Tag Archives: vulnerability assessments

By Karen Everstine, Ph.D.

In 2016, the food authenticity team at Queen’s University Belfast published a study that evaluated adulteration levels in oregano—specifically, 78 samples purchased at retail.¹ Almost a quarter of the samples had some adulteration. Some samples actually contained more than 70% other leaf material, primarily olive and myrtle leaves. This study was widely reported and appeared to result in drastic decreases in the levels of adulteration in oregano.

However, just last year, the Joint Research Centre of the European Commission published the results of a coordinated control plan for “fraudulent practices” in spices in which they tested 1,885 samples of 6 herbs and spices submitted from from 23 countries.² Almost half of the 295 oregano samples were “suspicious of being adulterated.” The results of these studies imply that food fraud—especially fraud involving higher-value and further-processed products with a substance that does not make consumers sick—is a persistent risk and demands a sustained response from industry and regulators.

Evaluating historical data from various sources (the scientific literature, regulatory reports, media reports, etc.) is a critical component of a food fraud prevention program, but it is not enough. A strong program will include an in-depth evaluation of what is known historically about food fraud for relevant raw materials, ongoing monitoring of food safety and fraud notifications, a fraud-focused evaluation of supplier controls, audit and testing programs that include specific anti-fraud measures, and an assessment of situational factors that could increase fraud incentive (geographic, economic, etc.).

The Food Fraud Database has tracked public reports of food fraud for almost 10 years. Many incidents are types of fraud that have occurred repeatedly, as the incident distribution from last year illustrates (see Figure 1). In addition to herb/spice fraud, frequent types of fraud include replacement of honey with sugar syrups; unregulated and counterfeit liquor; wines labeled as a more expensive varietal or with undeclared additives; milk products with added protein or fats from other sources; and fraud related to organic certification or geographic origin. Although these types of fraud appear to be “reasonably foreseeable,” the challenge is that during a time of supply chain stressors—such as the COVID-19 pandemic—risks may evolve quickly as suppliers and supply chain structures change. Re-evaluating food fraud vulnerability in response to changing conditions can be time-consuming, but is important to stay ahead of potential risks.

Food Fraud Incidence — Figure 1. Food fraud incidents reported in public sources, 2021. (Source: FoodChain ID Food Fraud Database)

We frequently work with food manufacturers to develop their food fraud vulnerability assessments. Our experience is that searching and compiling risk data and mapping a set of raw materials to the appropriate data sources for analysis can be the most time-consuming aspects of the project. Since Google searches or other manual processes are not always reliable and efficient, a helpful first step can be finding a data source that compiles and standardizes food safety and fraud data from a wide range of reliable sources. The mapping process then involves identifying each individual ingredient component of the raw materials sourced by the company and linking it to the relevant ingredient name in the data source. It is important to invest this time up front to identify the most appropriate data sources and conduct a thorough mapping process. This ensures food safety and quality assurance staff will be notified of information relevant to their particular supply chains moving forward.

Many quality assurance professionals struggle to fit in food fraud assessments and mitigation plans while managing day-to-day food safety and quality programs. A two-stage process, including an ingredient screen followed by a detailed assessment for potentially high-risk ingredients, can make the process more efficient for companies managing hundreds of raw materials (see Figure 2). Existing food safety testing and auditing programs may also have application to food fraud prevention and should also be documented in a food fraud program. Many food companies find value in outside expert guidance to set up a food fraud program so that food safety and fraud risks aren’t unintentionally missed. The goal of a food fraud program is not to add to the workload of food safety and quality assurance staff, but to enable those staff to identify the most targeted measures that will help ensure food safety, authenticity, and brand protection.

Food Fraud Prevention Program — Figure 2. Components of a food fraud prevention program (Source: FoodChain ID).

References

Black, C., et al. (2016). A comprehensive strategy to detect the fraudulent adulteration of herbs: The oregano approach. Food Chemistry, 210, 551–557. https://doi.org/10.1016/j.foodchem.2016.05.004
Maquet, A., et al. (2021). Results of an EU wide coordinated control plan to establish the prevalence of fraudulent practices in the marketing of herbs and spices. EUR 30877 EN. Publications Office of the European Union, Luxembourg. ISBN 978-92-76-42979-1 (online).

