On March 31, the Foundation FSSC published Version 6 of its FSSC 22000 scheme. The updated version of the FSSC 22000 scheme:
Integrates the requirements of ISO 22003-1:2022
Strengthens the requirements to support organizations in their contributions to meeting the UNs’ Sustainable Development Goals (SDGs)
Incorporates feedback of the Version 6 development survey, which received nearly 2,000 responses
Version 6 will have a 12-month transition window to allow organizations and Certification Bodies to prepare for implementation and gaining accreditation. The first audits to Version 6 will commence April 1, 2024, and all organizations must complete the V6 upgrade audit before March 31, 2025.
The Foundation has published a Version 6 Upgrade Process document, which details the transition requirements and a version of the scheme highlighting the changes between V5.1 and V6.
One of the key changes in V6 is the addition of requirements on food loss and waste. Organizations must have a documented policy and objectives detailing their strategy to reduce food loss and waste within their organization and the related supply chains. The additional food loss and waste requirements support a silo-breaking approach to help organizations contribute and move towards the UN Sustainable development goals (SDGs).
FSSC schemes support the consumer goods industry in implementing effective management systems, protecting their brands, and achieving food safety targets.
Foodborne illnesses cost billions of dollars each year in the United States. A lack of standards can lead to severe consequences, including loss of customers, negative impact on brand reputation and employees missing work due to illness. As a result, safety is vital for any brand that is committed to high-quality food and maintaining a positive brand image.
Food safety management systems—the processes and procedures that companies set up to prevent contamination—are essential in reducing the risk of foodborne illness and ensuring the safest products possible.
By FDA regulation, most food processors must have HACCP as well as corrective actions/preventive action (CAPAs) plans in place. Even with the right safety guidelines, however, contamination or exposure to food hazards can still occur. The following are four ways to improve the quality of your food safety management system.
1. Conduct Regular Audits
Even if your business’s HACCP is highly effective in theory, it won’t prevent contamination unless actual practice lines up with documentation. Regular audits can ensure employee practice complies.
HACCPs are structured around identifying both potential food hazards and critical control points (CCPs) where your system has the opportunity to prevent, mitigate or eliminate a potential issue. Usually, this means storing food items or performing some biological, physical or chemical action to a target limit— like a specific temperature—to prevent or mitigate contamination.
For example, in the manufacturing of chicken products, cooking and hot-holding are critical control points at which the product needs to be heated to a certain temperature to eliminate or prevent potential hazards. Here, an audit would be a chance to ensure employees cooked and hot-held foods at the proper temperatures. If they aren’t, the food safety management team can make policy changes that ensure practice lines up with planning.
The audit process should be consistent and occur regularly. It should also cover every aspect of your HACCP strategy and place a particular focus on potential hazards and CCPs. These audits can be a way to uncover the strengths and weaknesses of your current HACCP strategy. Companies can use this information to build upon existing practices or demonstrate how procedures could be more effective.
Stainless steel is popular in food handling due to impermeable surface and resistance to corrosion, two characteristics that help reduce the risk of food contamination. (free image from Splash)
2. Consider a CCP Monitoring System
You can use automated or digital systems to ensure that CCPs aren’t deviating from control limits. With the right sensors, it’s possible to ensure that food remains between target limits at each CCP. For example, automated sensors can quickly alert plant staff if the temperature of food in cold storage rises above a certain threshold, or if there is a deviation from a given CCP.
These alerts can help staff quickly respond to deviations, ensuring compliance, and reducing the risk of contamination by food hazards.
3. Review and Maintain Equipment
An thorough equipment program can be highly effective in reducing the risk of food contamination. To minimize risk, your plan should look at the equipment needed in your plant, as well as how it’s constructed and maintained. For example, choosing industry-standard or food-safe materials can help prevent contamination. Investing in the right kind of stainless steel can both improve operating costs and help reduce the risk of food exposed to hazards.
Preventive maintenance plans for food safety equipment can also reduce the risk of contamination by ensuring the proper functioning of site equipment.
4. Provide Employee Support and Encourage Buy-In
Training programs are an essential component of any HACCP. If your employees don’t know how to handle food properly or aren’t aware of HACCP documentation or the CCPs in the food processing pipeline, they won’t be able to execute the plan and prevent contamination.
While training programs are crucial, they don’t necessarily guarantee compliance. Common pitfalls exist that can discourage employees from following the plan. To encourage employee buy-in, training should begin by discussing the importance of food safety and the potential risks of contamination.
