Jump to content

  • Quick Navigation

Search Results

There were 10 results tagged with SQF

By content type

By section

Sort by                Order  
  1. SQF Edition 9 Updates and Compressed Air Monitoring - what you need to know

    CHANGES TO SQF CODE

     

    SQF Edition 9 comes with several enhancements and improvements to the code structure, methodology, and technical requirements. Below are the relevant compressed air and gas updates and how they pertain to the health of your compressor system and quality system alike.

     

    SQF Edition 9:

     

    The new addition in Module 11 states, “The frequency of analysis shall be risk-based and at a minimum annually.”

    • 11.5.5.1: Compressed air or other gases (e.g. nitrogen or carbon dioxide) that contact food or food contact surfaces shall be clean and present no risk to food safety.
    • 11.5.5.2: Compressed air systems and systems used to store or dispense other gases that come into contact with food or food contact surfaces shall be maintained and regularly monitored for quality and applicable food safety hazards. The frequency of analysis shall be risk-based and at a minimum annually.
    This sentence helps manufacturers understand what kind of minimum frequency auditors will be looking for when they inspect a facility. These changes can help add some structure for users and auditors alike, quelling the anxiety of annual assessments.

     

    Because manufacturing facilities vary so dramatically in their needs, procedures, systems, and workflows, it is critical for each to assess their individual risks. A compressed air risk assessment is a great place to start. Risk assessments account for everything from system age, to piping distribution, to filtration and dryers. Knowing where your system stands, what its limitations are, and how it could contribute to contamination can help determine the frequency and stringency of analysis.

     

    Annual testing, at a minimum, allows manufacturers to understand their system at that point in time. More frequent monitoring allows users to create a trend analysis and understand how seasonal changes, maintenance, and other factors can affect the quality of their compressed air or gas. Of course, each facility has unique needs and risks, but the annual requirement of analysis helps to set a minimum benchmark for manufacturers.

     

    Appendix Additions:

     

    In appendix 2, users will find this definition of compressed air monitoring:

    • A program that includes particles, water, oil, microorganism, and gases in compressed air and other gases. A verification of effectiveness of compressor maintenance and filtration a management facility has in place.
    This definition provides manufacturers with clarity on what is expected from them in terms of their compressed air monitoring and testing. Compressed air systems are dynamic and subject to a variety of factors that could impact the quality of the air that is produced and used. Filtration is essential, but if the filters are saturated, blown through, inadequate, or out of date, they can allow dangerous contaminants to pass through. It’s important to verify that filtration is performing as intended and as necessary for the end-products’ requirements.

     

    Leaks in distribution piping can provide contaminants a way to infiltrate the system. Maintenance without proper purging can introduce contamination into a system and should be considered a potential source of risk. Additions or changes to a system may leave the piping or valves vulnerable to contamination as well. Trace Analytics recommends sampling after any major repair work to ensure that the air quality has not been negatively impacted. If changes are made to a system and the system is not effectively purged, contaminants like particles, water, and oil can be left behind. Without proper monitoring, contamination could remain in the system, and if left unchecked, could impact the end-product.

     

    WHO IS IMPACTED BY THESE CHANGES:

     

    SQF Edition 9 has expanded and modified codes from previous editions. This change has introduced compressed air monitoring to some codes where it previously hadn’t been included. Compressed air requirements can be found in:

     

    • Food Manufacturing
    • Pet Food Manufacturing
    • Animal Feed Manufacturing
    • Animal Product Manufacturing
    • Dietary Supplement Manufacturing
    • Storage & Distribution
    • Manufacturing of Food Packaging

     

    If your facility falls into any of these categories and you use compressed air in your processes, you will be required to monitor your compressed air and gas systems at least annually (or more frequently based on your risk assessment) to ensure product safety.

     

    WHAT TO TEST FOR:

     

    SQF Edition 9 points to particles, water, oil, microorganisms, and gas testing for manufacturing facilities. Each facility is unique and has individual requirements, so it is essential for each user to conduct a risk assessment and compare with published standards, like ISO 8573, to choose the right purity levels for their systems. Higher risk end-products may require more strict purity levels. Some end-products may require strict particle testing, but have lower limits for water vapor.

     

    It is also important to consider the capabilities of your system and ensure that your purity classes are achievable and appropriate. For example, black iron pipes are going to have a great deal more rust accumulation than stainless steel pipes. Systems with refrigerated dryers are going to have more moisture than systems with desiccant dryers.

     

    ISO 8573 is an international compressed air standard that provides purity classes for particles (viable and nonviable), water, and total oil, allowing users to choose the appropriate ranges for their use. This standard can be used as a “common language” between users, laboratories, and compressed air system suppliers.

     

    Particles:
    Particles can be categorized as viable and non-viable. Viable particles are microorganisms, which will be discussed below. Non-viable particles are characterized by their size, shape, transparency, color, and material. They are of great concern to many manufacturers. No one wants to find metal shavings in their coffee grounds. Metal shavings, rust, bits of tubing and plastics are all examples of particles that might be found in a compressed air system. ISO 8573 designates size ranges with limits for each purity class to help manufacturers ensure that their filtration systems are functioning properly. If your point-of-use filter is supposed to filter particles size 0.3um and up, and your compressed air tests reveal particles sized 0.5-5, then you will need to troubleshoot your filtration and distribution lines after filtration.

     

    Water:
    Water in compressed air systems is concerning as it often leads to much bigger problems. Excess water can cause piping to rust, producing particles. This contamination can also create a breeding ground for dangerous microorganisms and saturate filters, rendering them useless. ISO 8573 offers 6 purity classes to accommodate users with either desiccant or refrigerated dryers.

     

    Oil:
    Oil vapors and oil aerosols together are known as Total Oil. Stricter limits require both aerosol and vapor testing combined. In less strict classes, oil aerosol alone can be monitored. Depending on your risk levels, you can choose the appropriate class for your system. Even if you have an oil-free compressor, maintenance oils, oils from cleaning supplies, and vehicle exhaust can infiltrate the system. It is not enough to simply replace your compressor with an oil-free one. If you’ve previously used a traditional compressor, there could be oil left in the pipes or distribution system. Regular monitoring helps ensure oils are not impacting your end-products.

     

    Microorganisms (Viable Particles):
    Viable particles, or microorganisms, can be hugely detrimental to your end-products, bottom line, and reputation. Contamination from microbes like Listeria, or Salmonella should be monitored for regularly if manufacturing consists of dairy products. Microbes can live in compressed air systems, particularly if these systems are contaminated by oil, particles, and water. These dark, wet breeding grounds can put products at risk. ISO 8573-7 recommends testing with an impaction sampler and incubating contact plates for a minimum of 10 days. Some companies may have specific indicator microorganisms that they are concerned about and need to do further identification.

     

    HOW TO SET UP A MONITORING PLAN:

     

    Setting up a monitoring plan is an important part of ensuring the quality of your compressed air system and meeting your certification requirements. SQF Edition 9 mentions particles, water, oil, microorganisms, and gases as contaminants to monitor. Using ISO 8573 purity classes along with a compressed air risk assessment, a user can determine how strict their limits should be.

     

    Where to sample:
    A common question from manufacturers is where to take the samples. Results from your air samples should be representative of their use on the product. If your compressed air directly impacts your products, you’re going to want to test at the point of use. Tests at the compressor can help users understand the quality of the air at the start of the system. Testing can also be performed midway through the line to understand the impact that the distribution system may have on the quality of that air.

     

    Number of Samples:
    The number of samples is also one that must be determined by the manufacturers. If you have 20 points of use, you may want to test them in rotating percentages. Testing 25% of the points of use quarterly could be an appropriate and manageable way to test each point annually. This would dictate only 5 samples per quarter. Some users may choose to test each point of use that impacts end-products. Others may choose to test at the compressor and then at the end of the line only. While a single test point does meet the minimum requirement, it hampers the ability to perform seasonal trend analysis.

     

    Frequency of sampling:
    It’s then necessary to consider how often testing should take place. SQF Edition 9 cites annually - at a minimum. Many manufacturers choose to test quarterly or semi-annually to build a trend analysis and see how their system changes over time, reacts to maintenance schedules, and handles seasonal changes.

     

    Each facility is unique and each monitoring plan will be as well. Depending on the risk levels, the type of system, and the usage of the compressed air, a users’ monitoring plan should fit their needs. Third-party, ISO 17025 accredited laboratories, like Trace Analytics, LLC can help implement a monitoring plan, schedule testing, and provide reliable and expedient air quality results.

     

    CONCLUSION
    Preparing your compressed air system for the new Edition 9 improvements means your facility won’t be left unprepared. With the release of SQF Edition 9 comes the opportunity for manufacturers to address their quality systems, risk assessments, and monitoring plans for their compressed air systems. With added guidance from SQF, users can determine what contaminants to test for, how often to test them, and create a plan to ensure they maintain appropriate levels of quality year-round. For more information on compressed air testing, please contact the experts at Trace Analytics, LLC.
    512-263-0000 ext 5 | sales@airchecklab.com

     

    By Jenny Palkowitsh, Trace Analytics, LLC

     

    References:

     

    Chuboff, L. (2021, March 05). Sqf code edition 9: What's changing and how to prepare. Retrieved March 10, 2021, from https://www.sqfi.com...how-to-prepare/

     

    Sqf code downloads. (2021, January 12). Retrieved March 01, 2021, from https://www.sqfi.com...on-9-downloads/

    • Apr 05 2021 04:33 PM
    • by Simon
  2. SQF from Scratch: 2.3.2.6 Finished Product Labels

    2.3.2.6 Finished Product Labels

     

    Posted Image

     

    As we consolidated our raw material documentation in the last post, it occurred to me that the mention of “accurate finished product labels” was a bit more labor intensive than the brief aside the code gave it. Product labels are consultant bread-and-butter because the legislation is vast and product specific, and because frankly, the data shows that the industry is bad at making sure product labels are accurate! With that in mind, let’s talk though both some practical ways to maintain control of the content of the labels and the products therein, as well as how to make sure we can demonstrate that control for anyone who wants to verify.

     

    The code:

     

    2.3.2 Raw and Packaging Materials

     

    2.3.2.6 Finished product labels shall be accurate, comply with the relevant legislation and be approved by qualified company personnel.

     

    Also

     

    2.4.1.1 The site shall ensure that, at the time of delivery to its customer, the food supplied shall comply with the legislation that applies to the food and its production in the country of use or sale. This includes compliance with legislative requirements applicable to maximum residue limits, food safety, packaging, product description, net weights, nutritional, allergen and additive labeling, labeling of identity preserved foods, any other criteria listed under food legislation, and to relevant established industry codes of practice.

     

    Also

     

    2.6.6.1.ii finished product is labeled to the customer specification and/or regulatory requirements.

     

    Also

     

    2.8.1.8 The site shall document and implement methods to control the accuracy of finished product labels (or consumer information where applicable) and assure work in progress and finished product is true to label with regard to allergens. Such measures may include label approvals at receipt, label reconciliations during production, destruction of obsolete labels, and verification of labels on finished product as appropriate and product change over procedures.

     

    What’s the point? How is this making our product safer?

     

    Here in the U.S., the recall statistics for inappropriate product labeling have been pretty damning.

