I like to keep a casual watch on developments in the “ccp/oprp selection market” since it has succeeded in producing so much confusion.
It seems that an equivalence between oprp and “control point” is acknowledged although the word "similar" is perhaps well-chosen, see below –
What Is an Operational Prerequisite Program?
oPRP is a term unique to ISO 22000. In many ways, the oPRPs are similar to the Control Points (CPs) that are present in the U.S. definition of HACCP. Codex, and thus, the rest of the world, does not define CPs in their HACCP literature.
oPRPs are identified by the hazard analysis. If a loss of control occurs, actions need to take place to bring the process back into control. However, controlling an oPRP does not prevent or eliminate a food safety hazard or reduce it to an acceptable level. Controlling an oPRP does reduce the likelihood of introducing a food safety hazard or the proliferation of an existing food safety hazard in the products or the processing environment. oPRPs must be validated, verified and monitored to ensure effectiveness of the food safety system. For example, a poultry further-processing plant purchases boneless chicken breasts and processes them into a ready-to-eat product. As part of the food safety control plan, there is a receiving specification that requires that all raw chicken breast be received at temperatures less than 40 °F. In addition, the processing specification requires that chicken be cooked in an oven to a minimum of 185 °F before freezing and packaging. The receiving temperature could be classified as an oPRP, and the final cook temperature would be a CCP
(Surak et al, August 2009)
(Note that the sentence "However, controlling an oprp....acceptable level" does not fully agree with the text in Procert below, in later biz.tree example or the text in penultimate attachment)(*Sighhhhh* )
Very quick look back shows the analytical choice has been between elegant but lengthy assessments like Modarres and shorter types like Charlorne (I’m sure you all know the links already) (if otherwise can try the files collected in this post -
The fundamental difference I suppose is that the first does the ccp/oprp cut based on the control measures, the second focuses on the hazard plan risk assessment . I have never heard anyone complaining that a method across this range was rejected by the auditor so presumably both ends are acceptable as such although the latter is seemingly not quite compliant with the literal standard.
Regarding “trees”, the only published one I know is the Procert one already referenced here and of relatively long standing [added - in fact hv now seen several more but only in the French literature].
The Procert tree is –
ProCert_ISO_22000_decision_tree.pdf 126.1KB 1612 downloads
It can be seen that this also selects via the control measures step but now down to only 3 - a,b and f. Hv seen this simplification utilised (unpublished) by simply adding a (compliancy) column to the standard HACCP table. Presumably Procert considered that prioritising only on abf was justifiable. Good for them ! (But also see text after next attachment)
[added - it seemed worthwhile to add this related chunk of text taken from the Procert website -
in this issue, the essence lies in the selection of control measures which must be effective and validated. The storm generated by the question of knowing whether a control measure belongs to a CCP or an oPRP is without doubt a residue of the application of Codex and its tree… where, if there was no CCP, there was nothing!
With ISO 22000, it is necessary to move the priority on the selection of control measures, by ensuring that they address all the real hazards to control. Once one has the control measures and they are credible (effective and validated), in the final analysis it does not matter if one allots them to a CCP or to an oPRP: indeed, in both cases it will be necessary to build a monitoring system to prove the effectiveness of it.
For the method of categorization to a CCP or an oPRP, the ProCert ISO 22000 tree may be helpful to carry out this categorization, based on two key criteria (mentioned in ISO 22000) which characterize a CCP:
# « controlling » : aptitude of the (combination of) control measure to eliminate the hazard (examples: pasteurization of milk for a salmonella hazard; filtration for a foreign body hazard
# « monitoring »: the possibility of having an on-line follow-up of the control measure.
If the two conditions are met, it is a CCP (pasteurization in our example). If on-line monitoring is not ensured, it is an oPRP (filtration in our example).
And one more suggested tool from bizmanualz –
biz_tree.png 50.65KB 556 downloads
This is a sort of condensed / simplified Modarres. Interesting to note that the decision requirements regarding (a,b) do not agree with Procert. Personally I hv closer agreement with Procert. But I suppose practically it may not matter (?). Subjectivity rules !
Thirdly, and possibly the best new offer, is a CCP / OPRP tree procedure (2009) modelled on ISO 22000. It certainly has an appealing simplicity / flexibility but I haven’t tried it out or seen it evaluated anywhere yet. I suspect some of the decision criteria will again not coincide with the previous two systems. [added - after a closer look, seems very similar to Procert but is trying to further simplify. Procert is more easily understood IMO.]
CCP_and_OPRP_program.pdf 491.01KB 1689 downloads
Lastly, here is a very readable case study (ISO 22000 based) for ham production detailing PRPs, OPRPS and CCPs. It does not show the specific working for the CCP / OPRP selection and I personally found myself querying some of the results presented but it is still a fascinating document IMO and particularly if you are interested in relationship to EC regulations.
ham_study_.doc 382.5KB 914 downloads
Rgds / Charles.C