The training should also be robust enough that employees feel confident when executing the HACCP. Training staff should be sure to provide visual demonstrations and opportunities for employees to practice before they become responsible for food safety. Tests or evaluations both during and after training can be useful tools in determining how well your employees understand your business’s HACCP strategy. Regular follow-ups on training can also ensure compliance and reduce the risk of contamination.
Improving Food Safety Management Systems
For any business that works with food, safety programs are essential in ensuring the safest and highest quality product possible. Existing food safety management systems can often improve with the right methods. For example, automated monitoring systems can reduce the risk of deviating from CCP limits. Employee training and regular audits can also ensure that a plant’s food safety practices line up with the documented plan.
Ok, ok I know what you are thinking, another article about HACCP. You have been HACCP certified since 1999 and doing this for years—why read this article? That golden sticker on your certificate does not last forever. Industry has changed, approaches to food safety have changed, and your HACCP plan should have evolved. Did it?
Biological, chemical, physical, biological, chemical, and physical hazards. If you are any part of the quality assurance or HACCP team, you can recite this in your sleep. Do you recite economical and radiological hazards? These are one of the most commonly missed items in a plant’s HACCP plan that I have witnessed when auditing. This, of course, applies only to plants that must comply with FSMA, but does it truly hurt to think about including it in all plants? I mean, we are all in this for food safety, right?!
In speaking about radiological hazards, most of the time I will have site management tell me that I am not by a power plant so there are not hazards to my operations. If you are a producer of vegetables and fruits, or a plant receiving these kinds of ingredients, water and even soil can be a home to radioactive hazards! Radioactive minerals are naturally occurring and unless you know where to start, items such as Cadmium may sneak up on you in unacceptable levels. Economical hazards are, in my opinion, a bit easier to research. When looking at economical hazards, we are basically trying to prevent intentional contamination to gain or profit. In more common terms, this is often referred to as food fraud. Olive oil, fish, and even spices have been known to be the victims of food fraud. There are plenty of informational sites out there to help get you started on writing your hazard analysis for food fraud, however some I have found you do have to pay for.
Another common non-conformance that I see missing in HACCP audits is what I would call inputs and outputs to the HACCP flow chart. Inputs are: Water, compressed air, ice and even steam. Outputs are: Waste, animal feed or by-products. This is not an all-inclusive list, but certainly these examples could bring a new level of hazards to your facility, especially if you did not include them in your hazard analysis. Even worse, if you did include them but decided to write in your hazard analysis that word…dare I even say it… “NONE”: You wrote “none” for biological, chemical, and physical hazards. More than likely you have a pre-requisite program, letter of guarantee, or something that controls these hazards, and you absolutely want to include these in your HACCP plan. Give yourself credit! Auditors and customers alike truly want to see that you have documented and given thought to each of your processing steps. Make sure you take that HACCP flow chart and walk around your facility to ensure you have captured the needed information that will give you the best chance of catching items that can be missed. The plan is only as strong as the time you put into it, which leads me to my next point: Your HACCP or Food Safety Team.
The notorious HACCP team. You have one, the head of the team is the QA manager, and you have team members to cover the multi-disciplinary basis. So, what’s the problem? Well, maybe none, but remember the comment about the golden sticker on your certificate? It’s the same thought process here. Your team must be continually updated and educated to keep up with the ever-changing world of food. That 1999 HACCP certificate is no longer valid in the eyes of some customers. I have seen many customers requiring that HACCP be retrained every five years. For the sites that must follow FSMA rules and regulations, have you completed your Preventative Controls Qualified Individual training? You should have, and who is their backup? It takes much planning and money to make this happen, but it is all a crucial step in maintaining food safety and your HACCP plan.
We all know that our programs and processes are not good for forever and that change is inevitable. There are always avenues for gathering information and accessing it. You must be willing to go out and get the resources that will place an upgrade on your food safety management system, as waiting for it can sometimes cause gaps and non-conformities. The big question is: Did you put in the hours?
GFSI has just released a new benchmarking requirements version that was developed for food safety certification schemes. Following stakeholder input, Version 7.1 intends to reflect changes happening in the market. The new version includes the addition of clauses for each scope under Food Safety Management requirements, including purchasing from non-approved suppliers and compliance with food safety legislation.
The previous version, Version 7, was released in February and introduced requirements to combat food fraud, incorporate unannounced audits, and increase transparency in the benchmarking process. It also included a new scope of supply chain food brokers and agents.
