Tag Archives: audits

3M Food Safety

From Culture To Compliance: The Link Between Food Safety Culture & Audit Preparedness

3M Food Safety

On Tuesday, December 5th, 3M Food Safety and Neumann Risk Services will host the final part of a 4-part webinar series on the Food Safety Modernization Act (FSMA). A special panel discussion of food safety experts will provide insight into how a robust food safety culture can positively impact audit preparedness and signal a culture of compliance.

Attendees will learn what a strong food safety culture looks like and how it can help comply with FSMA and the Safe Quality Food (SQF) Code. The free webinar will be recorded at the 2017 SQF International Conference in Dallas on November 9. It will conclude with a live Q&A for attendees and be offered on-demand to webinar registrants.

The first three webinars are currently available for on-demand listening at the 3M Health Care Academy, and each presents the opportunity to learn about the challenges companies are facing in operationalizing FSMA rules. The webinars offer real-world insight into how companies streamline implementation and execution of food safety plans, supply chain programs and other FSMA-driven programs.

Melanie Neumann, Neumann Risk Services
Melanie Neumann Neumann Risk Services, LLC

Melanie Neumann, president, Neumann Risk Services, a Matrix Sciences Company, will be moderating the panel discussion. Panelists will include:

  • Bill McBride, principal and managing director of Foodlink Management Services and SQFI Asia Pacific representative
  • Dr. Lone Jespersen, principal and founder, Cultivate
  • Dr. Martin Wiedmann, Gellert Family professor in food safety, Cornell University
  • Dr. Jay Ellingson, corporate director of food safety and quality assurance, Kwik Trip, Inc.

The webinar will take place on Tuesday, December 5 at 1:00 p.m. Central Standard Time. To sign up for the webinar, click here.

Patricia Wester, PA Wester Consulting

Q&A On FSMA Audits: A Conversation With AFSAP CEO Patricia Wester

By Food Safety Tech Staff
No Comments
Patricia Wester, PA Wester Consulting

As a trade association for auditors and the auditing industry, AFSAP has researched the various references to audits found in all of the FSMA rules, and monitored the steps taken across the auditing community to meet these requirements. In this Q&A, we sit down with Patricia Wester, chief executive officer of AFSAP, to talk FSMA audits, criteria for supplier audits, preventive controls and FDA guidance. She will be running the Pre-Conference AFSAP Food Safety Auditing Fundamentals Course at this year’s Food Safety Consortium.

Background on the AFSAP and FSC Alliance

In July 2016, GFSI announced they would re-open the Guidance document revision process so that FSMA’s requirements could be considered for inclusion. When the final GFSI Guidance document was released, it included most of FSMA’s requirements. At this point, the Schemes still had to accommodate these changes, which were then provided to the CB’s. Depending on the Scheme, a CB also had to consider including content to address any FSMA related gaps. In the end, these audits could take more than a year to reach the market, and depending on the individual site’s renewal period, it could be many more months before a supplier was actually audited.

Patricia Wester moderated the Plenary Panel “What’s Next for Audits”
and running the
Pre-Conference AFSAP Food Safety Auditing Fundamentals Course at the
2017 Food Safety Consortium November 29 – December 1, 2017 in Schaumburg, IL.

Recognizing the need to inform the market, the inaugural Plenary Panel on Auditing, moderated by AFSAP’s Patricia Wester was presented at the 2016 Food Safety Consortium meeting. Dr. Ostroff opened the discussion to share FDA’s perspective on the use of audits for FSMA. His remarks were followed by representatives from GFSI, Schemes and CB’s as each described their role and recent activities to meet the new regulatory requirements, and provide insight into the timelines involved.

Dr. Ostroff has agreed to join us again for the 2017 meeting, and will participate in the Plenary Panel “What’s Next for Audits” as Industry, Retailers and the auditing community prepares for the accredited certification audits necessary for VQIP.

FoodSafetyTech: How are audits used in FSMA?

Patricia Wester: In the Third Party Audit rule, FDA outlines an accredited certification program for imported food that applies in 2 specific situations. The first applies to any imports FDA designates as “a high risk food” and the second is the use of certification audits for importers in The Voluntary Qualified Importer Program, (VQIP). Under VQIP, participating importers are required to source their products from suppliers that are certified under the FDA program.

In addition to the certification audits for VQIP and high-risk foods, audits are one of the options for supplier verification activities under the human and animal food preventive controls rules. When the hazard analysis identifies a raw material has a serious hazard, (SAHCODHA hazard), that ONLY the supplier controls, a supply chain preventive control is required, and the supplier verification activity must be an onsite audit. FDA allows some flexibility here, the audit can be a second or third party audit as long as it meets the requirements listed in 117.435, and is performed by a qualified auditor as defined in 117.3. These requirements are applicable to audits used to verify foreign suppliers (FSVP) as well as domestic suppliers.

FST: Don’t GFSI Scheme audits meet the criteria for Supplier Audits?

Wester: FDA allows the use of any audit that meets FDA’s criteria for audit content. This includes second party audits executed by employees of the receiving facility and third party audits, including GFSI audits, as long as they meet the requirements for audit criteria and are performed by a qualified auditor.

FDA acknowledges that the GFSI Auditor Competence provisions are consistent with the Agency’s findings, but that recognition does not extend to the audit criteria/content of GFSI audits.

