What documentation should be included in a BRCGS Global Standard for Food Safety Issue 9 compliant Food Safety Management System?

In order to understand what documentation is required in a BRCGS Global Standard for Food Safety Issue 9 compliant Food Safety Management System we need to consider the main requirements of the standard in this area:

Section 3 Food Safety and Quality Management System

3.1 Food safety and quality manual

Clause 3.1.1 “The company’s processes and procedures to meet the requirements of this Standard shall be documented to allow effective, consistent application, facilitate training, and support due diligence in the production of a safe product”

Also

3.3 Record completion and maintenance

“The site shall maintain genuine records to demonstrate the effective control of product safety, legality and quality”

In establishing a compliant system, it is therefore necessary to establish comprehensive documentation that covers the requirements of the standard. In order to do this and for ease of implementation in our implementation packages we provide a BRCGS Compliant Food Safety Management System with documents that match the requirements of the standard:

For Section 1 Senior management commitment we include the following documents relevant to the main clauses:

1.1 Senior Management Commitment

1.1.1 Food Safety and Quality Policy 1.1.2 Food Safety Culture

1.1.2 Food Safety Culture Planning

1.1.3 Food Safety and Quality Objectives

1.1.4 Senior Management Review

1.1.4 Appendix Senior Management Review Record 1.1.5 Management Meetings

1.1.6 Appendix Integrity Helpline

1.1.6 Confidential Reporting System

1.1.7 Human and Financial Resources

1.2 Responsibility and Authority

1.2 Organizational Chart

1.2 Responsibility Appendix Example Job Descriptions

1.2A Communication

For Section 2 The food safety plan – HACCP we include the following documents relevant to the main clauses:

2 HACCP System Overview

2.1.1 HACCP Team

2.1.2 HACCP Scope

2.2 HACCP Prerequisites

2.3 HACCP Product Description and Relevant Information

2.4 HACCP Intended Use

2.5 HACCP Flow Diagrams

2.6 HACCP Flow Diagram Verification

2.7.1 Hazard Identification

2.7.2 Hazard Assessment

2.7.3 Identification of Control Measures

2.8 Identification of Critical Control Points (CCPs)

2.9 Establishing Validated Critical Limits for each CCP

2.10 Establishing a Monitoring System for each CCP

2.11 Establishing a Corrective Action Plan

2.12 Validating the HACCP Plan and Establishing Verification Procedures

2.13 Establishing HACCP Documents and Records

For Section 3 Food Safety and Quality Management System we include the following documents relevant to the main clauses:

3.1 Food Safety and Quality Management System 3.2 Appendix Document Master List

3.2 Document Control

3.3 Appendix Record Register

3.3 Control of Records

3.4 Internal Audits & Inspections

3.4 Internal Audit & Inspection Schedule

3.5 Supplier and Raw Material Approval and Monitoring 3.6 Specifications

3.7 Corrective Action and Preventive Action

3.7 Appendix Corrective Action Request

3.7 Appendix Preventative Action Request

3.7 Appendix Root Cause Analysis

3.8 Control of Non-Conforming Product

3.9 Identification and Traceability

3.10 Management of Customer Complaints

3.11.1 Business Continuity Planning

3.11.2 Product Recall Procedure

For Section 4 Site Standards we include the following documents relevant to the main clauses:

4 Site Standards

4.1 External Standards and Site Security

4.2 Food Defense

4.2.1 Control of Visitors and Contractors

4.3 Layout, Product Flow and Segregation

4.3 Factory Plan

4.3 Filling Area Layout Flow Diagram

4.4 Building Fabric

4.5 Utilities – Water and Air

4.6 Equipment

4.7 Maintenance

4.8 Staff Facilities

4.9 Product Contamination Control

4.9.1 Chemical Contamination Control

4.9.2 Metal Contamination Control

4.9.3 Control of Brittle Materials

4.9.4 Control of Products Packed into Brittle Containers

4.9.5 Control of Wood

4.10 Foreign Body Detection and Removal

4.11 Housekeeping and Hygiene

4.12 Waste & Waste Disposal

4.13 Management of Surplus Food and Products for Animal Feed 4.14 Pest Management

4.15 Storage

4.16 Dispatch and Transport

For Section 5 Product control we include the following documents relevant to the main clauses:

5.1 Product Design & Development

5.2 Product Labelling

5.3 Appendix Types of Allergens

5.3 Management of Allergens Introduction

5.4 Product Authenticity, Claims & Chain of Custody

5.5 Product Packaging

5.6.1 Product inspection, Onsite Product Testing and Laboratory Analysis

5.6.2 Laboratory Quality Manual

5.7 Product Release

5.8 Pet Food and Animal Feed

5.9 Animal Primary Conversion

For Section 6 Process control we include the following documents relevant to the main clauses:

6.1 Control of Operations

6.2 Labelling and Pack Control

6.3 Quantity Control

6.4 Calibration

For Section 7 Personnel we include the following documents relevant to the main clauses:

7.1 Training

7.2 Personal Hygiene

7.3 Medical Screening

7.4 Protective Clothing

7.4 Appendix Protective Clothing Risk Assessment

For Section 8 Production Risk Zones we include document 8 Production Risk Zones High Risk, High Care and Ambient High Care Production Risk Zones which includes:

8.1 Layout, product flow and segregation in high-risk, high-care and ambient high-care zones

8.2 Building fabric in high-risk and high-care zones

8.3 Maintenance in high-risk and high-care zones

8.4 Staff facilities for high-risk and high-care zones

8.5 Housekeeping and hygiene in high-risk and high-care zones 8.6 Waste/waste disposal in high-risk, high-care zones

8.7 Protective clothing in high-risk and high-care zones

For Section 9 Requirements for Traded Products, we include the following documents relevant to the main clauses:

9.1 The Food Safety Plan – HACCP for Traded Products

9.2 Approval and Performance Monitoring of Manufacturers/Packers of Traded Food Products

9.3 Specifications

9.4 Product Inspection and Laboratory Testing

9.5 Product Legality

9.6 Traceability

The extent of documentation will be dependent on the complexity of the operation and the number of different types of products manufactured/processed. For example, you will require HACCP/Food Safety Plans, product descriptions and finished product specifications for all products. For HACCP some products of a similar nature/process can be grouped so reducing the amount of documentation needed.

Your documentation will also need to be supported by other relevant documents, for example, for 6.1 Control of Operations there will need to be work instructions/standard operating procedures.

For all aspects of your Food Safety Management System you will need to have documented evidence that confirms that you are operating as described in your documented procedures. This means you will require relevant controlled completed records that demonstrate compliance with customer, regulatory and statutory requirements and also another other requirement of the BRCGS Global Standard for Food Safety Issue 9.

