Checklists: Useful Tools or Traps?

By Bob Lijana

Everyone knows a “checklist” when they see it: a systematized tool that lists things, components, steps or criteria whose presence or quantitative amount are essential to the performance of a specific task. The order of items in a checklist may or may not be critical in terms of the sequence of tasks which need to occur.

Checklists serve the wonderful purpose of identifying the important and critical steps needed to manufacture fresh food, fly a plane, perform a surgery or run a nuclear plant. They serve the purpose of helping to make sure that no important step is forgotten, and all critical steps are performed in the right order. Having a high “checklist intelligence” means that checklists are used proactively and dynamically, and that they drive continuous improvement in practices and procedures. And this occurs regardless of personal or organizational biases.

Let’s review some of the published literature on checklists.

A popular book on checklists is “The Checklist Manifesto” (Picador, 2009) by surgeon Atul Gawande. As noted in the book, checklists are very useful when there is a lot to get right, that is, when there is a high degree of complexity for certain actions. For example, commercial airplanes have “become too much airplane for one person to fly.” Hence, the industry uses a number of checklists, especially pre-flight, to address possible risks before the airplane takes to the air. Food manufacturing is similar, especially given its impact on public health.

A distinct disadvantage is that checklists can drive a tyranny of the urgent, i.e., simply checking a box to be done with it.

A distinct advantage of checklists is that they can be built by the “wisdom of a group” of experienced people, and therefore do not rely solely on a single individual’s memory or experience base. A distinct disadvantage is that checklists can drive a tyranny of the urgent, i.e., simply checking a box to be done with it.

Western Michigan University (2017) has an Evaluation Checklist Project with a number of excellent resources showing how to develop checklists for evaluating programs and projects. These include a “checklist for formatting checklists” and scholarly presentations on the logic behind checklists. Their suggestions can easily be re-applied to the food industry.

There are many published articles which address bias in decision making. For example, Ely et al. (2011)[1] studied the use of checklists to reduce diagnostic errors in hospitals, clinics and emergency rooms. Of note, the authors delve into cognitive processes to identify the inherent biases and reliance on intuition that often drive decision-making. They remind checklist developers to take into account “Type 1” thinking processes which are fast, reflexive and intuitive (and usually subconscious) and “Type 2” processes which are analytic, slow and deliberate (and usually take very focused attention).

Application of Checklists in the Food Industry

Checklists are widely used in the food industry. The USDA (2014) has a label submission checklist that helps companies avoid common labeling mistakes, and clarifies what is needed. The agency also has a guideline checklist for the cooking of meat and poultry products.

In 2020, FDA published an Employee Health and Food Safety Checklist in response to the COVID-19 pandemic. In 2001, the agency developed the Allergy Inspection Guide, a checklist for inspection of food companies which manufacture products potentially susceptible to contamination by allergenic ingredients, and now has a draft guidance/checklist for evaluating the public health importance of allergens.

In the food manufacturing setting, companies often conduct their FSMA-related GMP audits by having employees walk around the plant using a checklist of equipment, documents and practices to look for. Companies making prepared foods have checklists that operators must follow to ensure that proper cooking and cooling procedures have been followed (these are also called SOPs, or Standard Operating Procedures, which are, in essence, checklists). Similarly, sanitation teams follow strict SOPs/checklists to ensure the right sanitizers are used in the right concentrations and for the right durations. Line changeovers often use checklists to prevent allergen cross-contamination. The same is true for pre-production equipment assembly. And product development/chef teams use checklists to ensure that the right ingredients are used, with proper consideration given to allergens, glutens, GMOs and organic product needs.

Finally, some of the most widely used checklists in the food industry are standards, including those developed by the Global Food Safety Initiative (GFSI), Safe Quality Foods (SQF) and the British Retail Consortium Global Standard (BRCGS).

Checklists as an Indicator of Food Safety Audit Maturity

Companies going through the GFSI certification process (e.g., SQF) often follow a three-phase audit maturation process that highlights how checklists can help or hinder food safty. In the first phase, the company is new to the process and therefore may not have systems in place to handle all of the requirements inherent to the standard. Thus, the company may “shotgun” their approach based on where they think they have gaps (by their own evaluation and/or with the help of third-party consultants). In this phase, the SQF Code may not be looked at in its totality nor in its intent, and certain requirements may be looked at as more important than others (with the insidious side effect of some requirements being missed).

In the second phase of the growth curve, the company recognizes that the food safety requirements are laid out in a very organized and helpful manner: the SQF Code. They realize that if they can match each requirement in the code with practices and procedures, then they can essentially use the code as a checklist. Many companies in this phase build their programs and their audit readiness exactly in the order of the code, and solely to meet the specific requirements detailed in each section of the Code. This ensures that when the SQF auditor comes in, the company will have addressed each and every requirement. This approach serves those companies well who are still in the learning phase of building a strong food safety plan and food safety culture, and generally helps most companies “pass” their food safety audit.

The right culture drives the right entries on the checklists. Not the other way around.

All is well until there is a food safety incident, trade withdrawal or public recall, which can happen in spite of a company checking every box on the SQF “checklist.” A major negative event, or even the recognition that such an event could happen, can therefore rightly push a company into the third phase of using the SQF Code.
In the third phase, a company uses and views checklists as valuable tools (and likely still structures its audit readiness in the same order as the SQF Code). However, the company has critically realized that it needs to go beyond checklists to drive the right food safety culture in the organization. Additional practices, procedures, documentation and systems are put in place to drive the right culture. These in turn make sure that the checklists get checked. Said another way, the right culture drives the right entries on the checklists. Not the other way around.

A Checklist for Checklists

Let’s consider creating a checklist for checklists. Each of the following provides perspective on the value, and the warnings, of using checklists to drive and improve an organization’s food safety culture and therefore its “checklist intelligence.”

Checklists Can Speak the Truth. If the results from a completed checklist are pointing out significant issues, then at the basic level the checklist is working. This is not a time to alter the checklist, which can happen in low-maturity organizations as a way to hide an issue, or an excuse to fill out the checklist incompletely. Rather, complete results should be heralded as validation that the checklist is performing as it should.

Learn From Failures. Something going wrong despite the use of a checklist is a good clue that the wrong things are being checked or that something is missing. This should be discussed broadly and cross-functionally and drive a root-cause analysis, which can markedly point out what got missed, which in turn allows for continual improvement of the checklist.

There Is No “One-Off.” All experienced auditors have heard “this is the first time that this has happened.” Or “there are many unusual things going on at the same time, and this caused the issue; it won’t happen again.” There is no one-off! A root cause analysis should be performed. Checklists must be able to help the organization identify and diagnose root causes.

Check the Checker. Is the person filling out the checklist being driven by the checklist to look for the right food safety behaviors, or is the person merely checking the boxes since that’s the job? Perhaps more insidious, employees might follow a checklist quite diligently—observing just those tasks which are on the list—yet miss faulty or risky behaviors. This may not be the fault of the checklist, but it is certainly the fault of the organization and its training. Relying solely on a checklist can still allow egregious and unwanted behaviors. If the employees are trained only to follow the checklist and make sure it gets filled out, significant untoward behaviors get missed. In this regard, checklists become shackles.

Check the Documents. Critical to some checklists are documents which are meant to substantiate that a particular task on the checklist was taken care of. The utility of these documents is only as good as the value of having them on the checklist to begin with. Time must be taken to identify which procedures or cooking logs, for example, need to be checked as part of a checklist. This is independent of having these documented as part of the organization’s food safety plan.

Honor the System. Checklists are just that: lists. They are not roadmaps, graphs or linkages to knowledge bases. They are static, rather than dynamic systems that drive action and resolution of issues. In general, checklists can be ill-equipped to capture systemic behaviors and the culture of an organization. This is especially true if the checklists are from a third-party and/or have not been adapted to specific organizations and facilities. Hence, checklists should be used for what they can bring—no more, no less.

The Law of Unintended Consequences. An oft-quoted phrase is “you get what you measure.” And this is certainly in play for checklists. If the item on the checklist is wrong, or is directing the wrong behavior, measuring it regularly could serve the unwanted purpose of instilling that behavior as “correct.”

Defeating the Checklist

By now you realize that checklists in the food industry can serve as a crutch or as a divining-rod for continuous improvement of food safety practices and procedures. Following are some indicators that a checklist is not working or is not as effective as it should be.

Too burdensome. A very common checklist used in food manufacturing is the “GMP audit checklist.” This is typically a long list of behaviors and practices which the organization believes it should be engaging in to meet the GMP regulations and produce safe food. Most organizations commit to conducting such audit checklists as part of their promises to the auditing organization. The list gets longer and gets spread across more functions, and all of this work becomes quite burdensome. When it is time for the GFSI audit, missing or incomplete checklists may get pencil-whipped, leading the auditor to believe that the company has been using the checklists regularly.