In fact, any audit program in use prior to the publication of FSMA’s rules would probably need to be updated for these new requirements. GFSI, the Schemes, the CB’s, and others involved in the delivery of audits have likely all updated their audits to eliminate the major gaps, however, there are still some key FDA requirements that remain unmet.

FST: So, even though audit programs have been updated for FSMA’s new requirements, they are still missing some of FDA’s requirements? Why didn’t they just add everything?

Wester: In most cases, it appears to be due to a misinterpretation of the audit criteria that underpins all FDA’s audits. FDA’s audits focus on assessing a suppliers compliance with “applicable food safety regulations, the HACCP and/or Food Safety Plan and the plan’s implementation”. The Preventive Controls for Human Food Rule states the audit requirements in Subpart G:

§117.435 states:

If the raw material or other ingredient at the supplier is subject to one or more FDA food safety regulations, an onsite audit must consider such regulations and include a review of the supplier’s written plan (e.g., Hazard Analysis and Critical Control Point (HACCP) plan or other food safety plan), if any, and its implementation, for the hazard being controlled.

We (FDA) have revised phrasing to state “and its implementation” to emphasize that implementation of the plan is distinct from the plan itself (e.g., § 117.126(c). (The PCHF Final rule preamble)

Similar phrasing such as “any applicable FDA regulations” is used elsewhere when FDA discusses audit criteria, such as FSVP and VQIP and the Third Party Certification Audit rules. Further, the PCHF rule, §117.190 provides a comprehensive list of “Implementation Records” that can be used as a guide to understanding what meets this element of the FDA’s requirement.

The auditing community and Industry have assumed the regulatory reference was limited to the FSMA regulations, such as Preventive Controls for Human or Animal Food or the Produce Safety final rules), and has focused on those regulations to update their audit programs. Other FSMA regulations, such as Intentional Adulteration and Sanitary Transport, could easily be considered part of the requirement, so there are a few audit options that include those rules.

FST: What about products that are exempt from the Preventive Controls Rules?

Wester: Audits for products that are exempt from the PCHF (human Food) rule, such as Juice and Seafood HACCP, are probably available under a general HACCP format, but they may not include the level of detail required under FSMA, and would have to specifically requested when arranging a supplier audit.

Audits for other PCHF exempt products, such as bottled water or low acid canned foods, would be audited using a general food safety audit, with the specific product treated as a product category under that audit. Once again, these audits lack the product specific regulatory content and implementation details required by FSMA.

The question becomes, which FDA regulations (beyond FSMA) apply to an audit used for regulatory compliance and how much detail in the audit is necessary?

In other words, what is the full scope of regulations needed for the audit, and what are the audit criteria? Is it just FSMA or does it go further?

FST: Where does one look for this information? Does FDA offer any guidance about the scope of the audit?

Wester: The CFR, or Code of Federal Regulations is the starting place for regulations. Finding the regulatory information would not be difficult, Title 21, CH 1 Parts 1-1499 include FDA’s food regulations. In addition each part can have multiple subparts etc.

Given the sheer quantity of regulations, and that some are product specific while some are not, developing different audits for all of the possible regulatory combinations would be a daunting task and enormously costly. Remember, every auditing company will have to go through this process.

There are FDA references to scope and criteria in several responses to comments:

Audit Criteria means the set of policies, procedures or requirements used as a reference against which audit evidence is compared. During regulatory and consultative audits, accredited third-party certification bodies will examine compliance with applicable food safety requirements of the FD&C Act and FDA regulations within the scope of the audit. In consultative audits, the third-party certification bodies also may be conducting an examination to determine conformance with applicable industry standards and practices.

The applicable requirements that accredited third-party certification bodies and their audit agents will use relate to the food safety standards under the FD&C Act, such as the adulterated food provisions in section 402 of the FD&C Act and the provisions on the misbranding of food allergens in section 403(w) of the FD&C Act. The applicable requirements of the FD&C Act and FDA regulations would depend on the type of eligible entity being audited. Other examples include labeling requirements and the CFR citations listed under scopes.

Certainly, more detail than this is needed, and AFSAP is working to engage all parties, including FDA, in collaborative discussions to resolve these questions and concerns. The auditing community will need to address these issues in the near future, and industry should be vigilant to understand the requirements and make sure any audits used for FSMA are compliant.

Chelle Hartzer, Orkin
Bug Bytes

How to Prepare for an Audit at Any Time

By Chelle Hartzer
1 Comment
Chelle Hartzer, Orkin

Everybody knows to prepare for the worst while hoping for the best. But being prepared for an unannounced audit isn’t something that can be done overnight, especially when it comes to pest management.

That’s why it’s important to carefully review your food safety plan and the specific pest management measures contained within it. Pest management can account for up to 20% of an audit, so it can make or break a facility’s score. There’s no room to gamble—between federal regulations, audit regulations, internal standards and customer expectations, you need to stay in compliance.

With FSMA in full effect, it’s important to become familiar with the regulations found on the FDA’s website if you haven’t yet. Reacting to problems isn’t good enough anymore, as many of these regulations emphasize a preventive strategy. The FDA has the authority to mandate recalls, shut down facilities and more. If you need help determining the rest of your facility’s food safety program, the FDA has a helpful downloadable food safety plan builder.

To make sure pest issues don’t spoil your score during an unannounced audit, remember that pest management is an ongoing partnership that requires your entire staff’s participation. It’s something you should plan for as part of regular maintenance and sanitation schedules.