     

    Posted Image

     

    Both FDA and FSIS regulated foods name undeclared allergens as a leading cause of manufacturer recall. First, because an undeclared allergen has the potential to be life threatening for people with severe allergies. Second, because it’s an easy mistake to make. Companies focus so hard on making sure that food is protected from biological and physical contamination that avoiding the introduction of another, otherwise safe, food ingredient requires a different approach to hazard prevention.

     

    It’s odd to think that some of the foods sold in a facility can be just as much a hazard to consumers as material known to be contaminated with pathogens.

     

    There’s a variety of ways that allergens can end up in products that are addressed throughout the code. In this article we’re going to focus on making labels in the first place, since an alarming number of recalls are due to unlabeled allergens, rather than a mix-up at production.

     

    There’s another ROI here if making sure an accurate ingredient declaration isn’t enough of a motivator. Labels that fail legislative requirements or contain typo’s at worst put the company at risk, and at best make the product look low quality.

     

    What am I being asked to do?

     

    2.3.2.6 Finished product labels shall be accurate, comply with the relevant legislation and be approved by qualified company personnel.

     

    So how are food labels typically made?

     

    Original art concepts can come from anywhere, but eventually some sort of art house is going to generate a proof of the label. A (nowadays) digital file that includes the artwork superimposed on packaging specific details like die lines.

     

    A new label process might look like:

    • The sales and marketing team meets with an art house that specializes in food labels, and may or may not also be the printer of the packaging.
    • They create concepts, and the food packaging experts at the art house keep placeholders for required regulatory content like nutrition, net weights, ingredients, etc.
    • Eventually all of the product details for those nutrition panels etc. are provided and added to the artwork.
    • The art house submits a “final” draft/revision of the proof to the company to approve before sale.
    • The SQF practitioner or designee verifies the accuracy of the legal and food safety portions of the label, or approves the consultant doing it on their behalf.
    That step 4 is a doozy, because with so many stakeholders involved in artwork, there may be 2, 3, or 22 “final” versions of the artwork emailed back and forth!
    The code specifies that the labels are “approved”. Now, at a 2-person company, we might be able to show an auditor the email to the art house that says “Joe has approved this revision” (assuming it’s saved and filed). But in larger groups, a more formal system is going to serve us better. The emails quickly get cluttered when the practitioner has actually approved the last 6 versions while the marketing folks kept debating whether the text should be taller or shorter.

     

     

    Posted Image

     

    The approved “final” labels will need to be organized in a register eventually, either as part of the raw material and packaging specifications, or as a stand-alone register. In a company with multiple products using the same kind of packaging, a separate register is often most beneficial. It prevents either enormous packaging specifications or dozens of duplicated ones.

     

    To demonstrate the label was approved before use, the practitioner can sign and date either a printed copy, a cover sheet, a change management record like the one we introduced in 2.1.3, or “sign” the register/database by including an “approved by” column (note, some auditors don’t like this without a digital certificate process [i.e. password protected signature], however I’ve had success selling the effectiveness of this system as long as the reviews were real and I could produce the person who signed).

     

    If you need help creating an index that would open digital copies of the approved label “proofs”, there are some examples in this video series here: Excelling at Food Safety.

     

    Posted Image

    This process isn’t too complicated, so why give it its own post?

     

    REVISION/VERSION CONTROL

     

    Above we discussed creating and approving new labels, but it’s not going to end there! Year after year products will be changing art styles, ingredient suppliers, and formulations. Many of these will require label updates accordingly, and suddenly there are multiple versions of the same label for each product.

     

    While revision control requires extra inventory management in most circumstances, when the new labels have something like an allergen that was added to the product, additional control becomes necessary.

     

    Example: a new chocolate chip cookie supplier uses walnuts in their dough formula. If the new cookies are placed in old packaging on hand that doesn’t declare walnuts, there is now a dangerous hazard for anyone with that allergy.

     

    The best form of revision control is actually printed on the label somewhere. That way an operator/inspector can verify whether the labels on hand are the current revision approved in the registry. These can often be found in inconspicuous places on packaging:

     

    Posted Image

     

     

    Posted Image

     

    Choose any revision labeling scheme that makes sense in the facility. I always appreciated a simple one that also shows when the label was approved such as yymm## (A two-digit year, two-digit month, then some sort of serial count of how many labels had been approved so far during that month, First being 01, second being 02 etc.).

     

    With each version of the label created, use a new designation and have a system in place to determine which revisions are okay to continue using if they’re on hand. New packaging/label orders should only be of approved revisions (which can be inspected and compared against the registry of approved label proofs). Older label revisions that are no longer okay to use (such as the allergen example above) need to be isolated and controlled.

     

    Revision control is often where the “approved label” process can fall apart. Facilities often have the first label approved in their product development files, but making sure that nothing important changes when the artwork is updated is one of the most tedious and error laden tasks asked of label reviewers.

     

    Remember, every single time artwork is revised, review all aspects of the label. The art house may not have perfect revision control either and I could buy a lot of beer if I had a dollar for every time my clients requested a minor revision only to find something random had changed on the next proof.

     

    How will this be audited?

     

    I’ve encountered a few different approaches to auditing this requirement.

    • The auditor will grab a label off the floor and request to see the specification and the approved copy.
    • The auditor will request to see the register of label proofs and check that there is some sort of signature approval for them, and may later confirm one of them matches what’s on the production floor.
    • The auditor will bring in a product they bought on the way there (rare but a fun tool since they can ask for traceability etc. on the same item)
    Red flags are going to be:
    • There is a register of labels, either in paper or digital, but there’s nowhere to see when they were approved or by whom.
    • Everything looks good…for primary packaging labels. But records aren’t being kept for case labels, boxes, or film overwraps that also contain legal or safety related information.
    • There is no evidence of revision control for labels with allergen statements and the practitioner can’t say for sure that the formula has never changed.
    • The person responsible for checking labels for accuracy/correct revision when a new order arrives has no idea where the register of approved labels can be found.
    2.3.2.6 and other label references reveal how much companies pay attention to their labels as a potential source of safety-related information, rather than just a marketing tool. It can be tough to get company buy in when so many products on the market take loose interpretations of labeling regulations, so it’s important to pick your battles. As always, focus on safety first, because the reason someone goes to the hospital should never be because someone didn’t bother to read the ingredient statement all the way through.

     

    And even if you do catch a label mistake on arrival, the company isn’t going to be thrilled that a lack of upfront review resulted in pallets of unusable packaging.

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

    • Jan 26 2021 07:15 PM
    • by Simon
  3. SQF-2.3.2 Raw and Packaging Materials

    2.3.2 Raw and Packaging Materials

     

    Posted Image

     

    Hello again practitioners, I know we’ve had some challenges so far, but now we have the management buy-in, time, resources, and motivation to get all of our SQF materials together! The next thing we need to do is source raw materials and put together some documentation for them!

     

    The best foods start with the best ingredients, or in the world of manufacturing, the most consistent products start with the most consistent ingredients! As part of a careful and well thought out product development process, our teams have approved formulas, processes, recipes, and risk assessments that were based on ingredients that met certain criteria.

     

    However, buy-in is going to disappear rapidly if it turns out…

    • The “raising agent” R&D used was actually baking powder, not soda, and so we can’t use the 400 lbs of material that just arrived.
    • The 1 in (2.54cm) diced carrots aren’t going to reach the required temperature in the retort because the cycle was designed for a ½” dice.
    • The labels for the muffins say “gluten free” when they, uh, aren’t.
    Maybe we should come up with some critical criteria before we just start buying things.

     

    The code:

     

    2.3.2 Raw and Packaging Materials

     

    2.3.2.1 Specifications for all raw and packaging materials, including, but not limited to ingredients, additives, hazardous chemicals and processing aids that impact on finished product safety shall be documented and kept current.

     

    2.3.2.2 All raw and packaging materials and ingredients shall comply with the relevant legislation in the country of manufacture and country of destination, if known.

     

    2.3.2.3 The methods and responsibility for developing and approving detailed raw material, ingredient, and packaging specifications shall be documented.

     

    2.3.2.4 Raw and packaging materials and ingredients shall be validated to ensure product safety is not compromised and the material is fit for its intended purpose. Verification of raw materials and ingredients shall include certificates of conformance, or certificate of analysis, or sampling and testing.

     

    2.3.2.5 Verification of packaging materials shall include:

     

    i. Certification that all packaging that comes into direct contact with food meets either regulatory acceptance or approval criteria. Documentation shall either be in the form of a declaration of continued guarantee of compliance, a certificate of conformance, or a certificate from the applicable regulatory agency.

     

    i. In the absence of a certificate of conformance, certificate of analysis, or a letter of guarantee, tests and analyses to confirm the absence of potential chemical migration from the packaging to the food contents shall be conducted and records maintained.

     

    2.3.2.6 Finished product labels shall be accurate, comply with the relevant legislation and be approved by qualified company personnel.

     

    2.3.2.7 A register of raw and packaging material specifications and labels shall be maintained and kept current.

     

    What’s the point? How is this making our product safer?

     

    Our entire food safety management system, and more specifically our food safety plan, is based on a lot of assumptions. Food scientists recognize those assumptions and see food more often as chemistry than art. Knowing exactly what will come out depends on what goes in.

     

    Some of the criteria are functionality and quality based. For example, most people purchase regular sized marshmallows to make s’mores, and a buddy showing up with miniature marshmallows may not have an easy time manufacturing their dessert.

     

    Posted Image

     

    It could also be problematic if the next shipment of marshmallows was pink or something.

     

    SQF is less interested in quality or marketing needs, though we should certainly use this system to help define what we need to make the product successful. For our audit, what we’re primarily concerned with are criteria that will impact the safety of the product, rather than its performance. We want to make sure that any variation in the product won’t suddenly make it dangerous.

     

    What am I being asked to do?

     

    First things first, we have some familiar housekeeping.

     

    2.3.2.3 The methods and responsibility for developing and approving detailed raw material, ingredient, and packaging specifications shall be documented.

     

    As we’ve seen before this particular language is going to be repeated over and over again in the code in the same format:

     

    “The methods and responsibility for [SQF code portion] shall be documented and implemented.”

     

    This is a throwback to the food safety management system. The “methods and responsibility” is the document on hand that describes what the company intends to do and who is going to do it. It will describe what the management system looks like at that specific facility and which individuals will make sure the process is followed and documented (SQF practitioner or designee typically).

     

    Key words: the methods should be “documented”, the policy exists, and “implemented”, evidence/documentation is available to demonstrate it is being followed.

     

    As we go through the rest of this section, we’ll explore methods to maintain systems that support the code and create evidence/documentation. Make sure to also document the process itself and who owns it rather than rely on tribal knowledge to keep the system running.

     

    2.3.2.1 Specifications for all raw and packaging materials, including, but not limited to ingredients, additives, hazardous chemicals and processing aids that impact on finished product safety shall be documented and kept current.

     

    So, what is a specification? We’ll see them again for finished goods later in the code. A specification should be a description of the critical criteria that needs to be met to make sure the products are safe.

     

    These specifications will likely be determined, again, by the hazard analysis in the food safety plan. They’re there so that when sourcing materials we know what to look for and what is and is not flexible.

     

    Early season or late season fruit? Probably flexible and less important in the hazard analysis. Contains salmonella? Probably an important distinction.