Pencil-Whipping. As much as putting false entries on a form is unethical, and usually illegal, it can still occur under the right stressors or employee attitudes. Simply checking the boxes on a checklist does no one any favors and can provide a false sense of security.

Complacency. Organizations that rely on the data from checklists could develop a false sense of security and become complacent about corrective actions. Although not necessarily unethical or illegal, someone checking a box as “complete” just because it always has been in the past is misleading (if not outright wrong) if the checker really did not check. Understanding this risk can help define the items in the checklist, including those things needed to ensure that the checklist checker is focused and paying attention.

Pressure to “get back to work” can be one of the quickest means to defeat a checklist.

Inaccurate documents. Practices and procedures change over time, and often the documents that go along with them do not get updated on the production floor. Continual vigilance is needed to ensure that the most up to date documents are aligned with current practices and the details on the checklist. In fact, one of the items on a checklist might be checking the issue dates of key documents being used by operators.

Stress. Pressure to “get back to work” can be one of the quickest means to defeat a checklist. This could be due to senior management’s communications, a team’s own leadership or individuals believing they need to hurry up so that they can resume their “real job.”

The End-Game: A Game of Checkers

To win at the game of checkers (or draughts), there are a number of strategies which experts often espouse, most of which apply to checklists in the food industry.

Control the center: Focus on the stuff that counts, not the stuff on the edges.

Play offense, not defense: Attack the issues that strive to undermine the food safety program.

The goal is to get to the end of the board: The checklist must be completed in its entirety.

Be willing to sacrifice: If an item on the checklist is not working, take it off.

Advance as a group: Don’t just leave checklists to one group (e.g., QA); build and use them based on input from experts from all functions.

Realizing the value of checklists requires the right culture, rules and execution as well as recognition that checklists are tools to maximize risk identification and risk management. Building your organization’s “checklist intelligence” will help in the development of the checklists, the effectiveness of those checking the checklists and in increasing the assurance of those checking the checkers.

The game never ends, which means that with the right strategy you can win all the time.

References:

[1] Ely, John, Graber, Mark, and Croskeey, Pat (2011): Checklists to Reduce Diagnostic Errors, Academic Medicine, 86:307.

January 30, 2024

Know Your Supplier for Better Ingredient Hazard Control and Risk Mitigation

By Arundhathy Shabu, Prasant Prusty

No Comments

In 2022, more than 80% of businesses encountered at least one major supply chain disruption, while half experienced three or more, and supply chain disruption is anticipated to continue. Supplier management systems are instrumental in minimizing the frequency of disruptions through proactive risk assessment, streamlined communication and robust contingency planning, allowing organizations to maintain operational resilience and continuity in the face of unforeseen challenges. One of the key components of a supplier management system is the supplier qualification program.

A supplier qualification program helps ensure that suppliers adhere to stringent standards and criteria, effectively controlling hazards and mitigating risks tied to subpar product quality, unreliable deliveries and lack of regulatory compliance. These programs foster consistency, reliability and excellence across the entire supply chain by meticulously evaluating and approving suppliers. In this article, we look at some prominent challenges in setting up supplier qualification systems, key facets of supplier management and the future of modern procurement.

Current Challenges in Supplier Qualification Models

In today’s rapidly progressing world, industries operate within a globalized framework, intertwining trade and technology to produce an unprecedented level of connectivity and interdependence that transcends geographical limitations through a harmonious exchange of goods, services and ideas across borders. This global network, however, poses challenges to food processors and distributors, as it requires them to identify and track large numbers of suppliers from greater distances. As a result, there is a new imperative for industries to be able to qualify suppliers that align with their supplier qualification goals on a global scale.

Following are some of the key considerations and challenges facing food companies:

Supply Chain Disruptions. Factors such as natural disasters, global pandemics and escalation of geopolitical tensions may lead to restricted access to vital materials or the closure of significant trade routes, resulting in supply chain disruptions that create limitations, making it difficult to evaluate the credibility of the suppliers.

Supplier Diversity. Supplier diversity refers to actively engaging suppliers owned and operated by individuals from underrepresented groups, such as women, minorities, veterans and individuals with disabilities, with the goal of promoting economic opportunities and cultivating inclusivity in the supply chain. It can present challenges for the supplier qualification process due to the limited pool of qualified diverse suppliers, competitive pricing, bias or skepticism, and equal support for all suppliers.

Regulatory Compliance. Organizations must navigate a complex terrain of regulations and standards that differ across industries and regions to achieve regulatory compliance within supplier qualification models. Compliance obligations encompass various areas, including labor practices, environmental regulations, data privacy and product safety. The continuous challenge lies in adapting qualification models that encompass evolving compliance standards and diligently observing supplier compliance on an ongoing basis.

Supplier Information. The multiple challenges related to supplier data management include the use of different technologies, procedural variations, employee training gaps in handling supplier information, monitoring difficulties, communication limitations and averting risks, such as intellectual property infringement and regulatory and legal compliance issues. Supply managers confront the dual challenge of meeting the growing demand for sharing sensitive data while protecting that data and ensuring a secure system for managing and updating supplier information.

Optimizing Supplier Performance. Once suppliers are qualified, supplier performance management is necessary to ensure compliance and maintain quality standards. There is often a lack of standardization in how suppliers are evaluated, making it tedious to define appropriate performance metrics, collect relevant data and consistently analyze supplier performance. This also makes it challenging to enable objective evaluation, facilitate ongoing supplier supervision and identify which suppliers are underperforming.

Communication & Collaboration. Effective communication is a reciprocal process that requires regular contact and engagement with suppliers at every project stage. Procurement professionals often overlook the importance of building strong supplier relationships and encouraging open lines of communication, which is essential for cultivating sustainable and successful supplier qualification models.

Data Management & Visibility. Controlling data use and distribution becomes challenging when information is dispersed across multiple supplier locations or sub-tiers of the supply base. Consequently, accessing and maintaining a single source of truth regarding supplier information, along with data accuracy, integrity and security is an important, though complex, need.

Scalability. For companies operating in varied markets and dealing with a large number of suppliers, the scalability of their suppliers is critical. A supplier who cannot scale production in response to the buyer’s production cycles and maintain corresponding quality control measures can become a challenge for the buyer.

The Key Elements of Supplier Pre-Qualification

Supplier pre-qualification is a formal process of pre-screening and assessing potential suppliers against a predetermined set of criteria to ensure they have the baseline qualifications to provide a service or product before being accepted as a customer’s supplier and initiating procurement procedures. Only suppliers who meet established criteria are invited to tender. The process also helps in evaluating financial stability, mitigating supply chain risks, keeping an eye on environmental credentials, ensuring sustainability practices and complying with diverse regulations and quality standards.

To adequately pre-qualify a supplier, buyers must consider the following:

Supplier Evaluation Criteria. Organizations must establish benchmarks or specific requirements that suppliers must meet to qualify for participation. These criteria can vary depending on the nature of the procurement, but they commonly include factors such as experience, technical capabilities, financial resources, legal compliance, quality management systems and past performance.

Supplier Documentation and Information. Suppliers must submit documentation and information that provide evidence of their qualifications. These may include company profiles, financial statements, licenses and certifications, regulatory documents, references, product samples and other relevant information demonstrating their ability to meet the organization’s needs.

Supplier Auditing. Submitted documentation and information should be reviewed through supplier auditing as part of pre-assessment or continuous evaluation procedures to assess the suitability of each supplier. This evaluation may involve a review of financial records, conducting site visits, interviewing key personnel and analyzing past performance records. The goal is to gather as much information as possible to determine the supplier’s capabilities, trustworthiness and overall suitability for the procurement.

Risk Assessment. As part of the pre-qualification process, organizations often conduct risk assessments to evaluate the potential risks of engaging each supplier. This assessment may consider factors such as financial risks, legal compliance risks, operational risks and reputational risks. The purpose is to identify and mitigate potential risks of working with a particular supplier.

Supplier Onboarding. Based on the evaluation, the organization shortlists suppliers that meet the predetermined criteria and have demonstrated the necessary capabilities. These suppliers are considered eligible to participate in the subsequent procurement process and are onboarded.

Emergency Supplier Approval. There must be a provision to address and handle emergency supplier qualification in situations where there is the absence of an established supplier approval process. This step should propose workaround measures or solutions that can be implemented to minimize or mitigate risks and manage critical supply requirements.

Supplier Performance Monitoring. The pre-qualification process may also involve monitoring the performance of existing suppliers to ensure they continue to meet the organization’s requirements and standards. This ongoing evaluation helps maintain a pool of qualified and reputable suppliers for future procurement needs.