The first step is to establish an integrated pest management (IPM) program. This plan should be developed with your pest management provider and should be a comprehensive look at all factors that may contribute to pest issues. It should be designed to reduce pest pressure around a facility, address all sanitation and exclusion issues, actively monitor for pests and set action levels.

The goal is to proactively deal with pests and prevent as many issues as possible. An IPM program is tailored to meet a facility’s specific needs based on a wide range of different factors. An IPM program uses pesticide treatments as a final step once all conducive conditions have been identified and addressed. The program should adapt as both the facility and the pest pressures change over time.

Implement regular training for all employees and encourage participation. Something as simple as a poster featuring the “most wanted pests” in break rooms or locker rooms can help train personnel to recognize the signs of potential pests around the facility. Make it clear that each employee is a key player in your program and empower them to speak up should they see something. Ensure you have a pest-sighting log and all personnel are aware of where it is and how to report issues. Their help will be vital to point out issues, ensure sanitation is adequate and identify problem areas on a daily basis. Your pest control professional can host a training meeting for you and your staff if needed.

When implementing an IPM program at your facility, there are numerous preventive tactics you can implement and perform on a regular basis.

  • Monitoring devices: Using devices like fly lights, rodent traps and bait stations can help reduce pest populations and keep them away from food products. These monitoring devices also offer insight as to how many and what kinds of pests are plaguing the facility, which is valuable information when determining a strategy to resolve existing pest problems and minimize pest pressure.
  • Sanitation: Any food source, including the foods you are producing and storing, can draw pests. Clean up product spills quickly. Don’t forget about food in employee areas such as break rooms and locker rooms. While it is impossible to clean up every food particle (you are producing food at your site!), you can work to limit the access pests have to food sources.
  • Take out the trash: Emptying trash daily and cleaning out the trash bins helps prevent the buildup of organic material, which can attract many different pests. Make sure dumpsters are placed away from the building if possible and always keep them closed. Don’t a smelly garbage or a full bin—when in doubt, take it out!
  • Seal cracks and crevices: Keep a constant watch around the facility for any openings big enough for a pest to fit through. Remind employees that rats only need a quarter-size hole to squeeze into a facility, while mice only need an opening the size of a dime. And that’s not the worst of it; cockroaches only need one sixteenth of an inch, making it vital to seal off any openings found. Don’t forget to look at your facility from the outside as well!
  • Install automatic doors: Often, open doorways are prime locations for pests to enter. All doors should remain closed when not in use. Especially in docking areas when loading/unloading, try to open dock doors only when needed and keep the gap from the truck to doorway sealed off if possible. Installing automatic doors can reduce the likelihood flying pests inside the facility by ensuring doors stay closed when not in use.
  • Inspect shipments: Anytime a new shipment arrives, it should be inspected closely for pests. Stored product pests could be in products and spread to others in close proximity quickly, so catching them early is key. Don’t forget to inspect shipping containers for outgoing product too, because if your product goes in an infested truck, your product will be considered infested!
  • Remove clutter: Many pests love to hide under clutter. Remove unused equipment, product and packaging—especially cardboard boxes—to avoid giving pests a convenient hiding place. Don’t forget about clutter outdoors, too.
  • Outdoor concerns: Sanitation is important outside the facility as well. Make sure to remove clutter and garbage on the ground and near the facility to help reduce pest pressure. Many pest issues start outside, so removing clutter outdoors means fewer pests to potentially get into your site. In addition, installing sodium vapor lights instead of mercury vapor lights near the building will attract fewer insects.
  • Install air curtains: The perfect complement to automatic doors, air curtains create positive airflow—or air flowing outwards from building entrances—to push pests away from the building.

Auditors are looking for a number of things when it comes to pest management. One important item they want to see is the record of past pest issues and the steps taken to resolve them. You and your pest management provider should ensure all records are up to date and accurate with pest trends that can be explained.

Documentation is perhaps the most critical part of a strong IPM program. It ensures your efforts are captured, organized and available should an unexpected auditor arrive on site.

The following are six main documents to have ready at all times.

  1. Food Safety Plan
    Perhaps the most important piece of documentation, the overarching food safety plan is absolutely necessary to have on hand. The plan should be a comprehensive document describing all activities to ensure the safety of food during manufacturing, processing, packing and holding. It should include a list of potential hazards, preventive controls and corrective actions to mitigate those risks, along with monitoring and verification procedures.
  2. List of Service Changes
    An IPM program needs to be dynamic. But when modifications are made to meet the ever-changing needs of a facility, make sure to keep careful records of how and why the plans have changed.
  3. List of Monitoring Devices/Traps
    Your plan must include a map documenting all monitoring equipment, traps and any other devices used around the facility to reduce pest pressure. Note the locations and activity levels of each. The trend report from the collected data can show important information and help make management decisions. Your pest management professionals can help with this, as they should be noting activity each time they inspect your property. Auditors will want to see the historical data of pest monitoring devices and the corrective actions associated with any issues. Monitoring devices work as a great early warning system for developing pest issues and are a great proactive approach.
  4. Annual Assessments
    Each year, you should review your food safety plan and current IPM program. These annual assessments will note problem areas and set goals for the coming year. Auditors will be looking for these yearly assessments, and if you’re able to demonstrate year-over-year improvement then you’ll give your facility a better chance at a great audit score.
  5. Sighting Reports
    If a pest is spotted within the facility, employees should document it on the pest-sighting log. The report should include information about the location of the pest within the facility, who found it and the number of pests spotted. Capturing the pest is ideal, but it’s not always feasible to do so. In that case, photo evidence helps with identification, so obtain a close-up picture of the pest(s) if possible. Ensure the pest is identified and any corrective actions documented.
  6. Proof of Training/Certification
    You know that your pest management professional is trained and certified, but an auditor doesn’t. To demonstrate your provider’s expertise, keep a valid license or certification document, written evidence of the pest management professional’s training, and documentation of internal training on IPM and Good Manufacturing Practices (GMPs).

