Tag Archives: GFSI

Dana Johnson Downing, TraceGains
FST Soapbox

Dispelling the Myth that Food Safety is Not a Competitive Advantage

By Dana Johnson Downing
7 Comments
Dana Johnson Downing, TraceGains

“Food safety is not a competitive advantage” is one of the barf-worthy “feel good” messages you hear from food industry executives during speeches and public forums. Last week at the Global Food Safety Initiative (GFSI) conference in Houston, an audience of more than 1,150 from 54 countries heard this tired mantra repeated during a panel discussion featuring CEOs from Mondelez, Cargill, Tysons and Wegmans. The common theme espoused by the CEOs was that food safety is a given and it’s just the right thing to do. Under their flawed rationale, because food safety is mandated, it cannot be a differentiator. Huh? That’s like saying monogamy in marriage is a given. Sure, most brides and grooms pledge faithfulness, but hey, we all know cheaters gonna cheat.

I wasn’t the only one who didn’t buy the food safety kumbaya message the CEOs were peddling. BBC business journalist Adam Shaw was the moderator for the panel and he grilled the CEOs to try to expose the fallacy that food safety is not a competitive advantage as nothing more than high-mindedness with altruistic notions, but the CEOs deflected his pointed questions and stayed on-message. I thought the song from the Lego movie, “Everything is Awesome” might start blaring from the sound system at any moment. What I cannot discern is if the CEOs really believe that food safety is not a competitive advantage, or do they feel compelled to say it to bolster confidence in the food supply.

I think we can all agree that consumers expect their products to be safe. Objectively, I think we must also agree that there are some companies in the food industry that simply do a better job of managing risk in their food safety system. As Warren Buffet once said, “Risk comes from not knowing what you’re doing.” Have you ever read the warning letters issues by the FDA? There are plenty of food operators who either do not know what they are doing or their profits are more important to them than the safety of the products they produce.

Perhaps the real reason these CEOs say food safety is not a competitive advantage is because they are trying to trick us with some twisted reverse psychology technique. More likely they avoid positioning their company as having an extraordinary food safety system because you can never eliminate all risk, and a recall or foodborne illness outbreak could be lurking just around the corner. That logic is a little lost on me, but okay.

What about food safety as a competitive advantage in the business-to-business (B2B) environment? With all the transactions between ingredient suppliers, brokers, distributors, co-packers and manufacturers, there is often friction between vendor and customer over food safety standards and the underlying documentation. Who you do business with matters more than ever before, especially now that there is greater supply chain transparency and process control mandated by FSMA. According to Brian Perry, senior vice president, food safety & quality at TreeHouse Foods, he has had to drop suppliers who are not FSMA-compliant because they pose too much risk. Meanwhile, companies are willing to pay a premium for suppliers who have their food safety documentation in order and routinely deliver on time and within specifications. So at least in the B2B marketplace, we can see that food safety can definitely provide a competitive advantage.

Pesky undeclared allergens and foreign material find a way to sneak into food production. Unsanitary conditions are sometimes permitted and product is adulterated. Mistakes are made, stuff happens, and sometimes food makes people and animals sick or even leads to death. So please don’t tell me that food safety is a given! If you want consumers to have confidence in our food supply, then tell them what your company does to try to prevent stuff from happening. Consumers’ appetite for information and knowledge about the food they consume is at an all time high. If consumers care about GMOs or how ethically-raised, humanely-treated, or sustainably-produced their food is, isn’t it logical to think they care about how companies develop a culture of food safety, the technology they use, and how strictly they monitor their suppliers? In order to make food safety a competitive advantage, food companies need to show supply chain partners and consumers that transparency isn’t just a buzzword. They need to show how they are operationalizing transparency to elevate food safety as a corporate imperative. Share your food safety story and respect your consumers enough to make up their own minds about whether your food safety system sets your brand apart.

GFSI and SENASICA

GFSI 2017: Working for International Partnerships and Global Harmonization

By Food Safety Tech Staff
No Comments
GFSI and SENASICA

There were several common threads during last week’s GFSI conference—collaboration to build stronger and more transparent food safety systems, international partnerships, and a global supply chain. This year’s event saw a record-breaking turnout, with nearly 1200 industry professionals from 54 countries in attendance.

GFSI and SENASICA
(left) Mike Robach, Vice President, Corporate Food Safety, Quality & Regulatory for Cargill, Inc. USA & Chair of the GFSI Board of Directors and (right) Hugo Fragoso of SENASICA

For the first time, GFSI entered into a public-private partnership with the Mexican National Service of Health, Food safety and Agro-Food Quality (SENASICA) that will help the entities to reach the goal of continuous improvement in food safety management systems. GFSI and SENASICA will sign a letter of intent this week in Mexico City. The partnership will focus on enabling private schemes to act under Mexican regulation (in addition to the Certification of the official scheme) to increase the amount of officially certified products. The two entities will also work together to enhance Mexico’s Global Markets Programme. The hope is that the partnership will be a model for other countries and will promote the adoption of third-party certification that facilitates the harmonization of food safety systems and global requirements.

