ladders used for genetic analysis (if not tested as test-kit components under Standard 9.3.1)?

Yes


No


N/A


 

Discussion

To successfully satisfy Standard 9.2, the laboratory must demonstrate compliance with all of the subcategories of Standard 9.2.

The laboratory shall have and follow written procedures for documenting commercial reagents and formulating in-house reagents. 

Commercial reagents must be labeled with the identity of the reagent and the expiration date as provided by the manufacturer or determined by the laboratory. If the laboratory has determined an expiration date beyond that provided by the manufacturer, supporting documentation for that date must be available at the laboratory. For those reagents having no expiration date provided by the manufacturer, the laboratory shall have a policy for setting the expiration date.

In-house reagents must be labeled with the identity of the reagent, the date of preparation or expiration or both, and the identity of the individual preparing the reagent.

If the laboratory has an electronic bar-coding system for the management of its in-house reagents, the laboratory must place the name of the reagent on the bottle in addition to the bar coded information and have a written policy or procedure for recording the required information. In such instances Standards 9.2.2 through 9.2.3 shall be marked “Yes.” 

Records must be maintained that identify the preparer of the reagent and the quality control measures (if any) used to check the reliability of reagents.

Test kit is a preassembled set of reagents that allows the user to conduct a specific DNA extraction, quantification, or amplification. A system is similar to a test kit except that it is not preassembled.

Critical reagents are determined by empirical studies or routine practice to require testing on established samples before use on database or known samples. The laboratory must identify the reagents critical to the analytical processes used and evaluate each, prior to their use on evidence.  This list must include, at a minimum, those critical reagents listed in Standards 9.3.1 and 9.3.2.  Laboratories must have written procedures detailing the quality control measures in place for evaluating critical reagents and materials, the acceptable range of results, procedures for addressing unacceptable data, and mechanisms used for documentation and subsequent approval/rejection of quality control data.

Comment

Yes

No

N/A

9.4

Does the laboratory have and follow a documented procedure for the resolution, verification and reporting/notification of database matches?

 

Discussion

The NDIS participating laboratory shall have and follow documented procedures for the resolution, verification and reporting/notification of database matches.  For non-NDIS laboratories, Standard 9.4 shall be marked N/A.

Comment

Yes

No

N/A

9.5

Does the laboratory monitor the analytical procedures using appropriate controls and standards?

9.5.1

Where quantitation is performed, are quantitation standards used?

9.5.2

For positive and negative amplification controls:

a.  Are the positive and negative amplification controls associated with the samples being typed amplified concurrently in the same instrument with the samples at all loci using the same primers as the database, known and casework reference samples?

b.  Are the positive and negative amplification controls associated with the samples being typed?

9.5.3

Are reagent blank controls associated with each extraction set being analyzed as follows:

9.5.3.1  Extracted concurrently?

  

9.5.3.2  Are the reagent blanks amplified using:

  

a.  The same primers as the sample(s)? 

  

Yes


No


  

b.  The same instrument model as the sample(s)? 

  

Yes


No


  

c.  The same concentration conditions as required by the sample(s) with the most sensitive volume conditions of the extraction set? 

  

Yes


No


  

9.5.3.3  Are the reagent blanks typed using:

  

a.  The same instrument model as the sample(s)?

  

Yes


No


  

b.  The same injection conditions as the sample(s)?

  

Yes


No


  

c.  The most sensitive volume conditions of the extraction set? 

  

Yes


No


9.5.4 

Does the laboratory use allelic ladders and internal size markers for VNTR sequence PCR- based systems?

 

Discussion

A laboratory shall have and follow documented procedures to address the use of positive and negative controls in database applications. A positive amplification control is an analytical control sample that is used to determine if the PCR performed properly. This control consists of the amplification reagents and a known DNA sample. A negative amplification control is used to detect DNA contamination of the amplification reagents. This control consists of only amplification reagents without the addition of template DNA.  A reagent blank control is an analytical control sample that contains no template DNA and is used to monitor contamination from extraction to final fragment or sequence analysis. This control is treated the same as, and parallel to, the database and/or casework reference samples being analyzed. These procedures shall identify the acceptable results for controls and the verification and documentation of their use. A laboratory must use quantification standards as a part of its quantification process.  For databasing laboratories that do not use a quantitation procedure, Standard 9.5.1 shall be marked N/A.

A laboratory shall associate a reagent blank control with each extraction set or batch of samples as defined by the laboratory.  The additional requirements for reagent blank controls specified in Standards 9.5.3.2 and 9.5.3.3 are applicable to samples extracted on or after July 1, 2009.

The reagent blank control shall be extracted concurrently and in the most sensitive volume of the extraction set. If a laboratory does not quantitate its reagent blanks, it must document and verify that the reagent blanks are amplified concurrently with the database sample(s) being characterized from an extraction set. 

If a laboratory has a practice of setting up multiple reagent blanks within its extraction set, and as a part of its process, it quantitates its reagent blanks, the laboratory shall amplify at least one of those reagent banks, if it is carrying on any of the specimens associated with the extraction set on to amplification in accordance with Standard 9.5.3.2.  If a laboratory does set up multiple reagent blanks and quantitates those reagent blanks with its extraction set, it shall amplify and characterize at least the reagent blank that demonstrates the greatest signal, if any. 

If a laboratory uses multiple amplification test kits and the laboratory has depleted its reagent blanks associated with the extraction set or sample being amplified, a laboratory shall not continue on to a different amplification test kit without a reagent blank.

For extraction sets being amplified, a laboratory shall concurrently amplify at all loci a set of positive and negative amplification controls using the same primers as the database sample(s).  Reagent blank controls associated with each extraction set being analyzed shall be extracted concurrently, amplified using the same primers as the database sample(s), amplified and typed in the same instrument model as the database sample(s) and using the most sensitive concentration conditions (criteria 9.5.3.2c) as required by the database sample(s) that contain the least amount of DNA.  For example, a laboratory has validated bringing all of its extracted questioned specimens and reagent blanks up in 20ul and quantitating 10% (2ul). After evaluating the quantitation results of the extraction set, one of the samples requires the remaining 18ul for amplification. Therefore, at least 18ul from an associated reagent blank shall be amplified with that extraction set. As another example, if after quantitation, a laboratory needs to reconstitute samples, one of the reagent blanks associated with that extraction set will also need to follow through that process. 

If a laboratory reamplifies a sample with the same amplification test kit or system, and does not increase the template volume over that of the original reagent blank, and does not alter the amplification parameters to increase sensitivity, the laboratory does not need to reamplify the reagent blank associated with the extraction set being reamplified, provided, however, that the laboratory includes the amplification positive and negative controls with the extraction set

If a laboratory injects samples at varying injection times, amplicon volumes, and/or injection voltage, the reagent blank must satisfy the most sensitive injection conditions. For example, if a laboratory uses a five-second injection and a 10-second injection on a sample set, the laboratory must inject its reagent blank with at least the 10-second injection.

If a laboratory determines at the quantification stage to terminate all sample processing, the reagent blank control must be either quantitated or typed in order for the sample processing to be terminated.  In order for a laboratory to determine that sample processing is to be terminated after DNA quantitation, the laboratory shall have a validation study to support that determination.

If a laboratory is using mass spectrometry with respect to Standard 9.5.4, the term “allelic ladder” refers to a collection of DNA fragments or the expected molecular masses of these DNA fragments for any particular locus.

Comment

Yes

No

N/A

9.5.5

Does the laboratory check its DNA procedures either annually or whenever substantial changes are made to a procedure against an appropriate and available NIST Standard reference material (SRM) or Standard traceable to a NIST standard?

 

Discussion

The laboratory must demonstrate performance through an annual check of its laboratory procedures (at a minimum from amplification to characterization) to generate typing results for each technology (technology is used to describe the type of forensic DNA analysis performed in the laboratory, such as RFLP, STR, YSTR, or mitochondrial DNA).

NIST is the National Institute of Standards and Technology.

Reference material (certified or standard) is a material for which values are certified by a technically valid procedure and accompanied by, or traceable to, a certificate or other documentation which is issued by a certifying body.

