Tag Archives: FMEA

Melody Ge
FST Soapbox

Compliance with the Intentional Adulteration Rule: Using FMEA for Your Vulnerability Assessment

By Melody Ge
No Comments
Melody Ge

What is FMEA? What is a vulnerability assessment (VA)? How can these two be linked? Despite what you may think, there are similarities between these two methods. FMEA (Failure Modes and Effects Analysis) methods can be utilized to help objectively assess the vulnerable steps within your process.

After July 26, 2019, businesses other than small and very small businesses (defined by FDA) must comply with the FSMA Intentional Adulteration (IA) Rule. The rule is intended to enforce industry regulation to conduct vulnerability assessments and address proper mitigation plans to prevent any potential fraud risks within the food defense plan. For small businesses, the compliance date is July 27, 2020; for very small businesses, the compliance date is July 26, 2021.

Although the IA rule does not specify a particular method that you must use to conduct your VA and address proper mitigation plans, the following elements must be considered during your evaluation and mitigation strategy and must be implemented at each actionable step afterwards:

  • The potential public health impact (e.g., severity and scale) if a contaminant were added (21 CFR 121.130(a)(1))
  • The degree of physical access to the product (21 CFR 121.130(a)(2))
  • The ability of an attacker to successfully contaminate the product (21 CFR 121.130(a)(3))

During the 2019 Food Safety Consortium, Melody Ge will present: How to prepare ourselves in this data-driven transitioning time for the smart food safety era? | October 2 @ 10 am FMEA is a Six Sigma method widely used in operations when implementing a new process. It is a structured approach to discover potential failures that may exist within the design of a product or process. Within FMEA, the RPN (Risk Priority Number) score is used to prioritize risks and is calculated by Severity × Occurrence × Detection. RPN is a quantified number that helps you prioritize risks when determining actions. If we employ the same mentality, FMEA is a useful method in helping to identify vulnerable steps based on the risk within your process. Take a close look at how the RPN is generated; the following three components are also important during the vulnerability assessment.

Severity or the potential public health impact (e.g., severity and scale) if a contaminant were added.
Severity is identified when considering the consequence of when a processing step goes out of control; or thinking about the severity of the health impact. We can consider those impacts or consequences using four common categories:

  • Biological contaminants
  • Chemical contaminants
  • Physical contaminants
  • Intentional adulteration for economic gain contaminants

Occurrence or the degree of physical access to the product.

Occurrence is identified when considering how frequently a process step is expected to go out of defined controls. Is it once a week or once a month? Depending on how often the step goes out of defined controls, this will trigger different action steps as well as mitigation plans.

Detection or the ability of an attacker to successfully contaminate the product.

Detection is considered by how easy it can be detected when the failure occurs. For example, within the food production operation, mixing steps is relatively easier than a CIP step to be detected. More references could be found in FDA’s definition of KAT (Key Activity Types, as discussed in the draft guidance, “Mitigation Strategies to Protect Food Against Intentional Adulteration”), such as:

  • Bulk and liquid receiving and storage
  • Liquid storage and handling
  • Secondary ingredient handling
  • Mixing and similar activities

Once the RPN is identified, then the vulnerable steps can be sorted based on the RPN. To utilize this approach, Table 1 provides a template to be considered using FMEA for the vulnerability assessment.

Process Step Description Is it KAT? (Y/N) RPN Action Process Step Mitigation Strategy Explanation
Sev Occ Det RPN
Table 1: Determine the vulnerable steps (for reference)

As IA rules regulate, a mitigation plan must be generated once a vulnerable step is identified. The intention of the plan shall ensure those risks identified are mitigated and controlled so that the final finished products are not impacted or contaminated. One tip to begin this process is to start with reviewing your current control plan for potential food safety risks. As FSMA Preventive Controls are fully implemented, all food plants shall have a food safety plan in place with validated control plans that are intended to reduce risks for potential physical, chemical, biological and adulteration for economic gain. Sometimes, these risks are highly associated with potential vulnerable steps for intentional adulteration, especially those processing steps associated with potential economic gain hazards. If those controls are not working properly, then we can seek out other mitigation plans. Nevertheless, regardless of what steps are taken, they have to be validated to show that the IA risks are effectively mitigated. Monitoring and verification shall be conducted as well once the mitigation plan is implemented.