Compliance to FSMA requires companies to meet existing program requirements and new ones being published or face regulatory consequences. A part of FSMA also requires that companies follow established food safety plans, which includes GFSI certification.
With these changes, GFSI-level programs must integrate into an aligned Food Safety Management System (FSMS) and strategy. Key considerations include sustainability, multi-year planning, effective organizational structures and expectations, well-defined roles and expectations, compliance, and business objectives.
The value of GFSI certification depends on how the company uses its organizational resources to maximize return on investment, while meeting the changing FDA requirements. Effective management of a GFSI-certified FSMS can have a significant impact on FDA/FSMA compliance. The risk of not meeting established programs while implementing new FSMA programs must be measured, and attention must be given to addressing FSMA compliance, while maintaining established programs.
Complying with FSMA Food Safety Programs
The implementation of FSMA-compliant programs requires having an established GFSI FSMS and demonstrating conformance with one’s own policies. Programs must be maintained and improved as the FSMA requirements are developed and implemented. Each of the GFSI schemes has been vetted to meet a significant level of FDA/FSMA requirements—a key benefit to these industry programs.
Developing a compliant FSMS with proper alignment of your existing programs to FSMA must be assessed. For example, companies with more than 500 employees must include requirements in their programs for the FSMA Preventive Controls rule, which is set for compliance September 19, 2016. In this regard, registered food facilities must evaluate and implement preventive control provisions and meet the requirements by the approaching deadline. This requires effectively updating current programs, establishing key imperatives including cGMPs (Section 117), identifying a Preventive Control Qualified Individual (PCQI), and implementing a Food Safety Plan.
The following areas are all included under the FSMA requirements:
cGMP, Controls and Preventive Controls. Must be identified, modified, and implemented to further minimize or prevent the occurrence of hazards based on Section 117 requirements.
Food Safety Plan, Hazard Analysis, and HACCP. Companies must identify and evaluate changes in their existing programs to include FSMA Preventive Controls.
Qualified Individual. Must be trained with authority to oversee Preventive Control program aspects, developments and impacts.
Written Programs and Documentation. Up-to-date GFSI-level FSMS provides documented programs, procedures, and records for meeting requirements under FDA/FSMA.
Management & Monitoring. All controls, including under FSMA and existing GFSI-level, must be monitored, validated, and verified for effectiveness.
Management of Corrective Actions. Procedures including traceability response for addressing failures of procedures, GMPs and controls must be under management review and confirmed for prevention of adulterated food from entering commerce.
Recordkeeping. Records must be complete and accurate for all food production and safety activities and kept for two years, including the testing level verification of all programs under FSMA and GFSI-level programs.
Self-Diagnostic Assessment Tool
The following self-diagnostic assessment tool can help organizations better determine their current state of planning when it comes to GFSI-level programs meeting FSMA. To complete your own planning assessment, review your progress compared to the questions in Table I.
Table I. Kestrel Management’s self-diagnostic tool can help a company assess its level of FSMS and GFSI preparedness for FSMA compliance.
Get Compliance-Ready
Companies must have their existing food compliance and GFSI programs in good standing to comply with FSMA or face possible violations, fines and penalties under FDA enforcement. The questions in Table I will help companies identify the areas in which they need to focus attention. Kestrel can also help answer questions, provide input on solutions, discuss how to better manage GFSI certification—and change “No” responses into “Yes” responses that promote best practices for FSMA compliance.
The Global Food Safety Initiative (GFSI) is a global initiative for the continuous improvement of food safety management systems. From a functional standpoint, you might be surprised to learn that one of the most challenging elements of keeping up with GFSI compliance for many food producers is sufficient document control. In fact, data compiled by SQF shows that document control-related issues are one of the most common sources of a non-conformance during GFSI-benchmarked audits. Examples of these non-conformances are associated with documentation of training requirements, business continuity planning, and corrective and preventative actions.
The Global Food Safety Initiative (GFSI) is an industry-driven initiative providing thought leadership and guidance on food safety management systems necessary for safety along the supply chain. This work is accomplished through collaboration between the world’s leading food safety experts from retail, manufacturing and food service companies, as well as international organizations, governments, academia and service providers to the global food industry. They meet together at technical working group and stakeholder meetings, conferences and regional events to share knowledge and promote a harmonized approach to managing food safety across the industry. GFSI is facilitated by The Consumer Goods Forum (CGF), a global, parity-based industry network, driven by its members.