Laboratories have the option of using one sample from the NIST SRM or to create/purchase a NIST-traceable Standard for their annual check.  Laboratories are not required to purchase a NIST SRM kit each year to comply with Standard 9.5.5.  Laboratories may identify controls and run these against the NIST SRM, which in turn makes these controls NIST-traceable.  For those laboratories that use a bloodstain control, a “lot” is identified as the bloodstain(s) that are tested against the NIST SRM, not the person from whom the blood was drawn.  This lot may be used annually to verify the controls and DNA procedures in use by the laboratory.  This annual check of typing results must be assessed separately from any use the NIST SRM may have as part of routine analysis (e.g., if a laboratory uses a NIST traceable 9947A as a part of its internal positive control for database analysis). A laboratory must demonstrate a designated NIST SRM laboratory check of its procedure annually or whenever a substantial change is made to the procedure. A substantial change would be a change in test kit, platform, or software.

Laboratories have the option of using additional NIST SRMs (such as Human Quantification Standard NIST SRM 2372) that may be available, but their use is not required by Standard 9.5.5.

Comment

Yes

No

N/A

9.6

Does the laboratory have and follow written guidelines for the interpretation of data?

9.6.1

Does the laboratory verify that all control results meet the laboratory’s interpretation guidelines for data to be entered into CODIS?

 

Discussion 

A laboratory shall have and follow written guidelines for the interpretation of data that are supported through its validation.  A laboratory is required to have and follow interpretation guidelines, even if using a validated expert system.  These interpretation guidelines should be used when validating the expert system.  A laboratory may rely upon an expert system to complete the data interpretation process.  The expert system may replace human review for database, known and casework reference samples only.  If the NDIS participating laboratory uses an expert system, it shall use an NDIS approved expert system (internal validation is required for NDIS approved versions and developmental validation is required for those versions not already approved by NDIS).  A laboratory shall verify that all control results meet the laboratory’s interpretation guidelines for all reported results.  A documented method must exist to demonstrate that control values are verified when used (e.g., check-off, technical review).

Comment

Yes

No

N/A

9.7 

Does the laboratory have and follow a documented policy for detecting and controlling contamination?

 

Discussion

Contamination is the unintentional introduction of exogenous DNA into a DNA sample or PCR reaction.

A laboratory shall have and follow a documented policy for detecting and controlling contamination.  This policy should include the procedures used by a laboratory for monitoring, decontaminating, and detecting contamination.  In addition, a laboratory shall have and follow policies and/or procedures for interpreting data potentially affected by contamination.

Comment

Standard 10.  Equipment Calibration and Maintenance  

Yes

No

N/A

10.1

Does the laboratory use equipment that is suitable for the methods employed?

10.2

Does the laboratory have and follow a documented program for conducting performance checks and calibrating equipment and instruments?

10.2.1

At a minimum, are the following critical instruments or equipment performance-checked at least annually:

10.2.1.1  A thermometer that is traceable to national or international standard(s) and is used for conducting performance verification checks?

10.2.1.2  Balance/scale?

  

10.2.1.3  Thermal cycler temperature-verification system?

  

10.2.1.4  Thermal cycler, including quantitative-PCR system where utilized?

  

10.2.1.5  Electrophoresis detection systems?

  

10.2.1.6  Robotic systems?

  

10.2.1.7  Genetic analyzers?

  

10.2.1.8  Mechanical pipettes?

10.2.2

The following critical equipment requires quarterly recertification:

  

10.2.2.1 Expert systems approved for use at NDIS.

10.3

Does the laboratory have a schedule and follow a documented program to ensure that instruments and equipment are maintained properly?

  

a.  Has documentation been retained for maintenance, service, and/or calibration?

10.4

Does the laboratory performance check new critical instruments and equipment, or critical instruments and equipment that have undergone repair, service or calibration, before their use in database analysis?

10.4.1

At a minimum, are the following critical instruments or equipment performance-checked and/or recertified following repair, service, or calibration:

10.4.1.1  Electrophoresis detection systems?

  

10.4.1.2  Robotic systems?

  

10.4.1.3  Genetic analyzers?

  

10.4.1.4  Thermal cycler, including quantitative-PCR where utilized?

  

10.4.1.5  Expert systems approved for use at NDIS?

 

Discussion

Calibration is the set of operations which establish, under specified conditions, the relationship between values indicated by a measuring instrument or measuring system, or values represented by a material, and the corresponding known values of a measurement.

Critical equipment or instruments are those requiring calibration or a performance check prior to use and periodically thereafter.

Performance check is a quality assurance measure to assess the functionality of laboratory instruments and equipment that affect the accuracy and/or validity of database, known or casework reference sample analysis.

Traceability is the property of a result of a measurement whereby it can be related to appropriate standards, generally international or national standards, through an unbroken chain of comparisons.

To successfully satisfy Standards 10.2 and 10.4, the laboratory must demonstrate compliance with all of the subcategories of both Standards.

To successfully satisfy the requirements listed in Standards 10.2 and 10.4, the laboratory's documentation must, at a minimum, include all critical equipment and instruments listed above.  The laboratory’s documentation must include the schedules for and records of all repairs, service, or calibrations for the critical equipment and instruments.  Critical equipment or instruments are those requiring calibration prior to use and periodically thereafter when the accurate calibration of that instrument directly affects the results of the analysis.

The minimum requirements of a performance check of a thermometer used for performing performance checks may be accomplished through: (1) certification by an outside vendor;  or (2) in-house by the comparison of one or more temperature readings at various time intervals against another NIST-traceable thermometer.

For example, a NIST-traceable thermometer certified for two years and used for conducting performance checks on equipment shall require the annual performance check.  A NIST-traceable thermometer certified for two years that is not used for conducting performance checks does not require the annual performance checks and may be used until the certification expires.  A NIST-traceable thermometer to be used beyond its certification date shall be recertified or be subject to the annual performance-check requirements.

The minimum requirements of a performance check of a balance or scale may be accomplished either through an outside vendor or performed in-house by the laboratory using certified weights. 

The minimum requirements of a performance check of a thermal cycler temperature-verification system may be accomplished through certification by an outside vendor or accomplished in-house by the comparison against a certified thermal cycler temperature verification system. 

The minimum requirements of a performance check of a thermal cycler, including quantitative-PCR include the system’s diagnostic programs and the use of an appropriate certified temperature verification system or process. 

The minimum requirements of a performance check of an electrophoresis detection system may be accomplished by analyzing amplification controls or internal standards or using previously characterized DNA samples for comparison.

The minimum requirements of a performance check of a robotic system shall be defined by the laboratory.  This performance check may be accomplished by an outside vendor or accomplished in-house by the laboratory.

The minimum requirements of a performance check of a genetic analyzer may be accomplished by analyzing amplification controls or internal standards or using previously characterized DNA samples for comparison.  For example, a laboratory may choose to performance-check a genetic analyzer by analyzing a set containing an amplification positive, an amplification negative and a ladder.  If a laboratory uses a mass spectrometer, a performance check would be defined by the laboratory to verify sensitivity and accurate mass assignments.

The minimum requirements of a performance check of a mechanical pipette may be accomplished by certification by an outside vendor or accomplished in-house through the comparison of a series of measurements.  For example, measurements are evaluated at a high and low setting of the pipette’s range.

Laboratories have the option of using additional NIST SRMs (e.g., Human Quantification Standard NIST SRM 2372) that may be available, but their use is not required by Standard 10.2.1 unless specifically referenced by the laboratory.

The critical instruments and equipment identified in Standard 10.4.1 require additional (beyond annual) performance checks after repair, service or calibration.  At a minimum, the electrophoresis detection system, robotic systems, genetic analyzers, and thermal cyclers and expert systems approved for use at NDIS listed in Standard 10.4.1 shall be performance-checked after repair, service, or calibration.  New critical instruments and equipment, and critical instruments or equipment having a specific repair, service, or calibration, may necessitate additional performance check elements as defined by the laboratory to demonstrate acceptable sensitivity and precision as those instruments previously in use.

Critical instruments or equipment that are not listed in Standard 10.4.1 are not required to have a performance check after repair, service, or calibration.

For 10.2.2 and 10.2.2.1 NDIS participating laboratories must recertify their NDIS approved expert systems quarterly.  These standards may be marked N/A for non-NDIS participating laboratories and laboratories that are not using an expert system. 