How Tech-Enabled Solutions Optimize Supplier Management

As the age of modern procurement practices commences, tech-enabled supplier management solutions and digital software will play an increasingly pivotal part in supplier qualification systems. Supplier pre-qualification and performance assessment through digital processes and forms offer numerous advantages to businesses, including:

Efficiency and Time Savings. By automating manual tasks such as documentation collection, verification and approval, the entire supplier management process, from onboarding to continuous monitoring of suppliers, can be simplified and expedited. Digital features such as supplier performance tracking, compliance monitoring and alerts for contract renewals or expirations drive business continuity. It further streamlines organizing and analyzing supplier data, lowering administrative burdens related to paperwork collection, enabling faster decision-making and helping to nurture a culture of safety with significant cost benefits as well.

Enhanced Data Accuracy. Digitizing supplier qualification models can help organizations maintain more reliable supplier information and reduce the risk of incorrect or outdated data by minimizing human error and ensuring accurate and consistent data entry. Implementing stable data management systems and technologies, such as supplier management software, can also aid in identifying and managing supplier risks through early identification of issues and timely mitigation to minimize supply chain disruptions.

Centralized Data Repository. Digital supplier management tools offer a centralized repository to store all supplier-related information, such as qualification documents, certifications, performance metrics and contracts. This allows for easy access, retrieval and sharing of information across departments or teams, fostering collaboration and eliminating data silos. Data centralization can also provide comprehensive data analytics and reporting.

Streamlined Qualification Process. Standardized workflows and pre-defined criteria brought about by digital tools for supplier qualification enable a more structured and efficient process. They often include automated screening mechanisms, such as compliance checks and risk assessments, which help evaluate suppliers against specific requirements and filter out unqualified candidates.

Supplier Visibility through Trend Analysis. Tech-enabled solutions often encompass reporting and analytics capabilities that enable stakeholders to acquire valuable insights into supplier performance, cost structures and trends by tracking and reviewing key performance indicators (KPIs) based on predefined metrics. Organizations can leverage this data to identify opportunities for cost savings, process improvements and strategic sourcing decisions. This results in real-time visibility into supplier performance, capabilities and compliance status, based on precise and up-to-date information.

Supplier Collaboration and Engagement. Some tech-enabled solutions help secure supplier communication channels and provide real-time collaborative platforms, which promote transparency and accountability in supplier-procurer relationships. These may include features such as supplier portals or online platforms that enable document sharing, bid submissions and performance feedback, fostering better engagement and long-term relationships.

Future Advances in Supplier Management

Looking ahead, digital solutions for supplier management are poised to transform the supplier-procurement paradigm for businesses. By utilizing artificial intelligence (AI) algorithms, the supplier management process will become more efficient, reducing validation steps and communication requirements, and encouraging greater supplier participation. AI’s data-gathering capabilities and predictive modeling can accurately predict foodborne illness outbreaks that may occur by analyzing supplier data from various sources including environmental factors, ingredient quality and contamination history.

Similarly, Internet of Things (IoT) data allows companies to monitor and optimize the movement of goods and services throughout the supply chain, establishing better traceability in the procurement process. With blockchain, companies can effortlessly verify supply chain integrity and product authenticity without human intervention, which further refines supplier auditability, addressing the complexities and delays in information flow between intermediaries and suppliers.

The integration of these state-of-the-art technologies will propel increasingly accurate and dynamic supplier management software, bringing forth a safer food supply chain for the future.

January 22, 2024

The Benefits of Modularization in Food Processing

By Emily Newton

No Comments

The food industry’s fast pace coupled with fluctuating consumer demands require food companies to be adaptable and responsive to changes. Food processing modularization supports these aims by allowing facilities to buy specialty equipment that is easy to install and supports a company’s growth. This includes modular automation systems that allow food processors explore new and feasible ways to streamline critical processes.

Modularization in food processing involves separating your hardware and processing lines into modular systems that can be adapted to expand operations or meet shifting demands. When the COVID-19 pandemic caused a goat meat processor to reevaluate its business model, the founder contacted a modular building supplier to learn about solutions. He decided to install a modular butchery unit that allowed the company to serve online customers, whereas it previously worked primarily with physical restaurants. The building company took less than six months to create a fully functional unit. The prefabricated pieces increased flexibility without the need for on-site construction or expansion to a larger facility.

The chosen solution allows the business to add up to three more modules, if needed, as it grows. The company has hired two additional butchers since launching the modular unit and can double that capacity when needed.

Meet Rising Demands with Modular Automation Systems

Decision-makers from a Dutch company invested in a modular extrusion machine that offers quick changeovers and individualized customization for products ranging from cookie pieces to protein chips. The extruder offers a screw speed topping 1,800 rotations per minute, providing an estimated 8,000-ton boost to the company’s annual capacity. This investment allowed the company to produce both new and existing products to the same high standards offered through its previous equipment. And the new extruder also has a hygienic design that minimizes downtime for cleaning.

Modular automation systems can support company goals to earn food certifications and cater to new market segments. For instance, businesses with equipment that allows quick changeovers and thorough, efficient cleaning can more easily meet the requirements of customers with specific dietary preferences.

Alter Production Capabilities to Meet Market Needs

Consumer tastes change, and companies that frequently offer new products, flavors or formats have a competitive edge. Food processing modularization supports this flexibility and innovation by making it easier for manufacturers to adapt. Modular automation systems let companies quickly and strategically reprioritize operations according to marketplace trends or business goals. A modular type package (MTP) can save up to 40% on production costs by increasing flexibility. For example, MTPs allow companies to reserve specific days of the week for production of particular items, enabling shorter production runs and greater product diversity.

Decision-makers at candy brand Hershey’s installed modular systems that use robotics and automation and allow for smaller production runs and shorter changeover times. These efforts were part of a larger overhaul to enhance the company’s supply chain and tackle seasonal slowdowns.

Plan for Profitable Futures

Success in the food processing industry requires companies to stay one step ahead of competitors by choosing the best times to scale up or shift to meet future needs. Baking industry professionals explain that speed is only one element of future-proofing a processing line. People must also explore how to make more items out of the same dough.

Some companies sell modular equipment and tools that enable employees working at baking facilities to make rounded items out of square sheets, for example. Besides reducing waste by increasing the amount of usable material, such equipment can help companies introduce new products faster by creating more products on the same lines. These advances enable bakery leaders and other food processing decision-makers to adopt future-oriented mindsets rather than only addressing immediate needs, which boosts the bottom line and helps companies stay competitive and current.

Enjoy the Benefits of Food Processing Modularization

Budgeting for food processing modularization systems is an excellent way to focus on growth, worker productivity and scalability at an industrial facility while maintaining efficient changeover times and sanitation requirements.

Companies interested in purchasing these solutions should consider which challenges they want to solve and how the upgrades fit into overarching business goals. Such considerations will give you the best opportunity to achieve desired gains. One of the biggest advantages of modular products is their flexibility, which helps companies meet their needs in shorter time frames and without moving to new facilities.

January 16, 2024

Tips for Building a Robust Internal Audit Program

By Olivia Pitts

1 Comment

Developing an internal audit program does not have to be a dauting task. With a small amount of work upfront a program can be developed and implemented in a matter of weeks. In this article we discuss the key elements of a successful program and provide guidance to ensure that audits add value to the daily operations across the facility.

Have a Plan in Mind

The first step in any successful audit program is to identify the overall structure and format. Audit programs can be set up in a variety of ways ranging from an annual full system audit to monthly departmental audits. The format and structure should be unique to each individual organization. Determine what works best for the organization and stick with it.

Developing a concise schedule will help to ensure expectations are clear. This schedule should be communicated with team members via appropriate channels. Identifying a point person to routinely follow up on the progress of the audits will ensure the program is being managed as expected. Considerations should be made for potential scheduling challenges. Build in additional time for those areas that are known to encounter delays.

Staying consistent with the maintenance and review of the program will ensure all audit activities are conducted within the expected timeframe. This can be accomplished by establishing a routine review of the program. Monthly review meetings can be established to review the audit schedule, results of audits and pending action items. During this time necessary adjustments can be made as needed and communication plans can be established. This helps to drive engagement across the organization around the entire audit program.

Accurate maintenance of audit records is a crucial step in maintaining a successful program. Ensure all records are properly filed and protected by establishing a designated filing system. Developing an organized file structure aids in keeping files in one place and reduces frustrations around locating documentation in the future. Be sure to include records for both internal and external audits as they are a required input to management review and may be needed for future assessments.

Build a Strong Audit Team

Having a good pool of auditors to pull from is critical. The number of auditors needed will vary based upon the size of the business and complexity of the processes. When considering the format of your team consider the backgrounds of the team members selected. There should be a good mix of experienced and new auditors to provide balance among the group. When assigning auditors to specific areas consider technical knowledge for those complex processes that may require a deeper understanding. Pairing auditors together is a great way for auditors to learn from each other as they work through the review of the data.