Other highlights included a G30 summit held by 30 countries to talk about food safety and international harmonization; the work between GFSI and Certification Programme Owners to improve auditor performance; and the first GFSI award, which went to Champion Petfoods.

Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC
FST Soapbox

GFSI in 2017: The Year of FSMA Compliance

By Bill Bremer
1 Comment
Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC

This year is being described as “the year of FSMA compliance,” as many compliance dates for the various FSMA rules fall in 2017. As one might expect, the FSMA law and rules include many aspects of the established Global Food Safety Initiative (GFSI) standard; however, there are also differences in how they are applied to create better food safety enforcement.

At the most basic level, GFSI is an industry conformance standard for certification, while FSMA is a compliance regulation that must be met. However, both work together to ensure companies are effectively managing food safety.

GFSI Conformance

The GFSI is facilitated by the industry network of The Consumer Goods Forum. It provides a very solid foundation and supporting objective of “safe food for consumers everywhere”.

GFSI was originally established based on a growing pattern of food safety outbreaks throughout the international marketplace. This led to the proactive development of GFSI standards as an alternative to the more limited and less effective customer audits in place at the time. An important part of this outcome was that CEOs in the food industry—not a regulatory body—determined the need to address food safety through the GFSI food safety standard.

With its beginning as a benchmarking organization, GFSI has since evolved throughout the food supply chain as a strong means for achieving global food safety. It is now established, growing, and improving across the primary supply chains within the global food market.

As such, much work to address food safety has been accomplished by GFSI over the past sixteen years. In fact, the industry-driven aspect of GFSI along the food supply chain has led many companies to achieve levels of food safety comparable to those required to achieve FSMA compliance. Based on its collaboration of food safety experts, GFSI provides for a significant evolution of food safety programs and supports those requiring FSMA compliance.

FSMA Compliance

During a similar timeframe, the United States identified food safety as a major concern for the public. In the 1990s, a growing number of food outbreaks from biological contamination continued to spread, prompting the addition of controls within both the USDA and FDA. These brought the mandated requirement for Hazards and Critical Control Points (HACCP) and supporting Good Manufacturing Practices (GMPs) to specific industry sectors. However, these efforts were measured to have limited effect, as the outbreaks continued.

By the early 2000s, the public concern for food safety continued, and the FDA was determined to make changes. Along with Congress, the FDA commissioned research into the underlying issues that were resulting in the growing number and severity of food outbreaks. This research was being conducted and analyzed just as GFSI was determining its final group of benchmarked standards. At the same time, GFSI was positioned to be advanced into the U.S. market by food industry leaders, including Cargill, McDonalds, Walmart, Kroger, Coca Cola and Wegmans.

The outcomes from the FDA studies determined that the GMPs (in existence for the past 40 years) were not effectively implemented across the U.S. food industry. Further, the studies indicated that the ability to prevent food safety issues through specific controls would provide a means for reducing the number of foodborne illness.

This effort led to the development of FSMA, which passed in January 2011. Additional FSMA rules have since been published, starting in September 2016. The FSMA rules represent a rewrite of the existing FDA food safety regulations. However, with the FSMA law taking several years to roll out, the existing FDA laws remain in effect until they are replaced. These actions expand the FDA’s jurisdiction now and until full compliance of FSMA.

Bringing GFSI and FSMA Together

The presence of GFSI in the United States, as well as the GFSI certification of many suppliers to U.S. food importers, provides for a synergy between the GFSI standard and the FSMA law being enforced throughout the United States and its foreign suppliers. GFSI’s global focus provides the structure to adapt and meet many of the FSMA requirements, with the ability to expand to all FSMA requirements.

As one would expect, the FSMA law and rules include several aspects of the GFSI standard; however, there are many differences in how each is applied to encourage better food safety enforcement that must be considered. For instance, GFSI has the advantage of providing the time to develop programs, and thousands of companies are certified to the various programs under the standard. Conversely, FDA is implementing FSMA compliance over several years, with 2017 being a big year for compliance (based on the rules’ published dates, company size and industry segment).

In this new order of food safety in the United States, those companies that have achieved GFSI certification should have an advantage over those who do not, provided they can align their GFSI programs with the FSMA law requirements. There is also a benefit to starting with FSMA and moving to a GFSI certification.

Existing GFSI certifications provide an established framework, with many of the program requirements similar to those required by FSMA. For example, personnel are required by both to establish HACCP and Food Safety Plans, as well prerequisite procedures (PRPs) and current-Good Manufacturing Practices (cGMPs). The challenges are ensuring the complete development of these food safety procedures to guarantee they meet both GFSI and FSMA requirements.