So what exactly are some of the most common causes for document control issues as it relates to non-conformances? Keep an eye out for the following five errors that can affect compliance.
1. Lack of document control altogether
Lack of correct usage of document control in the context of GFSI compliance is a common error. This is an issue that often occurs as a result of document sprawl—specifically as it pertains to duplicate documents and supporting documents. For example, an organization might create internal reference material designed to be cheat sheets or summaries of larger policies. These could include simple charts that list key equipment set-up parameters or charts summarizing abbreviated information from product specification sheets. Many organizations fail to realize that because of the nature of the information in these files, these reference documents must also be included in their document control program to ensure that the information in them is current and universally applied.
2. Document version control
From using outdated forms to referencing outdated employee procedures, lack of proper document version control and enforcement is the most common GFSI compliance-related non-conformance. These issues can arise from operational errors (employees don’t know where to find up-to-date documentation or how to ensure that it is being used) to technical errors (the document control system is unable to properly manage document versioning, or in the case of home-grown document control software systems, they may be unable to do so altogether). To avoid these errors, it’s necessary to establish where controlled versions of documents are located and ensure that they are kept up to date. It’s also important remove obsolete versions of these documents—this is a basic principle of document control, but it’s often an area where errors compound over time. Reinforcing training so employees are made aware of document control best practices and policies is critical to keeping your compliance activities current.
3. Document revision errors
One of the most common activities and most common sources of error within any document control program involves publishing revisions to documents. These errors include:
Updating the contents of a document but forgetting to update information such as the version number
Improper tracking of revision history
Adding new documents to the database rather than revising or updating existing documents
4. Inclusion of documents from external sources
If your food safety management system includes or makes use of external documents, these must be controlled in the same manner in which you control internal documents.
Some examples of external documents that may need to be included in your document control program include:
Sample labels provided by your chemical and pest management suppliers
Raw material specifications provided by your suppliers
Customer expectations manuals provided by your customers
5. Improper identification of approval personnel
A best practice of document control is for the person knowledgeable about the content of a document to be assigned the responsibility of approving updates to it. In many organizations, this is interpreted to mean that all approval responsibilities are assigned to a single person across the organization. This could be the food safety coordinator or the document control administrator, despite the fact that it is not reasonable for a single person to be knowledgeable about all the procedures across the organization.
A better approach to approval responsibilities is to identify individuals who can be responsible for authorizing changes based on function or discipline. By spreading the responsibilities across more people, your document control program is more likely to be current and accurate.
When it comes to food safety compliance and best practices, particularly as they relate to GFSI, it’s often the basic principles that get overlooked once your organizations processes and systems are up and running. Setting up a process for document control and maintaining this process over time is a key to achieving and maintaining compliance. As such, it’s important to revisit your controlled document process and library regularly to ensure things are operating as designed and avoid costly compliance surprises at the same time.
Confusion reigns in many organizations and especially with our food safety and quality professionals, as we debate and attempt to decide how best to address the requirements of FSMA. With the first compliance date of September 2016 drawing near, companies are feeling increased pressure to take action. As many are already accredited to a GFSI-approved food safety scheme such as SQF Level 3, BRC, Primas, IFS or FSSC 22000, often the question is, how does my current system fit into FSMA, and where do I need to make changes? The undercurrent to this question is the implication that changing the system to fit FSMA will cause it to no longer be tailored for the desired GFSI food safety scheme, and that a change could cause issues with those audits (which are crucial for purchasing, marketing and sales).
The Food Safety Consortium will discuss critical industry issues, including FSMA compliance. The event takes place in Schaumburg, IL | December 5–9, 2016 | LEARN MOREAs with so many of our industry challenges, there is no easy and prescriptive answer to these questions. Each organization has to make the decision for their own system based on their individual hazard analysis, risk tolerance and resources. Some over-arching themes begin to emerge, which may be analyzed to assist the decision makers in the creation of a road map to FSMA compliance.
During our FSMA Preventive Control Qualified Individual (PCQI) training courses we are repeatedly asked, “What qualifies as a preventive control? Are our critical control points (CCPs) automatically a preventive control? How about our operational prerequisite programs (OPRPs)—are these PCs also?” While there is no easy answer (yes or no), there are some important things to keep in mind that can help in the decision.