For 10.4.1.5 the same procedure used for the quarterly recertification should be used as the basis of the performance check for expert systems following repair, service or calibration of the expert system.  Unless the expert system software is newly installed, service or repair of the hardware and software systems supporting the expert systems may not require recalibration or certification.  This Standard may be marked N/A for non-NDIS participating laboratories and laboratories that are not using an expert system. 

Comment

Standard 11.  Documentation/Reports  

Yes

No

N/A

11.1

a.  Does the laboratory have and follow written procedures for taking and maintaining documentation for database, known or casework reference samples?

b.  Does the laboratory maintain all analytical documentation generated by analysts related to database analyses?

c.  Does the laboratory retain, in hard copy or electronic format, sufficient documentation for each technical analysis to support the profile data such that another qualified individual could interpret and evaluate the data?

 

Discussion

Laboratory database sample records may be in hard copy, electronic files, or a combination of both formats.

The laboratory should have a written procedure detailing documentation maintained under this Standard.  Materials contained in sample records must demonstrate compliance with this Standard.

Comment

Yes

No

N/A

11.2

Does the laboratory have and follow written procedures to ensure the confidentiality of the database, known or casework reference samples and the information in DNA databases and DNA records, except as otherwise provided by applicable state or federal law?

11.2.1

Does the laboratory have and follow written procedures for the release of the DNA records and database, known or casework reference samples in accordance with applicable state or federal law?

11.2.2

Does the laboratory have and follow written procedures for the release of personally identifiable information relating to DNA records in accordance with applicable state or federal law?

11.2.2.1  Does the laboratory have and follow a procedure for the release of personally identifiable information in connection with a database hit?

 

Discussion

To successfully satisfy Standard 11.2, compliance must be demonstrated with all of the subcategories of Standard 11.2.

A variety of methods or media (such as a notification letter) may be used to meet the requirements for release of hit information per Standard 11.2.2.1. A formal technically reviewed laboratory report is not required.  To satisfy 11.2.2.1, the laboratory must have and follow procedures for resolving database matches before personally identifiable information is released in connection with a database hit.  Standard 11.2.2.1 shall be marked “N/A” for non-NDIS participating laboratories.

Comment

Standard 12.  Review  

Yes

No

N/A

12.1

Does the laboratory have and follow written procedures for reviewing DNA records and DNA database information, including the verification and resolution of database matches?

12.1.1

Are all technical reviews conducted by an individual that is, or has been, a qualified analyst in the methodology being reviewed?

 

Discussion

Administrative review is an evaluation of the report and supporting documentation for consistency with laboratory policies and for editorial correctness.

Technical review is an evaluation of reports, notes, data, and other documents to ensure there is an appropriate and sufficient basis for the scientific conclusions.

The laboratory must conduct and document a review of all data.  The laboratory must have written procedures defining the elements associated with both administrative and technical reviews.  The technical review elements shall include a review of all notes, all worksheets, and all electronic data (or printed electropherograms or images) supporting the results; a review of all DNA types to verify that they are supported by the raw or analyzed data (electropherograms or images); a review of all controls, internal lane standards, and allelic ladders to verify that the expected results were obtained; and a review to confirm that reworked samples have appropriate controls.

NDIS participating laboratories must have and follow procedures for reviewing database matches including the verification and resolution of the matches.  If a database laboratory issues reports, both technical and administrative reviews are required.  Notification letters issued in the course of a database hit which do not contain technical data require at a minimum an administrative review

An analyst who performs technical reviews on DNA database, known or casework reference samples shall be or have been an analyst qualified in the specific DNA methodology that the review encompasses.  Technical reviewer is an employee or contract employee who is a current or previously qualified analyst in the methodology being reviewed that performs a technical review of analytical results and is not an author of the applicable report.  The technical reviewer shall not be the original analyst.  Methodology is used to describe the analytical processes and procedures used to support a DNA-typing technology: for example, extraction methods (manual vs. automated), quantification methods (slot blot, fluorometry, real-time); typing test kit; and platform (capillary electrophoresis, real-time gel and end-point gel systems). 

The technical reviewer must be proficiency-tested semiannually to the extent to which they perform database analysis.  A qualified analyst proficiency-tested in the specific DNA methodology is qualified to serve as a technical reviewer without needing to take an additional proficiency test as a technical reviewer. 

An analyst whose sole responsibility is technical review must be qualified under Standard 5.4 and its subsections to the extent of his or her interpretative role as a technical reviewer.  Additionally, an analyst whose sole responsibility is technical review must be proficiency-tested in technical review. 

The administrative reviewer is not required to be a current or former qualified DNA analyst.

This Standard is intended for data generated within the DNA laboratory.  The review of data generated external to the laboratory is governed by Standard 17.

Comment

Yes

No

N/A

12.2

Does the laboratory document the completion of the technical review prior to uploading or searching in SDIS, and does it include the following elements:

  

12.2.1  A review of all notes, all worksheets, and all electronic data (or printed electropherograms or images) supporting the results?

  

12.2.2  A review of all DNA types to verify that they are supported by the raw or analyzed data (electropherograms or images)?

  

12.2.3  A review of all controls, internal lane standards, and allelic ladders to verify that the expected results were obtained?

  

12.2.4  A review to confirm that reworked samples have appropriate controls?

 

Discussion

Standard 12.2 and its subcategories shall be marked “N/A” for non-NDIS participating laboratories.

A documented technical review of the data must be completed by the NDIS participating laboratory prior to uploading or searching the data at SDIS.  The laboratory shall have a written procedure detailing the elements of its technical review including how the completion of the technical review will be documented.  The laboratory’s technical review procedures for database samples must include each of the above elements.

For NDIS participating laboratories, the review of the DNA types in 12.2.2 and 12.2.3 may be accomplished by an NDIS approved and internally validated expert system.

Comment

Yes

No

N/A

12.3

For the release of personally identifiable information:

a.  Does the laboratory conduct an administrative review of official correspondence related to database hits containing personally identifiable information?

  

b. Does the administrative review include the following elements (any or all of which may be included within the technical-review process):

  

12.3.1  A review of the supporting administrative documentation and the correspondence for clerical errors?

  

12.3.2  A review of the individual’s biographical data, qualifying offense, and DNA profile generated from reanalysis, as applicable?

  

12.3.3  Does the laboratory have and follow a procedure to document the completion of the administrative review? 

 

Discussion

Administrative review is an evaluation of the report and supporting documentation for consistency with laboratory policies and for editorial correctness.

To successfully satisfy Standard 12.3, compliance must be demonstrated with all of the subcategories of Standard 12.3.

The laboratory’s administrative review procedures of database analysis must include all of the above elements and may be included within the technical-review process.  The review of the chain of custody and disposition of evidence shall be limited to the casework reference samples received by the DNA database laboratory. 

Comment

Yes

No

N/A

12.4

Does the laboratory document the elements of a technical and administrative review? 

12.5

Does the laboratory have and follow a documented procedure to address unresolved discrepant conclusions between analysts and reviewers?

12.6

Does the laboratory have a system in place to ensure that the correct CODIS specimen categories have been assigned?

 

Discussion

Laboratories must describe the method used for documenting the completion of technical and administrative reviews, as well as a procedure that defines the course of action necessary in the event of an unresolved discrepancy.  Laboratories that include some or all of the administrative review elements listed in Standard 12.3 in their technical review procedure also must document the completion of the administrative review.  An administrative review is required for official correspondence containing personally identifiable information.

To satisfy Standard 12.6, the laboratory must have and follow a system to ensure the correct specimen categories have been assigned.

Standard 12.6 shall be marked “N/A” for non-NDIS-participating laboratories.

Comment

Yes

No

N/A

12.7

Does the laboratory have and follow a program that documents the annual monitoring of the testimony of laboratory personnel?

 

Discussion

Individuals who provide testimony as part of their current positions must be monitored at least once annually.  Several methods of monitoring are possible, and laboratories may select an appropriate approach.  Laboratories must define the elements and standardize the method for capturing information necessary to review an individual’s testimony.  The testimony-monitoring report or results must be reviewed with the individual to identify areas of strengths and weaknesses.  The laboratory shall maintain documentation of this monitoring process.