     

    SQF lists several examples of critical criteria in their guidance documents, so those are the ones auditors will be expecting to see:

    • Limits for relevant pathogens or microorganisms
    • pH
    • Water activity
    • Chemical or physical contaminants (e.g. pesticide residues or processing chemicals)
    • Presence or absence of allergens
    But really, critical criteria are anything identified in the food safety plan.

     

    Ways to keep “specifications” on hand

     

    A common one is to use those provided by the vendor. This can be audit friendly and save you some time, but inevitably there are a few problems with this solution:

    • The vendor may not have a “specification” that meets your needs. Either it’s just advertising material that’s too generic, or they literally don’t have one because it’s a non-GFSI company that isn’t required to make something like that.
    • The vendor may have a specification, but they aren’t going to provide an updated one annually. The packaging they sell generally doesn’t change nor do many crops.
    • The vendor just isn’t responsive when asked for documentation, either because they don’t have it or the customer doesn’t buy enough from them.
    • The vendor doesn’t include criteria critical to the food safety plan in their specification.
    Vendor interactions are one area of SQF where I inevitably recommend creating some “audit friendly” documentation that doesn’t necessarily improve the process or product.

     

    I know, that’s breaking our golden rule.

     

    The issue is that while a practitioner can be amazing and document anything that happens on site, it doesn’t matter if they have an unresponsive vendor. And despite what some consultants will say about dropping vendors, a little jam company doesn’t have a ton of buying power to demand special documentation. That company’s supplier may be the only one feasible to buy from due to pricing or geography.

     

    SQF lists specifications before vendors in the code because in theory companies need to know exactly what to buy before looking for a source. This is true when finding new vendors, but for new product or ingredients, normally they’re created with test materials from a vendor, and a hazard analysis is performed after finalizing a source.

     

    That means that in a way, we’re addressing section 2.4.4 (approved supplier program) first, because we won’t be able to source a material from an unapproved supplier, whether we have a specification or not.
    So, if we have to talk to a supplier, we might as well try to cover all of our bases at once. In that spirit, it sometimes makes sense to combine these elements.

     

    In a larger company with multiple suppliers for a single ingredient, independent raw material specifications may be more helpful, but for many small businesses we can try to knock these elements out together.

     

    Posted Image

     

    Using this example, we can review vendors, list out the critical criteria outlined in our food safety plan, and provide a narrative explanation of the specifications and documents they were able to provide to confirm them. I tend to favor narrative risk assessments for supplier review, because it allows you to base approval status on your own specific history with the supplier, and allows for approval even if there’s missing information.

     

    However, if a vendor does not provide a specification, then one will need to be created regardless.

    Posted Image

    This is SUPER bare bones. If sourcing complex ingredients, there’s probably a need for an ingredient list to ensure that there are no surprises that could conflict with label claims.

     

    2.3.2.2 All raw and packaging materials and ingredients shall comply with the relevant legislation in the country of manufacture and country of destination, if known.

     

    This is really an extension of 2.4.1. After all, our products won’t comply with legislation if the ingredients didn’t comply. We’ll dig into the systems to make sure things are on the up-and-up in 2.4.1. For this line item, just avoid buying anything sketchy. No inappropriate suppliers (looking at you, backyard butcher shops), no materials that can’t normally be sold legally finding their way into inventory at a discount, no attempts to use state or country boards to circumvent a particular requirement, etc. The supplier review process will address documentation to support this clause.

     

    SQF specifically calls out suppliers who may use food labeling across country borders that does not comply with the country of sale. This is a really common issue for importers and one to watch out for. Consumer facing labels need to comply with the regulations of the country in which they’re presented for sale.

     

    2.3.2.4 Raw and packaging materials and ingredients shall be validated to ensure product safety is not compromised and the material is fit for its intended purpose. Verification of raw materials and ingredients shall include certificates of conformance, or certificate of analysis, or sampling and testing.

     

    This is tricky, because SQF likes to play fast and loose with “validation” and “verification” language in the code. For this particular section, to make it even more confusing, let’s quote the guidance document:

     

    Validation is testing over and above daily monitoring to ensure that established food safety limits are effective, i.e., they achieve the desired results, so that the supplier can have confidence that the product and process are safe. Validation methods will vary depending on the risk to finished product safety. Validation for low risk materials may include certificates of analysis or certificates of conformance, provided by a trusted vendor. For high risk materials, testing and analysis is required for validation, and must be carried out annually (refer to 2.5.2). For food-contact packaging material, this may include testing or assurances for potential chemical migration to the food product.

     

    They then later ask us to “verify” in 2.3.2.4 using the same criteria they listed for “validation”.

     

    Here’s the deal, at the end of the day, we can remain consistent by defining these terms this way:

     

    Validation: The research and testing done to prove that, if everything works the way we want it to, it will achieve the intended food safety result. We validate our specifications, target limits, and “the plan”.

     

    Verification: A periodic check to make sure all of our assumptions are still holding true.

     

    Use the food safety plan and product development process to “validate” raw material specification requirements and make sure that as written they will work. We need to validate both the specification and the approval criteria. The food safety plan should indicate what’s needed, and the specification maintenance document should state how you’ll use that plan to make sure that what you source meets the needs of the plan.

     

    Then, with existing suppliers and raw materials, “verify” that the ingredients are still complying with the specifications. This may mean that we got a certificate of analysis from a supplier with our first shipment saying they were E. coli free. So, we decided to approve them. But once in a while we should ask for another one, to “verify” that the supplier is still providing an E. coli free product, or if the juice concentrate is still that same pH it was a year ago when we made the plan. Minimum interval of annually.

     

    Let’s clarify some other definitions here that are commonly used when discussing supplier approval, and describe how useful they are to us:

     

    Certificate of Conformance: This is similar to a supplier specification, it’s typically the suppliers “finished good specification”. The Parameters that they say they the product will meet based on their own internal testing/monitoring. This is different from a “certificate of analysis”, which will include actual test results. A certificate of conformance may be issued in general, or issued for every lot when it is released (e.g. based on testing that was performed, the material will conform). These can sometimes be used as a supplier specification if it happens to have everything you need. It could list specific criteria like this:

     

    Posted Image

     

    Or for packaging it may be something like this:

     

    Posted Image

    Or even something as simple as:

     

    Posted Image

     

    Certificate of Analysis: A certificate of analysis covers actual test results for a particular sample. Sometimes they’ll be for each individual lot of product, other times they may be the suppliers’ own validation testing. Typically, a certificate of analysis will have a letterhead from the laboratory that performed the work, indicate what samples were tested and show the actual test results. It might look something like this:

     

    Posted Image

     

    Letter of guarantee/declaration of continued guarantee of compliance: Letters of guarantee were covered in the Food, Drug, and Cosmetic Act (USA) to protect manufacturers from upstream food fraud. Per the FDA:

     

    Section 303, paragraph © of the Act states that no person shall be subject to the penalties of subsection (a)(1) for having received, or proffered delivery of, adulterated or misbranded food additives if he has established a good faith guarantee from whom he received the articles. This paragraph was included in the 1958 amendments to the Federal Food, Drug and Cosmetic Act and remains the legal basis for the "letter of guaranty" supplied by many manufacturers to their clients.

     

    This can be part of ensuring materials are compliant with legislation. FDA provides language used in these letters here.

     

    So, for us to meet the requirement of 2.3.2.4

    • We should make sure we have either tested the material or requested verification from the supplier that it is still meeting our validated specification.
    • Do this at an interval appropriate to the amount of risk associated with the hazard.
    2.3.2.5 Verification of packaging materials shall include:

     

    i. Certification that all packaging that comes into direct contact with food meets either regulatory acceptance or approval criteria. Documentation shall either be in the form of a declaration of continued guarantee of compliance, a certificate of conformance, or a certificate from the applicable regulatory agency.

     

    i. In the absence of a certificate of conformance, certificate of analysis, or a letter of guarantee, tests and analyses to confirm the absence of potential chemical migration from the packaging to the food contents shall be conducted and records maintained.

     

    Food packaging is sort of in a separate category, and will normally give the most trouble in terms of getting things from vendors. These companies may make food contact packaging, but here in the U.S. they aren’t audited, so it’s on the practitioner or procurement team to find someone who knows what needs to be covered.

     

    The purchaser can either perform chemical migration testing themselves at an appropriate interval (expensive), or work to get that documentation together and keep it current. Auditors tend to be a bit laxer on this as long as there is something recent on hand to show them.

     

    2.3.2.6 Finished product labels shall be accurate, comply with the relevant legislation and be approved by qualified company personnel.

     

    ….You know what, we’ll address label review in the next SQF from scratch. It’s a big enough topic to merit its own article. Sorry to make you wait!

     

    2.3.2.7 A register of raw and packaging material specifications and labels shall be maintained and kept current.

     

    To make a register of these specifications and label reference materials, check out Making sense of the SQF code: so what the heck is a “register?”

     

    Make a list of the specifications and label reference materials, organize it in a way that helps keep it organized and up to date.

     

    How will this be audited?

     

    I’ve encountered a few different approaches to auditing this requirement.

    • The auditor during the site tour will identify 3 different ingredients, some packaging and some ingredients, and then request to see specifications for those materials followed by verification documentation.
    • The auditor will request to see the specification register first, then select materials at random to review the documentation.
    • The auditor will request verification of ingredient specifications and testing while reviewing the hazard analysis (and supplier preventive controls in the U.S.).
    Whichever way they get to it, they’re probably going to review some of the supplier documentation at the same time. But for this portion of the code, they’re looking for the following
    • There is a specification for the material. Either
      • One the site created itself, reviewed within the last year.
      • One from the supplier that has sufficient information, and has at least been reviewed by the site within the last year (even if the supplier didn’t update
    • There is verification documentation of the material, either:
      • Test results from an on-site sampling program.
      • Testing performed by the supplier and provided at a minimum annually, more frequently for higher risk criteria (like microbiological results).
      • For food contact packaging, either testing or some kind of documentation from the supplier (like a letter of guarantee or certificate of conformance) indicating it’s appropriate for food contact.
      • A narrative review of the supplier that explains how the site verified the information without the need for specific testing (e.g. maybe the supplier’s continued SQF certification ensures they would comply with their own finished good specifications; it can be worth a shot)
    • The verification documentation matches and has been conducted at the intervals specified in the SOP. (Say what you do and do what you say).
    Red flags are going to be:
    • Outdated or unprofessional looking “specifications” from a supplier. A copy of their webpage from 3 years ago doesn’t look legit. Keep in mind, a signature and date showing that the practitioner “reviewed” this document within the last year will actually go a long way to making these sufficient.
    • Testing or documentation required by the SOP that are outdated or not performed for all of the materials, new ones, or ones purchased infrequently.
    • Materials purchased from brokers or distributors that have little to no information from the actual manufacturer of the product when needed.
    • Using one document for everything. A single CoA might be able to be used for everything once at initial vetting…. but it looks like something’s missing, and there probably is.
    2.3.2 is a beast of a requirement, and it asks a lot of our companies. It’s deeply integrated into the hazard analyses and risk assessments for shelf life and pathogen control, it’s documentation heavy, and it requires constant surveillance and maintenance to keep it current. It can take a ton of time, and even if 98% of it is brilliant it is still so easy to miss one ingredient and get that minor finding.

     

    It can be worth it though, especially when we find out that our suppliers aren’t as consistent as we thought.

