Tag Archives: audits

Brett Madden, Aviaway
Bug Bytes

How to Prepare an Integrated Bird Management Audit Program

By R. Brett Madden
No Comments
Brett Madden, Aviaway

Birds of different species can become a pest problem depending upon where they are landing, roosting or nesting. In terms of food facilities, birds can cause various concerns: Product safety risks, possible contamination (bird droppings/feathers), poor audit grades, inspection failure, secondary insect pest problems, vectoring of foodborne illness pathogens, plant closures or fines. It is for these reasons that it is essential that food, beverage and product manufacturers (FBP) establish an integrated bird management (IBM) program.

An IBM program will ensure that every essential team member is on the same page in terms of the protocols for managing pest birds within and around the facility. Even if a facility has taken a proactive approach to bird control, the potential exists for birds to enter a facility. Especially considering bird pressures around adjacent properties, buildings, bodies of water and food sources near the facility.

Read Part I of this series: Bird Problems and Control Methods for Food Production FacilitiesIBM for food industry facilities is a systematic approach to preventing birds from gaining access within a facility and reducing the length of time birds remain within a facility. Nuisance birds, depending upon how severe the bird pressure—i.e., how many birds are landing, roosting and/or nesting within a given area—can cause severe damage to equipment, property, food products, displays, vegetation, façade signage, ledges, roofs, HVAC equipment, drains, fire suppression, electrical equipment and more. The longer that birds are permitted to remain within and around a facility, the more damage they can cause, and the harder it is to remedy the problem. Thus, it is critical to remove any birds that have gained entry as soon as possible to prevent possible FBP contamination and the birds getting comfortable within the facility.

There are several components to developing an IBM program. First, you need to conduct a complete inspection of the interior/exterior of the facility, followed by a review of the current data as well as any historical bird data. Now that you have all the raw data, you can begin developing the site-specific IBM plan for the FBP facility. Now that you have the program designed, the program can be implemented. Finally, after a defined timeframe that the IBM program has been active, the program needs to be evaluated to determine if any adjustments need to be made to the program.

Inspection

The first step in developing an IBM program is to conduct an initial site inspection audit of the interior and exterior of the facility.

Integrated bird management, audits, food safety
An example of an integrated bird management food safety audit checklist. Credit: Aviaway

The following various elements need to be inspected and with said findings documented.

Interior audit, pest management
An example of an interior audit spreadsheet. Source: Aviaway. (Click to enlarge)

On the interior of the facility, look at the following items:

  • Active Birds with the Facility
    • List the areas and locations of birds
      • Example: Location(s): Food prep area(s), warehouse, etc.
    • Any history of birds and related areas
  • Interior Landscaping
    • Type(s) and necessity
  • Food Processing Areas
    • Any active control measures in place
    • Assess the level of risk
  • Bay Doors
  • Location(s): Gaps
  • Location(s): Bumpers
  • General Doors
    • Location(s): Gaps
    • Location(s): Bumpers
    • Location(s): Structural
    • Location(s): Doors left open
  • Additional Access Point(s)
    • Check all equipment areas that enter/exit building
  • Pipe-Line Penetrations
  • Sanitation
  • Conductive Conditions
    • Location(s): Standing water
    • Location(s): Food Sources
    • Debris
  • Bird Droppings or Nesting Materials
  • Staff feeding birds
    • All access to food and water
Exterior audit, pest management
An example of an exterior audit spreadsheet. Source: Aviaway. (Click to enlarge)

On the exterior of the facility, look at the following items:

  • Active birds with the facility
    • List the areas and locations of birds
      • Example: Locations(s): Rear loading dock
    • Any history of birds around the exterior of the facility
  • Adjacent Structures
    • Accessory buildings and structures
  • Sanitation Practices (Exterior)
    • Location(s): Dumpsters
    • Exposed food sources and spillage
  • Trash Receptacles
  • Trash Removal Frequency
  • Food Waste on Ground
  • Cleaning Practices
  • Cleaning Practices Schedule
  • Cleaning Food Waste Bins
  • Motion Doors
  • Bay Doors (Exterior)
    • Location(s): Gaps
    • Location(s): Bumpers
    • Location(s): Structural
  • General Doors (Exterior)
    • Location(s) Doors Being Left Open
  • Additional Access Point(s)
  • Bodies of Water
  • Conductive Conditions
  • Structural (Exterior)
    • Location(s): Pipe-Line Penetrations
    • Location(s): Flashing
    • Location(s): Pipes
    • Location(s): Openings
    • Location(s): Roof
    • Location(s): Roof Hatches
    • Location(s): Windows
    • Location(s): Canopy (Front/Rear)
    • Location(s): Awnings (Front/Rear)
    • Location(s): Façade Signage (Front/Rear/Side)
  • Drainage
  • Standing Water
  • Clogged Drains
  • Landscaping
    • Retention ponds
  • Bird Droppings or Nesting Materials
  • Exterior Storage
  • Merchandise Displays
  • Existing Bird Control Devices

Review

Next, after all the above items have been inspected and findings recorded, all the data needs to be reviewed. In addtion, all the current bird management practices within the facility, documentation practices, and current audit/inspection findings should be all evaluated together. All this information is your road map for developing your IBM Program. Make sure that while you are collecting all the said raw data, you also speak with all necessary staff to get the most accurate information possible.

Documentation

Now that you have conducted your inspections and collected all the data, it’s time to create a site-specific IBM Policy & Plan for the facility. The development and implementation of the IBM plan will provide the appropriate procedures that are to be implemented to prevent, control and exclude birds from entering a facility and from keeping birds an acceptable distance away from the facility. With proper training and implementation of IBM procedures, there will be a reduced likelihood that birds will be able to enter the facility, and the length of time birds remain inside the facility will be reduced—thus, reducing the level of pest bird damage caused, reducing hazards to food sources, equipment, the public, and the facility environment.