According to FSMA guidelines, a strong food safety plan identifies potential hazards to food products, and focuses on a preventive, risk-based strategy instead of a reactionary one. With an IPM program in place and detailed documentation of actions taken, you’ll be prepared anytime an auditor decides to “pop in” for a “quick chat.”

SGS, food safety

SGS First Certification Body Approved to Audit Against Gluten-Free Standard

SGS, food safety

Earlier this week SGS became the first certification body approved to audit against the Gluten-Free Certification Organization (GFCO) standards worldwide. GFCO, a program of the Gluten Intolerance Group, is globally recognized, providing independent certification services to gluten-free product producers. The program, which has certified more than 40,000 products from more than 900 companies in 29 countries, requires product reviews, on-site inspections, testing and ongoing compliance activities. The third-party certification verifies that a product meets strict gluten-free standards, ensuring valid gluten-free processes were followed during manufacturing.

SGS will be conducting the GFCO audits as a stand-alone service or in combination with its Food Safety certification audits.

Best Practices for ISO 17025 Accreditation: Preparing for Your Food Laboratory Audit (Part II)

By Joy Dell’Aringa
2 Comments

In Part I of this article, we explored the considerations a laboratory should initially evaluate when pursuing accreditation, as well as guidance from leading industry experts on how to prepare for an ISO 17025 audit. Here we will review what comes after the on-site assessment and provide practical user-based advice for preparing a response, common areas of non-conformance, and future changes to the ISO 17025 Standard.

The Response

Once the assessor has completed the audit, they will typically hold a closing meeting on-site where they present their findings, also referred to as deficiencies or non-conformances. For each finding they will document a specific reference to the standard as evidence and provide opportunity for questions and discussion. Most assessors will be open and conversational during this final portion of the assessment; laboratories are well suited to take advantage of this time. Some assessors will even brainstorm possible responses and corrective actions while onsite; this is valuable insight for the laboratories quality team and can help them get a jump on the response.

Depending on the accrediting body, the laboratory will have a certain amount of time to respond to the findings, usually 30–60 days. The anatomy of a well-assembled response will include a full corrective action report, complete with root cause analysis. Often, the assessor will also request supporting documents and records to show the effectiveness of a corrective action. Most laboratories will have forms to help guide users through the corrective action and root cause process. It is important to have a systematic approach to ensure your corrective action is thorough and balanced.

Determining root cause is a critical part of this exercise. Erin Crowley, CSO of Q Laboratories shares their approach. “We use a variety of root cause analysis techniques, but have found for our operation the principle of the ‘5 Why’s’ is very effective,” she says. “Don’t simply answer the singular deficiency. Accrediting bodies will want to know that you have addressed all variables that might be associated with a finding. For example, if a specific incubator was out of range on a specific date, don’t just indicate that someone fixed it and move on. Assess how they addressed the issue, any impact on data, what they did to react to it, and how they are putting systems in place to prevent it from happening in the future on any other incubator. You have to show the full process.”

Implementing procedures as an outcome of a corrective action can also bring challenges to an operation. As a national multi-site reference lab, Eurofins Quality Manager Peter Dragasakis must work with other departments and locations to deploy new or changed systems for compliance. “Sometimes the most challenging part of the entire audit process is coordinating internal stakeholders across other departments such as IT or complimentary analytical departments,” he says. “Coordinating a response in a timely manner takes full organizational cooperation and support.” Communication throughout the quality and operational arms of an organization is critical to a successful response. Often, accrediting bodies and laboratories may shuttle a response back and forth a few times before everyone is satisfied with the outcome.

Common Areas of Non-Conformance: Pro-Tips

While all areas of the standard are important to a conformant operation, there are a few key areas that are frequently the focus of assessments and often bare the most findings.

Measurement Uncertainty. Depending on the laboratories Field of Testing (FOT), Measurement Uncertainty (MU) can be captured in a multitude of ways. The process aims to systematically and quantifiably capture variability in a process. For chemical analysis this is typically well defined and straightforward. For microbiological analysis the approach is more challenging. A2LA’s General Manager, Accreditation Services, Adam Gouker says the reason many labs find themselves deficient in this area is “they don’t consider all of the contributors that impact the measurement, or they don’t know where to begin or what they need to do.” Fortunately, A2LA offers categorical guidance in documents P103a and P103b (for the life sciences laboratories, two of the of many guidance documents aimed at helping laboratories devise systems and protocols for conformance.

Traceability. There are several requirements in the ISO 17025 standard around traceability. In terms of calibration conformance, which accrediting bodies seem to have emphasized in the last few years, Dragasakis offers this tip: “When requesting [calibration] services from a vendor, make sure you’re requesting 17025 accredited service. You must specify this, as several levels of service may be available, and “NIST Traceable” certificates are usually no longer sufficient.” He also advises that calibration certificates be scrutinized for all elements of compliance closely. “Some companies will simply state that it is ‘ISO 17025 compliant’, [and] this does not mean it is necessarily certified. Look for a specific reference to the accrediting body and the accreditation certificate number. Buyer beware, there is often a price difference between the different levels of calibration. Always practice due diligence when evaluating your calibration vendor and their services, and contact the calibration service if you have any questions.”

