Food industry inspection and audit protocols are evolving at a rapid pace, and rightly so. This is not surprising given today’s regulatory, audit and ever-changing risk landscapes, which are driving further complexity and expansion of requirements to ensure the industry is, “audit ready, all the time.”
This evolution of inspections and audits has been primarily triggered by newer regulations such as FSMA and private standards, such as GFSI and its certification programme owners (CPO’s, fka Scheme Owners) like SQF, BRC, FSSC 22000, IFS, etc. Heightened customer demand and consumer visibility into food safety incidents –many thanks to mainstream and social media– and the resulting increased demand for information has also fueled this evolution, compelling industry to focus on higher levels of transparency, both internally and throughout the supply chain.
The changes above are driving the food industry to face a new reality. One where the following questions continue to rise to the surface:
- How have “yesterday’s” inspection and audit expectations changed from what companies are experiencing today?
- Based on this evolution, how will “tomorrow’s” inspection and audit expectations change?
- In short, what does the new reality or the “new normal” look like now for inspection and audit readiness?
We will take a look at what some of the first inspections are shaping up to look like under the Preventive Controls for Human Food (PCHF) Rule and the Foreign Supplier Verification Program (FSVP) Rule. Some common themes and some tips to successfully manage regulatory inspections as well as audit readiness tips are set forth below.
More Inspectors
Roll out the welcome mat because more inspectors are coming to the party. We are seeing an average of three to upwards of six regulatory inspectors performing the inspections under the PCHF rule. This may cause an initial shock wave but when you stop to consider the rationale it has a certain level of reasonableness to it. Industry has invested in its personnel for nearly two years in updated training to meet new FSMA regulations such as preventive controls qualified individual (PCQI) training, updated current GMP training and perhaps qualified auditor training, if applicable. It makes sense that FDA needs to make a similar investment in its people to ensure its inspectors are prepared to knowledgeably perform FSMA-related inspections.
FDA has implemented a robust training program for its inspectors. Regarding PCHF inspections for example, only inspectors who have successfully completed the PCQI training plus FDA’s internal training will lead other inspectors through the facility inspections as an in-field training exercise. So, the good news is at least one inspector is fully trained under FDA’s training program standards. This said, with more inspectors, there are more eyes, and with more eyes, more opportunities to see risk through different perspectives. It’s best to be on your game, with a tested playbook so you have confidence you are prepared when the team of inspectors arrive at your facility. Conduct a mock inspection against your policies, procedures and food safety plan that have been updated for the new PCHF and other applicable FSMA requirements. You will be thankful you did.
Digging Deeper
Into Records: FSMA and the seven rules that comprise it requires more controls, monitoring and verification activities by the food industry, thus naturally giving inspectors more records to access and review. Further, FDA received expanded records access authority upon the signing of FSMA. FSMA allows FDA to access records relating to articles of food for which there is a reasonable probability that the use of, or exposure to, the article of food will cause serious adverse health consequences or death to humans or animals. Before FSMA the standard FDA had to meet to access records was “credible evidence”; now its “reasonable probability”—a standard that is far lower and subjective—allowing access to more types of records than before. Another new addition is FDA now may access records beyond those relating to the specific suspect food if the agency reasonably believes that other food articles are likely to be affected in a similar manner.
Example: If you have a potential problem on production line 1, and you firmly believe the issue is contained to line 1, but that line is in even arguably close physical proximity to line 2, depending on the issue an inspector may invoke this new authority and ask for all records associated with line 2 in addition to line 1 for the same time period to be sure that the situation indeed did not spread or otherwise impact line 2. (e.g. confirm no risk for cross contamination or allergen cross-contact).
This should not mean it’s open season on all your records, but it certainly means more records are open to review and scrutiny, so having a robust record retention and management system becomes mission-critical. How sound is yours? Record-keeping and document management have long been important to GFSI / CPO’s. However, many food companies do not have a certification from one of these entities, which begs the question whether the scope of your third-party audit, or that of a supplier you are currently evaluating for approval, adequately evaluates this important area.
Into your Hazard Analysis: Inspectors are spending significant time reviewing the adequacy of the hazard analysis performed as part of the requirement of the food safety plan under the PCHF Rule and as part of the foreign supplier verification plan requirement under the FSVP rule. If facilities do not identify all the hazards of concern that require a preventive control associated with their facility and foods they produce, then the rest of the food safety plan falls apart. If you work with peanuts to produce peanut butter and identify Salmonella as a hazard requiring a preventive control but not aflatoxin or peanut allergen you have likely missed the mark.You may not have the appropriate preventive controls, monitoring, verification activities, validations and corrective actions identified in your hazard analysis and food safety plan to control for the most significant hazards your facility / the finished food is facing from a food safety risk perspective. (note the identification of hazards requiring preventive controls is highly dependent on the food, facility, processing methods of the manufacturer, upstream supplier and will vary if products are RTE or nRTE)
How are auditors tackling this issue? Many third-party audit firms have invested in providing PCQI training for its auditors so they are better prepared to evaluate the sufficiency or gaps in the hazard analysis. It is a good idea to ask your audit firm what updated skills and training have been given to its auditors to ensure you are getting the assistance you need.
Continue to page 2 below.