As another example, personnel requirements are similar but different under FSMA and GFSI, which calls for training, updating and qualifying resources. Ultimately, advanced HACCP training under GFSI provides the means for establishing a Qualified Individual under FSMA, but it requires expanding the training to include FSMA Preventive Controls and procedures. The resulting plan is the food safety plan that can be based on HACCP but with the proper additions to meet FSMA requirements.

Global Food Safety Conference

The upcoming Global Food Safety Conference (February 27 – March 3 in Houston, Texas) provides an opportunity for those seeking compliance to FSMA or certification to a scheme within the GFSI Standard to get a deeper understanding of food safety. With 2017 being the year of FSMA compliance, it is very appropriate that the Global Food Safety Conference be held in the United States this year. The conference will provide U.S. companies attending, as well as foreign supplier of products to the U.S. market, an educational opportunity and forum to reach out to experts from industry, government, and academia to better understand these two key areas for food safety program development. Some of the topics to be addressed at the conference include the following:

  • Food safety management commitment and corporate governance
  • Required training of food safety roles, including management, staff and operations
  • Specific requirements of the documented food safety program or written programs under FSMA
  • FDA requirements of the past and existing requirements prior to FSMA and the relationship of these as comparable to GFSI
  • Implications for FDA enforcement under FSMA of these previous requirements and program requirements that may need to be formalized under FSMA
  • The proof of evidence with supporting records required by FSMA that may be addressed in part by existing or GFSI-level food safety programs
  • How to adapt a FSMA-level food safety plan and preventive controls cGMPs from existing programs, including GFSI, or develop these to function with existing programs
  • Levels and numbers of qualified individuals, qualified auditors and competent sanitation for oversight and management of FSMA food safety plans
  • Management reanalysis and update of the written FSMA programs to ensure compliance and readiness for inspection by FDA FSMA investigators
  • Process used to ensure compliance with FSMA Preventive Controls and the other FSMA rules being issued in 2017 and 2018, including Foreign Suppler Verification, Sanitary Transportation and Intentional Adulteration

Kestrel has been a long-time advocate of GFSI, performing site certification program development support for hundreds of companies. We have served as a GFSI Stakeholder, Technical Working Group participation, and panelist at previous GFSI Global Food Safety Conferences. We look forward to seeing you at the 2017 GFSI Global Food Safety Conference and to helping you navigate GFSI conformance and FSMA compliance requirements.

FSMA, One Year Later: Top 5 Things We’ve Learned

By Erika Miller
No Comments

Now that the first of the FSMA compliance dates have passed, let’s look back at the past year of training new PCQIs, their questions and concerns from classes as well as the perspective from our FDA friends (yes, really!) who attended our workshops. We have learned so much, it is hard to narrow it down to only five things—but if we look at the issues that arose, the following five proved to be recurring themes throughout 2016.

5. Don’t Scrap Your Current Plan

Many clients have approached us and said they were planning to throw their current food safety and/or HACCP plan in the trash and start from scratch. Please don’t do this! Companies that care about quality and food safety already have effective quality management systems in place. It would be a disservice to the company and the general public for all these time-tested plans to go straight into the bin. It is more realistic to take a look at the current system in light of the new regulation and ask yourself if there are any gaps that can be addressed. This brings us to the next point.

4. Education Is Key

A compliant system cannot be developed without an understanding of the requirements. Although FSMA is derived from the basic principles of HACCP, there are key differences, and not all of them in the direction of less regulation. It is important to understand not only the updated Good Manufacturing Practices and Preventive Controls for both Human and Animal food, but also the Foreign Supplier Verification Program, Sanitary Transportation and the Produce Rule (if they apply). Although the FDA-recognized curriculum for some of these companion regulations have not yet been released, some independent training providers are offering workshops to help fill the gap while the FDA and FSPCA are working on the official curriculum. (Comment on this article for more information via email).

3. “You Must Evaluate If You Need It” Is Not the Same as “You Don’t Need It”

Some training providers have told their attendees that they can scrap many of their current systems because FSMA is less stringent than GFSI-approved schemes. Your certification body for FSSC 22000, SQF or BRC does not care one whit how stringent FSMA is (as long as you are compliant with its requirements, as local regulatory compliance is a key factor in GFSI approval). FSMA will not change expectations related to the GFSI-approved food safety schemes. It is also misleading to think that because FSMA is flexible, FDA regulators will not have expectations of excellence when they arrive at food processing facilities. This law gives regulators the power to take legal actions to address many infractions they have seen over the years but have been powerless to stop; the flexibility may well be a double-edged sword in that regard. Ensure that all decisions are based on data and records exist to validate any claims.