Validation vs. Verification. One of the more nuanced areas of the standard lies in determining when a test requires validation, verification, or an extension, specifically when there is a modification to a method or a sample type not previously validated by an internationally recognized organization (AOAC, AFNOR, etc.). Certified Laboratories Director Benjamin Howard reminds us, “think of validation and verification as existing on a spectrum. The more you stray away from an existing validation, the more validation work is required by the analyzing laboratory.” For example, analyzing Swiss cheese for Salmonella by a method that has already been validated for soft queso cheese may require only minimal verification or matrix extension. However, a laboratory that is altering a validated incubation time or temperature would require a much more robust and rigid validation process. Howard cautions, “Accredited laboratories must be transparent about modifications, not only on their scope of accreditation but on their reports [or CofA’s] as well. Under FSMA, companies are now accountable to the data that their laboratories generate. If you see a “modification” note on your report, perform due diligence and discuss this with your laboratory. Ensure a proper validation of the modification was performed. “Additionally, the ISO 17025 standard and accrediting bodies do not mandate how a validation or verification should be done. Laboratories should have a standalone SOP that outlines these procedures using scientifically supported justification for their approach.

CAPA / Root Cause. A good corrective action / preventive action (CAPA) and root cause (RC) analysis program is at the heart of every sound quality system. “Corrective and preventive action (CAPA) processes can either add value or steal time away from the organization according the quality of the root cause analysis,” says Vanessa Cook, quality systems manager at Tyson Foods Safety & Laboratory Services. “CAPA might be the single greatest influence on an organization’s ability to continuously improve and adapt to change if diligence is given to this activity.” Investing in resources such as ongoing training in CAPA/RC programs and techniques are key components to ensuring a robust and effective CAPA / RC program.

Continue to page 2 below.

Bryan Armentrout, Food Leadership Group

Audits: The Opening Meeting

By Bryan Armentrout
2 Comments
Bryan Armentrout, Food Leadership Group

Read Part I: What Do Food Facility Auditors Really Want?When I train my QA managers on how to start an audit, I teach them to always say something to this effect: “Thank you, Mr. Auditor for coming here today. We are proud of the work we have done on our quality system and are happy to show you our hard work. To be clear, we are using SQF Version 7.2 Level 2 as our standard for this audit. If you have any suggestions for improvement outside of that expectation, we would love to hear them. Sound fair?”

Who would not agree to that? It establishes the rules of the game and if the auditor steps out of bounds, it sets up an expected course of action on your part.

So, during the audit, if the auditor does step outside of the standard (and they usually do at some point), you can return easily and without confrontation to the scope of the audit.

If this happens, you can respond like this: “I hear what you are saying, Mr. Auditor. That is very interesting, but I am confused. I know the standard and the section you are referencing, but I cannot find where it addresses your requirement. Where in the standard do I find your point?”

If he cannot find it, it is a suggestion for your program to improve and not something that can be written up as a deviation. Tell him that you will consider it and that you appreciate the advice.

If the auditor still wants to include this in the audit as a deviation, you don’t have to accept that.

Don’t wait if this happens. Immediately call your contact at the audit company headquarters. Sit down with the auditor on speakerphone. Explain what you are discussing and have both sides state their case. Ask for clarification on what the auditor is proposing.

This is not confrontational; you are simply getting clarification from the authority. If is it is in the standard, you learned something. If not, the auditor did. You both win.

As a bonus, the auditor will think twice before writing up the next out of scope deviation. He knows what you do.

product recall sheet

Effective Supplier/Retailer Communication Eases Pain of Food Recalls

By Holly Mockus
No Comments
product recall sheet

Food recalls are not 100% avoidable, and they are costly. The hit to an individual food company or retailer, on average, can run to tens of millions of dollars. Annually, millions of consumers become ill as a result of contaminated food products, and the dollar costs in terms of lost productivity, medical treatment and deaths run into the tens of billions.1 More than 20% of consumers have said that they would not purchase any brands from a company suffering a food recall.2 At best, damage to a company’s brand and reputation could take a long time to repair. Clearly, the need to prevent food contamination is obvious and should be the ultimate goal of all food safety professionals.

But despite the best industry efforts, recalls inevitably occur. And since they aren’t 100% avoidable, suppliers and retailers must continue to look for ways to minimize the safety and financial impact of the recall events that do occur. It’s good to begin that process by understanding some statistics surrounding the most common recalls. Globally, 46% of food recalls are for chemical hazards or the introduction of non-food-grade ingredients. 79% of these are due to undeclared allergens. 26% of recalls are for food-borne pathogens, and 8% are due to physical hazards (metal, glass, plastic, paper, wood, etc.). The remaining 20% are generally quality-based recalls and withdrawals.3

Head Off Recalls Before They Occur

Knowing the numbers helps suppliers and retailers home in on their most likely problem areas and get a leg up on potential product contamination problems. Since chemical hazards are the single biggest culprit, and because most of these instances are due to allergens, food companies should closely examine their cleaning and sanitation practices during production line changeovers. Keep in mind the potential role of contract service providers as sources of adulteration. Regarding pathogens, evaluate raw and ready-to-eat segregation procedures, staff access points, and  good manufacturing practices and employee traffic patterns.