The official answer is that a preventive control should be any point in the process where, with a loss of control, it is reasonably foreseeable that a significant food safety hazard either will occur or has an increased likelihood of occurrence. Remember this is intended to be a single point in the process, not the entire process. For example, the sanitation program may be managed as a prerequisite program; however, there may be a point in the process that requires special sanitation attention and without it, there is a reasonably foreseeable likelihood of a hazard.
Thinking about the concept, a logical conclusion is that a loss of control leads to a significant food safety hazard or, at the very least, increases the likelihood of said hazard. It follows that a loss of control would beget the need for a withdrawal if the product had already left the organization’s control. Therefore, one should only designate a point as a preventive control if the implications of conducting a recall in the event of failure have been analyzed as part of the risk assessment. The organization must be fully prepared to conduct such a recall in the event of failure.
The FSMA Preventive Control regulation (§21CFR117.135 – Preventive Controls) requires a recall program only if there is a preventive control identified in the process. Of course, any food processing organization would be remiss if they did not have an effective recall program defined and tested by regular mock recalls. Waiting for a true recall is no time to find out that your program has issues. Even without a preventive control, what happens if a supplier contacts the processor with an issue that requires a recall?
Through the evolution of compliant and mature food safety management systems, it is common for an organization to initially identify multiple CCPs and then, through data collection and process improvements, slowly reduce the CCPs to control points managed through OPRPs or PRPs over time. So, should an OPRP (Operational Prerequisite Program – ISO 22000:2005 Section 7.5) also be designated preventive control? This is perhaps one of the grayest of gray areas in this arena. A deviation in a preventive control, if the product has left the organization’s control, requires a recall. A recall for a deviation in an OPRP is not absolute, and it is actually handled by the food safety team and management on a case-by-case basis, depending on the risk. In addition, although identified when possible, a critical limit is not required for an OPRP (ISO 22000:2015 Section 7.5). Parameters are required for a preventive control.
There really isn’t one answer that fits every situation, but it is important to remember that the requirements for FSMA Preventive Controls regulation (§21CFR117.135) are designed for those operations that in the past have not had the opportunity to define, implement and maintain a food safety program—one that includes a hazard analysis based on HACCP guidelines (Codex Alimentarius Commission [Annex to CAC/RCP 1-1969, Rev. 3 (2003)]) and/or a GFSI-approved food safety scheme. Personally, we feel that if an organization has evaluated their process in compliance with a GFSI-approved food safety scheme, then any reasonably foreseeable hazards have been identified and addressed through a control point such as a CCP, OPRP or PRP. However, that said, upwards of 90% of recalls are linked to either ineffective or nonexistent PRPs such as allergen mislabeling, which accounted for 53% of all recalls last year. Thus, it is imperative that we evaluate all aspects of our processes with the same scrutiny that we do our microbial pathogen and metal control programs, which are common CCPs in today’s world of food safety.
Risks must be evaluated through an effective risk assessment based on science and facts. We start almost all of our workshops with the great American Society for Quality (ASQ) video: Cost of Poor Quality. This highlights the lack of an effective risk assessment performed on January 28, 1986, related to the launch of the Challenger. Unfortunately, emphasis was not on the fact that the engineers presented about the lack of cold temperature stability of critical O-rings, but rather on the fact that the launch had already been postponed for two days, and there was intense media and political hype surrounding the event. An effective risk assessment must be based on facts and objectivity, not on our feelings about what we want or need the decision to be.
FSMA PCQI training stresses the use of reliable and credible resources such as academia, trade organizations and process authorities. The internet itself can also be a valuable resource. Jon Porter stated in 2004, “HACCP, as we know it, would not exist without the internet.” (If Jon could only see us now.) However, again, we must be sure we are choosing credible information from the internet. We all know that we can usually find any answer we desire on the internet, but is it credible and accurate?
Competent industry sector-experienced consultants may also be good options if the organization ensures their credibility. Sometimes, a set of independent eyes can be just what the doctor ordered. Even in cases where the organization has a fully qualified team that is perfectly capable of managing the food safety program on their own, the right external resource (i.e., consultant) may provide an additional, independent viewpoint to your process. A friendly debate with an external resource can oftentimes open a whole new vista of previously unconsidered possibilities for the team.