     

    Many companies without SQF will make sure they’re sourcing ingredients that don’t have common pathogens, but without the code they may forget risks associated with packaging and other subtle changes. Taking the time to “specify” what we need may be the difference between getting a consistent ingredient or one that caused an accidental recall.

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant and manufacturing supervisor in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

    • Oct 27 2020 07:34 PM
    • by Simon
  4. SQF from Scratch: 2.3.1 Product Development and Realization

    2.3.1 Product Development and Realization

     

    Well reader, maybe this is a new role for you, maybe it’s one you’ve played at your company for a long time, but I hope that you’ll find it rewarding.

     

    No, I’m not referring to SQF practitioner, I’m referring to the role of wet blanket technical resource for new product development activities!

     

    The food industry can sometimes be challenging not because of the work, but because everyone knows a little something about food! After all, everyone has intimately studied and investigated their foods by eating several times a day since birth! We’re as much experts at understanding how to fix hunger as we are at growing our own hair. It comes naturally and everyone a wealth of experience to draw on.

     

    Thus, the day comes when entrepreneurial folks say to themselves, I know how to make tasty things, let’s sell them! Unfortunately, while starting a business is hard anyway, with food there’s an extra hitch when people get sick.

     

    Dr. Powell over at Barfblog summarizes the risk of food as a business well:

     

    “I’ve yet to see divine intervention as a cause of foodborne illness. Instead, illnesses and outbreaks are frighteningly consistent in their underlying causes: a culmination of a small series of mistakes that, over time, results in illness and death.”

     

    SQF recognizes that some of those small mistakes are a result of moving forward with the mass distribution of food products using the same risk evaluation as having neighbors over for a barbecue. Not only does mass distribution make illness a public health numbers game instead of a personal risk assessment, but our intimacy with food lends itself to confidence, not expertise. Just like we cannot predict the behavior of the ocean by studying a single water molecule, jumping into food based on personal kitchen experience can lead to missing details that make products dangerous (or just bad!).

    SQF understands that enthusiastic leadership, sales teams, and R&D folks are psyched to get into the minds of customers and start making the next trendy food! These elements are stuck in there as a built-in devil’s advocate to make sure we don’t get ahead of ourselves.

     

    So speak quietly, ask smart questions, and let’s carefully rain on this parade!

     

    The code:

     

    2.3.1 Product Development and Realization

     

    2.3.1.1 The methods and responsibility for designing, developing and converting product concepts to commercial realization shall be documented and implemented.

     

    2.3.1.2 Product formulation, manufacturing process and the fulfillment of product requirements shall be validated by site trials, shelf life trials and product testing.

     

    2.3.1.3 Shelf life trials where necessary shall be conducted to establish and validate a product’s:

     

    i. Handling, storage requirements including the establishment of “use by” or “best before dates”;

    ii. Microbiological criteria; and

    iii. Consumer preparation, storage and handling requirements.

     

    2.3.1.4 A food safety plan shall be validated and verified for each new product and its associated process through conversion to commercial production and distribution, or where a change to ingredients, process, or packaging occurs that may impact food safety.

     

    2.3.1.5 Records of all product design, process development, shelf life trials, and approvals shall be maintained.

     

    What’s the point? How is this making our product safer?

     

    The examples linked above are all too common. Before jumping in, business owners must recognize that they have liability and a public health responsibility to take reasonable precautions to prevent foodborne illness. By using this portion of the code to make sure that food safety was part of the product development process, companies can be proactive in ensuring new products are safe.

     

    Businesses only exist when there are consistent customers. It’s both bad planning and bad form to use them as guinea pigs.

     

    Thankfully, resources like government food safety agencies, colleges and universities, and groups like IFSQN have created a library of information to help the food entrepreneur anticipate risk.

     

    What am I being asked to do?

     

    2.3.1.1 The methods and responsibility for designing, developing and converting product concepts to commercial realization shall be documented and implemented.
    This particular language is going to be repeated over and over again in the code in the same format:

     

    “The methods and responsibility for [SQF code portion] shall be documented and implemented.”

     

    This is a throwback to the food safety management system. The “methods and responsibility” is the document on hand that describes what the company intends to do and who is going to do it. It will describe what product development looks like at that specific facility and which individuals will make sure the process is followed and documented (SQF practitioner or designee typically).

     

    Key words: the methods should be “documented”, the policy exists, and “implemented”, evidence/documentation is available to demonstrate it is being followed.
    How should this program be organized? Any way that makes sense for the facility and details when different people are involved in development is fine, but the point of this article series is to provide advice for meeting the code in a direct and audit-ready manner.
    The order of these requirements is really a bit scrambled, because there is already a system in place that the entire food safety management system revolves around. The sole purpose of which is to assess the risk a product might pose and take steps to address and mitigate those risks.

     

    2.3.1.4 A food safety plan shall be validated and verified for each new product and its associated process through conversion to commercial production and distribution, or where a change to ingredients, process, or packaging occurs that may impact food safety.

     

    This article series still hasn’t covered 2.4.3, but it’s really the first thing that should be done! Following a CODEX or HARPC approach to risk assessment for a new product in the same way that one would an existing product, all of the necessary documentation will be covered. There will be:

    • A thorough risk assessment of any novel ingredients or processes in the hazard analysis
    • Validation any new manufacturing/processing steps for the conditions of use (so both the R&D lab, pilot batch, and actual plant conditions)
    • A review of consumer use conditions and what hazards would be presented by them (e.g. shelf life, ready-to-eat, cold supply chain)
    • Microbiological criteria used for verification of microbial controls
    • Documented and organized testing data used to design and develop the new product and any testing specifications
    • Approval from the food safety team when they sign off on the new plan revision
    The key is to make sure this is done prior to product launch, and that it reflects the conditions of production, not the conditions of the lab or test kitchen. Cooking validations need to be done inside the heat tunnel, not the stovetop.

     

    Once a food safety plan is completed for a new product, the typical HACCP/HARPC hazard analysis and plan does everything that 2.3.1 requires. In some ways this portion of the code is redundant because if a product is within the scope of certification, it should have a plan under 2.4.3. However, there’s one specific piece of the code here that often trips suppliers up.

     

    2.3.1.2 Product formulation, manufacturing process and the fulfillment of product requirements shall be validated by site trials, shelf life trials and product testing.

     

    2.3.1.3 Shelf life trials where necessary shall be conducted to establish and validate a product’s:


    i. Handling, storage requirements including the establishment of “use by” or “best before dates”;
    ii. Microbiological criteria; and
    iii. Consumer preparation, storage and handling requirements.

     

    Posted Image

     

    Unfortunately, a brief search of IFSQN on “shelf life trial” quickly demonstrates that this article will not be able to help define what sort of testing is necessary for a specific product any more than it could describe what hazards would be present in all products. Shelf life is a complicated determination that crosses food safety with food quality goals, local legislation, supplier agreements, and consumer perception.

     

    However, without knowing the specific details we can still use a hazard analysis approach to document our decision-making process behind the shelf life we are using for our products, and thus meet the requirement.

     

    The auditor isn’t on site to agree with the documented justification (assuming it’s compliant from a regulatory standpoint and somewhat reasonable), but to make sure it was carefully considered and tested when appropriate. Here’s a simple example of a form that could be used to evaluate shelf life for a new product:

     

    Posted Image

    Shelf life trials also only need to be documented “when necessary”. It is entirely possible that a new product mirrors one already made on site with a proven market shelf life. If the products are effectively similar (e.g. two different cuts of steak, or lemonade vs. limeade), the existing success of the current product on the market may validate the same shelf life on the new one.

     

    The key is to still perform an evaluation and document why they should be treated similarly. Don’t let the marketing team keep the same shelf life on the limeade if they also decided it should be fresh-squeezed and not pasteurized like the lemonade, the two products are no longer similar.

     

    How will this be audited?

     

    Step one is simple: the auditor will straight up ask if there have been any new products introduced to the market since the last audit.

     

    Keep in mind that per the code, this includes:

     

    “a change to ingredients, process, or packaging occurs that may impact food safety.”

     

    While many companies launch new flavors each year, making the changes obvious, others may only change raw material suppliers, packaging, or configurations (e.g. introducing a larger container). Some of these changes may happen in the background of the food safety plan, and it’s helpful to document them via a change management process that can support the requirements of 2.1.3. I like to use a generic change management form to cover the management review portion as well as keep track of any activities that should be red flagged for review.

     

    Posted Image

    Pulling out one of these is usually a slam dunk on meeting this requirement in the code if there were no major product launches. If there was a new product, there will need to be deeper documentation from the food safety plan detailing the shelf life evaluation and any new validations that were necessary.

     

    The big auditing red flag is finding a product that was introduced without any record of a development process in place. It happens. Unfortunately, while an up to date food safety plan is a good record that everything was done correctly, it doesn’t always prove that it was done prior to launch. Some sort of consolidation of the documentation that happened during development can put a gold star next to this requirement. The journal the R&D team kept about the project, a project management chart or file, a draft food safety plan for the product dated before launch, or even just a dedicated folder space where all of the data was organized can act as additional proof the site followed the methods outlined in the policy document.

     

    2.3.1 is there to make sure that we take the proper care to bring things to market and prevent the use of customers as an experimental group. It’s part of what makes the SQF certification worth something. When sourcing from SQF suppliers, there’s an assurance that they won’t send out new products or product changes without properly vetting them first.

     

    Have you ever received an inferior product from a supplier because of a change on their end? Maybe they reduced the amount of material used or changed a process, then shipped it out assuming it wouldn’t impact the customer. An IQF fruit provider sending a ½” dice vs. a 3/8” dice, a film supplier who switches from extruded to blown LDPE, or a corrugate supplier that changes to a new adhesive?

     

    If companies rely on customers to determine whether new products are still safe and effective, customers will evaluate the business, not the product.

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant and manufacturing supervisor in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

    • Aug 30 2020 06:22 PM
    • by Simon
  5. SQF from Scratch: 2.1.5 Crisis Management Planning

    2.1.5 Crisis Management Planning

     

    Well…this sure got relevant in the past few months.

     

    SQF understands that businesses aren’t just going to sign yearbooks and close the doors if a disaster happens. In the most philanthropic mindset, food businesses play an important infrastructure role, but if we’re honest, the common motivation is that owners and employees care about the business they have. If there’s still a way to operate, we won’t be ready to just call it quits when faced with a disaster.

    Posted Image

     

    “If the sour cream line still works we can make it through this, let’s start digging.”

     

    With customer loyalty, cashflow needs, and employee job security at stake, companies will try and find a way to get products out the door as quickly as possible. What SQF wants to see is that they aren’t just going to throw food safety out the window due to “extenuating circumstances”, even if they’re legitimate.

     

    HACCP plans include corrective actions so that we determine the right course of action before knowing what the cost will be. Similarly, a crisis management plan made in “peacetime” will ensure we had the time and capacity to commit to sound food safety decisions before the sewage hit the fan.

     

    The code:

     

    2.1.5 Crisis Management Planning

     

    2.1.5.1 A crisis management plan that is based on the understanding of known potential dangers (e.g., flood, drought, fire, tsunami, or other severe weather or regional events such as warfare or civil unrest) that can impact the site’s ability to deliver safe food, shall be documented by senior management outlining the methods and responsibility the site shall implement to cope with such a business crisis.