Many companies focus their efforts on passing food safety certification audits, but faithful adherence to food safety measures just to pass an audit misses the point. Focus on the development and implementation of comprehensive food safety systems to guard against contamination and food safety incidents, and not just avoid non-conformances to certification codes. Preventing food safety incidents and recalls before they happen must be the priority.

Supplier Best Practice: The Mock Trace

Manufacturers, suppliers and certification bodies have evolved a set of best-practice recommendations that will go a long way toward reducing the number of food safety incidents and recalls. These include conducting regular internal audits of food safety plans and procedures, including approved supplier programs and environmental monitoring programs, both to re-evaluate their effectiveness and discover new or previously overlooked gaps.

Suppliers should consider taking things to the next level. SQFI’s LeAnn Chuboff suggests that suppliers “make their retailers happy” through the use of mock trace exercises.3 These “dry runs” are invaluable for reinforcing the close examination and evaluation of recall plans and to become intimately familiar with the necessary procedures in the event of an actual adulteration event. Mock trace exercises should be intensive: They are particularly effective in identifying gaps when they occur during off shifts. Making the exercise challenging rather than check-the-box easy helps companies reveal and close critical gaps. Conduct the mock trace in both directions, from raw materials to finished goods, and vice versa.

Include every department in the company. For mock trace exercises to be completely effective, review all documentation for errors or omissions. All employees should be interviewed to determine whether they fully understand food safety and documentation procedures. Review training modules and observe manufacturing procedures for evidence of knowledge or operational gaps. Examine bulk material receiving and storage, employee and material traffic patterns, packaging materials and procedures, and cleaning and maintenance chemicals.

Speed as well as accuracy and thoroughness are critical in the event of an actual recall event. Companies should practice rapid response. Take advantage of all the accumulated experiences from the mock exercise to improve every aspect of the company’s food contamination response tools and practices.

Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC
FST Soapbox

Post-FSMA Food Safety Inspection: Are You Ready?

By Bill Bremer
No Comments
Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC

Note: FSMA will include the scheduled compliance inspection as part of the implementation of rules. This will occur in the next several years for many food companies.

With FSMA rules moving to the compliance stage, food companies must prepare appropriately to best respond to the requirements and, correspondingly, to additional inspections. These inspections are in addition to others, including GFSI with its emphasis on unannounced level audits for some schemes. For example, these audits may be required by the code (as with SQF) or as part of customer arrangements per certification contracts.

Learn more about FSMA Inspection Readiness at this year’s Food Safety Consortium in Schaumburg, IL | December 7-8, 2016 | REGISTERWith the growing potential for inspections and audits, a well-planned program and response must be developed, implemented and tested to achieve a most successful outcome. This is an important area to address, especially given the many changes in compliance under FSMA, greater scrutiny under GFSI, and a rapidly changing responsibility for food safety management resources.

For companies experienced with past FDA compliance audits, the new rules and Section 117 cGMPs will require more formalized programs and strong evidence of compliance through internal audits and oversight by Qualified Individuals (QI). The inspectors will look to focus heavily on new requirements and the “letter of the law”. Additionally, organizations under the Preventive Control Rule must have multiple Food Safety Plan QIs, qualified audit resources and competent sanitation management, along with competent plant operators. It is critical to have established roles, planning and testing as part of any inspection readiness program.

Self-Diagnostic Assessment Tool

The following self-diagnostic assessment tool can help organizations better determine their current state of planning when it comes to developing inspection readiness. To complete your own planning assessment, review your progress compared to the questions in Table I.

FSMA Inspection checklist
Table I. Kestrel Management’s self-diagnostic tool can help a company assess its level of inspection readiness and preparedness for FSMA compliance.

Get Compliance-Ready

Companies must have the appropriate plans and resources to comply with FSMA and certifications or face possible violations that can include fines and penalties under FDA enforcement. The questions in Table I will help companies identify areas to consider for Inspection readiness. Kestrel can also help answer questions, provide input on solutions, discuss how to better manage all of your food safety requirements—and change “No” responses into “Yes” responses that promote best practices for FSMA and food safety compliance.

Zia Siddiqi, Orkin
Bug Bytes

Get Your Food Manufacturing Facility Audit-Ready

By Zia Siddiqi, Ph.D.
No Comments
Zia Siddiqi, Orkin

Being audit-ready at any moment can be a daunting task, but pest management is one aspect of your audit that you can ace if you’re doing the right things. Pest control can account for up to 20% of your score, so taking it seriously can give you a huge boost the next time an auditor comes to your facility.

There are two components needed to help ease the stress of a third-party audit: An Integrated Pest Management (IPM) program and proper documentation.

IPM programs focus on incorporating green prevention and exclusion tactics into your facility’s ongoing sanitation and facility maintenance strategies, only using chemical solutions as a last resort. FSMA established that these tactics should be used when dealing with food safety issues and that thorough records should be kept to document the risk-based prevention efforts. This gives food manufacturing facilities even more of a reason to employ an IPM program.

A strong IPM program already has documentation built into it, as tracking pest activity and monitoring results over time are crucial steps to implementing the most effective pest prevention techniques for your business. Every IPM plan is tailored to your facility’s needs, so it needs to be dynamic and adaptable over time as new technologies emerge and your business needs change. Having the ability to show documentation of these changes and their positive effects will get you off to a great start on your next audit in showing your risk-based prevention food safety plan. If you do not already have an IPM program in place, speak with your pest management provider about establishing one.