The FSMA Preventive Controls regulation (§21CFR117.135) states that “each organization is required to have a PCQI that has successfully completed training in the development and application of risk-based preventive controls at least equivalent to that received under a standardized curriculum recognized as adequate by FDA or be otherwise qualified through job experience to develop and apply a food safety system”. What qualifies an individual to be qualified through job experience is not specifically defined but is judged by the effectiveness of their food safety program. However, if FDA visits the facility and asks for the PCQI and no one has taken an FDA-recognized course—but there is someone that the organization has identified as qualified—this has the potential to start the visit off with a negative focus. We urge each organization to send two food safety associates to an FDA-recognized FSMA PCQI training course regardless of their background (this provides a back-up person in case the primary representative is ill, traveling for business or pleasure, wins the lottery, or otherwise leaves the company, etc.). This provides a strong foundation for the future, as ownership of the system is always crucial to not just surviving an inspection, but excelling—and as food safety professionals that is an idea we can all support.
The human behavior that surrounds us contagious. Read the article about Frank Yiannas’ presentation, Catch the Food Safety Culture Bug. In keeping with this theme, Frank Yiannas, vice president of food safety at Walmart, reviews behavioral science techniques that can be applied to a food safety management system. In part I of this video series from the 2015 Food Safety Consortium, Yiannas reviews the principles of consistency and commitment.
If you watch the evening news or read the local newspaper, the chances are pretty good that you will read or see something about a food safety concern or incident.
An estimated 1 in 6 Americans fall victim to a foodborne illness annually.
While the American food supply is among the safest in the world, the Federal government estimates that there are about 48 million cases of foodborne illness annually—the equivalent of sickening 1 in 6 Americans each year, according to Foodsafety.gov. And each year these illnesses result in an estimated 128,000 hospitalizations and 3,000 deaths. Five types of organisms—Salmonella, Toxoplasma, Listeria, norovirus, and Campylobacter—account for 88% of the deaths for which the cause is known.
We watched from the sidelines when major retailers faced public scrutiny over their practices on safeguarding consumer credit card information when their websites were hacked. Today, consumer and regulatory interest in food safety are the new focus areas for the news media, especially in light of the Blue Bell Creameries Listeria and the Peanut Corporation of America (PCA) Salmonella outbreaks. Unlike consumer credit information, serious missteps in our industry can kill people, and in the case of PCA, can put you permanently out of business.
In 2008, peanut butter paste manufactured by PCA killed nine people and sickened 714 others, some critically, across 46 states and was one of the largest food recalls in American history, according to the CDC. Although still under appeal, PCA CEO Stewart Parnell was convicted and sentenced to a 28-year prison term for his role in knowingly shipping out salmonella-contaminated peanut butter. Parnell received one of the toughest punishments in U.S. history in a foodborne illness case.
In the Blue Bell case, a total of 10 people with Listeriosis related to this outbreak were reported from four states, with three deaths reported from Kansas, according to the CDC. Blue Bell pulled their products from store shelves on April 20, 2015. On May 7, the FDA released findings from inspections at the Blue Bell production facilities in Brenham, Texas, Broken Arrow, Oklahoma and Sylacauga, Alabama. The FDA reports highlighted serious problems across multiple sites.
Both cases shine a spotlight on what can happen if you don’t have an effective food safety management system (FSMS). So what makes up a good FSMS, and is it enough to keep you out of trouble? An effective FSMS is built on three elements: Good Manufacturing Practices (GMPs), Hazard Analysis Critical Control Points (HACCP) and a management system. Food safety issues are avoidable, and good processes and a strong culture within an organization make them more unlikely to occur.
Does your leadership recognize the importance of your FSMS? An effective FSMS should be established before a product incident or recall occurs.
Implementing a FSMS does not happen in a few months; it may take up to two years to establish one. No doubt, foundational activities need to be in place for factory operations. In addition to focusing on foundational elements such as making sure equipment is cleaned properly and procedures for allergens are implemented, the leadership team needs to make it clear that it is never acceptable under any circumstances to take shortcuts that could jeopardize food safety. This policy needs to be indoctrinated throughout the organization and thus does not happen overnight.
Underlying an effective FSMS are strong HACCP and GMPs, but food safety should always be the top priority for management and its employees, not share price, earnings or profit margin. Although financial performance is important, food safety must take precedence in the organization, and leadership at all levels needs to send that message loud and clear to all employees. In today’s environment, HACCP is pretty much mandatory from a regulatory standpoint and is an essential part of a FSMS. But the missing piece in many organizations is the support from the top—this is where culture becomes embedded in the organization.
The FSMS culture is the collective behavior from the organization around shared values and beliefs. The organization will follow the actions of leaders, not necessarily what they say—we all know actions speak louder than words. A good food safety culture is one where best practices are openly discussed, defined and rewarded. Food safety culture has become a buzz word and there needs to be a focus on making it come to life through a structured FSMS.