Auditing is often a required responsibility for QA/RA. Recruiting internal auditors from departments outside of QA/RA is beneficial, as they bring a different perspective and may ask questions that seem obvious to QA/RA professionals. All of the standards require auditors to be trained and/or competent in the auditing process. Training can be done externally or internally, and companies must show proof of training.

Selecting auditors from varying backgrounds is a great way to incorporate diversity within the team. Each auditor brings their unique experience to the group which builds a richer audit. Varying viewpoints helps to push the team to dig deeper to identify issues that may otherwise go unnoticed. Encourage the audit team to work together to build audit checklists that are specific to the area being audited. Conducting a review of the process and supporting documentation prior to the audit will enable the team to gain an understanding of the area under review. Encourage auditors to not become locked into the checklist but rather think of it as a guide. If audit trails within the scope of the audit arise during the audit be all means explore if time allows. This approach helps to empower the audit team by providing a sense of autonomy over their work.

When building the audit team, management should be mindful of the workload. For the program to be successful you want to ensure that audit team members are not overloaded. Often audits will be delayed due to competing responsibilities of auditors. To mitigate this issue, develop the audit schedule so there is a balance across the assigned audits. Ensuring that the auditor has plenty of time to conduct the audits within the specified timeframe. Overall, the audit team should feel supported and appreciated for their efforts and not be overwhelmed and burdened with the task. A poorly balanced workload only leads to a lack of interest and a disengagement among the audit team.

Provide Opportunities for Education

Providing an understanding of quality management systems and the standard being audited is imperative to the success of any audit program. There are two groups that require education. Education for the auditors and those that are participating in the audits. The auditors need an in-depth understanding of the standard and the requirements which they are auditing against. While the employees need awareness of how the management system is structured and their role in supporting it.

These educational goals can be accomplished both formally and informally across the organization. Auditors will need a more formalized structured training program that focuses on the details of the standard and auditing principles. While employee training can be incorporated into departmental meetings or shared through one-point lessons. Building education programs into existing activities is a great way of incorporating the audit program into the organizational culture. This helps to educate as well as share information with those in the organization who may otherwise not have awareness. This could be conducted via training sessions around processes and their linkage to the standard in which the organization is certified. Providing an understanding of the connections between the departments helps build collaboration between working groups. Employees gain exposure to what others in adjacent departments are doing and obtain a sense of understanding of challenges that may be faced by those groups. This in turn results in a collaborative team approach to the management of the overall system.

Involving employees from all parts of the business helps to drive the message that the system cannot operate in one department alone. Through education, employees will be able to understand their role in the system. This will lead to more engagement in the internal audit program. Employees will become excited to aid in audit activities and improvement initiatives because they will see positive results. They will gain understanding of the impact of their actions and how it impacts the overall system. This value-added approach will result in a favorable outcome for both the organization and the individual employees.

Promote Continuous Improvement

The support of top management is a very important element in the success of any audit program. Establishing a culture of continuous improvement will motivate the team and build engagement across the organization. This can be accomplished by frequently sharing status updates around the management system activities. A simple 15-minute update during sitewide meetings goes a long way. It demonstrates a commitment to the program and growth of the organization and its people.

Develop a format of communicating the details around the management system and any upcoming activities. This can be done by having a specific time each month when updates are provided. Putting this on the calendar will ensure that information is effectively communicated. Details should include both the negative and positive outcomes of internal and external audits. Include specifics around the audit findings and actions taken to address concerns. This will communicate to employees that the organization is serious about growing and is focused on improvement.

Sharing information helps to engage employees by bringing them into the improvement efforts rather than just being bystanders. These seemingly small actions can help drive excitement for the overall program and build a culture of quality. Lastly, be sure to celebrate the wins and ensure that team members are appreciated for their efforts. Building a successful internal audit program is a lot of work. Celebrating and acknowledging the efforts of the team is imperative.

Accomplish the Mission

There are many ways to build a successful internal audit program. Taking the time and effort to think through the process of identifying the format, structure and team members is critical. By reviewing these items upfront roadblocks can be identified early on. There will always be unforeseen challenges yet having a plan is key to developing a successful program. With a strong commitment from top management and a mindset of continuous improvement an organization can establish a robust internal audit program that exceeds expectations.

January 8, 2024

Tips to Stay Profitable in 2024

By Josh Smart

No Comments

Staying profitable in 2024 could be a challenge for the agribusiness and food/beverage industries due to increases in insurance, labor and farm input costs. The labor shortage will also continue to be a factor. Proactively addressing risks and shoring up the right insurance coverage can help organizations address these challenges. Here’s how:

Offer Personalized Benefits

The labor shortage in the U.S. will continue in 2024 across the food, beverage and agriculture industry. Many organizations are struggling to hire new employees and maintain necessary staffing levels, which is impacting their ability to keep operations running smoothly.

The answer for many has been to harness automation, but this solution is not a cure-all. Some organizations have gone back to using traditional labor to address automation issues and reduce product defects, costs and issues with lower overall production.

Creative benefits solutions are one way to address the industry’s labor gap. Businesses that offer personalized benefits informed by data analytics are more likely to see better results in employee recruitment and retention. Personalized benefits programs are designed to provide quality employee experiences to attract workers and increase employee loyalty. These benefits can help improve employee safety, well-being and health while enhancing retention and hiring efforts.

Re-evaluate Insurance Coverage

Catastrophic weather events, high interest rates, increased insurance premiums and input costs, along with the lack of available labor will continue to impact businesses across the industry.

Interest rates, weather-related events and input costs are difficult to combat since organizations cannot control those factors. However, those that take on more risk and harness alternative risk transfer vehicles should be able to lower insurance costs and address lack of coverage to better protect profit margins.

Options to consider include:

Modifying limits, deductibles and retentions in existing policies
Carefully evaluating your business interruption coverages to ensure they meet your continuity objectives
Analyzing your layered insurance program for avoidable costs
Looking into captives or self-funded programs

Emerging risk transfer solutions can help the food and agribusiness sectors stay resilient. For example, parametric insurance policies are designed to compensate organizations after a qualified weather event, whether or not the insured actually sustains damage.

Mitigate Risks

There is an array of risks to contend with in the food industry, including product recalls, work safety, supply chain woes, manufacturing plant maintenance, cybercrime and, of course, weather-related risks. Taking a thoughtful approach to implementing risk management practices can help those in the food, beverage and agribusiness mitigate these challenges in 2024.

For example, to better develop business continuity and risk management plans, agribusinesses should undergo catastrophe modeling to simulate the impacts of possible catastrophic events that could occur in one’s geographic area. Factoring in the types of weather-related events by region to better determine how to address them also can help. Consider organizations impacted by drought: Establishing improved resource management plans can curb the impact of this type of weather event. For facilities and employees in geographic areas prone to wildfires, implementing improved safety measures can protect both.

For those in food production, contamination-related recalls and product withdrawal events are an ever-present threat. Take the issue of allergens in food, for example. Organizations that implement strong product oversight measures that include periodic audits can reduce the threat of recalls.

With the increased dependence on technology to improve production, particularly in the food and beverage industries, combating the threat of cybercrime has become particularly important. Training and educating employees on cyber threats can make them more aware of this potential crime and help to better maintain a safe work environment. In addition, implementing protective measures such as multi-factor authentication and endpoint detection and response systems can reduce the risk of cyberattacks.

The issues that the food, beverage and agriculture industries must contend with in 2024 do not differ greatly from what they’ve been dealing with the past three years. But those organizations that implement better risk management practices, analyze their insurance coverage and look at alternative risk transfer vehicles to reduce costs and improve employee well-being with enhanced benefits can remain profitable going forward.

January 3, 2024

Conveying Equipment Plays a Vital Role in Food Safety

By Barry Whitman

No Comments

A processing plant’s conveyors touch food at every point of production, from receiving to packaging to before and after critical processing stages including slicing, thawing, pasteurizing and cooking. Today’s food-grade sanitary conveyors are built to protect the spread of bacterial contamination that can cause foodborne illness. But what do sanitary conveyors do, and how do they contribute to food processing plant safety?

How Sanitary Conveyors Work

Conveyors move ingredients and products between processing stages in any production plant. They ensure the different plant applications are integrated into a single process and automate handling challenges such as lifting, lowering or reorienting product for further processing.

In food manufacturing, conveyors are critical as they allow large amounts of product to be processed quickly and efficiently, but they also perform another crucial function: ensuring food safety. Conveyor equipment must maintain the same food hygiene standards as the rest of the plant.

Sanitary Conveyors and Food Safety

Bacterial contamination is the most serious threat to food safety when consumable products are handled in bulk. Harmful bacteria can proliferate when food becomes trapped or equipment is improperly sanitized and can spread quickly through any exposed product.