Auditors like to see IPM programs in place because it means your business is taking a proactive approach and keeping detailed records.

Think about it like this: If the auditor is the judge and there’s no jury, would you ever walk into a court case without any evidence to prove your innocence? Of course not! So you wouldn’t want to walk into an audit without any documentation either.

In other words, document everything. Facilities must prepare and implement written food safety plans that identify potential risks to food safety, enumerate the steps and processes that will be executed to minimize or prevent those dangers, identify and implement monitoring procedures, keep detailed records of the food safety program, and list actions that will be taken to correct problems that do arise. If you’re doing all of this, you’ll make an auditor’s life that much simpler and improve the chances of receiving a high score.

When working to get audit-ready, you’ll want to have the following forms of documentation ready to go:

Proof of Training and Certification

Even though you know that your pest management professional is properly trained and certified, your auditor does not. Keep documentation on hand at your facility, as auditors may want to see one or more of the following documents:

  • A copy of the valid registration or certification document
  • hysical, written evidence that your pest management provider has been properly trained to use the materials necessary for your IPM program
  • Evidence of training on IPM and Good Manufacturing Practices (GMPs)

Proof of Service and Material Changes

A strong IPM program changes as new technologies emerge and your business’s needs shift over time, so be sure to have detailed documentation of these changes as they occur. It’s also important to note the reasons for making changes. Auditors will be looking for written documentation for even the smallest of changes to your IPM program, so take careful notes as your program adapts along with your business.

It can also help to assign specific roles to your employees. This not only will give employees clear direction on how they can contribute to your IPM program, but it can also help your case with an auditor by showing that your facility is maintained by an entire team rather than just a few people. Teamwork is a key part of any IPM program, so be prepared to show how your team runs effectively.

Pest Sighting Reports That Correspond with Corrective and Preventive Actions

When there is a pest sighting in your facility, record it immediately. Keeping records of sightings will help ensure that steps are taken to improve and show accountability to an auditor. Once action is taken, record exactly what was done and the results of the counteractive efforts. That way, you’ll have a paper trail that shows an auditor that for every pest problem, your pest management provider came up with a proactive pest solution that resolved—or is working to resolve—the issue.

After taking corrective action, continue monitoring the issue over time and note any developments in order to help prevent the issue from reoccurring. Creating a trend report that keeps track of which pests your facility is dealing with over time can help, too, as it will help you determine which pests are the most problematic. Your provider can help build such a report.

Records of Pest Monitoring Devices and Traps with Corrective Actions

Pest monitoring devices and traps are great for giving insight into areas around your facilities that are most susceptible to pests. Along with these devices, however, you’ll need to show the following information to an auditor:

  • When and how often the monitoring devices and traps were checked
  • The type and quantity of each pest found
  • Corrective actions taken to reduce pest activity and prevent further issues

Work with your pest management provider to gather all of this information, as it is usually the technician who works on these devices regularly. Being able to give an auditor the full picture can certainly help you on your inspection as it demonstrates attention to detail throughout your entire facility.

Annual Pest Management Assessments and Resulting Actions Taken

With most IPM programs, your pest management provider will thoroughly inspect your facility annually to identify areas that can be improved. Many auditors require these annual check-ups, and they will be looking for proof that these facility assessments occurred and that action was taken as a result that led to positive changes. Year-over-year improvement is important, so measure your success against the areas of improvement specified in these annual inspection reports. That way, you can meet the objectives prior to an audit.

These annual inspections give you a chance to look back and see the progression over the years. If there are any pest issues that pop up year after year, make them a priority in order to show that your program is trending in the right direction.

This proactive approach to pest management will help protect your business from pests and the inherent risks, as well as help give you a better chance of receiving an excellent score on your next audit.

So don’t be afraid of an audit the next time one comes around. With a strong IPM program in place and detailed documentation over the course of the year, there won’t be an exorbitant amount of preparation needed. Stay organized and keep all of the above-mentioned documents together and on-site to keep things simple for both you and your auditor. All of these elements will help your facility receive a strong score and be audit-ready at a moment’s notice.

GFSI Basics: Is FSSC 22000 Right For Your Company?

By Maria Fontanazza
No Comments

Food Safety Tech recently sat down with experts from Eurofins to discuss FSSC 22000. According to Kristopher Middleton, technical manager at Eurofins, and Kim Knoll, food safety systems national sales manager at the company, there are still quite a few companies (especially in North America) that are unfamiliar with the ins and outs of the certification scheme. In a Q&A with FST, Middletown and Knoll break down the basics of FSSC 2000, along with explaining some of its benefits.

Kristopher Middleton
Kristopher Middleton, technical manager, Eurofins

Food Safety Tech: How is the trend with FSSC 22000 evolving?

Kristopher Middleton: The scheme started in 2009 based on a demand for people wanting to have an ISO-based certification within the GFSI benchmarking process. When the program came out, it trended toward larger companies that already had ISO-based certifications, mainly ISO 22000 and ISO 9001. The FSSC 22000 scheme is the fastest growing GFSI benchmarking scheme currently. It’s not just for large multinational companies; a lot of smaller suppliers are seeking certification to this scheme. The foundation continues to expand its scopes to become a true farm-to-fork certification program.

FST: Is FSSC 22000 also appropriate for a single site or for a company with fewer than 50 employees?

