Managing the complexities of a management system is challenging for any food and beverage company, particularly for the team tasked with implementing the system throughout the organization. That is because every regulatory agency (e.g., FDA, USDA, OSHA, EPA) and voluntary certification (e.g., GFSI-benchmarked standards, gluten-free, organic, ISO) calls for companies to fulfill compliance requirements—many of which overlap. Supply chain and internal requirements can create further complications and confusion.
In today’s “New Era of Smarter Food Safety,” having a common system to organize, manage and track compliance offers an ideal solution. Dynamic tools are becoming available—systems that can manage employee training, pest control, laboratory testing, supply chain management tools, regulatory compliance and certification requirements, etc.
Unfortunately, these systems are often not set up to “talk” to each other, leaving company representatives to navigate many systems, databases, folders, and documents housed in many different locations.
The Solution: Compliance Management Systems
An integrated compliance management system (CMS) is intended to bring all these tools together to create one system that effectively manages compliance requirements, enables staff to carry out daily tasks and manage operations, and supports operational decision making by tracking and trending data that is collected daily by the team charged with implementation.
A CMS is used to coordinate, organize, control, analyze and visualize information to help organizations remain in compliance and operate efficiently. A successful CMS thinks beyond just access to documents; it manages the processes, knowledge and work that is critical to helping identify and control business risks. That may include the following:
- Ensuring only authorized employees can access the right information.
- Consolidating documents and records in a centralized location to provide easy access
- Setting up formal business practices, processes and procedures
- Implementing compliance and certification programs
- Monitoring and measuring performance
- Supporting continuous improvements
- Documenting decisions and how they are made
- Capturing institutional knowledge and transferring that into a sustainable system
- Using task management and tracking tools to understand how people are doing their work
- Enabling data trending and predictive analytics
CMS Case Study: Boston Sword and Tuna
In early 2019, Boston Sword and Tuna (BST) began the process of achieving SQF food safety certification. We initially started working with BST on the development, training and implementation of the program requirements to the SQF code for certification—including developing guidance documents for a new site under construction.
The process of attaining SQF certification included the development of a register of SQF requirements in Microsoft SharePoint, which has since evolved into a more comprehensive approach to overall data and compliance management. “We didn’t plan to build a paperless food safety management system,” explains BST President Larry Dore, “until we implemented our SQF food safety management program and realized that we needed a better way to manage data.”
We worked with BST to structure the company’s SharePoint CMS according to existing BST food safety management processes to support its certification requirements and overall food safety management program. This has included developing a number of modules/tools to support ongoing compliance efforts and providing online/remote training in the management of the site and a paperless data collection module.
The BST CMS has been designed to support daily task activities with reminders and specific workflows that ensure proper records verifications are carried out as required. The system houses tools and forms, standards/regulatory registers, and calendars for tracking action items, including the following:
- Ambient Temperature
- Corrective and Preventive Action (CAPA)
- Chemical Inventory/Safety Data Sheets (SDS)
- Compliance Management
- Customer Complaints
- Document Control
- Employee Health Check
- Food Safety Meetings Management Program
- Forklift Inspections
- Good Manufacturing Practices (GMP) Audit
- SQF Register
- Maintenance (requests/work orders/assets/repairs)
- Nightly Cleaning Inspections
- Operational/Pre-Operational Inspections
- Sanitation Pre-Op Inspections
- Scale Calibration
- Sharp/Knife Inspections
- Shipping/Receiving Logs
- Thawing Temperature Log
- Thermometer Calibration
Key Considerations for Designing a Successful CMS
An effective CMS requires an understanding of technology, operational needs, regulatory compliance obligations and certification requirements, as well as the bigger picture of the company’s overall strategy. There are several key considerations that can help ensure companies end up with the right CMS and efficiency tools to provide an integrated system that supports the organization for the long term.
Before design can even begin, it is important to first determine where you are starting by conducting an inventory of existing systems. This includes not only identifying how you are currently managing your compliance and certification requirements, but also assessing how well those current systems (or parts of them) are working for the organization.
As with many projects, design should begin with the end in mind. What are the business drivers that are guiding your system? What are the outcomes you want to achieve through your system (e.g., create efficiencies, provide remote access, reduce duplication of effort, produce real-time reports, respond to regulatory requirements, foster teamwork and communication)? Assuming that managing compliance and certification requirements is a fundamental objective of the CMS, having a solid understanding of those requirements is key to building the system. These requirements should be documented so they can be built into the CMS for efficient tracking and management.
While you may not build everything from the start, defining the ultimate desired end state will allow for development to proceed so every module is aligned under the CMS. Understand that building a CMS is a process, and different organizations will be comfortable with different paces and budgets. Establish priorities (i.e., the most important items on your list), schedule and budget. Doing so will allow you to determine whether to tackle the full system at once or develop one module at a time. For many, it makes sense to start with existing processes that work well and transition those first. Priorities should be set based on ease of implementation, compliance risk, business improvement and value to the company.
Finally, the CMS will not work well without getting the right people involved—and that can include many different people at various points in the process (e.g., end user entering data in the plant, management reviewing reports and metrics, system administrator, office staff). The system should be designed to reflect the daily routines of those employees who will be using it. Modules should build off existing routines, tasks, and activities to create familiarity and encourage adoption. A truly user-friendly system will be something that meets the needs of all parties.
Driving Value and Compliance Efficiency
When thoughtfully designed, a CMS can provide significant value by creating compliance efficiencies that improve the company’s ability to create consistent and reliable compliance performance. “Our system is allowing us to actually use data analytics for decision making and continuous opportunity,” said Dore. “Plus, it is making remote activities much more practical and efficient”.
For BST, the CMS also:
- Provides central management of inspection schedules, forms, and other requirements.
- Increases productivity through reductions in prep time and redundant/manual data entry.
- Improves data access/availability for reporting and planning purposes.
- Effectively monitors operational activities to ensure compliance and certifications standards are met.
- Allows data to be submitted directly and immediately into SharePoint so it can be reviewed, analyzed, etc. in real time.
- Creates workflow and process automation, including automated notifications to allow for real-time improvements.
- Allows follow-up actions to be assigned and sent to those who need them.
All these things work together to help the company reduce compliance risk, create efficiencies, provide operational flexibility, and generate business improvement and value.