     

    2.1.5.2 The crisis management plan shall include as a minimum:

     

    i. A senior manager responsible for decision making, oversight and initiating actions arising from a crisis management incident;

    ii. The nomination and training of a crisis management team;

    iii. The controls implemented to ensure a response does not compromise product safety;

    iv. The measures to isolate and identify product affected by a response to a crisis;

    v.The measures taken to verify the acceptability of food prior to release;

    vi. The preparation and maintenance of a current crisis alert contact list, including supply chain customers;

    vii. Sources of legal and expert advice; and

    viii. The responsibility for internal communications and communicating with authorities, external organizations and media.

     

    2.1.5.3 The crisis management plan shall be reviewed, tested and verified at least annually.

     

    2.1.5.4 Records of reviews of the crisis management plan shall be maintained.

     

    What’s the point? How is this making our product safer?

     

    This element can feel out of place if we get swept up with focusing on the business and personal safety aspects of the crisis. SQF didn’t help with previous language in the code which used to reference “business continuity”, which read as business oriented versus food safety.

     

    The current language of the code does a much better job of making clear that the point of this element is to make sure the site doesn’t just start pitching out unsafe product in order to keep the business alive. We know from previous outbreaks and litigation that, when faced with significant financial impacts, companies will feel pressure to make poor food safety decisions.

     

    We see these events and start to think, if a company is willing to release unsafe food just to avoid losing a single customer…what would they be willing to release to keep the business from closing?
    In the same way a starving person will eat from the trash, a business crippled by natural disaster will have immense pressure to sell anything, and its personnel won’t feel like they have the time or resources to find a better solution.

     

    Posted Image

     

    Imagine being a local meat distributor, and a massive blackout hits the city one week before thanksgiving. The 6 team members on site are staring at a warehouse holding 3000 turkeys that are now warming up. They have 4 hours to figure out a solution that maintains all of their various requirements….or play it by ear and hope the power goes back on. I mean, are we really prepared to toss everything on inventory the week before a holiday just because it got a little warmer than it should? It’s not like there was a sewage leak all over it and the turkeys will be cooked for hours!

     

    Even if the best solution was to get a block of ice for every single turkey, who sells that? Do they have the capacity? How will it be transported? Figuring out the logistics will also take time, maybe so much time that the company will be in the same situation anyway, less the effort.

     

    Rather than wait until the moment the building loses power, this is a reasonably foreseeable event that SQF states suppliers should already have planned for. So that when through no fault of their own they face a crisis, there is a plan in place that puts food safety as a priority.

     

    What am I being asked to do?

     

    Making the Plan

     

    The practitioner needs to develop a policy/procedure document that includes all of the elements outlined in the code. Some of these feel silly, like identifying a “senior decision maker” (isn’t that why we have an organization chart and job descriptions already?), and some of them can be very burdensome for the QA team if we aren’t taking steps to keep the documentation lean. Let’s look at how we can include these point by point.

     

    2.1.5.1 A crisis management plan that is based on the understanding of known potential dangers (e.g., flood, drought, fire, tsunami, or other severe weather or regional events such as warfare or civil unrest) that can impact the site’s ability to deliver safe food, shall be documented by senior management outlining the methods and responsibility the site shall implement to cope with such a business crisis.

     

    The plan needs to give consideration to specific crisis that are reasonably foreseeable. Frankly, outside of some site or region-specific natural disasters (such as tsunami, tornado, ammonia leak), most of these will be the same for any company. I recommend identifying the following at minimum:

     

    • Fire

    • Structural failure from weather, flood, sabotage, accident.

    • Prolonged Power Loss

    • Food-based or biological terror attack

    • Epidemic

    • Civil Unrest or Domestic Terrorism

    • Source water contamination, boil notice, or no longer available

     

    These are all reasonably foreseeable in any location, and do a decent job of providing some categorical planning (e.g. prolonged power loss could be a secondary crisis to any of the above) to allow for the unforeseen stuff.

     

    i. A senior manager responsible for decision making, oversight and initiating actions arising from a crisis management incident;

     

    ii. The nomination and training of a crisis management team;

     

    viii. The responsibility for internal communications and communicating with authorities, external organizations and media.

     

    These sections of the code are more relevant to larger companies, which may have rotating “task forces” for these things like the HACCP Team, Recall Team, and Crisis team. In a small company, the final decision maker in all of these situations is generally going to be the lead person at the site (based on the organizational chart). The SQF practitioner is still going to be on all of the teams.

     

    As with all employee lists in documentation, I encourage the use of job descriptions rather than names so that they remain relevant with regular turnover. For this list, we can outline the responsibilities required in the code as well and knock out a few other requirements. For example:

     

    Crisis Management Team

     

    Posted Image

     

     

     

    In the event any of the above individuals is incapacitated or unavailable, their successor in the Job description or organizational chart will be trained on this procedure to stand in that role temporarily.

     

    SQF does not specify any particular training this team requires, so make sure they are trained on the procedure itself or that they participated in creating/modifying the plan (make sure to document).

     

    iii. The controls implemented to ensure a response does not compromise product safety;

     

    This is why the plan exists. Looking at the “foreseeable events” we identified above, think about the last one, “Source water contamination, boil notice, or no longer available”. If I was farming hydroponically in greenhouses and happened to be using municipal water, I may be immediately willing to use nearby irrigation sources in the event of a boil notice. However, without having ever investigated that water or ensured it didn’t present any new hazards in my food safety plan, that rapid response could compromise food safety.

     

    If, however, I had determined that the water source was acceptable with appropriate filtration in place, I could have those details outlined in my plan! For everything identified as reasonably foreseeable, determine what hazards are created, what actions would be needed to address them, and fleece them out to make sure there is a feasible plan in place in the event of a crisis.

     

    Posted Image

    So, if the response to a crisis changes our process flows or procedures, the crisis team needs to make sure the product remains safe in the new setup. Luckily, the SQF practitioner already has a method for evaluating hazards in a process, our hazard analysis. As part of the plan procedure, reference using the HACCP method to ensure response actions don’t compromise safety:

     

     

     

    “Before resuming production, conduct a hazard analysis for any response/recovery/repair that resulted in a process flow change and/or any new hazards that have been introduced to the facility due to the crisis to ensure safety of product.”

     

     

     

    iv. The measures to isolate and identify product affected by a response to a crisis;

     

     

     

    v.The measures taken to verify the acceptability of food prior to release;

     

    To keep this document under control, we need to use our golden rule and rely on systems we already put in place. Therefore, this document should reference the existing recall plan, corrective action procedures, product hold procedures, product release procedures, and hazard analysis, rather than rewrite them all.

     

    There is absolutely NO REASON to create a special, duplicated, or different corrective action procedure here. The quality team deals with non-conforming products and hazards every day, they should be approached using the same methods and documentation already in place.

     

    Make sure these references are clear, obvious, and appropriately notated so that procedures only need to be updated in one location whenever possible! It can be helpful to include a general statement regarding product disposition in the policy section prior to mentioning it in the step-by-step procedure (should be the first thing that happens after we made sure everyone is safe and we can all communicate). The reference can look something like this:

     

    “Product Evaluation and Disposition

     

    Any product either already produced or in production in the event of a crisis shall be identified, isolated, and evaluated for disposition using Corrective and Preventative action investigation procedures and the food safety plan. Product for which safety cannot be reasonably assured shall be isolated and recall procedures initiated as necessary.

     

     

     

    Product produced or released after a crisis response has been initiated shall be evaluated for disposition using corrective and preventative action investigation procedures. Product for which safety cannot be reasonably assured shall be isolated and recall procedures initiated as necessary. Should crisis response result in a process flow change, a new hazard analysis will be performed to evaluate the controls necessary to maintain product safety.”

     

     

     

    vi. The preparation and maintenance of a current crisis alert contact list, including supply chain customers

     

     

     

    vii. Sources of legal and expert advice; and

     

    This is a tricky one, again, the goal is to avoid duplicating anything in this plan that’s going to be reviewed annually anyway, but we really should make sure we know who to call when disaster strikes (the recall plan has similar needs).

     

    These lists may be in different locations, so make sure the plan explains how to access them as well as the employee/department responsible for maintaining them.

     

    For customers, we can use the contact lists the sales and customer service teams maintain. However, these lists to be producible during an audit. Grabbing the sales manager’s cell phone and explaining that “Dave J.” is the contact for a major grocery chain is not going to fly. This is a good one to aggressively test annually, especially if computer systems or key personnel are unavailable during the crisis. Where are the phone numbers/email addresses, can they be produced, are we pretty sure they all still work, and what will we do if they don’t?

     

    There needs to be similar contact lists for company staff, but those tend to be maintained by HR or office administration.

     

    The final contacts that need to be available are providers of essential services. This is a really helpful component of the plan, and one that’s very testable. Identify “essential functions” of the business and the appropriate contacts. Common ones are utilities, communications (phone and internet), government resources (police, FBI, USDA/FDA), insurance providers, legal advisors (this is in the code, put someone down, insurers usually have recommendations), and distribution partners; additional helpful contacts would be contract service providers for things like emergency refrigeration (maybe bring diesel refrigerated trucks on site), contractors for emergency building repair, and equipment maintenance.

     

    Here's an example of some essential function providers:

     

    Posted Image

     

    2.1.5.3 The crisis management plan shall be reviewed, tested and verified at least annually.

     

    2.1.5.4 Records of reviews of the crisis management plan shall be maintained.

     

    Just like with other major elements, it’s often the plan review that trips folks up. Unlike other policies that just need an “annual review” (a.k.a. read, modify, sign), this plan needs to be exercised using a mock scenario like the recall or food defense plans.

     

    Not going to lie. These are awkward. There are simple and helpful portions of the test, like making sure that all of the contacts are still current/relevant and the planned responses are still feasible. Detail those checks in the test documentation as it provides evidence a thorough review was conducted.

     

    However, auditors want a test with a mock incident. This entails coming up with a scenario, going through the procedure, using the contact lists, and basically conducting a roleplaying game of an incident. It can be fun…or it can feel silly. Depends on the group.

     

    My recommendation, pick a disaster that is very likely (no reason to do something crazy like volcanic eruption or pandemic…wait) and talk through the plan with the team. See if everything makes sense and do a hazard analysis on any changes that would need to take place. Structural damage is a good candidate. It’s easy to think about the existing facility and how to get up and running again while shielding product from the elements, having to evaluate the disposition of items that were in the building at the time, etc.

     

    (bonus, you can also highlight some needed maintenance and use it to demonstrate what the impact will be if that structure fails)

     

    Document the review by writing down a hazard analysis formatted like the food safety plan, the team’s ideas, and what resources would be need to be available (e.g. if the phones don’t work how to we contact our senior decision maker?). Use the crisis procedure as a guide and write down the team’s mock responses to each step.

     

    How will this be audited?

     

    This section of the code has been revised a lot, and will have various opinions attached to how it should look, so be prepared to explain the documentation and rationale at length. Once the specific elements of the code are checked off, the meat of the auditing fall most heavily under the management commitment and review umbrella. Auditors want to see that the team took it seriously and thought about how they will make sure food safety is maintained in a crisis, not just when it’s easy.

     

    Auditor red flags will go up if presented a plan that only has vague, generic crises like floods or fire, and that the tests are similarly non-specific (what part of the building was the fire in?). Other red flags will be any statements, both in the plan and spoken during the audit, that claim “we just wouldn’t produce” or “we would shut down”.