Integrating FSMA Requirements

In order to develop a Food Safety Management System compliant with both the BRCGS Global Standard and the FSMA you will first of all need to consider and comply with the requirements of the BRCGS Global Standard for Food Safety Issue 9 which requires compliance in 4 key areas; Senior Management Commitment, HACCP/Food Safety Plan, Product Safety and Quality Management System and Prerequisite Programs (which are covered in sections 4 to 9).

The BRCGS Global Standard for Food Safety Issue 9 requirements are in 9 Sections

1 Senior Management Commitment

2 The Food Safety Plan – HACCP

3 Food Safety and Quality Management System

4 Site Standards

5 Product Control

6 Process Control

7 Personnel

8 High-Risk, High-Care and Ambient High-Care Production Risk Zones

9 Requirements for Traded Products

For more information on compliance with BRCGS Global Standard for Food Safety Issue 9, see articles BRCGS Global Standard for Food Safety and What documents should be included in a BRCGS Global Standard for Food Safety Issue 9 compliant Food Safety Management System?

For sites that are legislated by 21 CFR Part 117 Preventive Controls for Human Food Rule, the requirements stipulated in Module 13: Meeting FSMA Requirements for Food must be considered in addition to those required by the BRCGS Global Standard for Food Safety Issue 9.

BRCGS Module 13: Meeting FSMA Requirements for Food outlines for food processors and manufacturers the requirements of the Food Safety Modernization Act (FSMA) Preventive Controls for Human Foods Rule that are not explicitly covered within the BRCGS Global Standard for Food Safety Issue 9.

For certification to Module 13, the following BRCGS Global Standard for Food Safety Issue 9 management clauses need to apply to the management of Module 13:

3.1 Food safety and quality manual

3.2 Documentation control

3.3 Record completion and maintenance

3.4 Internal audits

3.7 Corrective and preventive actions

3.8 Control of non-conforming product

3.10 Complaint handling

3.11 Management of incidents, product withdrawal and product recall

The areas not covered by the BRCGS standard specifically but required by the FSMA are in 5 categories:

Current good manufacturing practice, hazard analysis, and risk-based preventive controls for human food

Current good manufacturing practice and hazard analysis and risk-based preventive controls for food for animals

Mitigation strategies to protect food against intentional adulteration

Sanitary transportation of human and animal food

Standards for the growing, harvesting, packing, and holding of produce for human consumption

Current good manufacturing practice, hazard analysis, and risk-based preventive controls for human food areas that need to be addressed are described below.

Subpart B—Current Good Manufacturing Practice

• 117.20 Plant and Grounds

(b) Plant construction and design

(3) Permit the taking of adequate precautions to protect food in installed outdoor bulk vessels by any effective means, including:

(5) Provide adequate lighting in hand-washing areas, dressing and locker rooms, and toilet rooms and in all areas where food is examined, manufactured, processed, packed, or held and where equipment or utensils are cleaned….

21 CFR § 117.37

(b) Plumbing.  Plumbing must be of adequate size and design and adequately installed and maintained to:

(5) Provide that there is not backflow from, or cross-connection between, piping systems that discharge waste water or sewage and piping systems that carry water for food or food manufacturing.

• 117.40 Equipment and utensils

(a)

(4) Food-contact surfaces must be corrosion-resistant when in contact with food.

(6) Food-contact surfaces must be maintained to protect food from allergen crosscontact and from being contaminated by any source, including unlawful indirect food additives.

(b) Seams on food-contact surfaces must be smoothly bonded or maintained so as to minimize accumulation of food particles, dirt, and organic matter and thus minimize the opportunity for growth of microorganisms and allergen cross-contact

• 117.80 Processes and controls

(1) Raw materials and other ingredients must be inspected and segregated or otherwise handled as necessary to ascertain that they are clean and suitable for processing into food and must be stored under conditions that will protect against allergen cross-contact and against contamination and minimize deterioration. Raw materials must be washed or cleaned as necessary to remove soil or other contamination. Water used for washing, rinsing, or conveying food must be safe and of adequate sanitary quality. Water may be reused for washing, rinsing, or conveying food if it does not cause allergen cross-contact or increase the level of contamination of the food.

• 117.80 Processes and controls

(a) General.

(b) Raw materials and other ingredients.

(c) Manufacturing operations.

(9) Food, raw materials, and other ingredients that are adulterated: (i) Must be disposed of in a manner that protects against the contamination of other food; or (ii) If the adulterated food is capable of being reconditioned, it must be: (A) Reconditioned (if appropriate) using a method that has been proven to be effective; or (B) Reconditioned (if appropriate) and reexamined and subsequently found not to be adulterated within the meaning of the Federal Food, Drug, and Cosmetic Act before being incorporated into other food.

(16) When ice is used in contact with food, it must be made from water that is safe and of adequate sanitary quality in accordance with §117.37(a), and must be used only if it has been manufactured in accordance with current good manufacturing practice as outlined in this part.

• 117.95 Holding and distribution of human food by-products for use as animal food.

There are specific requirements for holding and distribution of human food by-products for use as animal food to be protected against contamination whilst also be identified and labelled.

• 117.110 Defect action levels.

There are requirements to reduce defects to minimum levels and prescribed limits for various commodities, see the Defect Levels Handbook, which is accessible at http://www.fda.gov/pchfrule and at https://www.fda.gov/food/ingredients-additives-gras-packaging-guidance-documents-regulatory-information/food-defect-levels-handbook#commodities

Subpart C—Hazard Analysis and Risk-Based Preventive Controls

• 117.126 Food safety plan.

(a) Requirement for a food safety plan.

(1) You must prepare, or have prepared, and implement a written food safety plan.

(2) The food safety plan must be prepared, or its preparation overseen, by one or more preventive controls qualified individuals.

(b) Contents of a food safety plan. The written food safety plan must include:

(1) The written hazard analysis as required by §117.130(a)(2);

(2) The written preventive controls as required by §117.135(b);

(3) The written supply-chain program as required by subpart G of this part;

(4) The written recall plan as required by §117.139(a); and

(5) The written procedures for monitoring the implementation of the preventive controls as required by §117.145(a)(1);

(6) The written corrective action procedures as required by §117.150(a)(1); and

(7) The written verification procedures as required by §117.165(b).

• 117.130 Hazard analysis.

(a) Requirement for a hazard analysis.

(1) You must conduct a hazard analysis to identify and evaluate, based on experience, illness data, scientific reports, and other information, known or reasonably foreseeable hazards for each type of food manufactured, processed, packed, or held at your facility to determine whether there are any hazards requiring a preventive control.

(2) The hazard analysis must be written regardless of its outcome.