At this year’s Food Safety Consortium conference, Tim Ahn will discuss advancing food safety training and harmonization (November 19). LEARN MOREFood safety training is important not only for first line supervisors and operators, but also for senior managers and leadership, because they define the objectives and policies of the FSMS. What does it mean to conduct an effective management review? What does it mean to do an internal audit? What’s a good corrective action process? Training often misses the mark, because organizations fail to embed it correctly.
For FSMS to thrive, management must commit to the FSMS being a required way of doing things throughout the entire organization. A FSMS is most effective when it benchmarked against a proven standard and verified by an independent third party. Certification against a proven standard will reduce risk within your business.
Select your independent third-party verifier carefully. Do they have the resources and time, and do they know what they are doing? Do they add value to your organization? This is important since once you get certified, your journey starts and it doesn’t end. The value comes in two areas: Identifying risks and developing the appropriate control measures, and ensuring that the process drive continuous improvement in your organization. FSMS is focused on how continuous improvement applies to the management of risk and business operations.
The most effective way to establish an FSMS is to have leadership that recognizes its importance. The worst way is to have a recall or an incident, which draws attention to the fact that there is a problem and something needs to happen. In the case of Blue Bell, they probably understood the importance of food safety and thought they were taking the right actions. However, their management system led them to problems. FSMS must be independently verified against world-class standards to ensure effective performance.
A thorough auditor won’t look the other way and will find the problems. Call it as you see it–don’t be too soft when getting an assessment.
Companies can develop blind spots where they cannot see their own bad practices, and they become institutionalized over time. Fortunately, experienced independent third-party assessors can shine a spotlight on those bad practices. That is the true value in bringing in outsiders to look at your operations and culture to uncover those blind spots.
At PCA, their poor culture and actions to the problem sealed their fate. In some ways, this criminal case presented a wake-up call to boardrooms across America and highlights how badly leadership mismanaged matters. This case came to light in the context of the public complaining to the regulators that they were not doing enough following several highly visible food poisoning cases. A FSMS would have prevented these problems because the structure would not allow such bad decisions to be made and would have been verified by an independent third party that would test and check everything. A reputable third-party verifier would not miss poor GMP/ HACCP processes.
A good assessor can help a company understand what is really important and what is not so important when it comes to findings (i.e., context). We don’t waste a client’s time with insignificant issues and that is where the experience and judgment of the auditor becomes critical. Last year I met with a client and said, “you need to be checking for Salmonella in your environment—how do you know it is not there?” I pushed them into checking because I understood the changing regulatory environment. I came back a year later, and they had confirmed that regulators were interested in their Salmonella monitoring program during a recent inspection. As an auditor, you have to be confident enough to provide advice and context to the client in a way that is understood and accepted, and that helps to build trust.
With FSMA, the government can now take specific actions against companies. If I am plant manager or CEO, how do I know for sure that I am in compliance with the requirements? How do I know that I don’t have any of these potential issues? The only way to know for sure is to have the FSMS assessed. Just like a bank or publicly traded company hires financial auditors to assure everything is done correctly, companies need to audit their FSMS to ensure compliance. Get a process audit and ensure they drill down deep into the organization—that is where we find issues and gaps. A thorough auditor will find your problems instead of looking the other way. It is important to call it the way you see it and not be too “soft” when getting an assessment.
If I am the CEO, I want to know where those problems exist. Independent third party assurance is the best way to find out how compliant you are with regulations. No CEO wants to deal with the inevitable lawsuits and lost business impacts. At least with an effective FSMS, you can show a level of due diligence when the regulators show up at your doorstep and the culture is such that you want to address any problems.
We have entered an important time for the food industry with FSMA implementation and other food safety regulatory requirements in the United States. These new rules place an emphasis on management accountability, risk assessment and control of supply chains. The bar for due diligence has been raised and it up to all us to show that we have done everything possible, and the best way is with an effective FSMS.
Food safety training has traditionally focused on foundational topics such as Hazard Analysis Critical Control Points (HACCP) and Good Manufacturing Practices (GMPs). While these topics are essential in defining and implementing Food Safety Prerequisite Programs, they define the What and How, but not the Why of Food Safety. In order to address the Why of Food Safety, training programs need to address food safety culture, and the role of a food safety management system in establishing that culture.