Each facility is unique in its operation, location and potential for bird activity. The facility’s IBM plan will be designed to factor its control options when remedying and preventing bird pressure.

Implementation

Now that you have an IBM Plan, it’s time to implement the plan. First, make any necessary changes based upon findings of the audit and review of all data. Next, correct any conducive conditions that were discovered during the inspection. All the items that may require adjustment may need to be planned out depending upon budgetary constraints. Define staff roles regarding bird control efforts on a front-line facility level. Each member of the action team must fully understand their role and responsibility about the implementation and day-to-day operation of the plan.

The IBM Plan is the roadmap that should be followed for managing pest birds throughout the interior and exterior of the facility and related structures. It will set forth the facility’s bird threshold levels and site-specific facility needs. Furthermore, the IBM Plan will provide in detail how each phase of the plan will be implemented at each facility. The facility coordinator, in collaboration with the IBM coordinator, shall be responsible for the administration and implementation of the IBM plan. Each of their roles and responsibly should be thoroughly reviewed and understood.

Next, conduct staff training on proper bird control removal methods if handing live removal internally. Otherwise, what are the approved processes for third-party vendors who are providing removal services? Finally, conduct a review of the new documentation process to record all necessary data for the IBM program. Data collection is a critical component in evaluating the success of the plan and determining if any adjustments need to be made.

Evaluation

To ensure goal compliance, the IBM program should be evaluated at each site annually. The review must consist of all records, the number of birds that gained access into the store, corrective actions taken (at the facility level and outside efforts), and any plan adjustments. By reviewing all the data collected, the plan’s effectiveness can be determined, and whether alterations need to be made. Note that the IBM plan is not a static document that sits in a binder. The plan will have to evolve as operations change, or the set goals of the program are not met.

Conclusion

A proactive approach to reducing bird populations is critical for food industry facilities. As such, the IBM program will ensure that your entire staff is adequately trained on all the site-specific bird control methods, reduce the frequency of birds entering the facility and create a documented bird control program that is designed for your specific facility.

Data protection, security

The Digital Transformation of Global Food Security

By Katie Evans
No Comments
Data protection, security

Modern food supply chains are inherently complex, with products typically passing through multiple suppliers and distributors, as well as countries and continents, before they end up on the supermarket shelf. While global supply chains offer consumers greater choice and convenience, they also make protecting the security of food products more challenging. With additional stakeholders between farm and fork, products are exposed to an elevated risk of biological or chemical contamination, as well as food counterfeiting and adulteration challenges—potentially putting consumer health and brand reputation in jeopardy.

Given the importance of maintaining the safety, quality and provenance of food products, global regulatory bodies are placing the integrity of supply chains under increased scrutiny. In the United States, for example, the adoption of FSMA moved the focus from responding to foodborne illnesses to preventing them by prioritizing comprehensive food testing measures, enforcing inspections and checks, and enabling authorities to react appropriately to safety issues through fines, recalls or permit suspensions.1 Similarly, China’s revised Food Safety Law (known as FSL 2015) is widely considered to be the strictest in the country’s history, and seeks to drive up quality standards by empowering regulators, and enhancing traceability and accountability through robust record-keeping. 2 The European Union continues to closely regulate and monitor food safety through its General Food Law, which is independently overseen by the European Food Safety Authority from a scientific perspective.

Achieving the Highest Standards of Food Security, Integrity and Traceability

For producers, manufacturers and distributors, the heightened regulatory focus on the security and integrity of the food supply chain has placed additional emphasis on accurate record-keeping, transparent accountability and end-to-end traceability. To meet the needs of the modern regulatory landscape, food chain stakeholders require robust systems and tools to manage their quality control (QC), environmental monitoring and chain of custody data. Despite this, many businesses still handle this information using paper-based approaches or localized spreadsheets, which can compromise operational efficiency and regulatory compliance.

The fundamental flaw of these traditional data management approaches is their reliance on manual data entry and transcription steps, leaving information vulnerable to human error. To ensure the accuracy of data, some companies implement resource-intensive verification or review checks. However, these steps inevitably extend workflows and delay decision-making, ultimately holding up the release of products at a high cost to businesses. Moreover, as paper and spreadsheet-based data management systems must be updated by hand, they often serve merely as a record of past events and are unable to provide insight into ongoing activities. The time lag associated with recording and accessing supply chain information means that vital insight is typically unavailable until the end of a process, and data cannot be used to optimize operations in real-time.

Furthermore, using traditional data management approaches, gathering information in the event of an audit or food safety incident can be extremely challenging. Trawling through paperwork or requesting information contained in spreadsheets saved on local computers is time-consuming and resource-intensive. When it comes to establishing accountability for actions, these systems are often unable to provide a complete audit trail of events.

Digital Solutions Transform Food Security and Compliance

Given the limitations of traditional workflows, food supply chain stakeholders are increasingly seeking more robust data management solutions that will allow them to drive efficiency, while meeting the latest regulatory expectations. For many businesses, laboratory information management systems (LIMS) are proving to be a highly effective solution for collecting, storing and sharing their QC, environmental monitoring and chain of custody data.

One of the most significant advantages of managing data using LIMS is the way in which they bring together people, instruments, workflows and data in a single integrated system. When it comes to managing the receipt of raw materials, for example, LIMS can improve overall workflow visibility, and help to make processes faster and more efficient. By using barcodes, radiofrequency identification (RFID) tags or near-field communication, samples can be tracked by the system throughout various laboratory and storage locations. With LIMS tracking samples at every stage, ingredients and other materials can be automatically released into production as soon as the QC results have been authorized, streamlining processes and eliminating costly delays.