Food-grade conveyor equipment is designed to avoid contamination of products. Modern conveyor food processing systems include food-safe components and special features designed to maintain hygiene to prevent dangerous bacteria from contaminating products and limit their ability to spread.

Sanitary conveyor equipment also helps protect products by:

Limiting the time food is exposed to potential contamination
Combining and reducing processing steps to minimize handling
Matching handling techniques to specific products

Today, food-grade conveyors provide effective sanitary control while offering a full range of handling solutions that can be customized to the needs of a product or the constraints of a production space. These include:

Belt conveyors for flexible, seamless line integrations
Bucket and incline conveyors for raising product in motion
Tote dumpers for safe, efficient bulk handling
Horizontal motion conveyors for loose or granular products
Vibratory conveyors for cooked foods

Food Contamination Costs Brands Millions

Food-safe solutions designed with a manufacturer’s product and processes in mind are critical when considering the true cost of a food safety failure or product recall.

The CDC estimates that sicknesses caused by foodborne pathogens affect 48 million Americans yearly, with up to 128,000 people hospitalized with bacterial pathogens such as campylobacter, listeria, salmonella, and E. coli. Increasingly sophisticated industry monitoring means manufacturers are subject to ever-higher hygiene standards and more sophisticated contamination tracing techniques.

Today, even a limited product recall can cost a brand up to $10 million. The cost of downtime and lost product of a complete line shutdown to deep clean, sanitize and test equipment can be far higher. In addition, the indirect costs to a business can be challenging to measure but are just as real. These can include:

Damage to the brand
Damage to the company’s reputation
Loss of public confidence in the product category
Loss of key staff
Lower workforce morale

Today’s Food Safety Standards

To minimize the risk to consumers and the food system as a whole, regulators and industry groups require food processing equipment, including sanitary conveyors, to meet a wide range of standards. Common standards in the U.S. today include:

Consumer Brands Association (CBA) — (formerly Grocery Manufacturers Association)
American Bakers Association (ABA)
North American Meat Institute (NAMI)
USDA
FDA
ISO 22000

Compliance with these standards is enforced by regular equipment inspections and testing. Typically, any food-exposed surface must pass a rigorous surface-swab test to meet sanitary requirements.

Safety standards are also constantly improving. For example, the FDA Food Safety Modernization Act is being rolled out and will raise standards significantly in several sectors.

Ensuring Food Safety with Sanitary Conveyors

How does today’s food-grade conveying equipment help protect food safety? Here are four examples:

Minimize handling. Perhaps the biggest contribution conveyors make to food safety is minimizing the amount of physical handling products receive. Reducing the need for human contact with food significantly reduces the risk of contamination. Because different types of conveyors can move, raise, lower and change the direction of travel, the need for human handling of food is often eliminated. Some equipment, such as horizontal motion conveyors, can even slow down or reverse direction to allow parts to be cleaned or replaced without stopping the line.

Match technology to process. Choosing the suitable conveyor for a product or process is critical to maintaining a consistent level of hygiene. For example, vibratory conveyors are best for preventing the sticking of cooked food, while horizontal motion conveyors keep frozen product like seafood moving. Experienced equipment providers can help match conveyor equipment to the manufacturer’s specific needs.

Vibratory conveyor belt — Vibratory conveyors help prevent cooked food from sticking to the conveyor.

Use sanitary materials. The best food-grade conveyor equipment is made from high-quality, hygienic materials. To minimize the risk of contamination, any surface that comes into contact with food must be:

Smooth and free of cracks, crevices or dents
Nonporous and nonabsorbent
Non-reactive to food products
Corrosion resistant
Require little or no maintenance to maintain these characteristics. (This applies particularly to painted, coated or electroplated surfaces. There should never be any flaking, bubbling or chipping of food-exposed surfaces.)

To preserve hygiene, most leading brand manufacturers of sanitary conveyors choose either FDA-approved food-grade plastics for belting or bucket systems and a range of metals for contact surfaces, depending on the application.

While a range of metals might be appropriate for applications handling dry materials such as hard candy or pasta, processors handling dairy and meat products must meet much tighter sanitary standards. In these sectors, true food-grade stainless steel is preferred for its naturally antimicrobial properties and resistance to high-temperature washdown, pasteurization and sterilization procedures.

Designed for safety. The design of professional-grade food conveying equipment takes sanitation into consideration. Today’s systems include minimal moving parts. Keeping the design of machinery simple has several benefits, including:

Makes it easier to clean, maintain and sanitize
Reduces wear and tear to minimize downtime and maintenance calls
Fewer connections and other potential contamination points
Key components are easier to access for cleaning and maintenance
Simplifies sanitation and validation processes

Simpler equipment also enables the toolless replacement of key components, reducing the likelihood of damage or contamination of a production line by non-sterile maintenance tools.

In addition, newer conveyor systems offer active water and condensation management, which minimizes moisture accumulation and actively manages liquids released by cooking, draining and dewatering. These systems feature:

Angled surfaces
Tilted or grooved belts and conveyor surfaces
Self-draining piping systems

Food processors should look for features that minimize water ingress between components for equipment exposed to high-temperature washdown and sterilization processes, such as conveyors handling dairy or raw meat products. Look for:

Solid stainless steel tubing
Minimal unwelded joints, crevices or fasteners
IP69K compliance: the top industry standard for limiting water ingress between parts

Simple design, premium materials and quality construction all help to minimize food-exposed places where bacteria can build up. They also make it easier to swab-test and validate equipment. Features include:

Properly designed and installed fasteners
Tight, overlapping joints and connections
Smooth, polished welds and well-milled contact surfaces
Radiused corners without welds

In addition, look beyond direct contact surfaces when checking for harboring opportunities. Look carefully at the top edges and contact points with coverings or lids where moisture or waste could accumulate.

Value-Added Sanitary Conveying

Value-added technologies or features processors should consider when choosing conveying equipment include:

Combining/Eliminating Processes. Advanced equipment such as vibratory conveyors offer value-added processing that allows product to be laned, spread, dewatered or reoriented while in motion, providing the ability to combine or eliminate processes that were previously separate steps. Fewer steps mean less handling or exposure time for vulnerable materials like sliced fresh produce, raw meats or cheeses.

Improved Quality Control. Variable-speed horizontal motion conveyors allow finished products to be more easily inspected on moving trays before final packaging, enhancing the output quality and allowing more opportunities to spot substandard product.

Clean-in-Place. Premium conveying equipment is generally customized for specific applications and may include features such as clean-in-place equipment. This allows food-exposed surfaces to be cleaned or to self-clean while the machine is still operating.

Value-added equipment such as belt scrapers, flip-down guarding, belt lifts and quick-release take-ups minimize hands-on maintenance, helping to ensure sanitary conditions for longer periods of time.

Ensuring food safety is a top priority for processors, and sanitary conveying equipment plays a role in protecting both the processor and the consumer. Choosing high-quality equipment that fits into a plant’s design and set up and is easy to clean and sanitize helps create trust in brands while also impacting the bottom line.

January 3, 2024

Post-Incident Forensics: Piecing Together the Puzzle After a Cyberattack

By Kristy Gulsvig

No Comments

We live in an age where cybersecurity risks are everywhere—from the emails we receive to the online platforms we use. And industries, such as the food industry, that are part of our nation’s critical infrastructure are key targets for cybercriminals.

In September 2021, the FBI’s Cyber Division alerted companies that the Food and Agriculture industry was among the most susceptible to cyberattacks in the U.S. Since that alert, numerous attacks have taken place, many of them impacting global supply chains and endangering consumer safety.

The Connection Between Food Safety and Strong Cybersecurity

The food and agriculture supply chain is incredibly complex and consists of a web of interconnected systems and procedures. Farms and food processing plants have become heavily digitized in an effort to speed up production and add higher levels of efficiency.

Most farms and food processing facilities use advanced monitoring systems to check everything from temperature to packaging standards. And because many of these systems are automated, any interference or tampering could lead to severe consequences. This is why it is imperative that companies implement post-incident forensics techniques into their operations.

The Role of Post-Incident Forensics

In cybersecurity, digital forensics play a pivotal role in revealing hidden weaknesses that lead to breaches, and in pinpointing the origins of a cyberattack. While a post-incident forensic analysis can’t undo the harm already done, it can offer valuable insights to help deter similar breaches in the future.

These forensic investigations involve a lengthy and thorough process that requires a number of important steps that include:

Identification. During or in the early stages after a cyberattack, companies need to clearly identify the type of incident that has taken place. This is where investing in threat intelligence platforms and security information and event management (SIEM) solutions becomes important. These tools, along with human intervention, can be used to isolate specific events and locate the source of potential breaches in progress or ones that have recently taken place.