Pages: 1 2
GFSI

GFSI Hosts Government and Industry to Discuss Food Safety Issues

By Food Safety Tech Staff
No Comments
GFSI

Next week GFSI will be hosting 200 industry and government professionals to discuss leveraging GFSI in FSMA implementation. The GFSI Expert Briefing takes place on November 15 in Washington, D.C., and will look at the role of GFSI in the marketplace and the domestic and international collaboration necessary to comply with new regulations.

“Science guides industry and policymakers to the same place as we work towards our common objective of ensuring a safe food supply for consumers,” commented Mike Robach, chair of the GFSI Board of Directors in a press release from The Consumer Goods Forum. “Public-private dialogue and collaboration is paramount to achieving this goal.”

Speakers at the event come from a range of international companies, including Cargill, Dole, McDonald’s, Target, Walmart and Wegmans. FDA and other national policymakers and legislators will also be present. Industry briefings take place in the morning and afternoon.

Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC
FST Soapbox

Post-FSMA Food Safety Inspection: Are You Ready?

By Bill Bremer
No Comments
Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC

Note: FSMA will include the scheduled compliance inspection as part of the implementation of rules. This will occur in the next several years for many food companies.

With FSMA rules moving to the compliance stage, food companies must prepare appropriately to best respond to the requirements and, correspondingly, to additional inspections. These inspections are in addition to others, including GFSI with its emphasis on unannounced level audits for some schemes. For example, these audits may be required by the code (as with SQF) or as part of customer arrangements per certification contracts.

Learn more about FSMA Inspection Readiness at this year’s Food Safety Consortium in Schaumburg, IL | December 7-8, 2016 | REGISTERWith the growing potential for inspections and audits, a well-planned program and response must be developed, implemented and tested to achieve a most successful outcome. This is an important area to address, especially given the many changes in compliance under FSMA, greater scrutiny under GFSI, and a rapidly changing responsibility for food safety management resources.

For companies experienced with past FDA compliance audits, the new rules and Section 117 cGMPs will require more formalized programs and strong evidence of compliance through internal audits and oversight by Qualified Individuals (QI). The inspectors will look to focus heavily on new requirements and the “letter of the law”. Additionally, organizations under the Preventive Control Rule must have multiple Food Safety Plan QIs, qualified audit resources and competent sanitation management, along with competent plant operators. It is critical to have established roles, planning and testing as part of any inspection readiness program.

Self-Diagnostic Assessment Tool

The following self-diagnostic assessment tool can help organizations better determine their current state of planning when it comes to developing inspection readiness. To complete your own planning assessment, review your progress compared to the questions in Table I.

FSMA Inspection checklist
Table I. Kestrel Management’s self-diagnostic tool can help a company assess its level of inspection readiness and preparedness for FSMA compliance.

Get Compliance-Ready

Companies must have the appropriate plans and resources to comply with FSMA and certifications or face possible violations that can include fines and penalties under FDA enforcement. The questions in Table I will help companies identify areas to consider for Inspection readiness. Kestrel can also help answer questions, provide input on solutions, discuss how to better manage all of your food safety requirements—and change “No” responses into “Yes” responses that promote best practices for FSMA and food safety compliance.

Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC
FST Soapbox

Managing GFSI Certification a New FSMA Requirement

By Bill Bremer
1 Comment
Bill Bremer is Principal, Food Safety Compliance at Kestrel Management LLC

Compliance to FSMA requires companies to meet existing program requirements and new ones being published or face regulatory consequences. A part of FSMA also requires that companies follow established food safety plans, which includes GFSI certification.

With these changes, GFSI-level programs must integrate into an aligned Food Safety Management System (FSMS) and strategy. Key considerations include sustainability, multi-year planning, effective organizational structures and expectations, well-defined roles and expectations, compliance, and business objectives.

The value of GFSI certification depends on how the company uses its organizational resources to maximize return on investment, while meeting the changing FDA requirements. Effective management of a GFSI-certified FSMS can have a significant impact on FDA/FSMA compliance. The risk of not meeting established programs while implementing new FSMA programs must be measured, and attention must be given to addressing FSMA compliance, while maintaining established programs.

Complying with FSMA Food Safety Programs
The implementation of FSMA-compliant programs requires having an established GFSI FSMS and demonstrating conformance with one’s own policies. Programs must be maintained and improved as the FSMA requirements are developed and implemented. Each of the GFSI schemes has been vetted to meet a significant level of FDA/FSMA requirements—a key benefit to these industry programs.

Developing a compliant FSMS with proper alignment of your existing programs to FSMA must be assessed. For example, companies with more than 500 employees must include requirements in their programs for the FSMA Preventive Controls rule, which is set for compliance September 19, 2016. In this regard, registered food facilities must evaluate and implement preventive control provisions and meet the requirements by the approaching deadline. This requires effectively updating current programs, establishing key imperatives including cGMPs (Section 117), identifying a Preventive Control Qualified Individual (PCQI), and implementing a Food Safety Plan.