By storing the standard operating procedures (SOPs) used for raw material testing or QC centrally in a LIMS, worklists, protocols and instrument methods can be automatically downloaded directly to equipment. In this way, LIMS are able to eliminate time-consuming data entry steps, reducing the potential for human error and improving data integrity. When integrated with laboratory execution systems (LES), these solutions can even guide operators step-by-step through procedures, ensuring SOPs are executed consistently, and in a regulatory compliant manner. Not only can these integrated solutions improve the reliability and consistency of data by making sure tests are performed in a standardized way across multiple sites and testing teams, they can also boost operational efficiency by simplifying set-up procedures and accelerating the delivery of results. What’s more, because LIMS can provide a detailed audit trail of all user interactions within the system, this centralized approach to data management is a robust way of ensuring full traceability and accountability.

This high level of operational efficiency and usability also extends to the way in which data is processed, analyzed and reported. LIMS platforms can support multi-level parameter review and can rapidly perform calculations and check results against specifications for relevant customers. In this way, LIMS can ensure pathogens, pesticides and veterinary drug residues are within specifications for specific markets. With all data stored centrally, certificates of analysis can be automatically delivered to enterprise resource planning (ERP) software or process information management systems (PIMS) to facilitate rapid decision-making and batch release. Furthermore, the sophisticated data analysis tools built into the most advanced LIMS software enable users to monitor the way in which instruments are used and how they are performing, helping businesses to manage their assets more efficiently. Using predictive algorithms to warn users when principal QC instruments are showing early signs of deterioration, the latest LIMS can help companies take preventative action before small issues turn into much bigger problems. As a result, these powerful tools can help to reduce unplanned maintenance, keep supply chains moving, and better maintain the quality and integrity of goods.

While LIMS are very effective at building more resilient supply chains and preventing food security issues, they also make responding to potential threats much faster, easier and more efficient. With real-time access to QC, environmental monitoring and chain of custody data, food contamination or adulteration issues can be detected early, triggering the prompt isolation of affected batches before they are released. And in the event of a recall or audit, batch traceability in modern LIMS enables the rapid retrieval of relevant results and metadata associated with suspect products through all stages of production. This allows the determination of affected batches and swift action to be taken, which can be instrumental in protecting consumer safety as well as brand value.

Using LIMS to Protect Security and Integrity of the Food Supply Chain

Increasingly, LIMS are helping businesses transform food security by bringing people, instruments and workflows into a single integrated system. By simplifying and automating processes, providing end-to-end visibility across the food supply chain, and protecting the integrity of data at every stage, these robust digital solutions are not only helping food supply chain stakeholders to ensure full compliance with the latest regulations; they are enabling businesses to operate more efficiently, too.

References

  1. FDA. (2011). FDA Food Safety Modernization Act. Accessed October 3, 2019. Retrieved from https://www.fda.gov/food/food-safety-modernization-act-fsma/full-text-food-safety-modernization-act-fsma.
  2. Balzano, J. (2015). “Revised Food Safety Law In China Signals Many Changes And Some Surprises”. Forbes. Accessed October 3, 2019. Retrieved from https://www.forbes.com/sites/johnbalzano/2015/05/03/revised-food-safety-law-in-china-signals-many-changes-and-some-surprises/#624b72db6e59.
Brett Madden, Aviaway
Bug Bytes

Bird Problems and Control Methods for Food Production Facilities

By R. Brett Madden
No Comments
Brett Madden, Aviaway

Various types of pest birds can impact food plant structures and facility surroundings. Even a single bird that finds its way into a food plant can trigger a host of concerns such as, failed audits, product contamination, plant closure, production stoppage, lost revenues, fines, structural damage, health hazards to occupants and fire hazards.

In most cases, a food plant operation has a bulletproof pest control plan; however, in most cases, birds are always an afterthought in most pest management plans. After inspecting and consulting numerous food plants, I hear the same story over and over: “I have a person in the warehouse that can chase them out” or, “are birds really a big deal?” or, “why do I have to be concerned about birds?” and on and on. Despite what you may think, birds are a big deal, and you should take them seriously!

Pest management, pigeon droppings HVAC
Larger birds, such as pigeons, can cause more problems around the exterior of a facility on HVAC units as seen here. (Image courtesy of Aviaway Bird Control Services & Consulting)

Since food processing plants contain areas that have very sensitive environments, birds can introduce various adulterants and harmful contaminants. Birds can cause potential harm to humans due to foodborne illness.

Pest Bird Species

There are four main pest birds: Pigeon, Starling, Sparrow and Seagull. Each one of these birds can cause a host of concerns and issues for food processing facilities. Just one bird can cause catastrophic damage. In most cases, small pest birds such as Sparrows and Starlings can gain access into a facility through a variety of ways:

  • Damaged bumpers around truck bay loading dock doors.
  • Open doors (seems obvious, but I always find doors wide open during audits).
  • General building deficiencies.

Larger birds, such as Pigeons and Seagulls, typically cause more problems around the exterior of a facility on ledges, rooftops, HVAC units, loading docks and related areas.

In either case, these various types of pest birds can cause significant problems on the interior and exterior of food plants.

Conducive Conditions

In most cases, facilities want to reduce as many conducive conditions as they can around and within the facility in a timely fashion. A conducive condition is one whereby due to a building condition, structural design, equipment operation, food or water source, or surrounding conditions (i.e., near a public landfill, raw materials mill or body of water) can attract pest birds to a facility. With each of these conditions, great care must be taken to reduce as many conducive conditions as possible.