A session during the 2015 Food Safety Consortium Conference will discuss advancing food safety and harmonization through educating employees. | November 17-20, Schaumburg, IL| REGISTER NOWCreating a food safety culture needs to start at the top. It must be known that food safety is a top priority to upper management. In order for training programs to support a food safety culture, they need to be delivered in a format that enables employees to contribute to the organization’s business strategy and food safety objectives while simultaneously reinforcing employee skills, attitudes and behaviors. Studies have shown that during training, one should consider manufacturing as a whole—not bits and pieces—and that the correct and most effective approach to training should look at collective knowledge requirements rather than any single requirement. A good starting point is to understand how a well-planned management system can help bring focus on a holistic approach that transforms the culture. A company’s ability to adopt a culture of food safety is dependent on its ability to take a holistic approach to manage food safety risk and incorporate all components of a food safety culture.
The second area of focus is having an effective FSMS in place. The International Organization for Standardization (ISO) defines a system as “a set of interrelated or interactive elements” and a management system as “a system to establish policy and objectives and to achieve these objectives.” In order for the FSMS to thrive, management must commit to the FSMS being a required way of doing things throughout the whole organization. A food management system is most effective when it benchmarked against a proven standard and independently verified. Having an effective FSMS in place provides a vote of confidence in your organization—a statement that your organization takes safety and quality seriously and has made the right moves to help protect your brand reputation and consumers by addressing the complexity of risks, up and down your supply chain, and assuring food safety and sustainability.
By following these pragmatic guidelines your organization can raise the level of food safety around the world by creating more effective food safety solutions not only for today, but also tomorrow.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookies should be enabled at all times so that we can save your preferences for these cookie settings.
We use tracking pixels that set your arrival time at our website, this is used as part of our anti-spam and security measures. Disabling this tracking pixel would disable some of our security measures, and is therefore considered necessary for the safe operation of the website. This tracking pixel is cleared from your system when you delete files in your history.
We also use cookies to store your preferences regarding the setting of 3rd Party Cookies.
If you visit and/or use the FST Training Calendar, cookies are used to store your search terms, and keep track of which records you have seen already. Without these cookies, the Training Calendar would not work.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Cookie Policy
A browser cookie is a small piece of data that is stored on your device to help websites and mobile apps remember things about you. Other technologies, including Web storage and identifiers associated with your device, may be used for similar purposes. In this policy, we say “cookies” to discuss all of these technologies.
Our Privacy Policy explains how we collect and use information from and about you when you use This website and certain other Innovative Publishing Co LLC services. This policy explains more about how we use cookies and your related choices.
How We Use Cookies
Data generated from cookies and other behavioral tracking technology is not made available to any outside parties, and is only used in the aggregate to make editorial decisions for the websites. Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent by visiting this Cookies Policy page. If your cookies are disabled in the browser, neither the tracking cookie nor the preference cookie is set, and you are in effect opted-out.
In other cases, our advertisers request to use third-party tracking to verify our ad delivery, or to remarket their products and/or services to you on other websites. You may opt-out of these tracking pixels by adjusting the Do Not Track settings in your browser, or by visiting the Network Advertising Initiative Opt Out page.
You have control over whether, how, and when cookies and other tracking technologies are installed on your devices. Although each browser is different, most browsers enable their users to access and edit their cookie preferences in their browser settings. The rejection or disabling of some cookies may impact certain features of the site or to cause some of the website’s services not to function properly.
Individuals may opt-out of 3rd Party Cookies used on IPC websites by adjusting your cookie preferences through this Cookie Preferences tool, or by setting web browser settings to refuse cookies and similar tracking mechanisms. Please note that web browsers operate using different identifiers. As such, you must adjust your settings in each web browser and for each computer or device on which you would like to opt-out on. Further, if you simply delete your cookies, you will need to remove cookies from your device after every visit to the websites. You may download a browser plugin that will help you maintain your opt-out choices by visiting www.aboutads.info/pmc. You may block cookies entirely by disabling cookie use in your browser or by setting your browser to ask for your permission before setting a cookie. Blocking cookies entirely may cause some websites to work incorrectly or less effectively.
The use of online tracking mechanisms by third parties is subject to those third parties’ own privacy policies, and not this Policy. If you prefer to prevent third parties from setting and accessing cookies on your computer, you may set your browser to block all cookies. Additionally, you may remove yourself from the targeted advertising of companies within the Network Advertising Initiative by opting out here, or of companies participating in the Digital Advertising Alliance program by opting out here.