The following areas are all included under the FSMA requirements:

  • cGMP, Controls and Preventive Controls. Must be identified, modified, and implemented to further minimize or prevent the occurrence of hazards based on Section 117 requirements.
  • Food Safety Plan, Hazard Analysis, and HACCP. Companies must identify and evaluate changes in their existing programs to include FSMA Preventive Controls.
  • Qualified Individual. Must be trained with authority to oversee Preventive Control program aspects, developments and impacts.
  • Written Programs and Documentation. Up-to-date GFSI-level FSMS provides documented programs, procedures, and records for meeting requirements under FDA/FSMA.
  • Management & Monitoring. All controls, including under FSMA and existing GFSI-level, must be monitored, validated, and verified for effectiveness.
  • Management of Corrective Actions. Procedures including traceability response for addressing failures of procedures, GMPs and controls must be under management review and confirmed for prevention of adulterated food from entering commerce.
  • Recordkeeping. Records must be complete and accurate for all food production and safety activities and kept for two years, including the testing level verification of all programs under FSMA and GFSI-level programs.

Self-Diagnostic Assessment Tool

The following self-diagnostic assessment tool can help organizations better determine their current state of planning when it comes to GFSI-level programs meeting FSMA. To complete your own planning assessment, review your progress compared to the questions in Table I.

FSMA, GFSI
Table I. Kestrel Management’s self-diagnostic tool can help a company assess its level of FSMS and GFSI preparedness for FSMA compliance.

Get Compliance-Ready

Companies must have their existing food compliance and GFSI programs in good standing to comply with FSMA or face possible violations, fines and penalties under FDA enforcement. The questions in Table I will help companies identify the areas in which they need to focus attention. Kestrel can also help answer questions, provide input on solutions, discuss how to better manage GFSI certification—and change “No” responses into “Yes” responses that promote best practices for FSMA compliance.

Alert

Five Errors That Impact GFSI Compliance

By Jason Dea
No Comments
Alert

The Global Food Safety Initiative (GFSI) is a global initiative for the continuous improvement of food safety management systems. From a functional standpoint, you might be surprised to learn that one of the most challenging elements of keeping up with GFSI compliance for many food producers is sufficient document control. In fact, data compiled by SQF shows that document control-related issues are one of the most common sources of a non-conformance during GFSI-benchmarked audits. Examples of these non-conformances are associated with documentation of training requirements, business continuity planning, and corrective and preventative actions.

The Global Food Safety Initiative (GFSI) is an industry-driven initiative providing thought leadership and guidance on food safety management systems necessary for safety along the supply chain. This work is accomplished through collaboration between the world’s leading food safety experts from retail, manufacturing and food service companies, as well as international organizations, governments, academia and service providers to the global food industry. They meet together at technical working group and stakeholder meetings, conferences and regional events to share knowledge and promote a harmonized approach to managing food safety across the industry. GFSI is facilitated by The Consumer Goods Forum (CGF), a global, parity-based industry network, driven by its members.

So what exactly are some of the most common causes for document control issues as it relates to non-conformances? Keep an eye out for the following five errors that can affect compliance.

1. Lack of document control altogether

Lack of correct usage of document control in the context of GFSI compliance is a common error. This is an issue that often occurs as a result of document sprawl—specifically as it pertains to duplicate documents and supporting documents. For example, an organization might create internal reference material designed to be cheat sheets or summaries of larger policies. These could include simple charts that list key equipment set-up parameters or charts summarizing abbreviated information from product specification sheets. Many organizations fail to realize that because of the nature of the information in these files, these reference documents must also be included in their document control program to ensure that the information in them is current and universally applied.

2. Document version control

From using outdated forms to referencing outdated employee procedures, lack of proper document version control and enforcement is the most common GFSI compliance-related non-conformance. These issues can arise from operational errors (employees don’t know where to find up-to-date documentation or how to ensure that it is being used) to technical errors (the document control system is unable to properly manage document versioning, or in the case of home-grown document control software systems, they may be unable to do so altogether). To avoid these errors, it’s necessary to establish where controlled versions of documents are located and ensure that they are kept up to date. It’s also important remove obsolete versions of these documents—this is a basic principle of document control, but it’s often an area where errors compound over time. Reinforcing training so employees are made aware of document control best practices and policies is critical to keeping your compliance activities current.

3. Document revision errors

One of the most common activities and most common sources of error within any document control program involves publishing revisions to documents. These errors include:

  • Updating the contents of a document but forgetting to update information such as the version number
  • Improper tracking of revision history
  • Adding new documents to the database rather than revising or updating existing documents

4.  Inclusion of documents from external sources

If your food safety management system includes or makes use of external documents, these must be controlled in the same manner in which you control internal documents.