(b) Hazard identification. The hazard identification must consider:

(1) Known or reasonably foreseeable hazards that include:

(i) Biological hazards, including microbiological hazards such as parasites, environmental pathogens, and other pathogens;

(ii) Chemical hazards, including radiological hazards, substances such as pesticide and drug residues, natural toxins, decomposition, unapproved food or color additives, and food allergens; and

(iii) Physical hazards (such as stones, glass, and metal fragments); and

(2) Known or reasonably foreseeable hazards that may be present in the food for any of the following reasons:

(i) The hazard occurs naturally;

(ii) The hazard may be unintentionally introduced; or

(iii) The hazard may be intentionally introduced for purposes of economic gain.

• 117.135 Preventive controls.

(a)

(1) You must identify and implement preventive controls to provide assurances that any hazards requiring a preventive control will be significantly minimized or prevented ………

• 117.139 Recall plan.

For food with a hazard requiring a preventive control:

(a) You must establish a written recall plan for the food.

• 117.140 Preventive control management components.

(a) Except as provided by paragraphs (b) and (c) of this section, the preventive controls required under §117.135 are subject to the following preventive control management components as appropriate to ensure the effectiveness of the preventive controls, taking into account the nature of the preventive control and its role in the facility’s food safety system:

(1) Monitoring in accordance with §117.145; – Establish monitoring activities and a written procedure for each preventive control

(2) Corrective actions and corrections in accordance with §117.150; – Establish corrective action procedures for when preventive controls are not in control and

(3) Verification in accordance with §117.155.

• 117.140 Preventive control management components.

(c) The recall plan established in §117.139 is not subject to the requirements of paragraph (a) of this section.

• 117.160 Validation.

There are specific requirements and timescales for validation that the preventive controls identified and implemented in accordance with §117.135 are adequate to control the hazard as appropriate to the nature of the preventive control and its role in the facility’s food safety system.

• 117.165 Verification of implementation and effectiveness.

(a) Verification activities

Devices used to verify preventive controls must be calibrated

(4) Review of the following records within the specified timeframes, by (or under the oversight of) a preventive controls qualified individual,………….

(i) Records of monitoring and corrective action records within 7 working days after the records are created or within a reasonable timeframe, provided that the preventive controls qualified individual prepares (or oversees the preparation of) a written justification for a timeframe that exceeds 7 working days; and

(ii) Records of calibration, testing (e.g., product testing, environmental monitoring), supplier and supply-chain verification activities, and other verification activities within a reasonable time after the records are created; and

(5) Other activities appropriate for verification of implementation and effectiveness.

(b) Written procedures.

Specific procedures are required where product testing for a pathogen (or indicator organism) or other hazard is used as a verification activity

Specific procedures are required where environmental monitoring for a pathogen (or indicator organism) is used as a verification activity

• 117.180 Requirements applicable to a preventive controls qualified individual and a qualified auditor

The requirements for a PCQI are generally not covered in the BRCGS standard and need to be addressed

1. a) One or more preventive controls qualified individuals must do or oversee the following:

(1) Preparation of the food safety plan (§117.126(a)(2));

(2) Validation of the preventive controls (§117.160(b)(1));

(3) Written justification for validation to be performed in a timeframe that exceeds the first 90 calendar days of production of the applicable food;

(4) Determination that validation is not required (§117.160(c)(5));

(5) Review of records (§117.165(a)(4));

(6) Written justification for review of records of monitoring and corrective actions within a timeframe that exceeds 7 working days;

(7) Reanalysis of the food safety plan (§117.170(d)); and

(8) Determination that reanalysis can be completed, and additional preventive controls validated, as appropriate to the nature of the preventive control and its role in the facility’s food safety system, in a timeframe that exceeds the first 90 calendar days of production of the applicable food.

Subpart F Requirements Applying to Records that must be Established and Maintained

• 117.305 General requirements applying to records.

The are some requirements for records that are not covered in the BRCGS standard and need to be addressed.

Records must identify:

• the date and time of the activity being documented
• signature/initials of individual performing the activity or conducting the record review
• information to identify the facility (e.g., name and location)
• the identity of the product and lot code where applicable.

• 117.310 Additional requirements applying to the food safety plan.

The owner, operator, or agent in charge of the facility must sign and date the food safety plan:

• 117.315 Requirements for record retention.

(a)

(1) All records required by this part must be retained at the plant or facility for at least 2 years after the date they were prepared.

Subpart G—Supply-Chain Program

• 117.405 Requirement to establish and implement a supply-chain program.

(a)

(1) Except as provided by paragraphs (a)(2) and (3) of this section, the receiving facility must establish and implement a risk-based supply-chain program for those raw materials and other ingredients for which the receiving facility has identified a hazard requiring a supply-chain-applied control.

Specific supplier approval and verification activities are required no matter how many times a required control is applied prior to being received at a site, the receiving site is responsible for verifying that the control has been applied.

• 117.140 Preventive control management components.

(b) The supply-chain program established in subpart G of this part is subject to the following preventive control management components as appropriate to ensure the effectiveness of the supply-chain program, taking into account the nature of the hazard controlled before receipt of the raw material or other ingredient:

(1) Corrective actions and corrections in accordance with §117.150, taking into account the nature of any supplier non-conformance;

(2) Review of records in accordance with §117.165(a)(4); and

(3) Reanalysis in accordance with §117.170.

• 117.415 Responsibilities of the receiving facility.

The site must identify and document of supplier verification activities that are not accepted in procedures.

• 117.420 Using approved suppliers.

(a) Approval of suppliers.

(b) Written procedures for receiving raw materials and other ingredients.

(1) Written procedures for receiving raw materials and other ingredients must be established and followed;

(2) The written procedures for receiving raw materials and other ingredients must ensure that raw materials and other ingredients are received only from approved suppliers (or, when necessary and appropriate, on a temporary basis from unapproved suppliers whose raw materials or other ingredients are subjected to adequate verification activities before acceptance for use); and

Verification activities must be conducted before receiving and using raw materials and ingredients on a temporary basis from unapproved suppliers.

• 117.430 Conducting supplier verification activities for raw materials and other ingredients.

When a hazard in a raw material or other ingredient is controlled by the supplier and is one for which there is a reasonable probability that exposure to the hazard will result in serious adverse health consequences or death to humans, an onsite audit of the supplier is required before using the raw material and at least annually thereafter.

(f) There must not be any financial conflicts of interests that influence the results of the verification activities listed in §117.410(b) and payment must not be related to the results of the activity.

• 117.435 Onsite audit.

(a) An onsite audit of a supplier must be performed by a qualified auditor.

• 117.475 Records documenting the supply-chain program.