December 20, 2019

Lessons Learned from Intentional Adulteration Vulnerability Assessments (Part II)

By Frank Pisciotta, Spence Lane

No Comments

Food defense is the effort to protect food from intentional acts of adulteration where there is an intent to cause harm. Like counterterrorism laws for many industries, the IA rule, which established a compliance framework for regulated facilities, requires that these facilities prepare a security plan—in this case, a food defense plan—and conduct a vulnerability assessment (VA) to identify significant vulnerabilities that, if exploited, might cause widescale harm to public health, as defined by the FDA. Lessons learned during the conduct of food defense vulnerability and risk assessments and the preparation of the required food defense plan are detailed throughout this three-part series of articles. Part I of this series addressed the importance of a physical security expert, insider threat detection programs, actionable process steps (APS) and varying approaches to a VA. To further assist facilities with reviewing old or conducting new VAs, Part II will touch on access, subject matter experts, mitigation strategies and community drinking water through more lessons learned from assessments conducted for the largest and most complex global food and beverage facilities.

Lesson 6: Utilization of Card Access. The FDA costs of implementing electronic access control, as reported in the Regulatory Impact Analysis document (page 25) are shown in Table 1.

Average Cost Per Covered Facility	Initial	Recurring	Total Annualized
Prohibit after hours key drop deliveries of raw materials	$	$1070	$1070
Electronic access controls for employees	$1122	$82	$242
Secured storage of finished products	$1999	$–	$285
Secured storage of raw materials	$3571	$–	$508
Cameras with video recording in storage rooms	$3144	$–	$448
Peer monitoring of access to exposed product (not used)	$47	$1122	$1129
Physical inspection of cleaned equipment	$–	$303	$22
Prohibit staff from bringing personal equipment	$157	$–	$22
Total	$9993	$1455	$2878
Table I. Costs of Mitigation

In our opinion, these costs may be underreported by a factor of five or more. A more realistic number for implementing access control at an opening is $5,000 or more depending on whether the wire needs to be run in conduit, which it typically would. While there are wireless devices available, food and beverage organizations should be mindful that the use of wireless devices may in some cases result in the loss of up to 50% of electronic access control benefits. This happens because doors using this approach may not result in monitored-for-alarm conditions, such as when doors are held open too long or are forced open. Some wireless devices may be able to report these conditions, but not always as reliable as hardwired solutions. Using electronic access control without the door position monitoring capability is a mistake. From a cost standpoint, even a wireless access control device would likely be upwards of $2,000 per opening.

Lesson 7: In the interest of time, and in facilities with more complex processes (which increases the work associated with the VA), plan to have quality, food safety and physical security personnel present for the duration of the VA. But also bring in operational specialists to assess each point, step or procedure for the respective operational areas. You may wish to have a quick high-level briefing for each operational group when it’s their turn to deliberate on their portion of the manufacturing operation. Proper planning can get a hybrid style VA done in one-and-a-half to three days maximum for the most complex of operations.

Lesson 8: Conduct a thorough site tour during the assessment process; do not limit your vulnerability activity to a conference room. Both internal and external tours are important in the assessment process by all members of the team. The external tour is needed to evaluate existing measures and identify vulnerabilities by answering questions such as:

Is the perimeter maintained?
Are cameras pointed correctly?
Are doors secure?
Are vehicles screened?
Are guards and guard tours effective?
Internal tours are important to validate documented HACCP points, steps or procedures.A tour also helps to validate process steps that are in multiple parts and may need to be further assessed as a KAT, for public health impact, accessibility and feasibility or to identify issues that have become “invisible” to site employees which might serve a security purpose.
Properly conducted tours measure the effectiveness of a variety of potential internal controls such as:
- Access control
- Visitor controls
- Use of identification measures
- Use of GMP as a security measure (different colors, access to GMP equipment and clean rooms)
- Effectiveness of buddy systems
- Employee presence

Lesson 9: Do not forget the use of community drinking water in your processes. This is an easy way to introduce a variety of contaminants either in areas where water is being treated on site (even boiler rooms) or where water may sit in a bulk liquid tank with accessibility through ladders and ports. In our experience, water is listed on about half of the HACCP flow charts we assessed in the VA process.

Lesson 10: Some mitigation strategies may exist but may not be worth taking credit for in your food defense plan. Due to the record keeping requirements being modeled after HACCP, monitoring, corrective action and verification records are required for each mitigation strategy associated with an APS. This can often create more work than it is worth or result in a requirement to create a new form or record. Appropriate mitigation strategies should always be included in your food defense plan, but sometimes it produces diminishing returns if VA facilitators try to get too creative with mitigation strategies. Also, it is usually better to be able to modify an existing process or form than having to create a new one.

Lesson 11: In cases of multi-site assessments, teams at one plant may reach a different conclusion than another plant on whether an identical point, set or procedure is an APS. This is not necessarily a problem, as there may be different inherent conditions from one site to the next. However, we strongly suggest that there be a final overall review from a quality control standpoint to analyze such inconsistencies adjudicate accordingly where there is no basis for varying conclusions.