     

    Those aren’t appropriate responses because everyone knows better! If every crisis was so catastrophic that the business was immediately destroyed no one would need this plan. “We wouldn’t run” plans imply that the practitioner threw together a document to meet the requirement and didn’t use it as a tool for food safety or hazard analysis.

     

    The testing document needs to reflect a real consideration of an event, not just reading the procedure and signing. It’s not a hard and fast rule, but testing documentation that doesn’t include any plan revisions, corrective actions, or updates of any kind is going to be assumed to have been on paper only. If indeed the team found nothing to update or improve about the plan, document the crew’s thoughts and that conclusion, leaving no doubt that the test was thorough.

     

    The more the test documentation demonstrates that a group came together to fully consider a crisis, the better. While it can be done with a checklist (and at minimum the SQF elements should be reviewed), it will read much better as a narrative during the audit.

     

    Posted Image

     

    If an all-star team is 5 years in and stuck in a rut on a well-prepared plan, throw additional wrenches in the works! Make sure that flood takes out one of the raw material suppliers so that the team needs to find and approve a backup. Or select disasters that provide no government guidance (e.g. structural failures that affect specific areas of the building or transportation/logistics concerns from a strike). Remember that disasters that don’t happen INSIDE the facility will still affect it.

     

    2.1.5 is an extension of the food safety plan, an opportunity to take hazard analysis skills and make sure they can still be applied when things get crazy. Putting time and thought into these scenarios is a demonstration of management commitment; that the SQF system is not just “fair weather” guidance that goes out the window when times get tough, but that we’ve incorporated them into our company’s priorities and that they will remain so, even when everything is at risk.

     

    Right now, around the world, food manufacturers are learning to work within the new normal, a set of hazard considerations that they’ve probably never thought of that are affecting every single part of their business model.

     

    But here and there, there were trained SQF suppliers that were able to take a deep breath and say, “okay then, let’s execute the plan and get these products moving.”

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant and manufacturing supervisor in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

    • Oct 16 2020 06:14 PM
    • by Simon
  6. SQF from Scratch: 2.1.4 Complaint Management

    2.1.4 Complaint Management

     

    Complaints happen. No matter how close to perfect a system may be, if the quantities are large enough, even the smallest of mistakes will ultimately reach customers. Thankfully, some of them will take the time to let us know.

     

    While it’s easy to see complaints as just a customer service issue, they also reveal the best opportunities to improve our quality system, both by showing where the problems are happening, and how much the customer cares about the defect. Our best systems will look for metrics while we still have control of the product, but when someone takes the time to pick up the phone or write an email, we need to make sure those individuals aren’t revealing larger problems that have escaped our attention.

     

    Posted Image

     

    The code:

     

    2.1.4 Complaint Management

     

    2.1.4.1 The methods and responsibility for handling and investigating the cause and resolution of complaints from customers and authorities, arising from products manufactured or handled on site, shall be documented and implemented.

     

    2.1.4.2 Trends of customer complaint data shall be investigated and analyzed by personnel knowledgeable about the incidents.

     

    2.1.4.3 Corrective action shall be implemented based on the seriousness of the incident and as outlined in 2.5.3.

     

    2.1.4.4 Records of customer complaints and their investigations shall be implemented.

     

    What’s the point? How is this making our product safer?

     

    Food manufacturing is different than making food at home. If you’re reading this article, you probably already know this. However, it’s not because it’s a business, is subject to regulations, or the products aren’t meals that are eaten immediately.

     

    It’s different because food manufacturers make so much more food than any individual is ever going to make in their lifetime. That means a mistake that might be rare in the home, such as breaking a glass, can become a common occurrence when handling thousands of glasses every day instead of one or two, even if we’re extra careful.

     

    It’s similar to thinking about the lottery. Buying the winning ticket is an uncommon thing, and no one should expect it to happen to them. However, one of the millions of tickets sold winning the lottery is a common occurrence, and should be expected.

     

    Responding to complaint feedback and recording it appropriately allows companies to identify trends that can be traced back to a specific issue.

     

    Posted Image

     

    In the worst-case scenario, practitioners play the role of epidemiologist, identifying a potential outbreak related to the product based on reported illness. Much more commonly, complaint analysis identifies a gap in the system or malfunctioning equipment. Maybe a piece of rubber gasket material that’s been slowing falling apart or a transport issue in the cold supply chain.

     

    Regardless of size or product, every company enjoys the benefit of 100% inspection when the products are finally opened and eaten by the consumer. Complaint management is how we can use that inspection step to verify that our intermittent sampling and inspection activities are doing their job.

     

    What am I being asked to do?

     

    Policy document

     

    To start, there needs to be a policy document in place that identifies the who and how the company responds to complaints and how to determine whether more action is needed. Generally, this will identify the SQF practitioner (or designee) as the one responsible for determining the seriousness of the complaint, and thus the seriousness of the response. This policy/procedure will also define what documentation is used and where it will be kept.

     

    Policy Example:

     

    I. POLICY

    • All complaints from customers or authorities that suggest or reflect a failure of product safety shall be entered into the complaint management system.
    • Any employee may log a complaint into the system, but only the SQF practitioner or designee can review and close a complaint investigation.
    • The SQF Practitioner or designee will use the complaint management system to analyze complaint data for trends, investigate potential root causes, and present data to management.
    • Complaints shall be considered valid and initiate investigations/corrective actions if:
      • There is enough information to determine where/how the defect may have occurred (e.g. what product, specific descriptions).
      • The customer can provide pictures of the affected products or ship them back.
      • A food safety or medical authority is involved.
      • The complaint is part of a trend or known issue.
      • The available information demonstrates the complaint is not a matter of consumer preference or incorrect handling of the product.
    • Complaint investigation and corrective actions shall be carried out in response to observed trends and seriousness of the complaint according to our corrective action procedure.
    Complaints need to be taken seriously…but what does that mean?

     

    Depending on the product, consumer suspicion can swing wildly from deeply distrustful to “that wouldn’t get me sick in a million years”. The code says the response should be proportionate to the complaint, and that evaluation criteria needs to be defined in the procedure (like in the above example).

     

    No matter what, make sure every complaint is logged for trending, but complaints alleging illness or injury require a more detailed response proportionate to the validity of the complaint. “My stomach hurt after eating your bacon” will demand a different quality of investigation than “my physician believes that this is salmonella, and your product (pictured here) appeared undercooked when I ate it 3 days prior.”

     

    The complaint record

     

    After creating a policy document defining who and how, we also need to include the what. Complaint documentation is going to be used by anyone at the company who might answer the phone and be subject to the wrath of the upset customer, so the form should be intuitive and flexible. Sometimes the only information available is an angry voicemail!

     

    Complaint record example:

     

    Posted Image

    This record includes all the information we might want to get regarding the product, it’s origins, contact info from the customer, and a way to show the review actions taken by the SQF practitioner (or designee). Keep in mind that the only action taken may have been to determine whether the complaint was valid and logged for trending, or that no other information was available.

     

    Keeping these forms will meet the requirements to have records of customer complaints and the review/actions taken (combined with corrective action records as needed).

     

    Trending

     

    Most public health agencies don’t consider something an outbreak until there are at least two unrelated cases (there are exceptions). So, when a complaint is received, how do we identify if it’s part of a trend or not? This is where the record created above is NOT useful, because a file cabinet full of complaint records does no good.

     

    Create a database of some kind that has the critical product information, so that the nature of the complaints can be categorized and presented to management.

     

    This database can be as simple as the date the complaint was received, the product and traceability info, and categorically what the issue was. Complaints of illness or injury should also be called out, as those are going to require more complete investigations.

     

    Posted Image

     

    For a video with detailed instructions on how to create a database like this in excel, click here.

     

    Once a database is made, use graphs and other reporting tools to watch for trends, or simply look at the data and document a narrative of relevant/actionable observations.

     

    Example graph trending by product:

     

    Posted Image

     

    Example trending by narrative:

     

    January 2020

     

    We received 12 complaints in January, most were feedback on the change in almond supplier (more loose skin pieces). However, there was one complaint of a found screw in the product that was determined to be valid. A brief search of our records shows one other screw found in November that looked the same. I have alerted maintenance and sent them the picture and they are examining the trail mix line to determine where the screws are coming from. Will update when we have closed the CAPA.

     

    After reviewing complaints for trends, include the graphs or narrative in a management report and document any observations/corrective actions/investigations that were initiated. Make sure to also close the loop on previous issues and document whether previous investigations/corrections were successful.

     

    For more on how to present complaint trends to management, see SQF From Scratch 2.1.3 Management Review.

     

    How will this be audited?

     

    This and similar programs tend to be audited in this order:

     

    1. Show the policy
    2. Show the records
    3. Show the management review
    4. Show the follow up

     

    The policy review is the strict code audit, is everything there represented in the procedure? Does it have the criteria for “validity” and “seriousness” of the complaint? Who reviews and how?

     

    Next are the records, are they complete, are they readily available, and do they provide useful information. Here it is still helpful to make sure the complaint database doesn’t get polluted with “customer service” type complaints (e.g. billing) as it makes it hard to review for problematic trends.

     

    Auditors will also typically ask for any complaints from authorities (e.g. public health) or complaints of illness specifically, as those will definitely need complete investigations and corrective actions attached. If those investigations are missing, it gives the impression that complaints are just recorded and brushed off as irrelevant or random, which is no good.

     

    Finally, the trending and management communication portion tends to trip up a lot of companies. Many of us cover these items in weekly or monthly meetings verbally, but there needs to be written documentation that these trends were reviewed and it was determined if action was necessary or not. If action was necessary, additional documentation needs to be readily available showing the corrective actions taken. This should fall under the corrective action procedures and be neatly summarized in the management review records.

     

    For a known issue, it can be easy to forget the follow up, or forget to tie it back to the original complaint. Make sure that the CA documentation is duplicated and attached to the complaint, or cross-references it in some other way (e.g. complaint number).

     

    For a smooth audit, identify in advance some recent complaints or complaint trends that were valid, have a complete investigation, and a happy ending. Don’t let an auditor go fishing through the entire complaint history looking for the one they think deserved more attention. Find one that’s relatively harmless, for example a packaging defect, and demonstrate the complete history of the investigation, resolution, and follow up. The goal is to give the auditor confidence that they can “check the box” and think, “yep, I saw all of these code elements in action from start to finish on a complaint that mattered.”

     

    Trivial documentation issues in other complaints will be less of a big deal if the company can demonstrate real and actionable response and follow through on an important one. As with any program audit, if the practitioner can demonstrate that the intent of the requirement is achieved and documented, it is much easier to glide through disagreements in language used or auditor documentation preferences.

     

    2.1.4 is a unique challenge because every facility is going to have a very different “portfolio” of customer complaints. Some are going to have complaints from industry customers in the know, reporting back specification failures and micro results; others will have complaints from concerned parents who report the product is a different color or clumping unusually. They key is to make sure this feedback is seen as valuable, and that we use trending tools to evaluate our system.

     

    Because while the odds of a winner are small, we sell a lot of lottery tickets every day.