Preservation. During a criminal investigation, law enforcement agencies and detectives work diligently to preserve all forms of evidence; the same is expected when completing digital forensics. Because digital breadcrumbs can be modified or removed over time, it is important to isolate and mark specific information relevant to the investigation with a chain of custody. This ensures that anyone with access to files or systems for analysis is properly authorized to do so and can be accounted for.

Collection. A post-incident forensic analysis is all about data collection. There are any number of areas where data can be pulled to paint a bigger picture of the event. Relevant data from a cyberattack can be stored in equipment logs, hard drives or on cloud databases. Investigators will need a methodical process for locating and storing data so it can be analyzed in the future. They often use specialized technology such as forensic imaging software to create a copy of drives in their original state and pull in information without potentially damaging the original evidence.

Analysis. In the analysis stage of a digital forensic investigation, investigators comb through the gathered data to understand its significance. This phase can last from a few weeks to several months, based on the depth and impact of the cyber attack. This step is pivotal because it sheds light on vital details, helping cybersecurity teams understand exactly how the breach happened and formulate strategies to ward off future incidents.

Reporting. Once the analysis is concluded, it is the investigative team’s responsibility to draft a comprehensive report outlining key findings from their study. This report should be written in a way that is accessible to both technical experts and a non-technical audience, ensuring everyone clearly understands how the attack took place. This report is important not only for the organization to learn and adapt, but also to meet legal or regulatory standards. Some of these reports might be publicized, so it’s essential they accurately reflect the depth of the investigation and any necessary steps to take moving forward.

Challenges of Post-Incident Forensics in Food Safety

The food and agriculture sector presents unique hurdles when executing post-incident forensics. A primary obstacle for cybersecurity experts responding to an incident is the expansive nature of food and beverage supply chains. With large distribution networks, as well as various partnerships with suppliers, manufacturers and retailers, the potential for cyberattacks increases exponentially. This complexity often leads to longer timeframes required to trace the origins of an attack.

It’s also important to know that most major cyberattacks don’t stem from a singular breach. Typically, cybercriminals will invest considerable resources to infiltrate several systems or networks over a long period of time. Investigators will then often find themselves in a “Russian doll” scenario, where uncovering one level of the attacks reveals another one underneath it.

Over the years, it has also become significantly harder to source well-trained cybersecurity professionals who have both the industry knowledge and the forensic expertise necessary to tackle more complicated attacks. This often leads to organizations taking dangerous shortcuts and not adequately budgeting their incident response programs.

Best Security Practices for Food and Beverage Industries

To ensure that organizations are well-positioned to complete thorough post-incident investigations, there are some important cybersecurity best practices that should be implemented.

Invest in the Right Cybersecurity Infrastructure. Not every industry has the right infrastructure in place to protect themselves or successfully recover from a large-scale security event such as ransomware recovery. This is why investing in firewalls, intrusion detection systems and other cybersecurity solutions is integral to securing your systems. While these tools may not eliminate all the risks associated with modern cyber threats, they will help to significantly minimize attack surfaces.

Create a Comprehensive Disaster Recovery Plan. Though preventing attacks is a top priority for organizations, it’s just one aspect of a strong defense. For businesses in the food and agriculture sector, it’s crucial to also have a thorough disaster recovery strategy in place. The foundation of a successful post-incident forensics investigation is proper planning and clearly documented processes. Disaster recovery plans give organizations the ability to create a clear and methodical roadmap for how to proceed once a major issue has been identified.

Conduct Regular Security Audits. Given the evolving nature of technology, even the best-prepared organizations might inadvertently introduce vulnerabilities into their systems over time. This makes it crucial for organizations to routinely check their systems by conducting an SOC audit or undergoing a risk assessment to spot and address any potential flaws in their cybersecurity measures.

Collaborate With Outside Security Experts. Every industry has unique security challenges to address. But rather than tackling these issues on their own, critical infrastructure organizations can—and should—lean heavily on the security experts in their sectors. This includes partnering with risk assessment specialists and managed service providers that can help identify where gaps may exist in an organization’s security and work closely with stakeholders to address them.

Establish the Right Security Culture. Post-incident forensics investigations are an important part of building a strong, more resilient food and agriculture sector. Although equipping an organization with the appropriate technology and processes is essential, establishing a culture of security awareness and accountability is beneficial for everyone involved. By following a well-outlined plan and collaborating with established cybersecurity experts, organizations can better safeguard against modern threats and reduce the damages when events occur.

December 12, 2023

Implementing ZTA for Cybersecurity: Benefits and Best Practices

By Eric Sugar

No Comments

When thinking about food safety, your first thought is likely safe handling and avoidance of potential contamination. However, cyberattacks pose an increasingly serious threat to food safety, food businesses and consumers.

As the food service industry becomes increasingly reliant on digital technology and processes in their day-to-day operations, cybersecurity should become an integral part of their safety considerations. Technologies that present vulnerabilities and must be protected include online ordering and delivery, point-of-sale systems, inventory management, supply chain management and customer loyalty programs.

Business leaders in the food service space may be surprised to learn that their businesses are key targets for cyberattacks.[1] The technologies used in the food service industry generate and store large amounts of data, such as customer information, payment details and product specifications, which could be valuable to cybercriminals who want to steal, manipulate or destroy it. These cyberattacks can cause significant operational disruption, financial losses, reputational damage, legal liabilities and customer dissatisfaction.

Zero-trust Architecture (ZTA): A New Approach to Solving Cybersecurity Issues

One new concept in the cybersecurity space that could fundamentally change how businesses approach the security of their data is zero-trust architecture (ZTA).[2] ZTA is based on the principle of “never trust, always verify,” meaning every request for access to a resource is verified by multiple factors before access is granted. This approach can help businesses protect their resources from various cyber threats.

ZTA offers several other benefits to businesses, thanks to its unique security features. For example, ZTA reduces the attack surface and prevents lateral movement by attackers within a network, as each resource is isolated and protected by granular policies and controls. ZTA also enhances the visibility and monitoring of network activity and behavior, improves the compliance and governance of data and assets, and increases the agility and scalability of network operations. In simpler terms, ZTA allows businesses to ensure their data’s security.

Implementing ZTA in Food Service

A ZTA system is effectively a combination of components that work together to enforce the policies and controls for accessing each resource across the network. Some components commonly found in ZTA systems include:

Identity and access management (IAM): IAM is an essential foundation for a ZTA approach, as this protocol authenticates and authorizes users (and their devices) before granting access to resources. Potential methods of IAM include single sign-on (SSO),[3] multi-factor authentication (MFA),[4] role-based access control (RBAC) and attribute-based access control (ABAC), among others.
Data protection: ZTA systems also implement strict data protection standards, which encrypt and secure data that is both in transition and at rest. Commonly used methods of data protection include transport layer security (TLS), internet protocol security (IPsec) and secure shell (SSH).
Network segmentation: Network segmentation is an important aspect of a ZTA approach to cybersecurity that isolates and restricts network traffic between resources. A system might use software-defined networking (SDN), software-defined perimeter (SDP) or micro-segmentation to achieve this effect.
Security information and event management (SIEM): Finally, a ZTA system implements SIEM, or the collection and analysis of logs and events from all the ZTA components. This allows businesses to monitor and detect anomalies across the network.

One example of a food service business that could benefit from implementing a ZTA system would be a restaurant that offers online ordering and delivery. The restaurant’s system may verify the identity, device health, network location and data encryption of each customer before granting access to the online menu and payment system. It could also verify the same information for each delivery driver before granting access to the order details and location information. Then, it would collect and analyze the logs and events from all ZTA components to monitor and detect any anomalies or threats across the network.

Protecting against cyberattacks should be a priority for any business. In the food service industry, you are dealing with sensitive data such as customer information, payment details and product specifications that must be protected at all costs. A zero-trust architecture (ZTA) system is the best way to ensure that this data is protected from wrongdoers who might want to access your data illegitimately.

References:

[1] Rundle, J. (2023, June 15). Food producers band together in face of cyber threats. WSJ. https://www.wsj.com/articles/food-producers-band-together-in-face-of-cyber-threats-8aa2e3ca

[2] CrowdStrike. (2023, June 28). What is Zero Trust Architecture (ZTA)? – CrowdStrike. crowdstrike.com. https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/zero-trust-architecture/

[3] Teravainen, T. (2022). single sign-on (SSO). Security. https://www.techtarget.com/searchsecurity/definition/single-sign-on

[4] Multi-Factor Authentication (MFA) | CISA. (2022, January 5). Cybersecurity and Infrastructure Security Agency CISA. https://www.cisa.gov/resources-tools/resources/multi-factor-authentication-mfa

December 5, 2023

Food Safety Think Tank

Unifying Human Food Regulation: A Conversation with Jim Jones

By Food Safety Tech Staff

No Comments

In September, Jim Jones, former EPA employee and member of the Reagan-Udall Expert Panel for Foods, became the first FDA Deputy Commissioner for Human Foods. He is tasked with reorganizing the agency to develop better coordination among the multiple departments involved in the regulation of human foods in the U.S., as well as allocating resources to better protect consumer.

