When “Good Enough” is Not Good Enough
Few things travel through a boardroom faster than “Can we trust this?” Budgets get questioned, compliance rules tighten, and suddenly every data point has to earn its place at the table.
In 2025, with so much data around, the demand for accuracy in market research studies is even greater. Regulators require proof of privacy protections, procurement teams seek independent assurance, and decision-makers are concerned that an errant data point could undermine months of careful planning.
This is why international quality standards matter. Rather than just saying, “Trust us”, we can say, “Here is the audit trail.” For market, social, and opinion research, the benchmark for establishing credibility is ISO 20252:2019 – a 66-page document that encompasses everything from documenting and agreeing to a proposal to protecting respondent privacy, training interviewers, sampling and data processing, and reporting. It is essentially a manual for transforming inputs into findings that can withstand forensic analysis.
TKW Research holds ISO 20252 certification because, in many of the industries we work in – such as healthcare, finance, and government – research data is crucial evidence for informed decision-making. If your next study is going to inform a therapeutic goods submission, or a Treasury model, or a dashboard around brand risk, “good practice” is the minimum you expect.
Documented, audited, and internationally recognised good practice is where absolute confidence starts. Below, we explore what ISO 20252 entails, how it protects both researchers and clients, and how TKW’s processes incorporate the requirements of ISO 20252 into every CATI shift, online script or tablet interview.
ISO 20252 at a Glance — More Than a Logo
First published in 2006 and last revised in 2019, ISO 20252 is the only international standard specifically addressing the research and insights industry. Simply put, it defines service requirements that apply to every step of a study, from the brief to delivery. The latest edition also expands its reach to address new analytics and data science methods, recognising that the questionnaire is no longer the only means by which organisations can learn about the world.
The standard sits next to, but is separate from, more generic quality standards such as ISO 9001. While ISO 9001 broadly examines organisational processes, ISO 20252 focuses on key research-specific checkpoints, including sampling, panel recruitment, questionnaire testing, interviewer monitoring, coding accuracy, data security, and even the wording of disclosures in client reports. It’s this level of specificity that makes industry bodies such as the UK’s Market Research Society and Australia’s Research Society endorse ISO 20252 as the national standard for suppliers who want to demonstrate methodological rigour.
The Key Pillars of ISO 20252
While the framework of the ISO 20252 Standard is built on 6 Annexes, which cover the design of a study, the collection of the data, and then its analysis, at TKW Research, we find it more helpful to look at the underlying disciplines the Standard is trying to improve:
| Pillar | What the Standard Demands | Why It Matters to You |
| Governance & Accountability | Written quality policy, named senior owner, annual reviews | Clear chain of responsibility if questions arise |
| Project Planning | Documented specs covering objectives, target groups, sampling, and QC checks | Aligns expectations; avoids mid-field “scope drift” |
| Data Collection & Processing | Interviewer training, validation targets, encryption at rest/in transit | Reduces human error and breaches |
| Reporting & Transparency | Method statement, sample limitations, weightings, caveats | Lets end-users judge validity before taking action |
| Continual Improvement | Internal audits, CAPA logs, and the client feedback loop | Keeps the system living, not shelf-ware |
These pillars reflect the perception that the 20252 framework is as much about “culture” as it is about checklists – using quality thinking in everyday practice.
Sector Lens – Why Certification Matters
Healthcare. Regulatory bodies, such as Australia’s Therapeutic Goods Administration, can utilise real-world evidence to investigate claims of product efficacy. ISO-aligned documentation of recruitment, informed consent and data handling helps sponsors defend every table in the study.
Finance & Insurance. Banking code signatories and regulated entities under APRA must satisfy fairness test requirements for their products and services. Where market research forms the basis of product development, regulated entities can rely on ISO 20252’s sampling and disclosure provisions to demonstrate that they take their obligations regarding transparency and fairness seriously.
Government & Not-for-Profit. In many tenders, evaluators will award marks for certified quality systems because of accountability and traceability requirements for public spending. Evidence based on ISO 20252 can be the difference between preferred supplier status and simply a polite rejection.
Corporate CX & Brand Tracking. Multiple stakeholders, spanning marketing, digital, risk, and sustainability, rely on a shared tracker file. A discrepancy, such as missing respondents, variable coding, or a lack of transparency about weighting, can jeopardise cross-departmental support. Certified methods shortcut any such objections.
Quality in Action – TKW’s ISO 20252 Framework
Certification is, by definition, audited evidence. However, the real value lies in how the ISO requirements get integrated into the day-to-day operation of a live project. TKW’s process maps the standard into four operational layers:
- Proposal & Kick-Off – Every proposal includes a compliance checklist, and there is also client sign-off to finalise the baseline against sample frames, privacy impact, translation needs, and validation targets.
- Integrated Fieldwork Platform – CATI, online, and face-to-face questionnaires all run from one script engine. This removes version drift and provides a live quota dashboard for each project manager and QA reviewer.
- Dual Validation – Ten per cent of the CATI recordings are reviewed daily by supervisors. Online completes have automated logic traps and open-ended text checks. Any discrepancies are routed to our re-contact teams.