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant and manufacturing supervisor in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

    • Jun 29 2020 05:42 PM
    • by Simon
  7. SQF from Scratch: 2.1.3 Management Review

    2.1.3 Management Review

     

    These first few elements established the relationship site management needs to have with the food safety system. SQF is not just an exercise for the practitioner.

     

    First, we had management identify that food safety is part of our business mission, not just something we have to do.

     

    Then, we made them put their money where their mouth is by designating an SQF practitioner and showing employees how the top levels of the company are ultimately responsible for that mission.

     

    Now, we need to make sure that long after we’ve created these policies, the people in charge are going to receive the information needed to uphold that responsibility every day, long after we’ve attained certification. We’re also going to make sure that this system stays alive, and doesn’t become a binder on the shelf that just gets whipped out when the auditor arrives, and no one at the company has any idea what’s inside.

     

    Posted Image

     

     

    The code:

     

    2.1.3 Management Review

     

    2.1.3.1 The senior site management shall be responsible for reviewing the SQF system and documenting the review procedure. Reviews shall include:

     

    i. The policy manual;

     

    ii. Internal and external audit findings;

     

    iii. Corrective actions and their investigations and resolution;

     

    iv. Customer complaints and their resolution and investigation;

     

    v. Hazard and risk management system; and

     

    vi. Follow-up action items from previous management review.
    2.1.3.2 The SQF practitioner(s) shall update senior site management on a (minimum) monthly basis on matters impacting the implementation and maintenance of the SQF system. The updates and management responses shall be documented. The SQF system in its entirety shall be reviewed at least annually.

     

    2.1.3.3 Food safety plans, good manufacturing practices, and other aspects of the SQF system shall be reviewed and updated as needed when any potential changes implemented have an impact on the site’s ability to deliver safe food.

     

    2.1.3.4 Records of all management reviews and updates shall be maintained.

     

    What’s the point? How is this making our product safer?

     

    “Oh my goodness”, you may think, “we have to review EVERYTHING at least once a YEAR?”

     

    Yes.

     

    I spend a lot of my time working with QA departments on making their systems more flexible, easier to maintain, and reduce overall paperwork because unnecessary clerical work hurts our ability to make safe food (even if it makes it look like we are).

     

    But that’s just it, we want to make systems that follow our golden rule, which means we use them and we integrate them. We review them constantly to make sure that nothing has become obsolete.

     

    We review them to make sure that they still make sense to our business.
    We review them to make sure the science is still holding up.

     

    We loosen requirements for things that are no longer an issue and tighten them for things that are affecting our customers.

     

    And an SQF practitioner who is ready to demonstrate how they attain food safety, not just provide a bunch of forms that say they do, needs to be an expert in their own policy manual.

     

    What’s the point of an SQF practitioner, not to mention a company point person for audits, if they don’t know their own systems backwards and forwards? Knowing how all of the pieces of the system connect together not only helps avoid creating redundant waste, it also shows where there are gaps.

     

    What am I being asked to do?

     

    So, what’s a review? It depends.

     

    Policy Manual and Hazard and risk management system (food safety plan)

     

    For a “policy manual”, a.k.a. the “register” of controlled policies, procedures, and food safety plan that make up the system; the review is of the system rather than its outputs.

     

    The review of a policy manual document (SOP, Policy, Procedure, Food Safety Plan) should entail:

    • A complete read-through by the SQF practitioner
    • The opportunity for stakeholders in the procedure to review or request any revisions
      • Note: Stakeholders change, not everyone needs to see the waste management SOP, but top levels do need to see the food safety plan
    • If no changes, documentation that the review actually took place.
    Note that if we’re talking about the food safety plan or product specifications, reviews aren’t going to just be scheduled annually; they’ll be prompted by new products, ingredients, suppliers, equipment, and facilities. “Annually” does not mean “once per year”, it means “no less than once per year”. This is specified in 2.1.3.3 but should be obvious to any company actually using its system. A food safety plan that doesn’t include the newest product line is a big red flag indicating that it isn’t used. This would be reflected as a non-conformance to 2.1.3 or 2.1.2 (if it didn’t just fall under the plan requirements).

     

    Depending on the company’s level of integration and support in the SQF system, those other stakeholders in the policy may not actually thoroughly review things. That’s not ideal but does not stop a practitioner from making helpful documents. As long as their own review is thorough and they audit whether those policies and procedures are actually followed, the documents stay alive and relevant.

    Posted Image

    Companies should never have something written down in the policy manual that doesn’t happen. Either it’s important enough that it actually needs to be done, or it doesn’t and it has no business being in the manual. Keeping something there just because an auditor may want to see it violates our golden rule:

     

    Never make systems to “pass audits”. Make systems that work for your company that help it make safer/higher quality products more efficiently.

     

    This can be very tough for some quality personnel to grasp, as they may have been in a quality environment where their performance is based on auditing or “making sure we follow the code”. That’s a management error. If there is a company issue where a policy requirement does not have good follow through or buy-in from other departments, it needs to be adopted or dropped. It turns out that when quality personnel spend time doing those tasks (usually by spending time in production), not just asking for them to be done, or when they have to actually draw lines in the sand for everything they specify in an SOP, those “auditable” things in documents tend to go away, making them better documents that support the most critical components.

     

    As each document is reviewed, the practitioner should ask and answer these questions:

    • Does this document still support it’s intended purpose?
    • Do we actually practice this document as written without exceptions?
    • Are any of the requirements/procedures obsolete?
    • Are any of the justifications obsolete?
    • Is new information available that should change how we do things (e.g. complaint trending, internal audits, industry changes)?
    Nothing in that review process is oriented around “meeting the code”. Reviewing is used to make sure that our documentation supports a system that produces safe food in the most efficient manner possible.

     

    Some auditors may disagree. That’s okay, their responsibilities are different than ours.

     

    Posted Image

     

    This doesn’t eliminate the reality that we need to make sure the SQF code is supported by our policy manual. Heck, that’s the entire point of this article series! So how to we get this taken care of?

     

    My recommendation is that practitioners conduct a separate, annual review using the SQF checklist. This review is the one everyone is more familiar with, but it’s less important than what we discussed above, where we review the efficacy of our systems rather than conformance to code.

     

    For this review, examine each individual clause in the code, and make sure it’s supported within all of the various documentation in the policy manual and records. This review does not need to include anyone but the audit team, and should be used as an opportunity to prepare for the audit. The intent is to make sure all of the elements are actually covered somewhere in the system. Not by copying and pasting them, but by showing that the company has incorporated them into their own policies and procedures.

     

    This review has the secondary benefit of documenting itself in an auditor friendly way (using the checklist). I like to use it as a training opportunity for backup auditors or folks wanting to learn the code better, and it can be run like a mock/practice audit.

     

    Documenting policy manual reviews

     

    Documentation can be extremely varied, but it’s important to make sure that time is only spent recording information that may be helpful in the future, avoiding documentation for documentation’s sake.

     

    Proof of review of a policy can be accomplished in several common ways:

     

    1. The classic revision table at the end of the document

     

    Posted Image

     

    Simple, to prove things are reviewed, just put it in the document itself. This is super common, but somewhat cumbersome. In this setup, in order to verify that every document has been reviewed, every document needs to be inspected. Further, this table is just one more place where errors can occur when new revisions are created (woops, forgot to add the changes!).

     

    2. The review coversheet

     

    Posted Image

     

    Some organizations get a step closer and think, “Our pest control policy is good to go, so why go through the effort of issuing a new revision? Let’s document that everyone took a look at it and keep that on file instead!”. It’s not bad, but if we’re documenting something with everyone’s signature on it already, all we’ve done is created two documents that need to be archived, the SOP’s and the reviews. Plus, if changes WERE made, the same amount of work needs to be done, but now it requires two sets of signatures instead of one. Seasoned document controllers know that the time it takes to issue new revisions is not consumed by the editing time, but trying to get all of the approvals.

     

    3. New revisions & the review database

     

    Posted Image

     

     

     

     

     

    Posted Image

    A lean solution to making sure you keep your documents clean and recently reviewed is to simply have your SOP’s make the rounds for signatures annually, even if they contain no changes. The same stakeholders need to approve them again, no problems there, you don’t need to update the revision number if you don’t want or need to, since the signatures will have dates indicating a recent review. To document changes made (if needed), keep a separate database or file where you can sort for any document and pull up the history of changes at any time. Boom, documentation that’s organized for your use. We can also be detailed and keep all old revision information without taking up additional pages on each policy.

     

    This is going to cover most of our review documentation needs. As far as timing, going by previous approval dates reviews should naturally happen on a rolling schedule. This makes sense from a business practicality stand point, but occasionally auditors will get fixated on the statement in 2.1.3.2, “The SQF system in its entirety shall be reviewed at least annually,” and expect some sort of master review that happens once a year. This is worth arguing over since a simultaneous review of everything is both impractical and supports the idea that we shouldn’t ALWAYS be reviewing these policies. However, if you did do the SQF checklist review with your audit team, you can show it to the auditor and be done with it.

     

    Audit findings, corrective actions, complaints, investigations, follow up items

     

    This group of materials to review are the outputs of your system. Like we discussed above, the point of this clause is to make sure that management has the information necessary to support the food safety mission and allocate resources accordingly. This means that critical information from the QA teams needs to be presented to them, at a minimum monthly.

     

    Often management teams meet more often, which is excellent! The tricky non-conformance catch here tends to be due to the lack of documentation of these meetings. Not every meeting has or needs minutes, especially if your QA update is something as simple as “no complaints or issues this week”. Taking the time to write up minutes that cover every word of 2.1.3 is tedious and cumbersome.

     

    Any time we use our scarce minutes or hours to put something together, just so it can be reviewed in seconds by an auditor, it had better be useful to the company and its food safety systems. AKA it should follow our golden rule.
    Instead of documenting every individual meeting with management) where multiple topics are discussed and actions are often delegated to other levels), put together a monthly digest of pertinent QA information and distribute it to ANY stakeholder that would be interested. Here’s an example of what such a review could look like:

     

    Posted Image

     

    Compared to how I usually coach documentation, this one does take some time to put together, especially if individual programs don’t have a lot of automated or simple reporting built in. However, it’s a crazy valuable tool to meet a TON of documentation/communication requirements in the code (across multiple elements, thus consolidating paperwork), and it’s very helpful to communicate not only what’s going on in quality to multiple teams, but also the value the quality team is adding to the company.

     

    Sometimes QA works in the background and has a hard time demonstrating that work is being done, this report is a communication tool to show the value QA personnel are adding to the facility in a real way. This leads to better buy in and understanding from other departments. Heck, paper copies can be provided to the entire production floor or have portions shown in a breakroom posting for anyone interested.

     

    How this form is constructed is entirely up to each company, as the focus areas are going to change based on challenges and product categories. If other system outputs (like complaint tracking) already have good databases for trending and reporting, it can be incredibly quick to put together. The key is to keep it simple for a lay audience. It isn’t an internal QA document, it’s for the CEO, plant manager, marketing manager, or whomever to understand what QA is currently doing to make the products safer and higher quality.

     

    The review procedure

     

    We do need to document how these reviews are intended to be performed. But it doesn’t need to be extremely explicit as long as we can, as always, demonstrate that it’s happening. I’ll typically have an SOP called “internal audit” which is intended to cover the policy portions of 2.5.5. In that SOP, I’ll specify the creation of the monthly report outlined above.