Some examples of external documents that may need to be included in your document control program include:

  • Sample labels provided by your chemical and pest management suppliers
  • Raw material specifications provided by your suppliers
  • Customer expectations manuals provided by your customers

5.     Improper identification of approval personnel

A best practice of document control is for the person knowledgeable about the content of a document to be assigned the responsibility of approving updates to it. In many organizations, this is interpreted to mean that all approval responsibilities are assigned to a single person across the organization. This could be the food safety coordinator or the document control administrator, despite the fact that it is not reasonable for a single person to be knowledgeable about all the procedures across the organization.

A better approach to approval responsibilities is to identify individuals who can be responsible for authorizing changes based on function or discipline. By spreading the responsibilities across more people, your document control program is more likely to be current and accurate.

When it comes to food safety compliance and best practices, particularly as they relate to GFSI, it’s often the basic principles that get overlooked once your organizations processes and systems are up and running. Setting up a process for document control and maintaining this process over time is a key to achieving and maintaining compliance. As such, it’s important to revisit your controlled document process and library regularly to ensure things are operating as designed and avoid costly compliance surprises at the same time.

Debby Newslow
FST Soapbox

FSMA’s Preventive Control’s and Current GFSI-Approved Scheme Compliance

By Debby L. Newslow
No Comments
Debby Newslow

Confusion reigns in many organizations and especially with our food safety and quality professionals, as we debate and attempt to decide how best to address the requirements of FSMA. With the first compliance date of September 2016 drawing near, companies are feeling increased pressure to take action. As many are already accredited to a GFSI-approved food safety scheme such as SQF Level 3, BRC, Primas, IFS or FSSC 22000, often the question is, how does my current system fit into FSMA, and where do I need to make changes? The undercurrent to this question is the implication that changing the system to fit FSMA will cause it to no longer be tailored for the desired GFSI food safety scheme, and that a change could cause issues with those audits (which are crucial for purchasing, marketing and sales).

The Food Safety Consortium will discuss critical industry issues, including FSMA compliance. The event takes place in Schaumburg, IL | December 5–9, 2016 | LEARN MOREAs with so many of our industry challenges, there is no easy and prescriptive answer to these questions. Each organization has to make the decision for their own system based on their individual hazard analysis, risk tolerance and resources. Some over-arching themes begin to emerge, which may be analyzed to assist the decision makers in the creation of a road map to FSMA compliance.

During our FSMA Preventive Control Qualified Individual (PCQI) training courses we are repeatedly asked, “What qualifies as a preventive control? Are our critical control points (CCPs) automatically a preventive control? How about our operational prerequisite programs (OPRPs)—are these PCs also?” While there is no easy answer (yes or no), there are some important things to keep in mind that can help in the decision.

The official answer is that a preventive control should be any point in the process where, with a loss of control, it is reasonably foreseeable that a significant food safety hazard either will occur or has an increased likelihood of occurrence. Remember this is intended to be a single point in the process, not the entire process. For example, the sanitation program may be managed as a prerequisite program; however, there may be a point in the process that requires special sanitation attention and without it, there is a reasonably foreseeable likelihood of a hazard.

Thinking about the concept, a logical conclusion is that a loss of control leads to a significant food safety hazard or, at the very least, increases the likelihood of said hazard. It follows that a loss of control would beget the need for a withdrawal if the product had already left the organization’s control. Therefore, one should only designate a point as a preventive control if the implications of conducting a recall in the event of failure have been analyzed as part of the risk assessment. The organization must be fully prepared to conduct such a recall in the event of failure.

The FSMA Preventive Control regulation (§21CFR117.135 – Preventive Controls) requires a recall program only if there is a preventive control identified in the process. Of course, any food processing organization would be remiss if they did not have an effective recall program defined and tested by regular mock recalls. Waiting for a true recall is no time to find out that your program has issues.  Even without a preventive control, what happens if a supplier contacts the processor with an issue that requires a recall?

Through the evolution of compliant and mature food safety management systems, it is common for an organization to initially identify multiple CCPs and then, through data collection and process improvements, slowly reduce the CCPs to control points managed through OPRPs or PRPs over time.  So, should an OPRP (Operational Prerequisite Program – ISO 22000:2005 Section 7.5) also be designated preventive control?  This is perhaps one of the grayest of gray areas in this arena.  A deviation in a preventive control, if the product has left the organization’s control, requires a recall.  A recall for a deviation in an OPRP is not absolute, and it is actually handled by the food safety team and management on a case-by-case basis, depending on the risk.  In addition, although identified when possible, a critical limit is not required for an OPRP (ISO 22000:2015 Section 7.5).  Parameters are required for a preventive control.