Middleton: The certification doesn’t discriminate based on facility size—nor footprint or number of employees. It’s ideal for any company that has a robust food safety management system and manufacture products that fall within the FSSC 22000 scope of certification. This currently includes manufacturers of perishable animal products (feed and food), perishable vegetable products, products with a long shelf life, biochemical products (i.e., food ingredients, vitamins, biocultures, etc.), manufacturers of food packaging, and primary production of animal products.

The key thing about FSSC 22000 certification is that it is not a terribly prescriptive food safety scheme, when compared to others that are available. You will be successful with FSSC 22000 certification if you are confident and knowledgeable about your own food safety management system, and you have appropriate justification or validation for the method in which your programs have been implemented, as well as validation for the controls of your food safety hazards.

FST: Are there quite a few companies that have not heard of FSSC 22000 or are not aware that it is a GFSI-recognized scheme?

Middleton: Since ISO 22000 was not terribly popular here in North America, it didn’t catch on right away. It was more so overseas that it caught on. However, within the past two years the scheme has become increasingly popular here, especially among companies that have other ISO standards already implemented (i.e. ISO 9001, 14001, 18001,etc), where it relates to occupational health and safety, environmental, and quality. The reason for that is the FSSC can easily intertwine with that entire management system program so that it all works together versus having separate programs in place.

Kim Knoll
Kim Knoll, food safety systems national manager, Eurofins

Kim Knoll: I’m having a lot of conversations with smaller manufacturers who are brand new to GFSI. Many of them are being asked by their customers to achieve a GFSI benchmarked certification and are in the early stages of researching scheme options.  Some of these companies are surprised to learn that FSSC 22000 is a viable option.  Like other certification schemes, Eurofins lends support to companies planning to pursue FSSC 22000 through training courses, consulting services, pre-assessments and ultimately certification services. Even though FSSC 22000 is a newer scheme, auditor availability is not an issue.

FST: What are the key differences between FSSC 22000 and the other GFSI schemes?

Middleton: Probably the most apparent difference with FSSC compared to other GFSI benchmark schemes is the fact that your certification lasts for three years, not one year. The reason for that is that it’s not a product-based certification like the others, it is a process-based certification and it uses the accreditation standard of ISO 17021 not ISO 17065. It also uses ISO 22003 for direction to the certification body for the conducting of the audit. That doesn’t mean that sites won’t be audited annually; it just means that once the certificate is granted, it’s good for three years.

Another key difference is that there is no true pass or fail within the audit. It’s a conform or not-conform audit. The decision to certify is based off the findings from the auditor and their recommendations, as well as the decision from a technical review meeting at the certification body. It requires the effective closure of a particular non-conformance or satisfactory plan being submitted for the closure of those non-conformances before the actual certificate can be granted. So that’s a bit different, because you can just submit plans for your non-conformances [instead of] actually showing that everything has been completely resolved. That being said, if a facility isn’t able to hold or get a certificate, if there’s an imminent food safety threat noted during an audit—if there’s an issue, such as a potential recall or contaminated goods, the ability to be granted that certificate is not feasible.

FST: Can you walk us through the auditing and certification process under FSSC 22000?

Middleton: Like any of the standards out there, you can get a pre-assessment, which is not necessarily part of the certification activity. The certification activity starts at a Stage 1 audit within this scheme (also known as a document audit within other schemes). It’s an evaluation of a facility’s food safety management system document to determine if they’re valid. The process does not include an entire evaluation of the implementation of the program, just simply that the programs are adequately designed and meet the requirements that are in place.

Next there’s a Stage 2 audit (sometimes referred to a facility audit) that is conducted no more than six months after the Stage 1 audit. The Stage 1 audit will identify the areas of concern—programs that might not meet exactly what the specifications required within the standard, which would become non-conformances in a Stage 2 audit (also called a facility audit or certification audit).

The Stage 2 audit is the full evaluation of the implementation of the program that was reviewed in the Stage 1 audit. Following completion of the audit, effective closure of non-conformances is required. This closure can either be [related to] major non-conformances, CAPA or root cause analysis. You have to supply evidence that the non-conformance is properly eliminated and will not recur, and this evidence must be supplied to the certification body and the auditor for review.

Any other non-conformances (also known as minor non-conformances) must have corrective action plans. Companies need to state how they plan on resolving the issue. They will be “closed” but left open for the next audit, which has to occur within one calendar year (known as a surveillance audit). The term “surveillance audit” within this standard is different from some of the other standards. Within some of the other standards, a surveillance audit is not a yearly activity—it is done within the year of certification. The surveillance audit within this standard is a yearly audit that is required to meet the requirements of GFSI. It’s also a requirement within [ISO] 17021 and [ISO] 22003 that surveillance audits are conducted. The GFSI requirement changed the surveillance audit within the ISO world because they used to do a sampling audit, which progressed to a full-blown audit. Your whole food safety management system will be evaluated, which is slightly different from ISO 22000 surveillance audits.

After that audit is conducted, you have another surveillance audit in the following calendar year. Within those surveillance audits, if any minor non-conformances or non-conformances from the previous audit are still present, they are upgraded to major non-conformances and [companies] would have to implement a full corrective action plan, root cause analysis, etc. and then determine the solution.

Once the second surveillance audit is conducted, the following year will be your recertification audit, which is simply another facility audit. It’s not a document audit—you don’t have to do Stage 1 audits after that initial one. This recertification audit occurs prior to your certificate expiring.