Jim Jones, Deputy Commissioner for Human Foods at FDA, to deliver the Keynote Presentation at the Food Safety Consortium Conference October 20-22, Washington DC. Attendees will gain valuable perspectives on regulatory shifts, emerging challenges, and collaborative opportunities shaping the landscape of food safety and compliance. Discover how the new Deputy Commissioner’s strategic vision will drive innovation, enhance public health outcomes, and foster trust within the food industry. FoodSafetyConsortium.org

At the EPA, Jones was a principal architect of the 2016 overhaul of the Toxic Substances Control Act and was also responsible for decision-making related to the regulation of pesticides and commercial chemicals. He also led several national sustainability programs, including the EPA’s Environmental Preferable Purchasing Program and the Presidential Green Chemistry Awards Challenge. Here, he shares his vision and goals for a unified Human Foods Program (HFP) and why he pursued the opportunity to lead this new program.

What are your goals in your new position and what attracted you to the role of deputy commissioner for human foods?

Jones: People often want to know why I came to the FDA. I had a long career in government service and after some time in the private sector, I missed being involved in really meaningful work that affects the life of every American. I also came to the FDA because I believe in Commissioner Califf’s proposal for a unified Human Foods Program. Having been part of the Regan Udall Foundation’s evaluation of the foods program, I had the opportunity to understand what was working, and what was not working at the FDA. During this evaluation we realized that fundamentally the challenges within the agency were structural and not attributed to staffing. Our job, therefore, is to improve our internal structure so that we better utilize the talent we have to carry our mission more efficiently and effectively.

The proposal for a unified Human Foods Program focuses on the wellness of U.S. consumers by recognizing that access to safe, nutritious food is key to improving the health of our nation. This proposal is a major reorganization of how our food programs are structure and how they will function day to day. Over the long term, we believe it will support the transformation of how the FDA regulates food.

As the first Deputy Commissioner for Human Foods, I am deeply committed to upholding and executing this vision. As we work to implement the proposed HFP, I am committed to building on the vision laid out in the FDA Food Safety Modernization Act. Through our reorganization we will be elevating the importance of nutrition, strengthening state partnerships, and embracing innovative food and agricultural technologies that will allow us to supply the nation – and the globe – with ample safe and nutritious food in the decades ahead.

But we can’t do this alone. In fact, one of my main objectives that I want to carry throughout my tenure at FDA is strengthening our relationships across the many groups that we work with. I am starting this process off by meeting with as many of our stakeholders as I can. I have made a commitment to listen and learn from those who grow, produce, manufacture, and sell foods, from our state regulatory partners, and also those in academia and consumer and health advocates. Leveraging the expertise across our stakeholders is how we will make progress. I am encouraged by the work that has already been done—and I am excited about the possibilities for building on this foundation to bring about broad, systematic changes to how we protect the food supply and help improve the nutrition of consumers.

During your work on the Reagan-Udall panel, what were some of the challenges of the current FDA system that surprised you and that you felt could be most readily addressed?

Jones: We’ve heard time and time again that the current structure is too fragmented, and that the agency needs clearer decision-making and priority-setting pathways over its human food activities. Consolidating human food activities under a single leader who reports directly to the Commissioner unifies and elevates the program while removing redundancies, enabling the agency to oversee human food in a more effective and efficient way. We’ve also heard that the program is challenged since it doesn’t have authority over inspectional resources. Our plan will give the HFP clear authority over resource allocation so it can best prioritize risks and manage foods resources.

The report mentioned lack of a clear vision and mission for human foods program; what is the vision and mission you would like to adopt and instill in the program to guide its work?

Jones: We want to move forward with an approach that puts prevention at the heart of what we do. As I laid out in my statement earlier this year, to protect public health we have prioritized preventing foodborne illnesses, enhancing food chemical safety, and improving nutrition. To help prevent foodborne illness outbreaks, we are removing structural barriers and supporting integration across the agency’s food programs. This will enhance our ability to identify contaminant risks earlier and intervene more quickly and in a more targeted way.

To improve nutrition in our proposal, our dedicated Nutrition Center of Excellence will centralize coordination and provide strategic leadership. This will elevate, strengthen, and expand our nutrition work. We also are proposing to have one office dedicated to food chemical safety, dietary supplements, and innovation. This dedicated office will create a framework for our post-market safety review of previously authorized chemicals used in food to complement our robust premarket safety evaluations.

Based on your experience with the EPA and now the FDA Human Foods Program, what are some of the benefits to having distinct public agencies overseeing specific areas of public health, and where do we need more collaboration to better protect the public?

Jones: There are skills developed in regulatory agencies with a public health orientation that are very transferable. For example, understanding that meaningful public engagement before you decide how to regulate leads to more informed and timely decisions, but also sustainable decisions. You also understand the critical role played by Congress, as well as how to manage issues within the Executive Branch. These are all very important in getting work done and aren’t unique to any one Agency.

Elevating the importance of nutrition is a key focus of the proposed HFP model. What are some of the current challenges in fulfilling the dual role of ensuring safe food while also ensuring or providing better access to nutritious food?

Jones: If you think about the overall goal of having a food supply that supports health and wellness, our food safety and nutrition initiatives go hand in hand. We want to prevent illnesses that can occur due to contamination as well as those that occur because of poor nutrition.

Most people in the U.S. do not eat enough fruits, vegetables, dairy, whole grains, and healthy oils, and consume too much saturated fat, sodium and added sugars.  Our goal is to ensure U.S. consumers have greater access to healthier foods and nutrition information to identify healthier foods more easily. This work supports public health by reducing preventable illnesses through improved nutrition is among our highest priorities because it has the greatest potential to reduce diet-related chronic diseases that are the leading cause of death and disability in the U.S.

In order to elevate and strengthen the FDA’s nutrition portfolio, the HFP includes a proposal to create a Nutrition Center of Excellence that will enable the FDA to focus even more strategically on nutrition policies and initiatives.

We have a food safety system that encompasses many agencies on the federal, state, tribal nation, and county levels, do you see areas for improvement in helping all these agencies work more cooperatively.

Jones: Food safety is a shared responsibility that involves food producers, distributors, manufacturers, and retailers. Close coordination among the FDA, the Centers for Disease Control and Prevention and international, state, local, tribal, and territorial regulatory partners, public health, and agriculture departments is crucial to finding, stopping, and preventing foodborne illness outbreaks.

To foster the health and wellness of all U.S. consumers, the proposed HFP will continue to expand upon tools to enhance our food safety work. For example, we will prioritize partnerships through the proposed new Office of Integrated Food Safety System Partnerships, which will be a one stop shop for local, state, tribal, and territorial food safety partnerships.

Each of the agencies above have mentioned challenges in attracting and nurturing new food safety professionals, including auditors and inspectors. Do you see opportunities to improve recruitment and retention in the profession through the Unified Human Foods Program?

Jones: As always, the FDA is eager to recruit and retain talented federal employees. With the reorganization of the new HFP, along with available resources, we hope to attract top talent to assist with our food safety goals.

December 5, 2023

Effective Root Cause Analysis for CAPA Management

By Arundhathy Shabu, Prasant Prusty

No Comments

Businesses often overlook the power of well-executed, competent complaint-handling systems in boosting business growth. Data from ABa Quality Monitoring Ltd revealed nearly 70% of customers are more likely to stick with a company if their complaints are resolved, and this figure jumps to an impressive 95% if complaints are addressed immediately.

Every company faces distinct operational challenges that can result in missed deadlines, product holds, supply chain disruptions and customer complaints. Each of which can impact the quality of the enterprise’s product or service.

This is why the ability to conduct a comprehensive root cause analysis (RCA) to identify the origin of concerns and formulate and execute remedial processes, such as corrective and preventive actions (CAPA), is essential for food companies. Root cause analyses reduce the risk of future nonconformances and complaints and help streamline business operations and protect your bottom line.

An Overview of CAPA and Root Cause Analysis

Corrective and Preventive Action, or CAPA, is a methodical system used across industries to identify, rectify and avert issues, errors or noncompliance in processes, products or systems. Corrective actions fix existing problems, while preventive actions stop their recurrence.

Root Cause Analysis (RCA) encompasses various problem-solving methodologies, permitting teams to identify the fundamental reasons behind issues. It goes beyond just detecting the main problem to determine contributing factors, implement corrective and preventive measures, and foster continuous improvement in business processes.