(a) The records documenting the supply-chain program are subject to the requirements of subpart F of this part.

(b) The receiving facility must review the records listed in paragraph (c) of this section in accordance with §117.165(a)(4).

Pet Food Manufactures

Sites identified as BRCGS Category 11 for pet food need to comply with all requirements of the Preventive Controls for Human Food in Module 13 and the additional requirements of the Preventive Controls for Animal Food identified.

Food Defense: 21 CFR PART 121

Sites required to register with FDA as a food facility need to comply with all requirements for Food Defense identified in Module 13.

Sanitary Transportation: 21 CFR Part 1 Subpart 0

Sites need to ensure sanitary transportation practices for food transported by motor or rail vehicle within the US comply with the requirements for Sanitary Transportation in Module 13.

Produce Safety: 21 CFR Part 112

Sites identified as BRCGS Category 5 that have business operations that are regulated by 21 CFR Part 112 (Produce Safety rule), need to comply with all requirements for Produce Safety in Module 13.

About the BRCGS Global Standard for Food Safety

First published in 1998, the BRC Global Standard for Food Safety has set the benchmark for food safety certification schemes for over 20 years. In 2000, the BRC Global Standard for Food Safety became the first GFSI recognised standard. In fact, over the years the BRCGS Global Standard for Food Safety has been a leading light in advancing food safety standards in food manufacturing such that the GFSI benchmark requirements themselves have incorporated new elements introduced by BRC such as food fraud prevention and developing a food safety culture.

Now known as BRCGS Global Standard for Food Safety, it is adopted by over 22,000 sites in 130 countries. Issue 9 was published on the 1^st August. It requires a Food Safety Management System to be compliant in 4 key areas:

Senior Management Commitment

HACCP/Food Safety Plan

Product Safety and Quality Management System

Prerequisite Programmes

The BRCGS Global Standard for Food Safety Issue 9 requirements are in 9 Sections

1 Senior Management Commitment

2 The Food Safety Plan – HACCP

3 Food Safety and Quality Management System

4 Site Standards

5 Product Control

6 Process Control

7 Personnel

8 High-Risk, High-Care and Ambient High-Care Production Risk Zones

9 Requirements for Traded Products

Sections 1 to 3 are self-explanatory; Sections 4 to 8 cover Prerequisite Programmes and Section 9 is specific to Traded Products and may not be applicable.

The BRCGS Global Standard for Food Safety contains certain requirements that have been designated as ‘fundamental’ that relate to systems that are crucial to the establishment and operation of an effective food operation. The fundamental requirements are:

Senior Management Commitment & Continual Improvement (Section 1.1)

The Food Safety Plan – HACCP (Section 2)

Internal Audits (Section 3.4)

Management of Suppliers of Raw Materials & Packaging (Section 3.5.1)

Corrective & Preventive Actions (Section 3.7)

Traceability (Section 3.9)

Layout, Product Flow & Segregation (Section 4.3)

Housekeeping & Hygiene (Section 4.11)

Management of Allergens (Section 5.3)

Control of Operations (Section 6.1)

Labelling & Pack Control (Section 6.2)

Training (7.1).

The main changes in Issue 9 are summarised below

Product Safety Culture – There are considerable additions to food safety and culture requirements in section 1.1.2, including more specific requirements for the plan for the development and continuing improvement of a food safety and quality culture. These requirements are not rocket science but are clear, the plan must include communication, training, feedback, prescribed behaviours, performance measurement and timescales.

HACCP/Food Safety Plan – The whole of Section 2 has been aligned with the requirements with the 2020 revision of the CODEX General Principles of Food Hygiene. There have been some changes (shown in red) in alignment with CODEX Seven HACCP Principles and 12 Steps in HACCP Application:

3.1 Assemble HACCP Team and Identify Scope (Step 1)

3.2 Describe product (Step 2)

3.3 Identify intended use and users (Step 3)

3.4 Construct flow diagram (Step 4)

3.5 On-site confirmation of flow diagram (Step 5)

3.6 List all potential hazards that are likely to occur and associated with each step, conduct a hazard analysis to identify the significant hazards, and consider any measures to control identified hazards (Step 6/ Principle 1)

3.7 Determine the Critical Control Points (Step 7/ Principle 2)

3.8 Establish validated critical limits for each CCP (Step 8/ Principle 3)

3.9 Establish a Monitoring System for Each CCP (Step 9/ Principle 4)

3.10 Establish corrective actions (Step 10/ Principle 5)

3.11 Validation of the HACCP Plan and Verification Procedures (Step 11/ Principle 6)

3.12 Establish Documentation and Record Keeping (Step 12/ Principle 7)

3.13 Training

.

Outsourced Processing – There has been an update of the definition of outsourced processing added to the Glossary and updates in Section 3.5.4 Management of Outsourced Processing with an emphasis on ensuring that any hazards associated with the outsourced operations are identified and controlled and that a service specification is agreed including any specific handling requirements for the products.

Equipment – There are major revisions of the requirements of Section 4.6 Equipment including requirements for a documented purchase specification for any new equipment, a documented, risk-based commissioning procedure and other food safety requirements for the management of equipment.

Animal Primary Conversion – New Section 5.9 Animal Primary Conversion with the requirements of the Issue 8 position statement incorporated into BRCGS Global Standard for Food Safety Issue 9.

Authenticity – ‘Integrity’ has been replaced by ‘Authenticity’ throughout the standard to ensure consistent terminology throughout the BRCGS Standards.

Other changes in Issue 9 include updated requirements associated with core product safety activities including as internal audits, root cause analysis, preventive actions and incident management.

The following additional voluntary modules have been reviewed and updated for Issue 9:

Module 10 – Global G.A.P. Chain of Custody

Module 11 – Meat Supply Chain Assurance.

Module 13 – Meeting FSMA Requirements for Food (Previously known as Module 13: FSMA Preventive controls preparedness)

For more information on the BRCGS Global Standard for Food Safety go to the BRCGS website here: https://www.brcgs.com/our-standards/food-safety/

Development of the Standard

The BRC began to develop the standard following the horsemeat scandal in the UK, when it identified the weak link in the supply chain as the lack of traceability back to source for food products. The standard was written in consultation with retailers and certification bodies to ensure full transparency throughout the food supply chain.
https://www.foodengineeringmag.com/articles/92289-british-retail-consortium-introduces-new-agents-and-brokers-standard

In order to achieve certification, Agents & Brokers need to demonstrate that they manage product authenticity, quality, legality and safety effectively. The standard is applicable for businesses in the food, packaging and consumer products industries that buy, sell or facilitate the trade of products, but do not process, manufacture or store the traded products in their own facilities or on their own sites.