The laboratory must provide clear documentation identifying individuals who did not testify over the course of the year.

Comment 

Standard 13.  Proficiency Testing

Yes

No

N/A

13.1

Do analysts, technical reviewers, technicians, and other personnel designated by the technical leader undergo semiannual external proficiency testing in each technology performed to the full extent in which they participate in database analysis?

 

Discussion

Semiannual is used to describe an event that takes place two times during one calendar year, with the first event taking place in the first six months of the calendar year and the second event in the last six months of the calendar year, and where the interval between events is at least four months and not more than eight months.  The program shall be administered in an open proficiency-testing format.  The results shall be submitted to the proficiency-test provider in order to be included in the provider’s published external summary report.

An external proficiency test is defined as a test obtained from an approved proficiency-test provider.  The laboratory must not have access to the proficiency-test results until all participants have completed the test.

All analysts, technical reviewers, technicians, and other personnel designated by the technical leader, must be externally proficiency-tested semiannually, in each DNA technology to the full extent in which they perform database examinations.  Technology is used to describe the type of forensic DNA analysis performed in the laboratory, such as RFLP, STR, YSTR, or mitochondrial DNA.  It is permissible for multiple technologies to be reported on a single proficiency test.  However, all individuals must be tested semiannually in each technology performed to the full extent to which they participate in database analysis.  For example, for individuals qualified in multiple technologies, each such individual must be externally proficiency-tested in each technology semiannually. 

There are no proficiency test requirements for individuals who function solely as technical leaders or CODIS administrators.

Comment

Yes

No

N/A

13.1.1

Are individuals using both manual and automated methods proficiency-tested in each, at least once per year, to the full extent in which they participate in database analysis?

13.1.2

Have newly qualified individuals entered the external proficiency-testing program within six months of the date of their qualification?

13.1.3

Has the laboratory defined, documented, and consistently used the date that the proficiency test is performed as the received date, assigned date, submitted date, or due date?

13.1.4

Except as provided in Standard 13.1.4.1, has each analyst been assigned and completed his or her own external proficiency test?

  

13.1.4.1  If a team approach is used, have all analysts, technicians, and technical reviewers been proficiency-tested according to Standard 13.1?

13.1.5

Has the typing of all CODIS core loci or CODIS core sequence ranges been attempted for each technology performed as applicable? 

13.1.6

Does the laboratory maintain the following records for proficiency tests:

  

13.1.6.1  The test-set identifier?

  

13.1.6.2  Identity of the analyst, and other participants, if applicable?

  

13.1.6.3  Date of analysis and completion?

  

13.1.6.4  Copies of all data and notes supporting the conclusions?

  

13.1.6.5  The proficiency test results?

  

13.1.6.6  Any discrepancies noted?

  

13.1.6.7  Corrective actions taken?

13.1.7

Does the laboratory include, at a minimum, the following criteria for evaluating proficiency test results:

  

13.1.7.1  Evaluation:

  

a.  Are all reported inclusions (if applicable) correct?

  

b.  Are all reported exclusions (if applicable) correct?

  

c.  Are all reported genotypes and/or phenotypes correct or incorrect according to consensus results or within the laboratory’s interpretation guidelines?

  

13.1.7.2  Are results that are reported as inconclusive or not interpretable consistent with written laboratory guidelines?

  

13.1.7.2.1  Has the technical leader reviewed any  inconclusive result for compliance with laboratory guidelines?

  

13.1.7.3  Have all discrepancies/errors and subsequent corrective actions been documented?

13.1.7.4  Have all final reports been graded as satisfactory or unsatisfactory?

  

13.1.7.4.1  When a final report was graded satisfactory, was it shown that no analytical errors were observed for the DNA profile typing data?

  

13.1.7.4.1.1  If present, were administrative errors and corrective actions documented?

13.1.8

Have all proficiency-test participants been informed of their final test results, and has this notification been documented? 

13.1.9

Has the technical leader been informed of the results of all participants, and has this notification been documented?

  

a.  If applicable, did the technical leader inform the CODIS administrator of all nonadministrative discrepancies that affect the typing results and/or conclusions at the time of discovery?

 

Discussion

Laboratories that routinely employ a team approach for conducting DNA examinations (such as several technicians, each performing a separate, dedicated aspect of the DNA process on database samples) may similarly employ a team approach for performing proficiency tests.

Laboratories that have both manual and automated methods shall proficiency test each individual who is qualified in both manual and automated in each method at least once per year to the full extent in which they participate in database analysis.  For example, if an individual is qualified in both manual and automated methods for DNA extraction in database analysis, then the individual must be proficiency-tested in each method at least once per year to the full extent in which he or she participates in database analysis.  If a laboratory has multiple manual and/or automated methods, the individual must be proficiency-tested on at least one of the manual methods and one of the automated methods per year.  This does not preclude the possibility that both methods may be administered on a single proficiency test.

Newly qualified analysts must enter into the proficiency test cycle within 6 months of qualification by performing the extraction methods (manual vs. automated), quantification methods (slot blot, fluorometry, real-time); typing test kits; and platforms (capillary electrophoresis, real-time gel and end-point gel systems) to the full extent of his or her participation in database analyses.  If the analyst was qualified in multiple extraction methods (manual/automated), quantitation methods, typing test kits, and/or platforms, all methods must be addressed between the most immediate proficiency test (within 6 months) and the following proficiency test cycle.

Currently qualified analysts who become qualified in additional extraction methods (manual vs. automated), quantification methods (slot blot, fluorometry, real-time); typing test kits; and/or platform (capillary electrophoresis, real-time gel and end-point gel systems) must be proficiency tested on the additional methods in his/her next scheduled proficiency test.

Laboratories that have more than one platform shall proficiency test each individual that is qualified in more than one platform on each platform at least once per year to the full extent in which they participate in database analysis.  For example, if an individual is qualified in both capillary and gel-based platforms, then the individual must be proficiency tested on each platform at least once per year to the full extent in which he or she participates in database analysis.  This does not preclude the possibility that multiple platforms may be administered on a single proficiency test.

Laboratories that have more than one amplification test kit shall proficiency test each individual that is qualified in more than one amplification test kit once per year to the full extent in which he or she participates in database analysis.  For example, if an individual is qualified in two different amplification test kits, each containing all of the CODIS core loci, then the individual must be proficiency tested with each amplification test kit once per year to the full extent in which he or she participates in database analysis.

For an individual qualified in multiple amplification test kits or systems for a specific technology, the individual must be proficiency tested on each amplification test kit or system over the course of the year.  However, the individual must be proficiency tested on all the CODIS core loci and/or core sequence ranges for each semiannual proficiency test cycle.  This requirement to be semiannually proficiency tested on all the CODIS core loci or core sequence ranges only applies to an analyst who is qualified in an amplification kit or combination of kits that possess all of the CODIS core loci or core sequence ranges.  This does not preclude the possibility that multiple amplification test kits may be administered on a single proficiency test.

Laboratories that use a team approach in database analysis may use this approach in their required semiannual proficiency testing; however each individual shall be proficiency tested at least once per year in each amplification test kit for DNA typing, platform, and an automated and/or manual (as applicable) method to the full extent of his or her participation in database analysis.  Individuals using a team approach are still required to participate in semiannual external proficiency testing in each technology performed.

Each proficiency test must include testing for all CODIS core loci and/or CODIS core sequence ranges for each of the technologies performed.

It shall be the technical leader’s responsibility to determine whether an error in interpretation or typing shall be classified as an analytical error or not, based on review of the analytical data to ensure consistency with laboratory interpretation guidelines.

A satisfactory grade is attained for a proficiency test when there are no analytical errors for the DNA profile-typing data.  The occurrence of administrative errors and corrective actions shall be documented.  If no administrative errors or corrective actions have occurred, Standard 13.1.7.4.1.1 shall be marked “N/A.”

It shall be the technical leader’s responsibility to review and document that any inconclusive results are in compliance with laboratory guidelines. 

The laboratory must have and use a documented program for evaluating proficiency-testing data as listed in Standard 13.1.7.  Each participant shall be informed of his or her final test results, and the notification shall be documented.