Lesson 12: If there is no person formally responsible for physical security at your site, you may have a potential gap in a critical subject matter area. Physical security measures will make at least a partial contribution to food defense. Over 30 years, we have seen many organizations deploy electronic access control, video surveillance and lock and key control systems ineffectively, which provides a false sense of security and results in unidentified vulnerability. It is as important to select the right physical security measures to deploy, but also critical to administer them in a manner that meets the intended outcome. Most companies do not have the luxury of a full-time security professional, but someone at the plant needs to be provided with a basic level of competency in physical security to optimize your food defense posture. We have developed several online training modules that can help someone who is new to security on key food defense processes and security system administration.

Lesson 13: As companies move into ongoing implementation and execution of the mitigation strategies, it is important to check that your mitigation strategies are working correctly. You will be required to have a monitoring component, correction action and verification intended for compliance assurance. However, one of the most effective programs we recommend for our clients’ food defense and physical security programs is the penetration test. The penetration test is intended to achieve continuous improvement when the program is regularly challenged. The Safe Quality Food (SQF) Institute may agree with this and now requires facilities that are SQF certified to challenge their food defense plan at least once annually. We believe that frequency should be higher. Simple challenge tests can be conducted in 10 minutes or less and provide substantial insight into whether your mitigation strategies are properly working or whether they represent food defense theater. For instance, if a stranger were sent through the plant, how long would it take for employees to recognize and either challenge or report the condition? Another test might include placing a sanitation chemical in the production area at the wrong time. Would employees recognize, remove and investigate that situation? Challenge tests are easy high impact activities; and regardless of the outcome, can be used to raise awareness and reinforce positive behaviors.

Whether training a new security officer, reviewing existing security plans or preparing for an upcoming vulnerability assessment (due July 26, 2020), these lessons learned from experienced security consultants should help to focus efforts and eliminate unnecessary steps at your facility. The final installment in this series will address broad mitigation strategies, the “Three Element” approach and food defense plan unification. Read the final installment of this series on Lessons Learned from Intentional Adulteration Vulnerability Assessments, Part III.

January 16, 2019

Food Fraud Quick Bites

Media Sources for Food Fraud Intelligence

By Karen Everstine, Ph.D.

No Comments

A recently published paper advocates the inclusion of media reports as a source of information for assessing food fraud vulnerability.¹ Those of us who maintain the Food Fraud Database could not agree more. We have been monitoring media reports for years and they are an important source of information in the database (accounting for 45% of all primary source references).

As I mentioned in last month’s post, there are challenges with using media reports to inform food fraud vulnerability. Many media reports are general discussions of the issue of food fraud and are not necessarily reporting new information. It may be difficult to filter out these types of reports without manual review. There may also be concerns about the validity of media reports on food fraud. This is the reason we implemented a classification for “weight of evidence” for incident records in the database. Overall, approximately 30% of the incident records in our database are classified as a “low” weight of evidence due to unverifiable data or a lack of corroborating reports. Some of our users choose to filter these out of their searches.

We have received requests for information about how the data in the Food Fraud Database compares with numbers reported in the paper. Table 11 in the paper described the top product categories, countries and type of fraud as reported in four food safety tracking systems.¹ We have adapted that table below to data from the Food Fraud Database.

Product Category	%	Country of Origin	%	Type	%
Meat/Poultry	18	India	26	Dilution/substitution (misrepresentation of animal origin)	26
Seafood	16	China	9	Dilution/substitution (“other”)	19
Dairy Products	14	United States	9	Dilution/substitution with a non-food substance	14
Alcoholic Beverages	6	Columbia	6	Dilution/substitution (misrepresentation of botanical origin)	12
The most common food fraud records (“cases”) in the Food Fraud Database (2014-2015)

As shown in Table 11 in the paper, the top four products by number of articles in the media monitoring system (in 2014-2015) were meat, seafood, milk and alcohol. As shown above, when looking at data in the Food Fraud Database from 2014 and 2015, the top ingredient categories are very similar: Meat/Poultry, Seafood, Dairy Products, and Alcoholic Beverages. However, there was little agreement in the country of origin of the reported cases among any of the systems. For the Food Fraud Database (shown above), the top countries of origin in 2014–2015 were India, China, the United States and Colombia. According to the paper, the top countries of origin reported by the food fraud media monitoring system were Egypt, the United States, the U.K. and Saudi Arabia. The top country of origin reported by RASFF was China and by HorizonScan was the Czech Republic.

Table 4 reported the “types” of food fraud (which correspond to what we call “reasons for adulteration”) and the corresponding number of articles collected, which we have also adapted to the data in the Food Fraud Database below.