The BRCGS Global Standard for Agents and Brokers Issue 3 has requirements in 4 main areas:

1. Senior Management Commitment and Continual Improvement

Senior Management must demonstrate commitment to supply authentic, legal and safe products of the specified quality initially by issuing a documented policy and supporting that policy with clear documented objectives that are also communicated and monitored.

Senior management are required to ensure adequate resources are available, plan to develop a food safety culture, ensure there is effective communication, review systems and implement actions to improve. Product safety responsibilities are not exclusive to the technical department, all members of staff should be committed to and responsible for product authenticity, quality, legality and safety, including logistics, sales and purchasing personnel.

2. Hazard and Risk Assessment

The Standard requires hazard and risk analysis and the development of product safety plans (based on CODEX HACCP principles) covering the services/operations the company manages or specifies.

12 Steps in HACCP Application are as follows:

1. Assemble HACCP Team and Identify Scope
2. Describe product
3. Identify intended use and users
4. Construct flow diagram
5. On-site confirmation of flow diagram
6. List all potential hazards that are likely to occur and associated with each step, conduct a hazard analysis to identify the significant hazards, and consider any measures to control identified hazards (Principle 1)
7. Determine the Critical Control Points (Principle 2)
8. Establish validated critical limits for each CCP (Principle 3)
9. Establish a Monitoring System for Each CCP (Principle 4)
10. Establish corrective actions (Principle 5)
11. Validation of the HACCP Plan and Verification Procedures (Principle 6)
12. Establish Documentation and Record Keeping (Principle 7)

Training of personnel in HACCP principles and applications is also an essential element for the effective implementation of HACCP. As an aid to training to working instructions and procedures should be available that define the tasks of the operating personnel in charge of each Critical Control Point.

3. Product Safety and Quality Management System

The standard requires documented Product Safety and Quality Management System procedures which cover key system management elements including:

• Documentation Control
• Control and Maintenance of Records
• Customer Focus and Communication
• Internal Audit
• Specifications for Products
• Traceability
• Complaint Handling
• Corrective Action
• Control of Non-Conforming Product
• Management of Incidents
• Product Withdrawal and Product Recall

4. Supplier and Subcontracted Service Management

The standard requires a risk-based approach to the selection and management of product manufacturers, subcontractors and service providers to ensure products and services are only sourced from approved manufacturers and suppliers of services, following agreed specifications, with a traceable and transparent supply chain.

Suppliers of product must be evaluated for their ability to meet specifications for the products they are supplying including product authenticity, legality and safety requirements whilst considering:

• the nature of all the products and their associated risks
• customer-specific requirements
• legislative requirements
• source or country of origin
• the potential for fraudulent activity in the supply chain

Approval of manufacturers of products should be based on risk and can be based on valid certification of the manufacturing or packing site to the applicable BRCGS Standard or a standard benchmarked by the Global Food Safety Initiative (GFSI) or a supplier audit with a scope to include product safety, traceability testing, HACCP or hazard and risk management review, the product security (food defence) plan, the product authenticity plan, and good manufacturing practices.

For products assessed as low-risk only, initial and ongoing approval may be based on a completed manufacturing site questionnaire.

There also needs to be approval and monitoring of service providers (e.g. storage, or transport) whilst considering:

• risk to the safety and quality of products
• compliance with legal requirements
• customer requirements
• potential risks to the security of the product

Changes in Issue 3 include alignment with the GFSI benchmark, a requirement for senior management to plan and develop a food safety culture and a greater emphasis on food authenticity and food defence. There are also updated requirements for product safety activities including internal audits, preventative action, root cause analysis and incident management.

BRCGS Global Standard Issue 8

The BRCGS Global Standard for Food Safety Issue 8 requires a Food Safety Management System to be compliant in 4 key areas:

• Senior Management Commitment
• A HACCP/Food Safety Plan
• A Quality Management System
• Prerequisite Programmes

The BRCGS Global Standard for Food Safety Issue 8 requirements are in 9 Sections

1. Senior Management Commitment
2. The Food Safety Plan – HACCP
3. Food Safety and Quality Management System
4. Site Standards
5. Product Control
6. Process Control
7. Personnel
8. High-Risk, High-Care and Ambient High-Care Production Risk Zones
9. Requirements for Traded Products

Sections 1 to 3 are self-explanatory, Sections 4 to 8 cover Prerequisite Programmes and Section 9 is specific to Traded Products and may not be applicable.

The requirements BRCGS Global Standard for Food Safety Issue 8 deemed fundamental are:

• Senior management commitment and continual improvement (1.1)
• The food safety plan – HACCP (2)
• Internal audits (3.4)
• Management of suppliers of raw materials and packaging (3.5.1)
• Corrective and preventive actions (3.7)
• Traceability (3.9)
• Layout, product flow and segregation (4.3)
• Housekeeping and hygiene (4.11)
• Management of allergens (5.3)
• Control of operations (6.1)
• Labelling and pack control (6.2)
• Training: raw material handling, preparation, processing, packing and storage areas (7.1)

These requirements are essential to an effective food safety operation, failure to address any of these areas effectively would result in a fail during a certification audit.

Pest contractors have said that remote pest audits can be done in the interim if a site visit isn’t feasible and things like trend analysis review meetings can certainly be done remotely. This is better than not happening at all, but we have heard of occasions where pest contractors have not been given remote access to on-site pest control management systems and that’s mainly due to security reasons or hurdles. This can be very easily addressed by NDA’s or confidentiality policies. What we do know is that monthly pest control visits have been maintained and we haven’t really heard of many issues with that.

What we have heard is that field biologists weren’t always allowed on site, or their visits were being postponed. We heard some sites could end up not having a field biologist visit for nearly two years by the time the pandemic is over. This does contravene clause 4.14.10 of the food standard. We are not clear why field biologists weren’t being allowed on site, is it cost cutting or is it that sites don’t fully appreciate what the field biologist contributes or was it because the staff were being furloughed and they weren’t there to action the report? We don’t know but certainly what we heard was there was a 35% reduction in food and field biologist visits from one contractor. This of course raises some concerns, not only from a food safety point of view, but also because of all those delayed visits we’re going to have that inevitable backlog of scheduled visits and that now must be managed. So, this begs the question do sites fully appreciate the importance of your field biologist?

Just to add to the concerns from pest control companies, we know that some food sectors saw a huge increase in production demand at the early stages of the pandemic and if this is not managed correctly this can lead to less time to clean and less downtime for maintenance and deep clean. If you add in problems with stockpiling of raw materials and finished products and warehousing this could result in more places for a pest to harbour. If that’s not managed correctly, you’re going to end up with these sudden emergency callouts which are more costly for the site at the end of the day and that’s what we want to avoid.