Examples of Conducive Conditions

Structural Conditions

  • Loading docks/canopies with open beams and rafters
  • HVAC equipment
  • Pooling water (roof and landscaping)
  • Structural overhangs and ledges
  • Open access points
  • Landscaping (types of plantings)
  • Damaged truck bay bumpers
  • Gaps and opening around the structure
  • Doors with improper sealing

Human Conditions

  • Open dumpsters
  • Overflowing dumpsters
  • Dirty dumpsters
  • Product spillage
  • Employees feeding birds
  • Doors left open

All these conducive conditions, if left unresolved, can lead to significant bird problems. Reducing as many conducive conditions as possible will be the first step of any bird management program.

Bird Control Methods

From the start, your facility should have a bird management plan of action. For the most part, bird problems should not be left to be handled internally, unless your staff has been properly trained and has a bird management plan in place.
Most birds are protected by the Federal Migratory Bird Treaty Act of 1918. However, Pigeons, Sparrows, and Starlings are considered non-migratory birds and are not protected under this Act. Even though these three bird species are not protected, control methods still need to be humane. More specifically, your bird control program must also comply with is the American Veterinary Medical Association (“AVMA”) Guidelines for the Euthanasia of Animals if this is the control method selected. The AVMA considers the House Sparrows, Feral Pigeon, and the Common Starling “Free-Ranging Wildlife.” And Free-Ranging Wildlife may only be humanely euthanized by specifically proscribed methodology.

In addition to the above-mentioned regulations, various regulations regarding the relocation of birds/nests may also apply. I also always recommend checking with local and state agencies to ensure that there are no local regulations that may apply. Bottom line: Don’t rely on untrained internal practices; one misstep could result in heavy financial fines and penalties.

Bird Management Strategies

First Line Defense

  • Stop any bird feeding around the facility immediately
    • Any bird management plan should have a clear policy prohibiting employees from feeding birds. Once birds have been accustomed to routine feeding, the birds will continue to return.
  • Eliminate Standing Water Sources
    • All standing or pooled water needs to be eliminated. Thus, routine roof inspections need to be conducted to ensure drains are working properly.
    • Landscape irrigation needs to be calibrated to ensure no puddling of water in areas of low sun exposure.
  • Proper Sanitation Practices
    • Ensure that dumpster lids are closed when not in use.
    • Trash removal frequency adequate.
    • Routine cleaning of trash receptacles.
    • Immediate removal of spilled food.
  • Eliminate Entry Points
  • Survey the facility to ensure that all holes are properly sealed.
    • Around truck bay bumpers and doors
  • Exhaust vents are properly screened.
  • Windows are closed and have screens when in use.

The most appropriate bird control strategy will be determined based on the severity of the bird pressure. For example, if the bird pressure is high (birds have nested), then in most cases, you will only be able to use bird exclusion methods. Whereas, if the bird pressure is light to moderate (birds have not nested), bird deterrent methods can be used. This is an important distinction. Bird exclusion is physically changing the area to permanently exclude said pest birds. Whereas, bird deterrent devices inhibit birds from landing on treated areas.

Bird Deterrent Methods

After the previously mentioned first-line strategies have been implemented, the next step would be to install bird deterrent products (birds have not nested).

  • Bird Spikes
  • Bird Wire
  • Electrified Shock Track
  • Bird Gel
  • Sonic & Ultra Sonic Devices
  • Lasers and Optical Deterrents
  • Hazing & Misting Devices
  • Pyrotechnics
  • Live Capture

Bird Exclusion Methods

If the birds have nested in or around the facility, the next step would be to install bird exclusion products (birds have nested).

  • Bird Netting
  • Ledge Exclusion (AviAngle)
  • Architectural modifying structural
  • Aggressive Harvesting (Targeting)

Prevention Strategies

The best prevention strategy is planning and knowledge. Conduct a bird audit and develop a bird management plan before birds get near or inside the facility. The key is to act quickly, as soon as an incident occurs. I find countless times when I am called in to consult or service a food plant, that the birds got into the facility and no one knew what to do, and as a result, the birds remained within the facility for an extended period, thus increasing the risk of exposure. It is always much easier to remove a bird when they are unfamiliar with their surroundings. Whereas, it is much more difficult to remove birds from a facility that has had a long-standing bird problem.

Once you have a plan, who oversees the bird management plan? Are thresholds determined and set for various areas of the facility? For example, a zero threshold in production areas? Threshold levels will be set based upon by location and sensitivity of the said location. What steps are going to be taken to remove the bird? For how long is each step conducted? These questions need to be answered and developed to stay ahead of bird problems.

Reduce as many conducive conditions as possible. The longer a conducive condition stays active, the more likely birds, as well as other wildlife or rodents, will be attracted to the site and find a way into the facility.

Pathogen Contamination & Hazards

Birds present a host of problems, whether they are inside or outside of a facility. Birds can roost by air vents, and the accumulation of bird feces can enter the facility air system. Bird droppings on walkways and related areas allow for the possibility of vectoring of said dropping when employees step on droppings. Thus, spreading fecal matter/spores and other contaminants to areas throughout the facility.

If birds are within the facility, droppings can spread on product lines, raw materials, stored products, equipment and more, thus, causing contamination. Because of a bird’s ability to fly, they are perfect creatures to spread various diseases, pathogens, ectoparasites and fungal materials. Diseases such as Histoplasmosis, Salmonella, Encephalitis, E-coli, Listeria, and more. Birds have been known to transmit more than 60 infectious diseases!

