Jump to content

  • Quick Navigation
Photo

FSMA- Disclosure of 3rd Party Audits and Other Documentation

Share this

  • You cannot start a new topic
  • Please log in to reply
8 replies to this topic
- - - - -

QUALITY22

    Grade - AIFSQN

  • IFSQN Associate
  • 26 posts
  • 4 thanks
3
Neutral

  • United States
    United States

Posted 30 January 2017 - 07:25 PM

Can anyone provide input on a requirement for providing actual Third Party- Report and Corrective Actions under FSMA?

 

I work for a flavor company, who supplies ingredients to many larger flavor companies. We just had our first GFSI Audit (FSSC 22000) and passed.

 

The companies we supply are demanding our Audit Report and Corrective Actions, however we are considered a competitor to these companies and ingredients are purchased through brokers. We have patented processes, etc that were written in our audit report.

 

I do not believe it is a big deal to given out our reports and corrective actions, as I have given out all SQF reports to all co-manufacturers in the past- however my boss- is very secretive regarding our products, processes, and formulas.

 

Any input will be great. 



Ryan M.

    Grade - FIFSQN

  • IFSQN Fellow
  • 1,327 posts
  • 479 thanks
290
Excellent

  • United States
    United States
  • Gender:Male
  • Location:Birmingham, AL
  • Interests:Reading, crosswords, passionate discussions, laughing at US politics.

Posted 01 February 2017 - 09:48 PM

FSMA doesn't require vendors/suppliers to have third-party audits or supply them to their customers.  However, they can be used to verify a vendor/supplier has a food safety system in place and it has been "verified" by the third-party auditor.

 

With that, you have options:

  1. Provide a standard letter stating specifics about your third-party audit, the results, and that the food safety system was reviewed and verified.
  2. Use a non-disclosure agreement and require the customer to sign-off prior to releasing your third-party audit.
  3. Redact the proprietary and patented process/equipment from the third-party audit report.

If I were you I would choose option 1 and see if that works for your customers.  Most of them would find it acceptable.



Thanked by 1 Member:

CMHeywood

    Grade - SIFSQN

  • IFSQN Senior
  • 457 posts
  • 119 thanks
42
Excellent

  • United States
    United States
  • Gender:Male
  • Location:Neenah, Wisconsin

Posted 01 February 2017 - 09:51 PM

I think this stems from FSMA requiring food handlers and food producers to either control contamination or prove that their suppliers are controlling contamination so they don't have to do something to remove contamination from the supplier materials.

 

The company I work for has different opinions about what to send for 3rd party audits and corrective actions.  Some want to keep it confidential.  Others have not problems sending the reports.

 

I would suggest two things:

(1)  Black out any part of the documents that divulge confidential info that you don't want your customer to possibly give to your competitors.

(2)  Ask your customers to sign a confidentiality agreement.  It won't stop them from showing your info to other parties but it gives you recourse to start a lawsuit.



Thanked by 1 Member:

MQA

    Grade - MIFSQN

  • IFSQN Member
  • 224 posts
  • 132 thanks
19
Good

  • Australia
    Australia
  • Gender:Not Telling
  • Location:Melbourne
  • Interests:Good food, excellent coffee, home sweet home, cherished friendships, valued work, and a fantastic city.

Posted 01 February 2017 - 11:51 PM

I believe the report and the corrective action system is confidential information. 

 

The verification that there is a food safety plan in place – and an effective food safety plan – is the food safety and quality certificate. 

 

Also, auditors must abide by their code of conduct and not share the results of the audit process with other businesses.  The food safety plan itself should also be confidential information and only reviewed by the auditor on site, rather than sent to the auditor’s office via email, etc. 



... helping you achieve food safety & quality assurance...

Melbourne Quality Assurance | Australia
www.melbourneqa.com | janette@melbourneqa.com
Facebook | Twitter


CMHeywood

    Grade - SIFSQN

  • IFSQN Senior
  • 457 posts
  • 119 thanks
42
Excellent

  • United States
    United States
  • Gender:Male
  • Location:Neenah, Wisconsin

Posted 02 February 2017 - 06:41 PM

I work for a company that makes food contact packaging.  We have many customers asking for copies of our SQF audit and our corrective actions from that audit.

 

They are not simply asking for a copy of our SQF certificate.

 

One way we have gotten around this is to have a summary of the most recent audit and a summary of the corrective actions without giving too many details.

 

I agree with MQA that the report and corrective actions should be confidential but you have to keep your customers happy.



RMAV

    Grade - SIFSQN

  • IFSQN Senior
  • 407 posts
  • 122 thanks
44
Excellent

  • United States
    United States
  • Gender:Male
  • Location:USA - Midwest
  • Interests:QA, Micro, Sanitation;
    Meats, Juice, Condiments;
    SQF, Audit, and aviation

Posted 02 February 2017 - 07:57 PM

My PCQI training indicated that you must verify the preventive controls of suppliers of "high risk" raw materials.  If you are supplying a material deemed "high risk," your customer is seeking to verify your preventive controls.  One way is to conduct an onsite audit themselves, another is to review your 3rd party audit that specifically indicates the auditor reviewed your preventive controls.

 

For our customers, I plan to redact proprietary information from my audit before providing it to them as, like the OP, some customers are also competitors.



praveennagh

    Grade - Active

  • IFSQN Active
  • 4 posts
  • 1 thanks
0
Neutral

  • United States
    United States

Posted 02 February 2017 - 10:06 PM

GFSI schemes require to provide the audit certificate and the corrective actions, I'm not certain if it is required to provide the audit report. 

 

Since boss has the final word, I would not give out the audit report.



Sharon (Dewsbury)

    Grade - MIFSQN

  • IFSQN Member
  • 133 posts
  • 71 thanks
27
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Female
  • Location:West Yorkshire UK

Posted 03 February 2017 - 02:33 PM

Some Certification Bodies post your reports on their web site for all to see anyway.



Thanked by 1 Member:

Ryan M.

    Grade - FIFSQN

  • IFSQN Fellow
  • 1,327 posts
  • 479 thanks
290
Excellent

  • United States
    United States
  • Gender:Male
  • Location:Birmingham, AL
  • Interests:Reading, crosswords, passionate discussions, laughing at US politics.

Posted 04 February 2017 - 05:39 PM

Some Certification Bodies post your reports on their web site for all to see anyway.

 

That depends.  Prior to the audit you can opt out of the disclosure of your facility's report, or not.





Share this

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users