The other thing that’s important to remember is when the lockdown happened it happened very quickly, and some sites just didn’t have a formal shutdown process. They didn’t have time to implement a thorough shutdown process and that could have led to some food safety prerequisites, such as pest control, not being managed correctly. It’s imperative that everybody has a reopening procedure implemented for when sites or parts of the site are reopened.

Information on pest sightings during the pandemic and whether they increased or decreased. This was a survey conducted by the British pest control association (BPCA) and they found that during the pandemic there was a 78% increase in rat activity and a 63% increase in mice activity. This emphasizes the importance of rigorous compliance especially around proofing and monitoring. It also emphasizes the fact that compliance isn’t just for the audit. Sites must operate in accordance with the BRCGS food standard 365 days of the year if they expect to maintain a rigorous food safety management system. If you have some parts of your site have been closed during the pandemic it might benefit from a field biologist visit to help you out with your reopening. ‘Becoming pest ready’ is another document by the BPCA with some guidance on how to reopen your site. That can be found on the BPCA website.

Moving on to non-conformities, the question is, did the pandemic create new non-conformities or have a notable impact on their prevalence? You can see in this image the percentage of audits that contained certain non-conformances. We just want to put this into context. To understand whether non-conformances differed during the pandemic was quite tricky because there was the added complication of comparing two untypical years. For most sites, 2019 was their first Issue 8 audit which was published in August 2018. Which means their first audit was 2019 and that always affects the pattern of non-conformances at sites because sites have got to get used to the new clauses and take some time to understand how to apply them to their facility. Then of course in 2020 we have had the pandemic, so we have had two consecutive years of potentially untypical data to try and trend.

If you look at the right-hand side of the image, clause 1.1.2 food safety culture was new in 2018 and that immediately was the top of the non-conformances. It’s relatively new for our industry and similarly with clause 2.7.1, the radiological hazard bullet point was new to sites, and this caused some non-conformances. If you look on the right-hand side for the following year those non-conformances moved down to position three and five. What we do see over the years is that the non-conformances have only changed slightly, and the top non-conformances have not had a huge amount of change. Not all the statistics on the remote audits have been done yet because we don’t really have a significant number of audits completed to make the statistics meaningful but what we will do is continue to monitor that as the pandemic progresses.

What we can see is that the overall number of minor non-conformances allocated were slightly down year on year but mostly consistent which suggests that, despite all the challenges, sites are maintaining their food standard clauses reasonably well. Sites must maintain their food safety standards during the pandemic, and they have had to make an awful lot of changes to their sites and operationally to comply to the new Covid rules. We know sites had to focus on these four specific clauses: 2.14.1, 2.2.1, 5.1.2 and clause 4.11.3.

What’s useful here is that the standard gives them flexibility to change systems in a controlled way and therefore maintain food safety and risks. This reinforces how standards are designed to help sites to manage changes such as the pandemic.
Finally, just a word about training. One of the key lessons was that remote working thrust virtual learning into the limelight. This has had a huge impact in breaking down the geographical boundaries that have been traditionally associated with classroom learning. If we look at the importance of having contingencies for training when face-to-face training is not possible. BRCGS has training locations all over the globe. They really took an early commitment that they were going to find ways of adapting to support their certificated sites to continue to develop their teams and to maintain this technical level of competence.

Sites that are more agile and more people-centric will be much better positioned to bounce back stronger once this pandemic is over so by adapting our content and our approach, we have redeveloped our packages to make sure that they’re providing an even better online experience. BRCGS had to reconsider how they did training, they had to adapt and to change. They have reframed the content to make it more online friendly, adapted the training methods so learners are getting a much better experience out of the virtual classroom environment. It’s all now delivered through virtual platforms they have even looked at mobile micro learning. That’s where they’re developing these mobile friendly learning options made as easy as possible for people to learn. There are platforms to allow learners to target specific skill areas that really meet their requirements and their business and professional schedules. Virtual events at BRCGS have switched from traditional learning conferences to virtual conferences and they have been a huge success they are going to continue to support their global network with virtual in-person and hybrids events in 2021 and 2022.

Auditor Feedback

1. Preparation is key. With the remote audit approach, preparation by the auditor is much more intensive around the pre-order to review of documentation. It’s important for everyone to understand the pre-audit submissions review, and understand the process so as an auditor you can request the right information beforehand.Although there’s lots of similarities between the on-site and the off-site audit, remote document review generally requires information specified by the auditor to be uploaded onto a document portal. Scanning rather than photographing and uploading documents can take some time so auditors need to make sure that the company is aware before the order date of exactly what information will be required. During the audit itself they’re going to need lots more documentation so to enable that it’s important to have a scanner available if possible.
2. Test that your site it is compatible with the certification body systems. Compatibility can be an issue so the company needs to make sure the IT team is on hand on the day. It’s very important that we’ve got the right people available on the day to help with any technology troubleshooting. We all know video streaming can be poor when internet bandwidth isn’t at its best and of course with these audits taking place all over the world, some in very remote locations where wi-fi and bandwidth is a problem. If you think this could be a problem, it is probably a good idea to request a wired connection to a LAN or some sort of router ahead of time to ensure there aren’t delays on the day. You also need to check in case the company firewall has any internal controls or restrictions. On-screen sharing may need to be resolved in advance.
3. Test the technology in advance. It is a good idea to arrange a dry run in advance if it’s at all possible. The audit day time constraints on the auditor are tough enough already without the pressure of IT problems. It also allows the site and the auditor to have a chance to get to know each other before the actual audit day. Another consideration is that many sites experience live streaming problems due to a faraday cage effect that steel framed factories present and just to get around this the company can possibly upload a pre-recorded video requested by the auditor or present them via a shared screen. If live streaming is possible just be aware of the noise in the plant and how this can impact the auditor and of course the auditor doesn’t have control over the camera and where it’s pointing. A solution for this can be a team approach to the filming maybe involving two or more people with a camera operator and a quality manager using separate devices.Another point is with a typical on-site audit day, the team will all sit around a table during the audit which works well, however when you’re doing it remotely placing the laptop in the middle of a large table to allow everyone to join in doesn’t work so well particularly if the microphone isn’t picking up the sound or if the meeting rooms are a bit echoey. Moving the auditors closer to the microphone may cause social distancing issues so it’s probably better to have everyone logged into an audit platform with headphones and individual microphones.
4. Get familiar with video conferencing. Throughout the pandemic, the use of video conferencing has developed immensely and everyone is now much more familiar with these systems. Certification bodies may have their own platforms whether it’s Microsoft teams or Google, Skype or Zoom. The auditors can be trained in these and get familiar with them. Then they don’t have to deal with resolving any IT issues concerning these platforms, on the day. They’re familiar with the system, they’re not using some alien system on the day. Not knowing how an unfamiliar platform works it’s just extra hassle and extra stress for your auditor and you don’t want to have a stressed auditor!
5. Put a plan in place for poor wi-fi. We’ve mentioned this already but if you were intending to be live streaming during the factory visit but it’s not possible due to wi-fi you could try pre-recording a video of the production facility. However, before you do this you just also need to consider national privacy laws and you must make sure that the video gives a good representation of the site. It doesn’t have to be cinema quality but try to avoid things like nausea inducing rapid panning from one side of the factory to the other. Just think about what it is exactly that your auditor wants to see and focus on those details. Following up on the HACCP process flow diagram might be a good place to start the video. Try experimenting with different recording technology and avoid using the portrait style videos if possible. A digital camera can sometimes be better than a phone camera as it’s easier to transfer the videos onto a computer and so on.