There really isn’t one answer that fits every situation, but it is important to remember that the requirements for FSMA Preventive Controls regulation (§21CFR117.135) are designed for those operations that in the past have not had the opportunity to define, implement and maintain a food safety program—one that includes a hazard analysis based on HACCP guidelines (Codex Alimentarius Commission [Annex to CAC/RCP 1-1969, Rev. 3 (2003)]) and/or a GFSI-approved food safety scheme.  Personally, we feel that if an organization has evaluated their process in compliance with a GFSI-approved food safety scheme, then any reasonably foreseeable hazards have been identified and addressed through a control point such as a CCP, OPRP or PRP. However, that said, upwards of 90% of recalls are linked to either ineffective or nonexistent PRPs such as allergen mislabeling, which accounted for 53% of all recalls last year. Thus, it is imperative that we evaluate all aspects of our processes with the same scrutiny that we do our microbial pathogen and metal control programs, which are common CCPs in today’s world of food safety.

Risks must be evaluated through an effective risk assessment based on science and facts. We start almost all of our workshops with the great American Society for Quality (ASQ) video: Cost of Poor Quality. This highlights the lack of an effective risk assessment performed on January 28, 1986, related to the launch of the Challenger. Unfortunately, emphasis was not on the fact that the engineers presented about the lack of cold temperature stability of critical O-rings, but rather on the fact that the launch had already been postponed for two days, and there was intense media and political hype surrounding the event. An effective risk assessment must be based on facts and objectivity, not on our feelings about what we want or need the decision to be.

FSMA PCQI training stresses the use of reliable and credible resources such as academia, trade organizations and process authorities. The internet itself can also be a valuable resource. Jon Porter stated in 2004, “HACCP, as we know it, would not exist without the internet.”  (If Jon could only see us now.)  However, again, we must be sure we are choosing credible information from the internet. We all know that we can usually find any answer we desire on the internet, but is it credible and accurate?

Competent industry sector-experienced consultants may also be good options if the organization ensures their credibility. Sometimes, a set of independent eyes can be just what the doctor ordered. Even in cases where the organization has a fully qualified team that is perfectly capable of managing the food safety program on their own, the right external resource (i.e., consultant) may provide an additional, independent viewpoint to your process. A friendly debate with an external resource can oftentimes open a whole new vista of previously unconsidered possibilities for the team.

The FSMA Preventive Controls regulation (§21CFR117.135) states that “each organization is required to have a PCQI that has successfully completed training in the development and application of risk-based preventive controls at least equivalent to that received under a standardized curriculum recognized as adequate by FDA or be otherwise qualified through job experience to develop and apply a food safety system”. What qualifies an individual to be qualified through job experience is not specifically defined but is judged by the effectiveness of their food safety program. However, if FDA visits the facility and asks for the PCQI and no one has taken an FDA-recognized course—but there is someone that the organization has identified as qualified—this has the potential to start the visit off with a negative focus. We urge each organization to send two food safety associates to an FDA-recognized FSMA PCQI training course regardless of their background (this provides a back-up person in case the primary representative is ill, traveling for business or pleasure, wins the lottery, or otherwise leaves the company, etc.). This provides a strong foundation for the future, as ownership of the system is always crucial to not just surviving an inspection, but excelling—and as food safety professionals that is an idea we can all support.

 

GFSI Basics: Is FSSC 22000 Right For Your Company?

By Maria Fontanazza
No Comments

Food Safety Tech recently sat down with experts from Eurofins to discuss FSSC 22000. According to Kristopher Middleton, technical manager at Eurofins, and Kim Knoll, food safety systems national sales manager at the company, there are still quite a few companies (especially in North America) that are unfamiliar with the ins and outs of the certification scheme. In a Q&A with FST, Middletown and Knoll break down the basics of FSSC 2000, along with explaining some of its benefits.

Kristopher Middleton
Kristopher Middleton, technical manager, Eurofins

Food Safety Tech: How is the trend with FSSC 22000 evolving?

Kristopher Middleton: The scheme started in 2009 based on a demand for people wanting to have an ISO-based certification within the GFSI benchmarking process. When the program came out, it trended toward larger companies that already had ISO-based certifications, mainly ISO 22000 and ISO 9001. The FSSC 22000 scheme is the fastest growing GFSI benchmarking scheme currently. It’s not just for large multinational companies; a lot of smaller suppliers are seeking certification to this scheme. The foundation continues to expand its scopes to become a true farm-to-fork certification program.

FST: Is FSSC 22000 also appropriate for a single site or for a company with fewer than 50 employees?

Middleton: The certification doesn’t discriminate based on facility size—nor footprint or number of employees. It’s ideal for any company that has a robust food safety management system and manufacture products that fall within the FSSC 22000 scope of certification. This currently includes manufacturers of perishable animal products (feed and food), perishable vegetable products, products with a long shelf life, biochemical products (i.e., food ingredients, vitamins, biocultures, etc.), manufacturers of food packaging, and primary production of animal products.

The key thing about FSSC 22000 certification is that it is not a terribly prescriptive food safety scheme, when compared to others that are available. You will be successful with FSSC 22000 certification if you are confident and knowledgeable about your own food safety management system, and you have appropriate justification or validation for the method in which your programs have been implemented, as well as validation for the controls of your food safety hazards.

