This article was first published in Quality Progress Magazine (September 2017), the flagship publication of American Society for Quality
I was invited to write an article about unannounced audits by Quality Progress Magazine. Below we can find an resume from the article.
Most of the controversy that has been affecting the confidence on the certification by food safety schemes over these years is mostly due to three factors:
1. The most common drive for implementation is external (for example, clients).
2. The certification body is selected and contracted by the organization that needs to be certified.
3. The audits are scheduled in advance, which compromises the spontaneity of the audit day.
The approach of the food safety schemes regarding unannounced audits has several interesting nuances
In recent years, more organizations have decided to voluntarily join unannounced audits programs. Last March, however, a decisive step was taken to the generalization of this principle when the Global Food Safety Initiative (GFSI) released 7.1 version of its benchmarking requirements. Clause 2.5.5 defines as mandatory that certification programs owners “shall ensure that unannounced audits, which can offer a greater degree of assurance compared with announced audits, shall be available as a preferred option in the program offered by the scheme.”
The approach of the food safety schemes regarding unannounced audits has several interesting nuances. At first, these differences are certainly something not expected from schemes that are benchmarked against the same GFSI requirements, but most probably they’ll tend to attenuate as soon as each scheme is updated.
As shown in Table 1 (source: ASQ Magazine), BRC was the first to introduce the possibility of unannounced audits. The BRC audit protocol for unannounced audits states that this option “provides sites with the opportunity to demonstrate the maturity of their quality systems.”
In this interesting formulation to sustain the importance of unannounced audits, it’s somehow implicit that organizations with less-mature systems should not apply for unannounced audits. Although true, it’s not the lack of maturity of organizations’ food safety scheme that explains why so few of them have chosen to join unannounced audits (6%, according to the BRC technical team) but again, as in the case of the certification itself, clients defining it as mandatory or not.
Table 2 (source: ASQ Magazine) shows the main characteristics of BRC’s unannounced audit program. What distinguishes it from the other food safety schemes is that organizations can choose between two options. In option one, all the audits are unannounced. In option two, good manufacturing practices are audited first (unannounced), and a second audit is planned to look at documented systems and records.
Despite unannounced audits only being introduced in International Featured Standards (IFS) Food Audit Protocol in February 2016 (to be applied after October 2016), IFS had another program called “IFS Food Checks.” The aim of that program was to verify – in a one-day unannounced audit – whether a food producing company complied in daily operations with the processes that were audited during the IFS food audit.
The two main differences between the previous food checks and unannounced audits are:
- Food checks were carried out independently from the certification body (for example, auditors were assigned by IFS Management GmbH).
- Food checks were an extra audit and did not replace the recertification planned audit.
In IFS, before each renewal audit (that is, previous to the beginning of the audit time window), the organization must inform the certification body whether the unannounced audit is the chosen option.
Contrary to BRC and IFS, the Food Safety System Certification (FSSC 22000) mandates that certified organization have at least one unannounced audit after the initial certification audit and within each three-year period thereafter.
Besides that, there is no time “window” definition for the unannounced audit to take place, and the certification body may choose which of the surveillance audits will be unannounced. Although there is no time frame defined for the unannounced audit, it is mostly expected to be close to the due date (like the other schemes). Otherwise, it would reduce significantly the time of the certification cycle and increase its the cost.
In SQF, like FSSC 2000, at least one of the recertification audits must be unannounced in each three-year cycle. What’s different is that the unannounced audit year shall be determined between the supplier and the certification body, and within a 60-day window from the initial certification audit anniversary.
How far will unannounced audits expand?
The main question is, “ How far will unannounced audits expand?” One thing is certain: the speed and evolution of this transformational paradigm in the food sector will be brought on by big retailers’ pressure, similar to the initial implementation of food safety standards.
Another main driver could be if more official authorities follow the Canadian example and start to consider the results of certified external audits. If unannounced certified audits become more common practice and official authorities give them credit (for instance, reducing the amount of controls to the companies that join such programs), it could be an additional incentive to implementing unannounced audits.