Besides the spread of potentially harmful contaminants throughout the facility, bird droppings and nesting materials can also create a host of additional problems:

  • The acidity in bird droppings can damage building finishes, façade signs, lighting and more.
  • Wet bird droppings can create a slip and fall hazard.
  • Bird nesting materials can create a fire hazard around façade signs, exit signs and light fixtures.
  • Bird nesting and debris can clog roof drains and cause roof leaks from standing water.
  • Introduction of ectoparasites into the facility such as bird mites, lice, fleas, ticks and more.

Conclusion

In summary, taking a proactive approach to bird control is the best practice. Reduce food, water and shelter sources (aka conducive conditions) promptly. Pest management programs need to implement a more in-depth section of the program for bird control. Like integrated pest management, bird control should be based upon an integrated method. Each facility will have its unique challenges. As such, each bird management plan needs to be tailored to the specific site. A well designed and balanced, integrated bird management program will provide long-term and cost-efficient bird control.

The next article in this series takes a closer look at how to prepare an integrated bird management audit program.

Audit

Webinar Series: Improve Your Hazard Analysis

By Food Safety Tech Staff
No Comments
Audit
Patricia Wester, PA Wester Consulting
Patricia Wester, PA Wester Consulting and Founder, The Association for Food Safety Auditing Professionals

The most commonly cited observation during a Preventive Controls inspection is an incomplete or incorrect hazard analysis, according to FDA data. Food Safety Tech is hosting a special complimentary webinar series, instructed by Patricia Wester, founder of The Association for Food Safety Auditing Professionals, that will provide attendees with important tips on conducting and documenting a thorough hazard analysis. During the one-hour event, Wester will help participants understand how to recognize gaps in a hazard analysis as well as share best practices for closing those gaps. The content is geared toward food safety professionals and auditors who develop, manage or review food safety plans in a Preventive Controls landscape.

What: “Did You Know?” Tips on Improving Your Hazard Analysis
Date: Wednesday, September 18, 2019
Time: 12pm – 1pm ET
Register for the webinar

Leonard Steed, AIB International
FST Soapbox

Unannounced Audits: Are You Ready?

By Leonard Steed
No Comments
Leonard Steed, AIB International

Many industries are moving toward unannounced third-party certification audits and the food industry is no different. If regulatory audits are unannounced, why is the food industry reluctant to adopt unannounced third-party audits? There are a number of benefits to unannounced audits—most importantly is their positive impact on a company’s food safety culture and how they prepare facilities to face FDA inspections.

Unannounced audits for food are required for many third-party certification audits. Typically, regulatory audits are always unannounced. Unannounced audits help demonstrate compliance and provide confidence to all stakeholders that your manufacturing sites are operating on the same GMP level, day to day, shift to shift, for every day your organization is manufacturing and distributing food products. With announced audits, companies tend to prepare for them before they occur. However, if there is a significant amount of difference between your sanitary operations prior to and during an announced audit versus normal operating conditions, you are sending your employees the wrong message.

Although there are differences between certification schemes, the GFSI third-party unannounced audits usually have a 40- to 60-day window in which the audit must be completed to allow the certification body to complete technical reviews and review corrective actions so that the certificate does not lapse. If it is a surveillance audit, then the audit is more likely to be truly unannounced, but a company still has the option of using blackout dates and the auditor will verify that the request was necessary. The bottom line is most companies have a certain timeframe when they know unannounced audits will occur.

Leonard Steed will present “Unannounced Audits: Are You Ready?” on November 14 at the 2018 Food Safety ConsortiumThe biggest impact on third-party audits is when the audit score is directly related to financial incentives for employees. This situation motivates employees to pursue activities to achieve the maximum score, not directly related to food safety. Activities may include significant audit preparation to eliminate or reduce GMP deficiencies, reduce or control the auditor’s access to records or areas of known plant deficiencies, “auditor shopping”, and to appeal any audit finding that lowers the score. Switching auditors or appealing findings can be legitimate tools to correct a system when auditors make errors in judgement or behavior. The activities to achieve the highest score should be reasonably governed because they could take away from the primary goal to operate in a food safe mode.

The goal of an internal audit program is to be compliant with regulatory inspections and third-party certification requirements and should therefore be risk-based. Determine what factors present the most risk to an organization and then align internal audits with those risks. At this point in time, being able to perform well on a regulatory audit should be a primary concern. Since the FDA and state regulatory agencies usually perform unannounced inspections, it would seem necessary to have your food safety plan, prerequisite programs and operations in a constant state of readiness to mitigate the risk of potentially unsafe food in commerce resulting in a recall.

One way to evaluate your food safety culture is to anonymously survey employees at all levels of the organization to gather information on attitudes and opinions about food safety and institute changes to improve your position. Another way is to initiate change by instituting unannounced audits on all manufacturing shifts and require participation by all departments in the audit function to move away from “QA-centric” food safety verification systems. The significant change is that all departments would be involved as an auditor and responsible for maintaining regulatory compliance. For some companies, the inclusion of all plant departments in the audit function has moved the needle in the goal to improve their food safety culture. To further define food safety culture in other terms, it could mean adhering to GMPs all the time, the importance of accurately completing and verifying food safety records, and fostering consensus between departments on the severity of food safety nonconformances requiring prompt corrective action.

Maintaining GFSI certification is an excellent way to achieve food safety requirements for compliance with FDA inspections. Although not specifically required by GFSI, another application of your internal audit program is to review your regulatory policy by performing a mock FDA inspection to identify any gaps in hazard analysis, identify preventive controls including the supply chain controls, accurately complete food safety records, and provide examples of corrective actions when preventive controls were not completed properly, and environmental corrective actions. If you decide to perform a mock FDA inspection of your facility, do not forget to include the FDA Guidance document criteria, as it is important to understand what the FDA expects to see when they are evaluating your implementation. Your internal audit program is a proactive program to note nonconformances before they become full blown problems, so don’t be afraid to use it to its fullest extent.