The technical leader shall be informed of the results of all participants and shall be responsible for informing the CODIS administrator of all nonadministrative discrepancies that affect the typing results and/or conclusions at the time of discovery.  If nonadministrative discrepancies did not occur, Standard 13.1.9.a shall be marked “N/A.”

Comment

Yes

No

N/A

13.2

Does the laboratory use an external proficiency test provider(s) that is in compliance with the current proficiency testing manufacturing guidelines established by the American Society of Crime Laboratory Directors/Laboratory Accreditation Board or is in compliance with the current International Organization for Standardization?

 

Discussion

An external proficiency test provider must demonstrate compliance with the current proficiency testing manufacturing guidelines established by the American Society of Crime Laboratory Directors/Laboratory Accreditation Board.  Alternatively, the external proficiency test provider can demonstrate compliance with the International Organization for Standardization (ISO) ISO/IEC 17043:2010.

Comment

Standard 14.  Corrective Action

Yes

No

N/A

14.1

For a corrective action plan:

  

a.  Has the laboratory established and followed a corrective action plan that addresses discrepancies detected in proficiency tests and database analysis?

  

b.  Does the corrective action plan, at a minimum, address the following:

1.  Define what level/type of discrepancies are applicable to this practice? 

Yes


No


N/A


2.  Identify (when possible) the cause of the discrepancy?

Yes


No


N/A


3.  Effect of the discrepancy?

Yes


No


N/A


4.  Corrective actions taken?

Yes


No


N/A


5.  Preventative measures taken (where applicable) to minimize its reoccurrence?

Yes


No


N/A


6.  Is documentation of all corrective actions maintained in accordance with Standard 3.2?

Yes


No


N/A


14.2

Prior to implementation do all corrective actions have the documented approval of the technical leader?

 

Discussion

This Standard addresses only those corrective actions resulting from DNA database analysis or DNA proficiency tests.  The elements listed may be assessed through a review of existing laboratory documentation.

To successfully satisfy Standard 14.1.b, the laboratory must demonstrate compliance with all of the subcategories of Standard 14.1.b.

Comment 

Standard 15.  Audits

Yes

No

N/A

15.1

Has the laboratory been audited annually in accordance with the FBI DNA Quality Assurance Standards?

For this audit, has the laboratory maintained documentation that the auditor(s):

  

a.  Is qualified?

Yes


No


  

b.  Is a current or previously qualified analyst in the laboratory’s current DNA technologies and platform?

  

Yes


No


  

c.  Has one team member that is a currently or previously qualified analyst from a databasing laboratory?

  

Yes


No


15.2

Has an external audit been conducted at least once every two years by a second agency?

  

For this audit, has the laboratory maintained documentation that the auditor(s):

  

a.  Is qualified?

Yes


No


b.  Is a current or previously qualified analyst in the laboratory’s current DNA technologies and platform?

Yes


No


c.  Has one team member that is a currently or previously qualified analyst from a databasing laboratory?

Yes


No



15.2.1

Has the laboratory maintained audit documentation of those individuals (i.e., CODIS administrator, technical leader, and analysts) that have had their education, experience, and training qualifications evaluated and approved during two external audits?

15.2.2

Has the laboratory maintained the documentation for those validations previously evaluated and approved during one external audit?

15.3

For internal audits, has the laboratory maintained documentation that the auditor(s) for this audit :

  

a.  Is qualified?

Yes


No


  

b.  Is a current or previously qualified analyst in the laboratory’s current DNA technologies and platform?

  

Yes


No


15.4

Have the internal and/or external audits performed pursuant to Standard 15.1 been conducted using the FBI DNA Quality Assurance Standards Audit Document in effect at that time?

15.5

Have internal and external DNA audit documents and, if applicable, corrective action(s) been submitted to the technical leader for review to ensure that findings, if any, were appropriately addressed? 

15.5.1

For NDIS-participating laboratories, did the laboratory provide all external audit documentation and laboratory responses to the FBI within 30 days of the laboratory’s receipt of the audit documents or report?

15.6

Are previous internal and external audit documents retained and available for auditor inspection?

 

Discussion

Audit is an inspection used to evaluate, confirm, or verify activity related to quality.

In accordance with Standard 15.1, the required annual audit shall, at a minimum, occur once every calendar year and shall be at least 6 months but no more than 18 months apart.  Annual audits may be conducted in an internal and/or external manner and, at the discretion of the laboratory, may consist exclusively of external audits and be performed on more than an annual basis. 

Standard 15.2 requires that an external audit be performed at least once every two years and Standard 15.5.1 requires that all external audits performed on an NDIS laboratory, regardless of frequency, shall be submitted to the NDIS Custodian.

Only audits that were performed using the most current (as of the time of the respective audit) FBI Quality Assurance Standards Audit Document shall be eligible for compliance with Standards 15.1 and 15.4.

Audit teams may consist of one or more individuals.

Standards 15.1a, 15.2a and 15.3a are a self-verification by the auditor(s) to ensure that the auditor, or the auditing team, consists of appropriately qualified individuals.  This certification should be obtained and documented prior to the beginning of the audit and maintained by the laboratory.  Regardless of the audit (internal or external), it is the laboratory's responsibility to ensure that there is at least one person that is, or has previously been, a qualified analyst for each specific DNA technology (technology is used to describe the type of forensic DNA analysis performed in the laboratory, such as RFLP, STR, YSTR, or mitochondrial DNA) performed and that there is at least one person who is a qualified auditor on the audit team.  Additionally, at least one participant in the internal or external auditing team shall be a currently or previously qualified DNA database analyst.  This may be accomplished by having a single auditor who meets all of the specified qualifications or through a combination of the various members of a multiperson audit team.  These requirements are applicable to audits performed on or after July 1, 2009.

Technical leaders and analysts who were appointed or hired prior to July 1, 2009, will be assessed according to the educational requirements of the FBI Quality Assurance Audit Document dated July 1, 2004.  Technical leaders, CODIS administrators, and analysts appointed or hired on or after July 1, 2009, will be assessed according to the educational requirements of the FBI Quality Assurance Audit Document dated July 1, 2009.

In accordance with Standards 15.2.1 and 15.2.2, when documentation of the required reviews has been memorialized in previous external audit documents, the auditor(s) is not required to perform additional review with respect to the personnel or validations that were previously reviewed and documented except for training in new methodologies and/or technologies by previously qualified personnel.  However, this in no way prohibits the auditor from performing such additional reviews as that auditor(s) may deem appropriate or necessary.

The two independent external auditor approvals of personnel referenced in Standard 15.2.1 are not transferable and are only valid within the laboratory or laboratory system for which those personnel are employed at the time of the approvals. 

Standard 15.2.2 is only applicable to those methodologies that are currently used by the laboratory.  Methodology is used to describe the analytical processes and procedures used to support a DNA-typing technology: for example, extraction methods (manual vs. automated), quantification methods (slot blot, fluorometry, real-time); typing test kit; and platform (capillary electrophoresis, real-time gel and end-point gel systems).

The written report should be prepared by the auditor(s) and sent to the laboratory within 30 days of the audit.  The audit document report consists of the completed audit document checklist, with any areas of noncompliance listed under the Findings section of Appendix A.  All findings must be clearly identified and referenced to the appropriate Standard.  Recommendations must not be included in the Audit Document Report.

The laboratory must ensure that within the Response section of Appendix A,

an adequate response detailing any incorporated corrective action, if appropriate, has been generated with regard to all findings.  A laboratory’s written course of action or response to the findings in an audit document report also should be maintained as part of the Audit Document Report.

Prior audit document reports must be available to the auditor(s) as a measure of the laboratory’s response to previous findings.  It is critical that findings identified in a previous audit document report be thoroughly addressed and resolved (if possible) within the DNA laboratory’s capabilities. 

To fulfill the requirements associated with Standard 15.5, the laboratory must show evidence of a response and/or corrective action to all findings detailed during the previous audit.

To comply with Standard 15.5.1, it is incumbent on the NDIS laboratory to document for each external audit, the date that the external audit document report was received from the auditor(s) and the date that the laboratory sent the external audit documentation and laboratory responses to the FBI.  The laboratory response may include a notification to the NDIS Custodian if the laboratory needed to request an extension of time for sending the required audit documentation.  For non-NDIS laboratories, the response to Standard 15.5.1 shall be marked “N/A.”