FST: Are there quite a few companies that have not heard of FSSC 22000 or are not aware that it is a GFSI-recognized scheme?

Middleton: Since ISO 22000 was not terribly popular here in North America, it didn’t catch on right away. It was more so overseas that it caught on. However, within the past two years the scheme has become increasingly popular here, especially among companies that have other ISO standards already implemented (i.e. ISO 9001, 14001, 18001,etc), where it relates to occupational health and safety, environmental, and quality. The reason for that is the FSSC can easily intertwine with that entire management system program so that it all works together versus having separate programs in place.

Kim Knoll
Kim Knoll, food safety systems national manager, Eurofins

Kim Knoll: I’m having a lot of conversations with smaller manufacturers who are brand new to GFSI. Many of them are being asked by their customers to achieve a GFSI benchmarked certification and are in the early stages of researching scheme options.  Some of these companies are surprised to learn that FSSC 22000 is a viable option.  Like other certification schemes, Eurofins lends support to companies planning to pursue FSSC 22000 through training courses, consulting services, pre-assessments and ultimately certification services. Even though FSSC 22000 is a newer scheme, auditor availability is not an issue.

FST: What are the key differences between FSSC 22000 and the other GFSI schemes?

Middleton: Probably the most apparent difference with FSSC compared to other GFSI benchmark schemes is the fact that your certification lasts for three years, not one year. The reason for that is that it’s not a product-based certification like the others, it is a process-based certification and it uses the accreditation standard of ISO 17021 not ISO 17065. It also uses ISO 22003 for direction to the certification body for the conducting of the audit. That doesn’t mean that sites won’t be audited annually; it just means that once the certificate is granted, it’s good for three years.

Another key difference is that there is no true pass or fail within the audit. It’s a conform or not-conform audit. The decision to certify is based off the findings from the auditor and their recommendations, as well as the decision from a technical review meeting at the certification body. It requires the effective closure of a particular non-conformance or satisfactory plan being submitted for the closure of those non-conformances before the actual certificate can be granted. So that’s a bit different, because you can just submit plans for your non-conformances [instead of] actually showing that everything has been completely resolved. That being said, if a facility isn’t able to hold or get a certificate, if there’s an imminent food safety threat noted during an audit—if there’s an issue, such as a potential recall or contaminated goods, the ability to be granted that certificate is not feasible.

FST: Can you walk us through the auditing and certification process under FSSC 22000?

Middleton: Like any of the standards out there, you can get a pre-assessment, which is not necessarily part of the certification activity. The certification activity starts at a Stage 1 audit within this scheme (also known as a document audit within other schemes). It’s an evaluation of a facility’s food safety management system document to determine if they’re valid. The process does not include an entire evaluation of the implementation of the program, just simply that the programs are adequately designed and meet the requirements that are in place.

Next there’s a Stage 2 audit (sometimes referred to a facility audit) that is conducted no more than six months after the Stage 1 audit. The Stage 1 audit will identify the areas of concern—programs that might not meet exactly what the specifications required within the standard, which would become non-conformances in a Stage 2 audit (also called a facility audit or certification audit).

The Stage 2 audit is the full evaluation of the implementation of the program that was reviewed in the Stage 1 audit. Following completion of the audit, effective closure of non-conformances is required. This closure can either be [related to] major non-conformances, CAPA or root cause analysis. You have to supply evidence that the non-conformance is properly eliminated and will not recur, and this evidence must be supplied to the certification body and the auditor for review.

Any other non-conformances (also known as minor non-conformances) must have corrective action plans. Companies need to state how they plan on resolving the issue. They will be “closed” but left open for the next audit, which has to occur within one calendar year (known as a surveillance audit). The term “surveillance audit” within this standard is different from some of the other standards. Within some of the other standards, a surveillance audit is not a yearly activity—it is done within the year of certification. The surveillance audit within this standard is a yearly audit that is required to meet the requirements of GFSI. It’s also a requirement within [ISO] 17021 and [ISO] 22003 that surveillance audits are conducted. The GFSI requirement changed the surveillance audit within the ISO world because they used to do a sampling audit, which progressed to a full-blown audit. Your whole food safety management system will be evaluated, which is slightly different from ISO 22000 surveillance audits.

After that audit is conducted, you have another surveillance audit in the following calendar year. Within those surveillance audits, if any minor non-conformances or non-conformances from the previous audit are still present, they are upgraded to major non-conformances and [companies] would have to implement a full corrective action plan, root cause analysis, etc. and then determine the solution.

Once the second surveillance audit is conducted, the following year will be your recertification audit, which is simply another facility audit. It’s not a document audit—you don’t have to do Stage 1 audits after that initial one. This recertification audit occurs prior to your certificate expiring.