- Secure Chain of Custody – Raw data is hosted in encrypted Australian data centres. Access is role-based and logged. Deliverables are shipped via two-factor links, and purge scripts delete inactive study folders when we have finished with them after the approved retention windows have expired.
Each layer maps back to multiple clauses in ISO 20252. Annual third-party audits test every bit of evidence that you might expect, such as training logs, CAPA forms, risk registers, and others, to ensure that we maintain our accreditation.
From Compliance to Competitive Advantage
There are some benefits to merely passing an ISO audit. However, the ability to operationalise the standards is where the real magic comes in. Clients tell us about the pay-off in several areas:
- Unexpected surprises are few and far between. Documented risk assessments provide insight into deadlines, sample-frame gaps or potential recall bias before we hit the field. This helps minimise last-minute budget blowouts.
- Review cycles are considerably shorter. Clear audit trails enable legal, medical, or ethics reviewers to trace a datapoint back to field notes without having to wade through a chain of emails.
- Cross-study comparability. Having agreed to the same quality control (QC) rules for every survey means that the benchmarks we create, or compare to year-on-year or market-to-market, have credibility.
- Procurement-grade assurance. ISO documentation allows you to answer the “show me” question in RFPs much faster than it would take you to write your own statement.
Continuous Improvement — Loop Learning, Not Checklists
ISO 20252 requires Corrective and Preventive Action (CAPA) logs. Every deviation, from a quota shortfall to a scripting error, leads to a root-cause analysis and corrective action. Over time, the CAPA logs become a reference book in themselves. Here are some concrete recent or ongoing examples of CAPA being used in practice at TKW Research:
- A sudden rise in soft-bounce emails necessitated automated domain validation before we even launched.
- Recurring issues with medical-device part numbers stimulated a template for image prompts in CATI scripts.
- Post-project client surveys conducted quarterly have directly fed into a standing agenda item at our management reviews.
The audits review the CAPA loop as a whole, so there is no opportunity for managerial complacency. It forces an element of muscle memory, and improvement becomes standard operating procedure.
Security and Data Management – Similarities with Australian Law
The clauses of ISO 20252 regarding confidentiality align closely with the Australian Privacy Principles (APPs) on secure storage and access, as well as the limited use and time for accessing personal information. The overlap means one framework helps satisfy both regulators and corporate privacy officers:
| Requirement | APP Reference | ISO 20252:2019 Clause | Analysis |
| Secure storage & access logs | APP 11 | 6.4 (Information security) | APP 11 requires taking reasonable steps to protect personal information. Clause 6.4 of the ISO standard mandates controls to protect data from unauthorised access, use, and disclosure, which directly supports APP 11. |
| Consent & participant information | APP 3 / 5 | 5.4.3 (Invitation) | APPs 3 and 5 cover fair collection and notifying participants. Clause 5.4.3 of the standard specifies the information that must be provided to potential participants to ensure their informed participation. |
| Data retention & destruction | APP 11.2 | 6.5 (Data retention and deletion) | APP 11.2 requires destroying or de-identifying data when no longer needed. Clause 6.5 of the standard requires the organisation to have defined policies for retention periods and secure data disposal. |
| Overseas disclosure safeguards | APP 8 | 4.4.2 & 6.4 | APP 8 governs the cross-border disclosure of data. An ISO-certified company must ensure its external providers (including overseas panel or fieldwork suppliers) meet requirements (Clause 4.4.2) and that data security is maintained throughout the supply chain (Clause 6.4). |
With privacy fines escalating into the millions, this level of risk mitigation is a wise move for both TKW Research and our clients.
Selecting a Certified Partner – Due Diligence Checklist
For studies where the accuracy and ethical collection of data are essential, it is vital to undertake due diligence concerning the organisation which is to undertake the survey activity:
- Ask for the certificate. It should specify ISO 20252:2019, list the certified sites, and provide the current expiry date.
- Check the audit scope. Does it include all data-collection modes which you intend to use – CATI, Online, Qualitative, Field Data Collection?
- Ask for a redacted method statement. Look for items such as sample design, validation processes, and disclosure items – these are indicators of ISO discipline.
- Check auditor independence. Being accredited by recognised bodies (e.g., JAS-ANZ in Australia) adds further credibility.
- Discuss CAPA culture. A supplier that can recall its last corrective action demonstrates quality in action, as opposed to merely complying with regulations.
Certified Today, Trusted Tomorrow
Research can be the compass that organisations rely on to manage product launches, policy decisions and billion-dollar investments. A misaligned compass is not only a poor aid to decision-making, it also causes people to doubt all other findings. ISO 20252:2019 allows both researchers and clients to assume that the outcomes of studies are reliable.
TKW Research seeks – and reaccredits – its certification because quality should be demonstrated, not aspirational. From multilingual CATI calls that respect participant privacy, to online dashboards that log every weighting rule, to interviewer briefings that cite the exact clause governing respondent incentives, the standard is our day-to-day playbook.
So, the next time there is a voice in the room that thinks, “Can we trust this?” you can reply, “Absolutely – here’s the certification to prove it”. If that level of reassurance is essential to your stakeholders, let’s talk. Trustworthy decisions start with reliable data, and trustworthy data begins with a partner who believes quality is non-negotiable.