Craig Reeds, DNV GL

Six Ways to Prepare for a Cybersecurity Audit

By Craig Reeds
No Comments
Craig Reeds, DNV GL

In the food manufacturing industry, just as in any other industry, cybersecurity is very important. Your organization should be having cyber vulnerability assessments or penetration tests performed at least once a year. Like any big test you have taken in your life, this sort of assessment can be scary, but if you prepare for it, you can greatly improve the potential of passing the test. As you prepare for the assessment, there are six things you can either implement or do to make the result of this audit better for your organization.

  1. Do an inventory of what is connected to your network. You cannot expect to defend devices on your network that you are not aware of. Be sure when you perform this inventory that you include any device that connects to your network. Think past the routers, switches, desktop PCs, laptops and printers. What is connecting to your wireless network? Is your security system or HVAC system connected to the network? Creating a network device inventory can be difficult, but there are tools available to make it easier. Once you have created the initial inventory, your baseline, go back at least monthly to look for new devices or devices that are no longer connected so you can update your inventory.
  2. Determine what is running on all of your network devices. In the first step you inventoried the hardware—now we need to inventory what is running on each device. You can use tools such as Nessus to inventory the software on each computer as it scans the network to perform the device inventory. This is the quickest way to complete both of these steps. If there is old or unused software on a device, remove it. You need to document the operating system and application software on each device. This software Inventory should also be included in your baseline and verified/updated on at least a monthly basis.
  3. Use the Principle of Least Privilege. This is a very valuable cybersecurity concept. Never give a user or device more rights on the network than they/it need to perform their assigned tasks. Privileges are assigned based on roles or job functions. If a user is unable to download and install applications on their PC or laptop, you reduce the chance of a device becoming compromised. Many hackers, once in a network, move laterally through the network from machine to machine looking for information or vulnerabilities that can be used to give themselves more abilities on the network. If a hacker were to gain access to a user account or system with low privileges, it decreases the amount of damage they could do.
  4. Use Secure Configurations. All operating systems, web browsers and many other networked devices have secure configuration settings. One of the problems with doing this is that operating systems alone can have hundreds of settings to choose from. The Center for Internet Security provides benchmarks for just about every conceivable device. The CIS Benchmarks are distributed free of charge in PDF format to propagate their worldwide use and adoption as user-originated, de facto standards. CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.
  5. Set up a policy and procedure for applying security patches. New vulnerabilities are discovered every day and when these vulnerabilities are found, vendors release updates or patches to mitigate the vulnerability. Exploiting vulnerabilities is what a hacker lives for. An unpatched vulnerability can be almost an open door for a hacker to get into your computer or network. It is mind boggling to hear that some organization was hit with ransomware because they didn’t load a security patch that was released six to 12 months ago. When an application reaches end-of-support, the vendor stops releasing patches, and that should tell you that it is time to upgrade the software to the newest version or find another tool to perform that task. Never use unsupported software on your network. Speaking as an auditor, a fully patched network is impressive.
  6. Create an Incident Response Plan. Let’s face it, no matter what you do to protect yourself, something is eventually going to go wrong. Do you have a plan to continue operations if you lose access to your office building? Do your users know what to do if they receive or fall prey to a phishing e-mail? This process starts with performing a risk assessment. Once you have determined the potential risks, you then move on to determining how to mitigate the risks. You will need to create policies and procedures and then train the employees on them, so they know what to do.

By performing these six steps you will be protecting and strengthening your networks, your users, and trust me, you will impress the auditor. Also, it should be noted that these are not once and done steps—these are steps that must be repeated sometimes on a daily, if not at least on a monthly, basis.

Steven Burton, Icicle Technologies
FST Soapbox

Food Recall Strategies: What You’re Missing (And What You’re Risking)

By Steven Burton
No Comments
Steven Burton, Icicle Technologies

You’ve heard the horror stories of product recalls: The Peanut Corporation of America in 2009, Blue Bell ice cream in 2015, and Darwin’s Raw Pet Foods this year. Beyond the nightmare scenario, the truth is that food recalls are common—even for companies that take food safety seriously, train effectively and keep excellent records. Yet all of these things, when done properly and efficiently, go a long way to reduce the impact and severity of a recall.

Unfortunately, many food manufacturers, although required to have a written recall plan, aren’t ready for the challenge. Without the proper systems in place, businesses needlessly risk their customers, reputation, revenue and future.

Risks Of Inadequate Recall Strategies

Resolving a recall can take years and potentially millions of dollars in fines, product shipping and disposal cost, production line downtime, lawsuits, and lost market share as consumers lose trust in the company. But there are two strategic errors that can amplify these consequences—and they both have to deal with traceability.

The first problem we frequently see is lot codes not being specific enough. Rather than breaking up production into discrete lot codes so the scope of recalls can be as limited as possible, some facilities just run the same lot code for many production runs. The record we have seen so far is three years! When a recall occurs,this results in a recall of massive scope that can easily bankrupt a company.

The second problem that is even more common is a lack of dynamic documentation. Assembling transactions using disconnected records from different departments can be time-consuming and error-prone. When you’re under pressure from regulators or auditors to connect the dots between an ingredient and customers through complex, multi-stage production processes using such a record system, it can cause stress and potential audit failures.

These two missing pieces make recalls larger, more time-consuming, and more expensive than necessary due to a lack of precise traceability. Let’s take a look at the two ways you can fill these gaps in your system and mitigate the consequences of recalls.