To recap, we’ve talked about additional steps such as having confidentiality agreements or NDAs to be signed and just to consider documents such as the IAF ID3 or AFMD4 docs need to be understood and agreed with your certification body and if you’re not sure about these just have a chat with your certification body about it. Sites had to learn where their wi-fi hotspots and black spots were in advance of the audit and that’s not something your typical technical manager knows anything about. We’ve heard of some extremely remote sites having no wi-fi at all and making it impossible to conduct a live remote audit. We do know that sites and auditors have used a huge variety of hardware and software. Everything from smartphones, ipads, laptops, even CCTV. They’ve used Go-Pros, they’ve used Whatsapp, they’ve used Microsoft teams. Some have been more effective than others.

ICT however doesn’t in any way constitute digitalization and this is usually an enterprise-wide project requiring investment and lots of detailed projects. The pandemic has not necessarily accelerated digitalization in that respect and it may in fact have slowed down the process in certain businesses. Companies who had started the roll out of a digitalization product may have delayed it because the pandemic took priority but having said that companies that already had digitalization food safety platforms in place had a three-fold increase in their use because those customers realized they could effectively manage their compliance systems remotely using a full set of features that their digital platforms already offered. In other words the pandemic encouraged digital users to exploit a digital based compliance solution that they already had. This is supported by feedback from those using remote technologies to perform internal audits. They enhanced their control to mitigate food safety risks during the pandemic and reiterate the importance of strong internal audits especially when third party audits weren’t possible.

So those who had digital systems in place were very grateful and it really made it a lot easier for them to share their documents with external auditors, it made the entire audit and remote audit experience much more effective.

An example of a rapidly evolving digital tool used in the food industry is digital pest monitors. These integrated pest management tools are a critical component of any food safety program and tools such as rodent monitoring service sensors can protect operations from pest infestations and the related risks of disease, product loss and recalls. They can help ensure your site is audit ready and compliant with lots of the complex regulations associated with food safety standards

We will talk more about pest management and control in the next article.

Preparing for a Remote Audit

The image below shows quite a detailed diagram on preparing for your remote audit to meet the BRC Food Safety Standards. It’s a nine point checklist that BRCGS offered certificated sites just to give you a flavour of what BRC proposed and what you’ll actually read later is that the feedback and the lessons learned pretty much mirrored a lot of these points.

1. The Process. This is all about having to engage your staff in the planning of the audit and having the training and practice in advance. Make sure that the right people are available throughout the audits including the leadership team.
2. Assess access support information. There’s lots of information out there publicly available to help you with your remote audit so go to your certification body, go through iso or even go to the international accreditation form. Lots of great information available for you to use.
3. Planning is absolutely essential. Really identify who’s going to be doing what. Is there a role for audit assistance to help support the smooth running of the audit? Who’s going to hold the camera? Who’s going to gather all the evidence? Also don’t forget to plan some breaks from screen time. You need natural breaks because a remote audit is very different and it can be much more intense in many ways.
4. These are IT considerations. Now you do have to test and map out your wi-fi signal throughout your site. It would probably be a great idea to have an IT person available throughout the audit. Plan in advance how to share documents and maybe set up a separate audit room. There’s lots of planning that needs to be done there and having a designated room is a great idea.
5. Preparation. So do a mock test of the equipment with internal and external people. Identify your weak wi-fi signal areas. Test that the lighting on site is good enough so that the auditor is going to be able to see everything clearly from their remote screen. You can send them a map of the site so they know in advance the location of everything.
6. More planning again is absolutely imperative. This time in conjunction with your auditor in advance of the audit day. Try and identify what documents need to be ready and which can be sent in advance.
7. Company policies. It is particularly important to consider site security policies, both the site security policies of the auditor and the certification bodies. Just make sure that all the systems are communicating with each other and can be shared and accessed remotely. Auditors have reported their feedback where they’ve struggled with this consideration.
8. Making sure that the outcomes of the audit are followed through as they should be.
9. Particularly important is to take any of the experience that you’ve gained from the audits and reuse them the next time. Again that is some feedback that we’ve had from auditors that the more they’ve done these remote audits, the easier it’s become.

We know that approximately 20,000 food safety audits took place in the last 12 months and a small percentage were remote audits and blended audits.

We wanted to share a little bit of how that’s worked regarding maintaining supply chain confidence and fluidity. Remote audits are providing reassurance that suppliers are still operating to high safety and quality levels. This is based on the BRCGS remote audits done globally.

During the pandemic what we can see is that there was an increasing trend of remote audits taking place between September 2020 and December 2020 across the globe. In total there were 662 remote audits and they were conducted in 73 countries. Of these, 46 were remote agents and broker audits, 78 were storage and distribution audits, 145 were remote packaging material audits and 355 remote food safety audits.

We can also see it split up by country and about 50 percent of those audits were conducted in Europe, a total of 338 of them. This shows us that the sites, the certification bodies and auditors all got on board reasonably quickly with the new audit options available to them. Their confidence grew as they got used to this new way of working and we can see that reflected in the number of audits done from September right through to December.

In a typical year, approximately 20,000 or more food audits would be completed to the BRCGS food standard. We did see a slight drop off initially during the pandemic but that picked up as the year went on and by January 2021 the number of audits completed were actually more or less the same year-on-year.

We can assume that there have also been less visits overall to sites by specifiers and customers and the question is, has this led to complacency? We will explore this later on in the article.

There was much feedback from the auditors that conducted these remote audits. For them, it was actually quite a bit of a culture shock as well as the site owners as neither had much experience with these that led to a few issues. Many sites hadn’t thought about investing in much of the necessary equipment so there were complaints of poor quality headphones, poor wi-fi in some or all areas, poor lighting that made it very difficult for the auditor to see the standard of construction, and so on. It made a lot of auditors realize how much they rely on the sense usually while conducting an audit, observing the environment and listening to interactions between employees. These were all challenges to a remote audit.