Types of Food Fraud in Records in the Food Fraud Database (2014–2015)
Type of Food Fraud	Number of Records	%
Dilution/substitution – misrepresentation of animal origin	212	26
Dilution/substitution (other)	159	19
Dilution/substitution with a substance not approved for use in foods	118	14
Dilution/substitution – misrepresentation of botanical origin	101	12
Unknown	87	11
Fraudulent labeling	64	8
Artificial enhancement of apparent protein content	58	7
Artificial enhancement with color additives	57	7
Other	41	5
Dilution/substitution – misrepresentation of geographic origin	40	5
Dilution/substitution – misrepresentation of varietal origin	28	3
Use of unapproved biocides (antibiotics, anti-fungal agents, preservatives, etc.)	21	3
Artificial enhancement (other)	7	1
Formulation of an entirely fraudulent product using multiple techniques and adulterants	2	0
TOTAL	828	*
* Greater than 100% because one record can have multiple types of associated fraud

It is not possible to make meaningful comparisons among the reported fraud “types” without harmonized definitions and standardization of data collection processes, as noted in the paper. A glance at Table 1 from the paper illustrates the variety of food fraud categorizations in use among the various systems.¹ Generally, it is a challenge to directly compare any of the information coming from various sources such as RASFF, HorizonScan, the Food Fraud Database and others, due to the differences in the way data is collected, standardized and reported.

In contrast with foodborne illnesses, which are generally required to be reported to public health agencies, food fraud typically does not result in acute illness and is difficult to track. The nature of food fraud combined with differences in data tracking systems make it almost impossible to reconcile the data among the various systems. Regardless of which system is reporting, the reports are likely just a fraction of the true occurrence of food fraud; however, each can provide valuable perspective on risks to food safety (including those from food fraud). A holistic assessment of food fraud vulnerability should take into account a wide variety of information sources, including media reports.

Reference

Bouzembrak, Y., et al. (November 2018). Development of food fraud media monitoring system based on text mining. Food Control. Vol. 93. Retrieved from https://doi.org/10.1016/j.foodcont.2018.06.003

August 9, 2016

How Safe Is Your Facility from Threats?

By Maria Fontanazza

No Comments

Vulnerability assessments are a key provision of the FSMA final rule, Mitigation Strategies to Protect Food Against Intentional Adulteration. With this requirement comes the “identification of vulnerabilities and actionable process steps” that must be taken to mitigate potential threats. During the IAFP annual meeting Lance Reeve, senior risk management consultant for food safety and defense at Nationwide Agribusiness Insurance Co., reviewed the important and sometimes-overlooked areas that companies should be looking at when conducting vulnerability assessments.

Inside the Plant

To start, vulnerability assessments should be conducted at different times of the day, and the process should involve a team approach, said Reeve. Food defense cannot effectively be managed by a single person within a facility: It needs to involve all departments, from human resources to IT to production to warehousing, and extend to outside suppliers and vendors. How is the flow of employees and visitors around the facility managed? Do staff members wear color-coded badges? Some companies have a color-coding plan to prevent contamination, but it is also a useful tool to ensure that unauthorized employees, outside contractors and visitors aren’t in restricted areas. For example, the maintenance shop may contain deadly food contaminants—do you really want general employees to be able to get into this area? Consider using electronic technology such as biometric access control to limit access based on employee/security credentials.

Working with the human resources department is a critical part of protecting a facility. Does your company have the capability to conduct thorough background checks on all employees? In addition, with all the different types of contractors and vendors who enter your facility it’s important to find out whether your contracting companies are doing the same level of background checks as your organization when they hire employees. And finally, examine how the culture within the organization. Do employees challenge the presence of visitors who shouldn’t be on the premises?

Outside the Facility

In many cases, companies will look at the inside of their facility for potential hazards and vulnerabilities, but what about the perimeter? How are you controlling the people who are coming onto company property? While this may seem obvious, Reeve recommended physical objects to establish authority: Fences (establish physical border), signs (establish where control begins), and CCTV cameras (establishes security). And when looking at the outside of the building itself, how secure is the roof? What access does a potential attacker have into the facility via the roof? How often are security checks conducted here (if at all)?

Throughout any given day, a company can receive several cargo shipments from a variety of different suppliers. Are you familiar with the food safety programs of your suppliers? They play a critical role in food defense strategies. And when your company receives shipments, Reeve advised that companies go beyond looking at the seals on trucks and examine the transportation system itself. Is cargo removed in a secure area? Is an authorized employee supervising the process or is it left in the hands of the third-party driver?

And finally, a critical part of your mitigation strategy should be to challenge the system. Once you think you may have found all the vulnerabilities, conduct penetration testing.

Tag Archives: vulnerability assessments