Comment

Standard 16.  Safety

Yes

No

N/A

16.1

Does the laboratory have and follow a documented environmental health and safety program that includes, at a minimum, the following:

16.1.1  A bloodborne pathogen and chemical hygiene plan?

16.1.2  Documented training on the bloodborne pathogen and chemical hygiene plan?

16.2

Has the laboratory’s environmental health and safety plan been reviewed annually?

  

a.  Has such review been documented?

 

Discussion

To fulfill the requirements for Standard 16.1, the laboratory must

demonstrate compliance with each of the subcategories of Standard 16.1.

All information addressing environmental health and safety must be current and

available to laboratory staff.  This information must be updated to reflect changes in a technical procedure (e.g., radioisotopes) or the remodeling of laboratory space (e.g., changed evacuation plans) that may have an effect on the laboratory’s environmental health and safety plan.

To fulfill the requirements for Standard 16.2, the laboratory must demonstrate that the review ensures that all environmental health and safety practices are appropriate and contemporary.

Comment

Standard 17.   Outsourcing

Yes

No

N/A

17.1

Has the vendor laboratory complied with the FBI Quality Assurance Standards for DNA Databasing Laboratories and the accreditation requirements of federal law?

17.1.1

Has the NDIS laboratory that outsources DNA sample(s) for entry into or search in CODIS required and maintained the following documentation from the vendor laboratory:

  

a.  Compliance with the FBI Quality Assurance Standards for DNA Databasing Laboratories?

  

Yes


No


  

b.  Compliance with the accreditation requirements of federal law?

  

Yes


No


17.2

Except as provided in Standard 17.2.1, since the laboratory’s last external audit, did the NDIS laboratory’s technical leader document and maintain the approval of the technical specifications of the outsourcing agreement before it was awarded?

17.2.1

For a vendor laboratory that is performing DNA analysis for a law enforcement agency or entity other than the NDIS laboratory, was documented approval obtained by the vendor laboratory from the technical leader of the NDIS laboratory, accepting ownership of the DNA data generated, prior to the initiation of analysis?

17.3

Did the NDIS laboratory accept profiles generated by a vendor laboratory for upload to CODIS?

  

a.  Prior to the NDIS laboratory’s uploading or accepting data to upload to CODIS from any vendor laboratory or agency, did the technical leader of the NDIS laboratory document the prior approval of the technical specifications of the outsourcing agreement and/or document the approval of acceptance of ownership of the DNA data?

17.4

Does the NDIS laboratory have, follow and document appropriate quality assurance procedures to verify the integrity of the data received from the vendor laboratory including but not limited to the following:

17.4.1

Random reanalysis of database, known or casework reference samples

17.4.2

Inclusion of QC samples

17.4.3

For an on site visit:

  

a.  Does the NDIS laboratory have and follow a procedure for the performance of an on-site visit?

  

b.  Does the procedure include, at a minimum, the following elements?

  

17.4.3.1  A documented on-site visit prior to the initiation of analysis?

  

17.4.3.2  Has the on-site visit been performed by the technical leader or a designated employee of an NDIS laboratory who is a qualified or previously qualified analyst in the technology, platform, and typing amplification test kit used to generate the DNA data; 

  or

  Has an on-site visit performed by a designated FBI employee been accepted by the technical leader?

  

17.4.3.3  If the NDIS laboratory’s outsourcing agreement extended beyond one year, was an annual on-site visit conducted?

  

  17.4.3.3.1  If an on-site visit conducted by the FBI, or another NDIS laboratory was used by the NDIS laboratory, did the technical leader document the review and acceptance of that on-site visit?

17.5

Does the NDIS laboratory have and follow a procedure to verify the integrity of the data received from a vendor laboratory through the performance of a technical review?

17.6

Prior to the upload or search of DNA data in SDIS, did an analyst, CODIS administrator or technical reviewer employed by an NDIS laboratory review the DNA data to verify the correct specimen category for entry into CODIS?




17.7

Prior to the upload of DNA data to SDIS or the reporting of search results, did an NDIS laboratory perform a technical review of the vendor laboratory’s data?




17.7.1

Does the technical review of DNA data include, at a minimum, the following elements:

17.7.1.1  A review of all DNA types to verify that they are supported by the raw and/or analyzed data (electropherograms or images)?

17.7.1.2  A review of all associated controls, internal lane standards and allelic ladders to verify that the expected results were obtained?

17.7.1.3  Verification of the DNA types, eligibility, and the correct specimen category for entry into CODIS.

17.7.2

Did the NDIS laboratory perform a technical review of the vendor laboratory’s data?

  

a.  Was the technical review performed by an NDIS laboratory-employed analyst or technical reviewer who is qualified, or was previously qualified, in the technology, platform, and typing amplification test kit used to generate the data and who participates in an NDIS laboratory’s proficiency test program?

  

b.  Was a portion of this review accomplished through the use of an NDIS-approved and internally validated expert system?

 

Discussion

Non NDIS-participating laboratories shall demonstrate compliance with Standard 17 if any of the criteria of ownership are or may become applicable.

Except as provided below, failure to comply with Standard 17 by an NDIS-participating laboratory or non NDIS-participating laboratory will permanently preclude the entry, searching or uploading of the outsourced DNA data into CODIS.

Outsourcing is the utilization of a vendor laboratory to provide DNA services in which the NDIS-participating laboratory takes or retains ownership of the DNA data for entry into CODIS, when applicable.  Outsourcing does not require the existence of a contractual agreement or the exchange of funds.

Ownership occurs when any of the following criteria are applicable:

1. The originating laboratory will use any samples, extracts, or materials from the vendor laboratory for the purposes of DNA testing (i.e., a vendor laboratory prepares an extract that will be analyzed by the originating laboratory);

2. The originating laboratory will interpret the data generated by the vendor laboratory;

3. The originating laboratory will issue a report on the results of the analysis; or

4. The originating laboratory will enter or search a DNA profile in CODIS from data generated by the vendor laboratory.

The Standard 17 review is the technical review required by Standards 17.5 and 17.7 for DNA data that has been outsourced.  The Standard 17 review is to be distinguished from the administrative and technical reviews required by Standard 12.  For outsourced DNA data, the vendor laboratory is responsible for conducting the administrative and technical reviews required by Standard 12. 

A vendor laboratory is a governmental or private laboratory that provides DNA analysis services to another laboratory or agency and does not take ownership of the DNA data for purposes of entry into CODIS.

Compliance with Standard 17 is required when the laboratory outsources any DNA-related services for which the laboratory will take or retain ownership or when the laboratory will take or retain ownership of data from any other law enforcement agency or entity. 

Compliance with Standard 17.1.1 through 17.5.2 is not required when the laboratory outsources a specific DNA analysis using a technology that the laboratory is not qualified to perform or when the laboratory will not take or retain ownership of the data.  If these are the only circumstances whereby a laboratory outsources DNA analyses, then those criteria of Standard 17 shall be marked “N/A.”

Compliance with Standard 17 is required of a vendor laboratory whenever the vendor laboratory performs DNA analysis pursuant to any request from a laboratory, law enforcement agency, or any other entity and it may be reasonably be anticipated that ownership of the results of such an analysis may subsequently be taken or retained at some time by a laboratory. 

For vendor laboratories, Standards 17.1.1, 17.2, 17.3, 17.4 and its subcategories, 17.5, 17.6, and 17.7 and its subcategories shall be marked “N/A.”

To comply with Standard 17.1, a vendor laboratory must comply with the most current FBI Quality Assurance Standards DNA Databasing Laboratories in their entirety, as applicable, and the accreditation requirements of federal law.

Laboratories that have entered into an outsourcing agreement or that have accepted data from a vendor laboratory shall maintain documentation of the vendor laboratory’s external audit document report, the vendor laboratory’s responses, and/or follow-up actions to any findings detailed in the report.