Another issue was that some companies were nervous about releasing their documentation over email but measure such as non disclosure agreements were used to allay most of those fears.

So auditors were initially quite sceptical about how video observations of facilities would work out, given that auditors would lose most of their senses except sight when viewing remotely and the video presentation indeed does not replace a walkthrough of the facility. You do really need to be present on site to get the full experience of the culture of the company and its staff through its operational practices but video does afford some understanding of the process and the overall standard of construction and equipment.

It gives you a pretty good idea about the housekeeping and the hygiene and the general current operating standards.

Some specifiers did want their usual auditor to do the remote audit instead of a new one because they are already familiar with the site layout and they know where the blind spots are but then we also heard that new auditors were seeing new non-conformances because they were less familiar with the site. So by having a new auditor and also by having the documentation in advance this could actually allowed the auditor time to do a more in-depth risk assessment and therefore some sites saw an increase in documentation for non-conformances

We will continue to discuss further lessons that were learned during the pandemic in our 3rd part of this series of articles.

Food Safety Challenges

So this pandemic that started in March 2020 has really disrupted the lives of everyone, but one thing that hasn’t changed is the need for food safety. Food safety is a priority for customers, specifiers, brand owners and ultimately for consumers.

The challenges that the pandemic brought about were immediate. They occurred very rapidly, they were mostly unknown and they are ever changing. The word, unprecedented, was used a lot over the last year and it was no different in food safety. It was new territory for everyone involved in the food safety chain.

So the new challenges faced by food business operations included supply chain disruptions amongst other things, but it was actually people that were most affected and the importance of staff health was upmost. One major problem for businesses was the lack of staff availability due to staff illnesses, staff self-isolating, a lack of appropriate PPE and staff needing to organise child-care and home schooling.

In fact the lack of PPE was a major issue as there simply wasn’t enough to go around, and businesses couldn’t get it ordered and delivered quick enough. These kinds of issues were impacting sites and their food safety during this pandemic. Even problems with staff getting to work with restrictions in local and national travel, and especially international travel.

So there was a lot of uncertainty over how food sites were supposed to maintain standards. How do you deal with restrictions on who is an essential worker and who is not. Especially when these restrictions and changing all the time, and are different in different regions and dependant on what part of the country you are in.

This has lead to much confusion and some delays and disruption but of course the demand from the public was increasingly for safe food, especially in the retail sector. The pandemic also affected the ability of some prerequisite services to operate like pest control, waste disposal and cleaning agencies. They were in huge demand but with staff on furlough and other challenges the supply chains were challenged.

So the pandemic has created a very clear prerequisite for all of us and that is adapt how you operate your business or risk losing your business altogether. With all of that going on how were you expected to ensure effective oversight of your food safety management system when resources were compromised or, another way of looking at it, with less staff on site how do you ensure that your food safety systems are not at risk.

We know thousands of sites demonstrate their commitment to food safety by getting certificated to a GFSI scheme such as the BRC global food standard and maintaining that certification during the pandemic was not without its challenges.

We have observed over the last 12 months how businesses have adapted to ensure they have maintained food safety and maintained their certification during the pandemic. There are many lessons to be learned from this pandemic and there is still more to be encountered as the pandemic continues its course so of course, these lessons cannot all be covered in this article.

Just focussing on five main areas of discussion, the first is talking about how BRCGS adapted their approach to auditing to ensure all sites had options to maintain their certification where possible. Also going to talk about the use of ICT and digital platforms to help make the audit process feasible for both sites and auditors. We will also take one of the prerequisites, Pest Control Management and discuss some feedback that we had from two pest control companies on their lessons learned and then we can mention briefly some of the known conformances raised during the pandemic just to understand if we’re seeing differences across sites as a result of the new audit approach that were taken at BRCGS. Finally we can discuss the importance of having contingencies for training when face-to-face training is not possible.

In the face of all this, BRCGS adapted their approach to auditing to give sites a set of options to maintain their certification. There was also some good feedback received from the auditors and certification bodies which I will talk about too. BRCGS launched a suite of audit options that took in to account a number of issues like the GFSI’s position and requirements, the account brand, the retailer feedback, the ever changing and evolving local restrictions, and auditor availability. The maturity and the history of the site’s certification was also taken into account.

The following image shows the audit options available to businesses during the pandemic.

Announced  audits still continue to be used where it is possible for an auditor to conduct an on site audit. One thing that was learned very early on in the pandemic though was that unannounced audits were in fact an unnecessary burden on sites and they actually increased the challenges of both the certification bodies and auditors in arranging the audits. So BRCGS took the decision to temporarily suspend the unannounced audit program until at least the end of 2021. Where this happens the certification body will contact the site to arrange either an announced audit or blended audit. BRCGS will keep this temporary suspension under review and hope to restart unannounced audits as soon as possible. Sites will be given at least 3 months notice before they can be offered this option but if a site really needs an unannounced audit this can be carried out by exception. For example, if a customer requirement insists upon it or if perhaps it is part of a combined audit with another standard.

The blended audit can be carried out where an on-site visit is possible, but only for existing sites. This blended audit approach consists of 2 parts. The online remote assessment of some or all of the documents plus the shorter on site assessment. This requires a reduced amount of time for the auditor to be on site. This works well when an auditor can visit a country or region for a short amount of time before having to quarantine. This blended audit option will remain in the future for announced audits.

Where access to the site is not possible and the audit is due, the certificate extension could apply. There must be an existing valid certificate in place and this can be extended by 6 months based upon a risk assessment and review by the certification body. It is based on the controls that are already shown to be in place on the site.

Next option on the list is the full remote audit, which is not GFSI benchmarked. This is available for sites where the certificate extension has expired but it is still not possible for a visit to take place by an auditor due to Covid restrictions. It could also be used if a site does not need a GFSI recognized certificate. It involves a complete review of internal audit documents and usually a video audit of production and storage facilities.

Finally the BRCGS also offer a Covid-19 additional module and have published a separate assessment standard and may be used to provide assurances around the management of Covid-19 risks. It’s carried out like a remote audit and focuses on the areas of the food safety system which are potentially at a greater risk as a result of the changes forced to address over covert 19.

BRCGS offers plenty of options to allow sites and certification bodies to work together to ensure food safety assurances are still in place during the pandemic. However in order for these options, especially the remote and blended options, to be successful sites had to adapt their approach to the audit.

In the next article in this series we will be talking about some of the obstacles and issues that had to be addressed to carry out the various audit options available, and feedback on these from both the sites and auditors.