Conducting a Root Cause Analysis

A CAPA management system’s success hinges on the RCA strategy’s efficiency. Whether businesses are facing a manufacturing defect, a customer complaint, a safety incident or any other problem, conducting an RCA is instrumental in identifying the underlying reasons and implementing effective solutions. Rather than relying on a one-size-fits-all approach, RCA should comprise a highly adaptable toolkit of techniques, and methods. Here are the basic steps for performing a root cause analysis:

Step 1: Understand the Issue

Initiate the process by clearly defining the problem or incident that must be examined. Ensure that the problem statement is specific, measurable and well-documented, enabling a precise understanding of what needs investigation.

Step 2: Collect Information

Aggregate all available data related to the issue, which may include incident reports, witness statements, photographs, process documentation and any other pertinent information. The more data you collect, the better your grasp of the problem.

Step 3: Identify Root Causes

Recognize the immediate or proximate factors that directly contributed to the problem. These are the most visible elements that directly played a role in the incident. Beyond these immediate causes are the contributing factors, often systemic, which may have indirectly influenced the problem. Thoroughly investigate and unearth the foundational reasons behind the issue using appropriate RCA techniques or methods.

Step 4: Develop Corrective and Preventive Actions

Once the root causes are uncovered, brainstorm and assess suitable corrective and preventive actions. Prioritize these solutions based on their practicality, impact and cost-effectiveness, and put the chosen solutions into effect.

Step 5: Establish a Coordinated Plan

Be sure to establish a plan for carrying out the corrective and preventive actions. This plan should include details about the required resources, the assignment of responsible individuals for task execution and an evaluation of the potential risks associated with these corrective measures.

Step 6: Monitor and Verify

Continuously monitor the situation to ensure that the problem does not reoccur. This may involve ongoing training, regular audits or process improvements.

Methods for Root Cause Analysis

Each root cause analysis method offers a unique approach to uncovering the root cause of a problem, providing a systematized way to investigate and address issues. Following are root cause analysis techniques that are adaptable for standalone or combined use, determined by the issue’s intricacy and the particular objectives of the RCA.

The 5 Whys: This technique involves asking “why” multiple times to dig deeper into a problem. Repeatedly questioning the cause behind a situation helps uncover the underlying issues. The goals is to identify the fundamental reason and avoid assumptions.
Fishbone Diagram: This visual tool organizes potential causes of a problem into categories, such as people, processes, equipment, environment and materials. It’s great for exploring multiple factors contributing to an issue.

Fishbone RCA diagram — Example of a fishbone diagram with sample categories to consider, and sample causes.

FMEA (Failure Modes and Effects Analysis): This method evaluates potential failure modes and their impacts before they occur. It helps in identifying failure points and assessing the existing controls to address these issues.
DMAIC (Define, Measure, Analyze, Improve, Control): A data-driven improvement cycle, dividing the problem-solving process into five steps: defining the problem, collecting data, analyzing root causes, putting solutions into action and establishing controls for sustained improvement.
Pareto Analysis: Based on the Pareto Principle, it suggests that a significant portion of issues (80%) can be linked to fewer causes (20%). This tool helps prioritize efforts and resources for problem-solving by focusing on the vital few causes.
FTA (Fault Tree Analysis): This deductive method works backward from an undesirable event, using graphical representations to analyze relationships between various events and their causes. It uses boolean logic to determine root causes.

Tech-Enabled Solutions to Optimize RCA Processes

In a world where time-consuming manual tasks can hinder productivity, embracing CAPA management and root cause analysis process technology can drive excellence across your enterprise. By digitalizing CAPA processes, organizations can seamlessly manage the entire lifecycle of complaints, holds and deviations.

Digital systems and software for RCA and CAPA management can enable food companies to centralize and automate the recording and tracking of customer complaints, product holds and deviations from established standards, which will evidently lead to faster response times, improved data analysis and better communication across departments. These digital tools aid in identifying recurring issues for swift remediation while preventing similar problems in the future by facilitating real-time monitoring and reporting.

An ideal CAPA management solution will possess the following digital functionalities to revolutionize the process:

Configurable Record Templates. Customized templates for recording complaints, deviations, holds and CAPA can be created or tailored flexibly, allowing users to accommodate differing data requirements to solve a problem. This helps standardize and streamline the documentation processes involved in RCA and CAPA procedures, as these templates help in the consistent recording of incident details, root causes, corrective actions and preventive measures, simplifying the generation of auditable records. Not to mention, they would play a significant role in reducing data entry errors and saving time, consequently supporting a proficient CAPA management system.

CAPA Workflow Automation. CAPA management tools are designed to facilitate the automation of various stages of CAPA, from incident reporting to the review and approval process. By automating tasks such as routing for reviews, approvals and monitoring deadlines for corrective actions, workflow automation significantly reduces the need for manual intervention, saving time and minimizing the potential for human error within the workflow. As a result, the entire CAPA process becomes less resource-intensive and more refined, ensuring a more seamless journey from identification to resolution.

Investigation & Root Cause Analysis. Digitalization ushers a thorough investigation process by collecting documentary evidence in an organized manner, enabling a quicker and more accurate determination of root causes and leading to more efficient corrective and preventive actions to prevent recurrence.

Integrated systematic RCA models into the digital system expedites the root cause analysis process while amplifying its efficacy. Through continuous data gathering from machinery and processes, advanced analytics platforms identify patterns and anomalies, aiding in pinpointing the root cause of failures or issues. Visualization tools provide clear insights into complex relationships among various factors, aiding in understanding causality and devising adequate solutions.

Collaboration is also substantially improved through digital platforms, allowing multidisciplinary teams to collaborate seamlessly regardless of their locations. These tools help structure the RCA process, ensuring tasks are assigned, progress is monitored, and deadlines are met, thus driving the investigation into a more optimal and exhaustive RCA analysis.

Non-Compliance Management. Well-defined planning and implementation of noncompliance action items become possible through digital tools by assigning corrective and preventive actions to respective stakeholders for prompt rectification, compliance maintenance and future risk mitigation. Furthermore, evaluating and validating the effectiveness of corrective and preventive actions is a critical step in RCA. Ensuring the successful closure of the CAPA process by reviewing and confirming the resolution of nonconformances becomes more efficient with digital solutions.

Notification & Alerts. CAPA management systems can be configured to send timely notifications and alerts to relevant stakeholders and responsible parties involved in the CAPA process. These notifications serve as unique reminders, ensuring that individuals are promptly informed about their tasks and impending deadlines. By doing so, the risk of missed actions or delays is considerably mitigated. This real-time communication not only keeps everyone on track but also supports a more responsive and accountable approach to handling corrective and preventive actions.

Reporting & Trend Analysis. Digital CAPA management tools also empower organizations to generate customized reports and analyze data trends. These serve as a window into the performance of the detection, rectification and thorough review of outliers within CAPA processes, providing invaluable insights for informed decision-making and continuous improvement initiatives.

In essence, the transformative power of digital tools is instigating a monumental shift in technology adoption, heralding a new era in establishing efficacious root cause analysis for successful CAPA management. By harnessing these tools, organizations can unlock avenues for enhanced efficiency, elevated quality standards and fortified regulatory compliance. This paradigm shift is paving a path toward sustained progress, where proactive problem-solving becomes the cornerstone of organizational growth and resilience.

A distinct disadvantage is that checklists can drive a tyranny of the urgent, i.e., simply checking a box to be done with it.

Application of Checklists in the Food Industry

Checklists as an Indicator of Food Safety Audit Maturity

The right culture drives the right entries on the checklists. Not the other way around.

A Checklist for Checklists

Defeating the Checklist

Pressure to “get back to work” can be one of the quickest means to defeat a checklist.

The End-Game: A Game of Checkers

Current Challenges in Supplier Qualification Models

The Key Elements of Supplier Pre-Qualification

How Tech-Enabled Solutions Optimize Supplier Management

Future Advances in Supplier Management

Meet Rising Demands with Modular Automation Systems

Alter Production Capabilities to Meet Market Needs

Plan for Profitable Futures

Enjoy the Benefits of Food Processing Modularization

Have a Plan in Mind

Build a Strong Audit Team

Provide Opportunities for Education

Promote Continuous Improvement

Accomplish the Mission

Offer Personalized Benefits

Re-evaluate Insurance Coverage

Mitigate Risks

How Sanitary Conveyors Work

Sanitary Conveyors and Food Safety

Food Contamination Costs Brands Millions

Today’s Food Safety Standards

Ensuring Food Safety with Sanitary Conveyors

Value-Added Sanitary Conveying

The Connection Between Food Safety and Strong Cybersecurity

The Role of Post-Incident Forensics

Challenges of Post-Incident Forensics in Food Safety

Best Security Practices for Food and Beverage Industries

Zero-trust Architecture (ZTA): A New Approach to Solving Cybersecurity Issues

Implementing ZTA in Food Service

An Overview of CAPA and Root Cause Analysis

Conducting a Root Cause Analysis

Methods for Root Cause Analysis

Tech-Enabled Solutions to Optimize RCA Processes

How We Use Cookies