Get Specific with Ingredients, Suppliers and Lot Codes

Streamlining your product lines and packaging options lists is a straightforward way to reduce potential headaches in the event of a recall. The more products and packaging options with which you work, the more complex it will be to pinpoint and resolve food safety failures. Anyway, this type of housekeeping is beneficial as far too many companies have large lines where only a small subset of their products sell well at decent margins. Larger, more mature organizations tend to thin down their lines to optimize for profitability, and smaller companies can often benefit from doing the same.

The next strategy you can employ to mitigate the consequences of a recall is by being ultra-precise when it comes to your records and lot codes. The more narrowly you refine your lot coding system, the fewer items you’ll have to recall. Let’s look at a specific example of how this could have saved two companies millions of dollars.

In 2010, Hillandale Farms and Wright County Egg recalled about 550,000,000 eggs, one of the largest recalls in the history of the United States. Although the company was able to resolve the specific dates and facilities where the contaminated product originated, they had 53 million hens laying, so this level of resolution may not have been adequate enough. Had they implement traceability lot codes down to the hen house level, they may have been able to contain the recall.

Automate Your Traceability To Be Audit Ready, All The Time

The challenge of maintaining an overly broad product line or providing customized packages is that you create hundreds or thousands of variants in your products. When records are maintained manually, it becomes extremely difficult to manage recalls effectively. An Excel spreadsheet may keep a record of everything, but it’s certainly not dynamic or time-efficient when undertaking mass balance calculations.

The key here is to adopt software that you can incorporate into every department. Shipping, receiving, accounting, production—when all the records are kept in a central database, checking and updating those records becomes much easier. But the best systems don’t just centralize your collected data; they automate your data collection.

Dynamic documents automatically update each other. When a supplier changes, an ingredient lot gets swapped out, or products are shipped out, all the connected records for every department are automatically updated. No user mistakes, no failure to update the notes—just seamless, streamlined, auto-updating records.

There’s no better way to track complex production processes, control hazards, and collect all the necessary information necessary to breeze through audits than by using an automated system. With all your documentation interconnected, you don’t have to piece together the puzzle or play connect the dots—it’s all done for you, and that means you won’t waste millions on recalling products unnecessarily because you couldn’t pinpoint the exact path every ingredient took on the way to the customer.

Recalls are detrimental in every way, but they happen, so don’t get caught off guard. A little bit of proactive technology will go a long way in keeping your business afloat if you ever do face the nightmare of a recall.

Steven Burton, Icicle Technologies
FST Soapbox

Six Best Practices To Make Audits Stress-Free

By Steven Burton
No Comments
Steven Burton, Icicle Technologies

Your next audit is already on its way. Now that many regulatory bodies and certification agencies are no longer required to give you a heads-up about upcoming audits, it’s completely up to you to stay on top of compliance, recordkeeping, and a myriad of other tasks on a day-to-day basis. And without that buffer of warning from auditors, falling behind can be more detrimental than ever.

Let’s walk through some effective practices that keep you ready for an audit at a moment’s notice, make the process go smoothly once the auditor arrives, and get rid of some unnecessary stress all along the way.

Connect All Departments to an Online Database

When it comes to collecting and moving data from one department to another, there’s nothing as inefficient as disconnected documents. Not only are they a strain to keep organized in big filing cabinets or file folders, but they take a long time to create, share and edit. It seems cliche to harp on this point in 2018; yet, many food safety coordinators have a purely manual system.

By connecting your entire company to an online database, you enable different departments to organize, share and update documents in seconds, rather than minutes. This level of connectivity can shave time off dozens of tasks per day, which ultimately leads to hours or days of extra productivity over the course of a year. When you adopt a system that updates connected documents in real time, you won’t have to make manual changes to multiple documents for small changes.
If you want to get extra efficient, the real trick to this best practice is to find software that you can incorporate into every department. Then, as people go about their normal jobs, the information they collect is automatically uploaded to the central database.

Utilize the Internet Of Things to Streamline Data Collection

These days, it’s possible to connect almost every piece of equipment to the Internet of Things. Even if your machinery doesn’t have measurement tools built-in, there are almost certainly additional tools you can install to create that functionality.

Having your equipment feed data directly into your central database is faster than manually collecting information and eliminates the risk of human error when it comes to data entry. Thanks to that simple degree of automation, already standard in large parts of the global economy, you can also use system dashboards and alerts that let you know when something’s off, like the temperature in the freezer or the production speed of equipment on the floor.

Don’t Settle for Uninspired Internal Audits

Many food safety coordinators are so focused on specific issues that they forget to take steps back to look at the situation from a bird’s eye view. When the time for an internal audit comes around, they do it with one eye on the audit and one eye on the next fire that needs putting out.

Lazy internal audits are not only noticeable to external auditors, they keep you in the dark about what’s really happening in your facility. Here are a few ways you can ensure your internal audit empowers you rather than slows you down:

  • Schedule the internal audit ahead and make it immovable
  • Plan out your scope, objectives and process to establish momentum and direction
  • Dedicate your full attention to running the audit and managing relevant staff
  • Report your findings in detail and discuss with necessary employees
  • Schedule and verify corrective actions

A well-performed internal audit is a powerful way to regroup, refresh goals and stay on track.

Train All Employees for Go-Time

Do you know which employees an auditor is allowed to interview? Any of them. No person is disqualified from interviews, which means every employee needs to be well trained on food safety procedures. While most facilities only train employees until they know the basics of food safety for their department, going above and beyond here can have some major gains.

Consider the perspective of the auditor. When they are asking your employees questions, they’re not just trying to complete a basic inspection. They want to see signs that you haven’t done the bare minimum, but that your employees are immersed in a food safety culture, that they have been receiving training long-term, and that food safety is a fundamental value of your company.