To minimize the redundancy of multiple external audits of the same vendor laboratory over the course of a  year, the laboratory may elect to accept for that year audit documentation generated from another external audit conducted (pursuant to the requirements of Standard 15) on the vendor laboratory.  The audit documentation must include the audit document report, the vendor laboratory's responses, and/or follow-up actions to any findings detailed in the report.  Such documentation or copies must be retained by the laboratory.

For outsourcing agreements that involve a contractual relationship awarded prior to July 1, 2009, FBI Quality Assurance Standards Audit Document Standards 17.2, 17.2.1, 17.4.3.1, and 17.4.3.2 should, until the end of the contracted period (to include any contractually authorized extensions), be marked as follows:

A contractual agreement awarded prior to July 1, 2009, and in effect at the time of the audit, where the laboratory has not met the minimum Standards shall be marked as “N/A.”  Standards marked N/A should include an explanatory comment to the effect that (for example), "The contractual outsourcing agreement with [name of vendor laboratory]__________ was in effect prior to July 1, 2009, and has an expiration date of ________."

A contractual agreement awarded prior to July 1, 2009, and in effect at the time of the audit, where the laboratory has met the minimum Standards shall be marked “Yes.”

Standard 17.2 applies to those laboratories that have entered into a contractual agreement with a vendor laboratory since their last external audit.

For Standard 17.2.1, documentation will need to be retained demonstrating the date on which the laboratory provided approval to the vendor laboratory for the technical specifications to be used prior to the vendor laboratory’s initiating analysis.  If the laboratory has accepted data from a vendor laboratory, without the prior approval being given to that vendor laboratory, a “No” shall be marked for Standard 17.2.1.  Approval could be in the form of an e-mail, documented phone call, etc.  This Standard also applies to data generated by a vendor laboratory when there is no existing outsourcing agreement, which includes contractual agreements, between the vendor and the laboratory accepting the data.  If the NDIS laboratory has not received or approved the initiation of data analysis by a vendor laboratory intended for upload into CODIS, this Standard shall be marked “N/A.”

To comply with Standard 17.2.1, when a vendor laboratory is performing databasing analysis for a law enforcement agency or entity other than the NDIS laboratory, it is incumbent on the vendor laboratory to maintain the dated, documented approval obtained from the technical leader of the NDIS laboratory that has agreed to accept ownership of the DNA data, as well as the date that the vendor laboratory first initiated analysis for a specific case or set of cases.  This Standard is assessed through the examination of the documents specified above.  If the vendor laboratory has not performed work on any samples intended for upload into CODIS that would require the prior approval by an NDIS laboratory, this Standard shall be marked “N/A.” 

To comply with Standard 17.3, it is incumbent on the NDIS laboratory to maintain the dated, documented prior approval of the technical specifications of the outsourcing agreement (reference Standard 17.2) and/or documented prior approval of the acceptance of ownership of the DNA data (reference Standard 17.2.1) by the NDIS laboratory’s technical leader as well as the date that the NDIS laboratory first uploaded DNA data, first accepted DNA data for upload, or first searched such data in CODIS. Standard 17.3 is not applicable to requests for the searching of DNA data for investigative purposes between NDIS laboratories that do not involve outsourcing agreements.

For outsourcing agreements that involve a contractual relationship awarded prior to July 1, 2009, FBI Quality Assurance Standards Audit Document criteria 17.3a shall be marked “N/A”, if the laboratory has not met the criteria.  Standards marked “N/A” should include an explanatory comment to the effect that (for example), "The contractual outsourcing agreement with [name of vendor laboratory]__________ was in effect prior to July 1, 2009, and has an expiration date of ________."  If the NDIS laboratory accepted data from a vendor laboratory or agency and such data was accepted for upload into CODIS without the prior approval by the technical leader of the technical specifications of the outsourcing agreement between the NDIS laboratory and the vendor or agency, criteria 17.3a shall be marked “No.”

All reviews associated with Standard 17.4 and 17.7 must be sufficient to thoroughly assess the integrity of the vendor laboratory’s data. 

On-site visit is a scheduled or unscheduled visit to the vendor laboratory work site by one or more representatives of an NDIS participating laboratory who is (are) a qualified or previously qualified DNA analyst(s) in the technology, platform and typing amplification test kit used to generate the DNA data, or designated FBI employee(s), to assess and document the vendor laboratory’s ability to perform analysis on outsourced database, known or casework reference samples.

To comply with Standard 17.4.3.1, an on-site visit must be performed prior to the vendor laboratory’s initiating work on database, known or casework reference samples, whether performed as a part of a contractual agreement or as a part of an agreement to accept data outside of an existing contractual agreement, regardless of the number of samples or cases being accepted.  The laboratory shall retain documentation demonstrating the date the on-site visit was performed, a summary of the visit, and the documentation of the qualified personnel who performed the on-site visit.  While an on-site visit is not required if an individual is only providing technical review services for the NDIS laboratory, the NDIS laboratory’s technical leader shall evaluate how and where such services are being performed and document their approval to ensure compliance with these Standards.  For example, if the technical reviewer will not be performing the technical review services at the NDIS laboratory, the technical leader will want to know where the services will be performed and the security precautions in place to safeguard the confidentiality of the information being reviewed.  The technical leader will want to ensure that only authorized persons have access to the information being reviewed if such information is taken outside the controlled NDIS laboratory environment.  To comply with Standard 17.4.3.2, if the technical leader has designated an employee of an NDIS laboratory to perform the on-site visit, that employee must be or have been a qualified DNA analyst in the technology, platform, and typing amplification test kit that will be used to generate the DNA data.

Standard 17.4.3.3 is applicable when an outsourcing agreement has been extended (e.g., extensions, renewals or re-award) and the technical specifications (e.g., technology, platform and typing amplification test kit) used to generate the DNA data have not changed.  If an outsourcing agreement was in force with the specific vendor laboratory in an essentially consistent, continuous manner (with a delay not to exceed six months), it is not required that an additional, initial on-site visit be performed, as required for new outsourcing agreements in Standards 17.4.3.1 and 17.4.3.2.

It is noted that an on-site visit is different from an external audit and does not necessarily require that an external audit (audit is an inspection used to evaluate, confirm, or verify activity related to quality) be performed during an on-site visit.

In addition to the technical leader (or designee) performing an on-site visit, the laboratory may elect to accept information/documentation generated from an on-site visit conducted of the vendor laboratory by an NDIS laboratory using the same technology, platform, and typing amplification test kit as long as it was conducted within the past twelve months.  Alternatively, the technical leader of the NDIS participating laboratory may accept an on-site visit conducted by a designated FBI employee.

To comply with Standard 17.4.3.3.1, a laboratory accepting an on-site visit from an NDIS laboratory or the FBI shall have documentation demonstrating its review and approval of the on-site visit, the date the on-site visit was performed, a summary of the visit, and the documentation of the personnel who performed the on-site visit.  In these instances, Standard 17.4.3.2 shall be marked “Yes”.

Analyst (or equivalent role, position, or title as designated by the Laboratory Director) is an employee or contract employee that has successfully completed the laboratory’s training requirements for database, known or casework reference sample analysis, passed a competency test, and has entered into a proficiency testing program according to these Standards.  This individual conducts and/or directs the analysis of database, known or casework reference samples and interprets the resulting data from these samples.

Platform is the type of analytical system utilized to generate DNA profiles, such as capillary electrophoresis, real-time gel, and end-point gel instruments or systems.

Technical reviewer is an employee or contract employee who is a current or previously qualified analyst in the methodology being reviewed that performs a technical review of analytical results and is not an author of the applicable report.

Technology is used to describe the type of forensic DNA analysis performed in the laboratory, such as RFLP, STR, YSTR, or mitochondrial DNA.

Test kit is a preassembled set of reagents that allows the user to conduct a specific DNA extraction, quantification, or amplification.

In the event that an NDIS laboratory chooses to search outsourced DNA data in SDIS prior to its completion of the Standard 17 review, Standard 17.6 requires that an analyst, CODIS administrator, or technical reviewer of the NDIS laboratory must verify the correct specimen category for such DNA data.  The outsourced DNA data will have been technically reviewed by the vendor laboratory in accordance with Standard 12.  Thus, in order to search this outsourced DNA data in SDIS prior to the NDIS laboratory’s completion of the Standard 17 review in Standard 17.7, the NDIS laboratory must, at a minimum, verify the correct specimen category before searching that DNA data in SDIS.

