Compliance to FSMA requires companies to meet existing program requirements and new ones being published or face regulatory consequences. A part of FSMA also requires that companies follow established food safety plans, which includes GFSI certification.
With these changes, GFSI-level programs must integrate into an aligned Food Safety Management System (FSMS) and strategy. Key considerations include sustainability, multi-year planning, effective organizational structures and expectations, well-defined roles and expectations, compliance, and business objectives.
The value of GFSI certification depends on how the company uses its organizational resources to maximize return on investment, while meeting the changing FDA requirements. Effective management of a GFSI-certified FSMS can have a significant impact on FDA/FSMA compliance. The risk of not meeting established programs while implementing new FSMA programs must be measured, and attention must be given to addressing FSMA compliance, while maintaining established programs.
Complying with FSMA Food Safety Programs
The implementation of FSMA-compliant programs requires having an established GFSI FSMS and demonstrating conformance with one’s own policies. Programs must be maintained and improved as the FSMA requirements are developed and implemented. Each of the GFSI schemes has been vetted to meet a significant level of FDA/FSMA requirements—a key benefit to these industry programs.
Developing a compliant FSMS with proper alignment of your existing programs to FSMA must be assessed. For example, companies with more than 500 employees must include requirements in their programs for the FSMA Preventive Controls rule, which is set for compliance September 19, 2016. In this regard, registered food facilities must evaluate and implement preventive control provisions and meet the requirements by the approaching deadline. This requires effectively updating current programs, establishing key imperatives including cGMPs (Section 117), identifying a Preventive Control Qualified Individual (PCQI), and implementing a Food Safety Plan.
The following areas are all included under the FSMA requirements:
- cGMP, Controls and Preventive Controls. Must be identified, modified, and implemented to further minimize or prevent the occurrence of hazards based on Section 117 requirements.
- Food Safety Plan, Hazard Analysis, and HACCP. Companies must identify and evaluate changes in their existing programs to include FSMA Preventive Controls.
- Qualified Individual. Must be trained with authority to oversee Preventive Control program aspects, developments and impacts.
- Written Programs and Documentation. Up-to-date GFSI-level FSMS provides documented programs, procedures, and records for meeting requirements under FDA/FSMA.
- Management & Monitoring. All controls, including under FSMA and existing GFSI-level, must be monitored, validated, and verified for effectiveness.
- Management of Corrective Actions. Procedures including traceability response for addressing failures of procedures, GMPs and controls must be under management review and confirmed for prevention of adulterated food from entering commerce.
- Recordkeeping. Records must be complete and accurate for all food production and safety activities and kept for two years, including the testing level verification of all programs under FSMA and GFSI-level programs.
Self-Diagnostic Assessment Tool
The following self-diagnostic assessment tool can help organizations better determine their current state of planning when it comes to GFSI-level programs meeting FSMA. To complete your own planning assessment, review your progress compared to the questions in Table I.
Get Compliance-Ready
Companies must have their existing food compliance and GFSI programs in good standing to comply with FSMA or face possible violations, fines and penalties under FDA enforcement. The questions in Table I will help companies identify the areas in which they need to focus attention. Kestrel can also help answer questions, provide input on solutions, discuss how to better manage GFSI certification—and change “No” responses into “Yes” responses that promote best practices for FSMA compliance.
Does this requirement apply to foreign suppliers also?