4 replies to this topic

[heather]

Hi,

Currently in process of getting company ready for BRC audit in Nov. Can anyone help me in how to complete a risk assessment to determine the frequency internal audits should be carried out ?

Heather

[Charles.C]

Dear Heather,

Welcome to the forum,

The problem is whether BRC require a “real” risk based procedure. Some previous forum threads on other parameters suggest for many instances within the standard the answer is NO. Typical BRC confusion tactics.
If a "proper" risk approach is sought, here is a rather remarkable Australian / NZ system for external audit frequencies. Much less complex to use than it looks.
 FS_standard_of_practice.pdf   993.68KB   670 downloads

 food_business_priority_classification.pdf   66.98KB   508 downloads

The documents detail the principle of one possible route; the stated ranges, frequencies and choice of defects can of course be adjusted as required, eg if used for internal purposes.

No doubt other people can suggest even simpler schemes (or no prioritisation required at all) ?

Rgds / Charles.C

[Simon]

Any more comments?

Was this helpful to you Heather?

[moo73steve]

Hi,

We are not BRC certified, but are ISO 22000, and use a very basic risk assessment for determining the frequency of our internal audits. Basically a rating based on likelihood and consequence added together with a set limit for twice a year vs once a year internal audits.

I am not sure if this will help at all, but here it is anyway.... I have removed some items from the form, which is why it looks incomplete, but left enough to get the idea.

Thanks

Steve

Attached Files

•  Audit_Schedule.doc   125KB   810 downloads

[Simon]

Thats great, thanks for sharing Steve.

Regards,
Simon