When auditors get the sense that your employees are up-to-speed, things tend to go a little smoother, stress levels lower, and the auditor becomes less suspicious.

Give Food Safety Coordinators the Appropriate Authority (and Budget)

One issue that many facilities run into is an unempowered food safety coordinator. When that person discovers ways to improve or correct operations or employees that are not following protocol, he or she is often unable to take the appropriate action.

Hazards aren’t the only things that need corrective actions from time to time. Sometimes employees need to face consequences for compromising the production area with food or for haphazardly completing safety-related tasks. Other times, employees don’t have the necessary software or equipment to perform their job well and even though their managers may be aware, they don’t allocate the appropriate budget to improve the situation. In order for any company to thrive, standards must be enforced by relevant leaders; and there’s no one better to call the shots on food safety than the designated coordinator.

Establish a Company-Wide Food Safety Culture

When it comes down to it, companies that value food safety thrive. Companies that consider food safety an annoying task to check off the list—they’re the ones that run into extra trouble.

Building food safety into your company’s system of values starts at the very beginning with how you train your new hires. It continues on into how you provide ongoing training even to experienced employees. It’s not an item on the list of meeting topics; it’s a value that underscores the entire agenda.

In order for this approach to be successful, it has to start at the top. Facility owners and managers that value food safety will organically pass that on to the people below them. But when the upper levels can’t be bothered with food safety, the entire organization struggles to hold onto it as a value.

Some of these best practices you can start working on tomorrow; others will take time to implement. Embedding these into your company can be a long road, so keep your eye on the prize: A safe, efficient food safety program that impresses auditors and keeps things running smoothly.

Manik Suri, CEO and co-founder, CoInspect
Retail Food Safety Forum

Rodent Poop, the Olympics and Food Safety Inspections that Work

By Manik Suri
3 Comments
Manik Suri, CEO and co-founder, CoInspect

Another day, another potentially brand damaging story—just ask Little Caesars. On February 7, the health department closed down an Indianapolis-based location because customers found some rodent feces on their pizza—it was clearly a food safety violation, and pretty disgusting. Meanwhile on the other side of the planet, athletes prepared their entire lives to compete in the Olympics. More than 100 people contracted Norovirus around the Olympic sites in Pyeongchang, where the athletes were in danger of getting a violent, contagious stomach illness that would derail their dreams and prohibit them from competing.

We live in a world that eats out, and if we don’t develop new techniques to protect customers in restaurants and food service settings, more people are going to get sick (or worse) from foodborne illnesses. The current food safety process is broken, and needs to be fixed in restaurants nationwide and globally.

At Google, Larry Page has spent two decades managing the speed of a search result for the company’s core service. From 1997 forward, Page has obsessed about the right results as fast as possible. When has Google ever been slow? People use the search engine daily because it always works.

For restaurants to grow and thrive, they need habit formation from fickle consumers. Habits are formed when restaurants deliver on their value proposition slice after slice, burger after burger, and salad after salad. So what is your organization doing to make sure that every meal is extraordinary— not only delicious, but also safe? What are you doing to prevent Norovirus and other foodborne illnesses?

Well, you’re probably not studying the data to create better processes. A 2017 survey of the top 500 restaurant chains found that 85% use paper logs or spreadsheets as their core technology for safety, quality and standards management. Paper logs, line check clipboards or homemade Excel sheets on a laptop are inefficient and ineffective systems to manage something as critical as food safety.

Many restaurants have upgraded their mobile ordering software and relaunched their menus on LED screens, but still make employees use clipboards to conduct food safety line checks and QA audits. This devalues the importance of their food safety operating protocols. Restaurant teams are comprised mostly of millennials and Generation Z— the mobile generations. They expect to be trained, do work and solve problems with their phones. But when their employers train with paper manuals and complete work with paper forms, it’s a huge disconnect for them.

Moreover, how did people at Little Caesars HQ in Detroit have insight into that recent incident in their Indianapolis store? What operating data do they have to examine? What line checks happened in store on the day in question? When was their last third-party food safety audit? What corrective actions were taken? That information would be hard for them to know, if, like the vast majority of restaurant chains, they were not collecting and analyzing data with modern tools.

Upgrading your operating technology so that your people have digital tools is not expensive. Software is much more affordable today because of the software-as-a-service revolution and the extraordinary computing power and proliferation of mobile devices. An emerging ecosystem of safety and software companies is ready to take your facilities into the 21st century. But the C-Suite has to decide it wants to empower its employees to do their best work and commit to having real-time data that is actionable and accurate.

Having mobile ordering software and LED screens for menus is helpful and valuable. But food safety is the most important component of every restaurant (and other food service companies). It is imperative that the food service industry embraces digital solutions to elevate their food safety standards. Without proper food safety standards, any organization could face a crisis like Little Caesars and the Olympics recently experienced. All it takes is one tainted meal to harm your guests—and your brand.

Eurofins and Orion Assessment Partner to Expand Auditing and Certification Services

No Comments

Eurofins Food Safety Systems and Orion Assessment Services have announced a partnership that will expand their auditing and certification services on a global scale.

“The partnership will allow Eurofins to broaden their BRC Global Standards and GFSI scheme auditing resource base and provide them additional expertise in BRC to utilize. It will also allow Orion Assessment Services to operate under the Eurofins accreditation for BRC, SQF and FSSC 22000 schemes,” according to a Eurofins news release. “As a certification body, this collaboration will enhance the standards currently offered through Orion Assessment Services’ accreditation for ISO 17065 and ISO 17021, as well as offering brand new opportunities in the various GFSI schemes, for both existing and new clients internationally.”