Last July FSSC22000 launched version 4.1 from its international food safety and quality management system certification scheme. According to the news posted on FSSC 22000 website on July 2017, this new release, only 7 months after version 4, was justified by:
- Publication of the GFSI Benchmarking Requirements document version 7.0 in March 2017 and subsequently version 7.1 in May 2017.
- Evaluation of FSSC 22000 version 4.1 against European Accreditation (EA) procedure
- Need to clarify and correct the text of version 4.0 in version 4.1
The recent history of the FSSC 22000 scheme and its main landmarks are depicted chronologically in the diagram below. The FSSC is a nonprofit foundation, governed by strict bylaws to ensure its independence.
Part II of the requirements was interpreted by Kassy Marsh, proud creator of Techni-k team and co-author of this article
Part II – Requirements for Certification
The main changes are in: Section 2.1.4 – Additional requirements; Section 188.8.131.52 – Food defense; Section 184.108.40.206 – Food fraud prevention and Section 220.127.116.11 Environmental monitoring.
The major difference in additional requirements between V4 and V4.1 is that two requisites were removed: Supervision of personnel and Management of supplied materials. The deletion of clause Supervision of Personnel (18.104.22.168 – V4) as an additional requirement is understandable, since organizations may found guidance regarding this topic in ISO 22000:2005 clause 6.2.2. The requirements necessary for the Management of supplied materials are present in all ISO/TS 22002 series as one of the mandatory prerequisites to implement and therefore this subject continues to be fully addressed.
Food defense and fraud prevention
Where threats are identified, control measures must be put in place. FSSC has changed the term used in Food Fraud Prevention clause from preventive measures to control measures, within the changes made from version 4 (clause 22.214.171.124) to version 4.1 (clause 126.96.36.199). Control measures is an expression defined by ISO 22000:2005 as action or activity that can be used to prevent or eliminate a food safety hazard or reduce it to an acceptable level. This change may be of assistance to food safety practitioners used to apply the concept in the HACCP plan. The clause Annual Review (188.8.131.52.3 – V4) is renamed to Plan (184.108.40.206.3 – V4.1). The new content introduces mandatory compliance of the Food Defense plan with legislation and states that the plan content (policies, procedures and records) shall be supported by the organization’s Food Safety Management Systems and by consequence reviewed together with it (that is probably why “at least annually reviewed” was deleted).
The changes in Food Fraud Prevention are similar to the ones done in the food defense plan requirements. In this section, again preventive measures are substituted by control measures and the “new” food fraud prevention plan (instead of procedure) must also be supported by the organization’s Food Safety Management Systems.
In V4.1, the categories impacted by this additional requirement are clarified:
- Category C (processing of perishable animal products, processing of perishable plant products, processing of perishable animal and plant products (mixed products) and processing of ambient stable products);
- Category I (production of food packaging and packaging material);
- Category K (production of (bio)chemicals)
The environmental monitoring program requested by this clause aims to verify the effectiveness of cleaning and sanitation programs and guarantee that it meet the verification requirements as described in ISO 22000. The good news to all the food safety teams is that if you have a well implemented prerequisite program (where verifying sanitation effectiveness is requested) and well implemented validation, verification and improvement of the food safety system (Clause 8 from ISO 22000:2005) you have this additional requirement well covered.
Part III – Requirements for certification process
The major changes can be found in: Section 3.2.2 – Surveillance audits; Section 5.0 – Transition for FSSC22000-Quality and Section 8.1 – Reporting
Clause 3.2.2 was introduced: “If not all audit objectives are fulfilled during an unannounced audit, an additional one shall be performed in which the nature shall be determined by the CB”.
An unannounced audit, due to its nature can be trickier to plan and keep on track. This type of audit means that organizations are not notified in advance of the audit, with it starting within one hour from the auditor arrival. As well as this, the auditor must spend at least 50% of his time in the production area which means that it can be a real challenge to also analyze the important documents within the available time left. We must also take into consideration that some important people may have scheduled meetings or even another audit(!) for that day, so may not be readily available for the auditor. A new audit will also impose an additional cost to the scheme implementation and maintenance.
Transition for FSSC22000-Quality
The conversion from ISO 9001 to FSSC 22000-Quality certification is now clarified. The transition audit is based on re-certification scheme requirements and there is no need to realize a full stage 1 and 2 audit to confirm compliance of the food quality management system with all scheme requirements. The simpler re-certification audit is an advantage in terms of process complexity, time and cost and will result in a new FSSC 22000-Quality certificate with a regular validity of three years.
The previous Reporting clause: 7.1 in version 4, stated that the organization should report serious events to the CB within three working days of occurrence. Now, they must do it immediately! And what are serious events? Legal proceedings, prosecutions and the outcomes of these related to food safety or legality; public food safety events (such as public recalls, calamities, etc.); and extraordinary occurrences as war (!), strike, riot, political instability, geopolitical tension, terrorism, crime, pandemic, flood, earthquake, malicious computer hacking, other natural or man-made disasters. The objective of rapidly reporting is so that the CB can take appropriate steps to assess the situation and intervene with additional verification activities, for example. So, before running for your anti-nuclear bunker do not forget to mail the CB!
This article was written in collaboration with Kassy Marsh
Disclaimer: The information contained on this article is based on research done in the last months and the authors personal experience and opinion. It is not intended to represent the view of any organization they work for or collaborate with. The authors will not be held liable for the use or misuse of the information provided in the article.