Of course, like all food safety management systems, every food plant should have its own designated plans based on the products being produced, operations implemented and the nature of the production. Ultimately, it will be your choice to find an effective method that fits your production culture. However, the intention should always be in compliance with the IA rules: Identify the vulnerable steps within the process, and conduct mitigation plans to control the risks of intentional adulteration.

Risk Assessment in Pathogen Testing Methods

By Food Safety Tech Staff
No Comments

A Certificate of Analysis (COA) provides a level of confidence in the quality and purity of its product. Companies should take this document a step further and assess what the results mean. Using Failure Modes and Effects Analysis (FMEA) can help a company identify, quantify and assess risks associated with pathogen detection methods, giving them the background information they need to trust the results. FMEA can help companies understand the differences between testing methods by individually identifying the risks associated with each method on its own. Maureen Harte, President and CEO at HartePro Consulting, and Lean Six Sigma Master Black Belt, talks about the challenges a company faces when assessing results on a Certificate of Analysis and the role of FMEA.

How to Use FMEA to Risk Assess Pathogen Testing Methods

By Maria Fontanazza
No Comments

All methods are not equal, and companies must understand the testing methods used on a Certificate of Analysis.

A Certificate of Analysis (COA) can provide a company with a level of confidence in the quality and purity of its product.  However, the company should be able to take the document and understand how the results were gathered, says Maureen Harte, President and CEO at HartePro Consulting, and Lean Six Sigma Master Black Belt. Using Failure Modes and Effects Analysis (FMEA) can help a company identify, quantify and assess risks associated with pathogen detection methods, and should be integrated into a HACCP strategy.

Food Safety Tech: What are the challenges a company faces when assessing results on a Certificate of Analysis (COA)?

Maureen Harte: [Companies] lack the background information to really understand what goes into a COA, and they trust that what is coming to them is the highest quality.

FST: What questions should a company ask?

Harte: They need to consider everything that goes into the testing method itself.

•    What is the origin of the COA?
•    Who’s doing the testing?
•    What’s the complexity of the method?
•    What is the overall quality of the method?
•    How traceable is it?
•    How well can I trust that this result is the true result (are there false negatives)?

FST: How is FMEA used to evaluate pathogen testing methods?

Harte: FMEA helps us understand the differences between testing methods by individually identifying the risks associated with each method on its own. For each process step [in a test method], we ask: Where could it go wrong, and where could an error or failure mode occur? Then we put it down on paper and understand each failure mode.

For example, most methods have an incubation step. A simple failure mode would be that the incubator isn’t at the correct temperature, or that it has been incubated too long or not long enough. You go across the board for each step, identifying potential failures and the severity. Is there potential that we wouldn’t identify the pathogen? If so, what would happen to the customer? You also rate how often it might happen with the test method. What’s the frequency of it? The last thing we rate is detection. With or without controls, how easy would it be for the personnel in the lab to identify or detect that this problem occurred?

We rate these three factors: severity, frequency and detection, and whether we detect [the pathogen] before it goes out to the retailer or consumer. Then we multiply the ratings and come up with a risk priority number (RPN).  We add all RPNs for each step and figure out risk, and the potential for error, for each test methodology.

 Image courtesy of Roka Bioscience

FST: How does using FMEA integrate into a HACCP strategy?

Harte: It could be integrated into the HACCP strategy. HACCP deals with identifying potential safety risks, and the key to identifying the risks and proactively trying to eliminating them. That’s what the FMEA is doing as well. I think the integration of FMEA could help identify the critical control points and where the failures will occur. That would be the most streamlined approach.

Harte’s Tips

•    Don’t fully trust the COA unless you understand what the result means.
•    Get involved with the labs that are providing the testing to ensure you have the most comprehensive information surrounding the COA.

Harte is presenting “Behind the Certificate of Analysis: Risk Assessment in Pathogen Testing Methods” at the Food Safety Summit on Thursday, April 30, 12:30-1:00 pm.

 

Related stories

FSQA Enabling Technologies as a Food Safety and Quality Assurance Game Changer