To comply with Standard 17.7.2, the review of a vendor laboratory’s data shall be performed by an analyst or technical reviewer employed by an NDIS laboratory (includes employee and contract employee) who is qualified or previously qualified in the technology, platform, and typing amplification test kit used to generate the data. This technical reviewer must participate in an NDIS laboratory’s external proficiency testing program to the full extent in which he or she participates in database analysis and the review of the outsourced data.  For example, an analyst or technical reviewer participates and is proficiency tested on database analysis using one type of amplification test kit and performs the technical review of outsourced DNA data which was analyzed using a different technology, platform and/or amplification test kit.  Such analyst or technical reviewer must also be proficiency tested on the technology, platform and/or amplification test kit used by the outsourcing laboratory to the extent he/she participates in or performs the technical review of the outsourced DNA data.  The NDIS laboratory must also maintain the proficiency test records and qualifications of any technical reviewer(s) that participate in the review associated with Standard 17.7.2.

To satisfy the requirements of Standards 17.4 and 17.7, the laboratory must demonstrate compliance (as applicable) with each of the respective subcategories.

Standard 17.7.1.3 shall be marked “N/A” if the laboratory does not receive a final report from the vendor laboratory in accordance with their outsourcing agreement.

If the laboratory has validated an Expert System for internal use, it may not be applicable to outsourced data.  The use of an internally validated NDIS approved expert system for outsourced samples is allowed only if the data was produced using the same kit, instrument model, and data collection software as the NDIS laboratory.  Additional validation studies may be necessary before the use of an expert system on outsourced data. 

Comment

Appendix A:  Findings and Responses

To be completed by the audit team (Findings) and laboratory (Responses).

Auditors shall reference any Standard found to be in non-compliance in the Findings below.  Following the Standard, a detailed description of the non-compliance shall be provided. 

Comments and/or recommendations shall not be included in Appendix A.

Additional pages may be attached, as needed.

Findings:

 


 Responses:

 

Appendix B – Notification Form for

Technical Leader Contingency Plan

To be completed by the laboratory only in the event of a vacancy in the technical leader position when there is no qualified individual available to serve as the technical leader.

This form shall be used to document various actions relating to a vacancy in the technical leader position in the event that the laboratory does not have an individual qualified to serve as technical leader of the laboratory.  Under those circumstances, in accordance with the FBI Quality Assurance Standards, the FBI’s NDIS Custodian shall be notified of such vacancy and provided with the laboratory’s contingency plan within 14 days of the vacancy.

Date technical leader position vacated

Date FBI contacted

Name of FBI personnel contacted

Date contingency plan submitted to the FBI

(must be within 14 days of the vacancy)

Date FBI approval received

 


Contingency plan attached:

FBI conditions for approval attached, if applicable:

Date new database analysis started:___________________________

Laboratory: ____________________________________________

Signed by: ____________________________________________

  (Name and Signature of Person Completing Form)

Date: ___________________________________________________

Appendix C – Auditor Self-Certification for QAS Audits

Section 1 – to be completed by the laboratory being audited: (use additional blank sheets if necessary):

Laboratory being audited: ____________________________As of [date]____________

Technologies currently in use: ________________________________________

Platforms currently in use: ___________________________________________

Validations needing to be memorialized: ________________________________

Outsourcing agreements in place or in process:_________________________________________________________

The laboratory being audited may request documentation for the information reported in  Section 2 below.

Section 2 – to be completed by the auditor who will sign the attestation statement below the questions and (a) for external audits, return to the laboratory prior to the scheduled audit date; or (b) for internal audits, maintain in the laboratory’s files.

Auditor Qualifications:

Name of Auditor:   _____________________________________________________

Auditor’s Employer:  _____________________________________________________

Auditor’s Title or Position:  ________________________________________________

Qualified Auditor2:  Yes  No  (Circle One)

Year Completed FBI DNA Auditor Class:  _____________________________________

Current or Previously Qualified DNA Analyst:  Yes  No  (Circle One)

Current or Previously Qualified in Casework, Database Analysis, or Both3:

  Casework  Database  Both  (Circle One)

Technologies Currently or Previously Qualified In (e.g., STR, mtDNA) (Please List): ______________________________________________________________________

Platforms Currently or Previously Qualified In (e.g., Gel based/CE)

(Please List):___________________________________________________________

I verify that:

I understand the requirements of Standard 15.24 ; and

I have no conflicts of interest with the laboratory being audited; and

The information contained in Section 2 above is correct.

  Signed By ________________________________ Date _____________

Appendix D – Personnel Meeting Minimum Education, Experience, and Training Qualifications As Assessed By External Audit

To be completed by the audit team.

In accordance with Standards 15.1 and 15.2.1, this form shall be used to document the evaluation and approval of analysts, CODIS administrators and technical leaders during an external audit.  Section 1 is for documenting personnel who have received two successive separate external audit approvals of their education, experience, and training qualifications.  Section 1 should be used to document all individuals who have received two successive separate audit approvals of their education, experience, and training qualifications, regardless of whether the individual is still employed by the laboratory. The date of the prior audit approvals should be noted in this Section, when known.

Section 2 is for documenting personnel who are receiving the first external audit approval of their education, experience, and training qualifications.

Section 1 documents those personnel who have received two successive external audit approvals of their education, experience, and training qualifications.

Section 1. (a) – Approvals Between July 1, 2004 and June 30, 2009.  Laboratory personnel who have been evaluated after July 1, 2004, and approved under two successive, separate external audits as meeting the education, experience, and training qualifications required under Standard 5.1 of the 1998 Quality Assurance Standards for Convicted Offender DNA Databasing Laboratories5:

Analyst(s):

Technical Leader(s):

Section 1. (b) – Approvals After July 1, 2009

Laboratory personnel who have been evaluated after July 1, 2009, and approved under two successive, separate external audits as meeting the education, experience, and training qualifications required under Standard 5.1 of the 2009 Quality Assurance Standards for DNA Databasing Laboratories:

Analyst(s):

CODIS administrator(s):

Technical Leader(s):

Section 2 documents those personnel who are receiving the first external audit approval of their education, experience, and training qualifications.

Section 2. (a) – For Personnel Appointed or Hired Prior to July 1, 2009 

Laboratory personnel who were appointed or hired prior to July 1, 2009, and approved for the first time as meeting the education, experience, and training qualifications required under Standard 5.1 of the 1998 Quality Assurance Standards for Convicted Offender DNA Databasing Laboratories:

Analyst(s):

Technical Leader(s):

_____________________________________________________________

Section 2. (b) – For Personnel Appointed or Hired On or After July 1, 2009

Laboratory personnel who have been evaluated after July 1, 2009, and approved for the first time as meeting the education, experience, and training qualifications required under Standard 5.1 of the 2009 Quality Assurance Standards for DNA Databasing Laboratories:

Analyst(s):

CODIS administrator(s):

Technical Leader(s):

Appendix E – Approved Validations

This form may be used to document the evaluation and approval of validations by the external audit team according to Standard 8; this documentation to be maintained by the audited laboratory to comply with Standard 15.2.2.

To be completed by the audit team:

List of validations, if any, evaluated and approved during this audit:


End Notes

[1] The National Forensic Science Technology Center (NFSTC) does not provide accreditation services.  The two approved accrediting agencies for NDIS participation purposes are: the American Society of Crime laboratory Directors/Laboratory Accreditation Board (ASCLD/LAB) and Forensic Quality Services (FQS).

[2] A Qualified Auditor is a current or previously qualified DNA analyst who has successfully completed the FBI DNA Auditor training course.

[3] If the laboratory being audited performs both casework and database analyses, then the audit team or auditor must be qualified in both casework and database analyses.

[4] Standard 15.2 requires that “at least once every two years, an external audit shall be conducted by an audit team comprised of qualified auditors from a second agency(ies) and having at least one team member who is or has been previously qualified in the laboratory’s current DNA technologies and platform.”

[5] Laboratory personnel qualified by the technical leader on or before June 30, 2009, and evaluated after July 1, 2009, should be listed in this section.