     

    Example:

     

    1. Management Updates

     

    a. Every 30-40 days, senior management shall receive an “Monthly Quality Update” that covers matters impacting the implementation and maintenance of the SQF system.

     

    That’s all you need! When crafting the policy it is not necessary to copy the language of the code as long as the monthly update includes all of the information the code requires (like in the above example).

     

    For policy and procedure reviews, I’ll typically include this policy in my document organization/control SOP that supports the recordkeeping and review requirements of section 2.2. I’ll include a tidbit like this one:

     

    1. Review procedure:

     

    a. SOPs shall be routed for revisions/review at least annually.

     

    How will this be audited?

     

    At a minimum, as the auditor goes through each of the policies and procedures, they’re going to look for a document revision change or review within the last 12 months. It’s often not a big deal if one or two are “out of date” by a month or so, especially if a draft is making the rounds. However, if all of them are in that window, it demonstrates that reviews are only taking place around the audit, which doesn’t look great.

     

    Reasons for changes need to be available, but are typically only looked at critically when they are justifications for changing requirements or specifications. E.g. if you started to clean something only every 48 hours instead of 24, that’s a change that needs justification documented.

     

    Changes to process flows or other aspects of the food safety plan will need to have new validations etc. in place to justify the change. If they’re missing this, it often becomes a non-conformance in 2.4.3. But if it’s a matter of there being no record of the new product line getting an analysis at all, it technically would fall under management review. The first example is a failure to follow HACCP principals, the second is a lack of review to make sure the food safety plan stays relevant.

     

    Auditors will seek evidence that management updates turn into actions. If the monthly reports have been getting done, they should also include corrective actions and changes driven by management in response to previous versions of the report. This is a tricky auditing nuance, because auditors love lists and columns. They want to see a form that has: finding, response, who’s responsible, timeframe, time completed, issue closed.

     

    You don’t have to do this again and again on paper, and you shouldn’t. Continuous improvement is just that, continuous. The documentation exists if they’re consistently included in the reports, and the practitioner needs to be able to guide the auditor through the narrative.

     

    Have one or two solid examples ready for the audit. If there was an increase in complaints for labels falling off products, show the progression of that in the monthly updates!

    • One month showed a complaint increase and an investigation.
    • The next month a corrective action.
    • The next month shows a note that QA implemented the new supplier/quality check/machine/whatever that was needed.
    • The next month shows how the complaints trended down.
    This is a process of ongoing communication, but it is on the practitioner to demonstrate to the auditor how that works in your facility, not create yet another form to summarize it for the auditor. Again, practitioners need to know their own system well enough to demonstrate that it meets the code, not tailor it for ease of audit.

     

    If you can’t think of examples, you’re either not giving yourself enough credit for the improvements you’ve made, or your company is not continuously improving. Usually it’s the former.

     

    2.1.3 does one thing effectively. It demonstrates whether a bunch of documents were created solely to get the SQF certification and keep it, or if SQF elements were integrated into the quality system. Companies who do not meet the elements of 2.1.3 have the following characteristics:

    • Only the SQF practitioner knows where the policies are
    • Only the SQF practitioner can lead an audit
    • The food safety plan hasn’t changed since it was made
    • Management has no idea what QA does day to day
    • SOP’s contain procedures that aren’t followed and forms that aren’t used (the binder is bloated)
    • SQF practitioners don’t remember what all their procedures are during the audit, or perhaps where to find them
    If an element of the system has not changed, it should be challenged to make sure it still holds up.

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant and manufacturing supervisor in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

    • Jun 29 2020 05:44 PM
    • by Simon
  8. SQF from Scratch: 2.1.2 Management Responsibility

    Remember, the goal is not “Audit ready 365”, it’s to know that our facility embraces globally recognized best practices to maintain food safety. Because of this, as we dive into each element, we must always remember the quality management system golden rule: Never make systems to “pass audits”. Make systems that work for your company that help it make safer/higher quality products more efficiently.

     

    2.1.2 Management Responsibility

     

    Following right up on commitment. In addition to identifying our mission of food safety, we also need to determine who will be held accountable for that mission. Where does the buck stop? How are we going to make sure that our new commitment to food safety isn’t just a plaque on the wall, but is a living, breathing (and costly) endeavor?
    Some things will be a paperwork exercise, sure, after all everything important happens on paper. But we also need evidence that we have used the time and resources necessary to make sure that competent people, with the right expertise, are making our food safety plan a reality.

     

    The code:

     

    2.1.2 Management Responsibility

     

    2.1.2.1 The reporting structure describing those who have responsibility for food safety shall be identified and communicated within the site.

     

    2.1.2.2 The senior site management shall make provision to ensure food safety practices and all applicable requirements of the SQF System are adopted and maintained.

     

    2.1.2.3 The senior site management shall ensure adequate resources are available to achieve food safety objectives and support the development, implementation, maintenance, and ongoing improvement of the SQF System.

     

    2.1.2.4 Senior site management shall designate an SQF practitioner for each site with responsibility and authority to:

     

    i. Oversee the development, implementation, review, and maintenance of the SQF System, including food safety fundamentals outlined in 2.4.2, and the food safety plan outlined in 2.4.3.

    ii. Take appropriate action to ensure the integrity of the SQF system; and

    iii. Communicate to relevant personnel all information essential to ensure the effective implementation and maintenance of the SQF System.

     

    2.1.2.5 The SQF practitioner shall:

     

    i. Be employed by the site as a company employee on a full-time basis;

    ii. Hold a position of responsibility in relation to the management of the site’s SQF System;
    iii. Have completed a HACCP training course;
    iv. Be competent to implement and maintain HACCP based food safety plans; and
    v. Have an understanding of the SQF Food Safety Code and the requirements to implement and maintain SQF System relevant to the site’s scope of certification.

     

    2.1.2.6 Senior site management shall ensure the training needs of the site are resourced, implemented, and meet the requirements outlined in system elements, 2.9, and that site personnel have met the required competencies to carry out those functions affecting the legality and safety of food products.

     

    2.1.2.7 Senior site management shall ensure that all staff are informed of their food safety and regulatory responsibilities, are aware of their role in meeting the requirements of the SQF food safety code, and are informed of their responsibility to report food safety problems to personnel with authority to initiate action.

     

    2.1.2.8 Job descriptions for those responsible for food safety shall be documented and include provision to cover for the absence of key personnel.

     

    2.1.2.9 Senior site management shall establish processes to improve the effectiveness of the SQF System to demonstrate continuous improvement

     

    2.1.2.10 Senior site management shall ensure the integrity and continued operation of the food safety system in the event of organizational or personnel changes within the company or associated facilities.

     

    2.1.2.11 Senior site management shall designate defined blackout periods that prevent unannounced re-certification audits from occurring out of season or when the site is not operating for legitimate business reasons. The list of blackout dates and their justification shall be submitted to the certification body a minimum of one (1) month before the sixty (60) day re-certification window for the agreed up on unannounced audit.

     

    What’s the point? How is this making our product safer?
    If you follow companies who either have large outbreaks or legal action, a common thread tends to be that company representatives blame a lack of information or appreciation for the details necessary to make good food safety risk management decisions. They respond to regulators with their hands up in the air saying things like:

    This stuff is hard to do, and just as important as being willing and capable to learn the details is knowing when you may not have them all. In smaller companies, where capable people in other roles are moved into food safety roles, there can be issues with knowledge gaps. 2.1.2 establishes the need to make sure you have proper expertise on site, and that everyone is made aware of the decisions being made so that accountability is shared.

     

    What am I being asked to do?

     

    This one’s a pretty stout element with a lot of details, so let’s break it down line by line.

     

    2.1.2.1 The reporting structure describing those who have responsibility for food safety shall be identified and communicated within the site.

     

    Your business probably already has an organizational chart showing reporting structure, so this one is nearly done! What SQF wants to see is that you know who is responsible for food safety.

     

    It’s not just the Manager or SQF practitioner!

     

    Food safety responsibility mostly falls on the production floor. Floor employees need to know they are the first and most important element in this system. After that, they need to know who’s head to go over when they have a food safety concern. Identifying this in your reporting structure can happen in a variety of ways. My favorite is placing it directly in the org chart.

     

    If you need an org chart, there are a million different tools to make one. I typically recommend one in particular, since most employers already have it on site and it’s a surprisingly powerful tool, Microsoft PowerPoint.

     

    Despite there being a dedicated flowchart tool in Microsoft Visio, that’s another license to buy for every user that needs access. Dynamic flowchart shapes are available in PowerPoint with many of the same controls, and PowerPoint generates vector images that can be printed clearly in any size.

     

    You can find the flowchart tools when you go to “shapes” on the insert ribbon.

     

    Posted Image

     

    The connector arrows once connected to flowchart shapes will stay connected when moved around or resized, just like Visio, all you need to do now is fill in the names and titles like this example below:

     

    Posted Image

    Now how can we identify those with responsibility for food safety? Simply add a qualifier of some kind, like a color or a code to the applicable portions of the chart. I’ve used both in the example below (remember you only need one!):

     

    Posted Image

    There, now it exists, but still must be “communicated throughout the site”. You can post it somewhere like an employee notice/safety board, or make it a controlled document and include it with your regular training and employee resources. The end goal being that your employees know where to find it in case they need to run something up the ladder.

     

    2.1.2.2 The senior site management shall make provision to ensure food safety practices and all applicable requirements of the SQF System are adopted and maintained.

     

    This one feels a bit redundant; it’s going to be supported by later portions of the code, particularly training and internal audits. There’s no specific action here other than showing evidence of implementing and enforcing food safety practices. We can move on.

    2.1.2.3 The senior site management shall ensure adequate resources are available to achieve food safety objectives and support the development, implementation, maintenance, and ongoing improvement of the SQF System.

     

    Again, this portion of the code doesn’t require a specific form or policy to be in place. It’s going to be audited throughout the entire system. If things are out of repair, not being improved, or otherwise not happening due to time or cost constraints, it becomes evidence that 2.1.2.3 has not been supported.

     

    2.1.2.4 Senior site management shall designate an SQF practitioner for each site with responsibility and authority to:


    i. Oversee the development, implementation, review, and maintenance of the SQF System, including food safety fundamentals outlined in 2.4.2, and the food safety plan outlined in 2.4.3.
    ii. Take appropriate action to ensure the integrity of the SQF system; and
    iii. Communicate to relevant personnel all information essential to ensure the effective implementation and maintenance of the SQF System.

     

    Here we are, the SQF practitioner. You must designate, either on your organization chart or in a job description, the individual(s) who is(are) ultimately responsible for the effective implementation of the system. This can be the CEO, a dedicated quality role, or anyone that makes sense for the company size and structure, but they need in their job description both the assigned role of SQF practitioner, and the authority to do it effectively.

     

    Here’s an example of how to integrate assignment of a practitioner into a job description, my preferred method since these descriptions need to be made regardless:

     

    Posted Image

     

    Other ways to designate are to include the designee in the management commitment statement, or identify them on the organization chart similarly to how we selected individuals responsible for food safety. The point is that a specified individual was chosen, they have sufficient authority, and other employees know who they are.

     

    2.1.2.5 The SQF practitioner shall:


    i. Be employed by the site as a company employee on a full-time basis;
    ii. Hold a position of responsibility in relation to the management of the site’s SQF System;
    iii. Have completed a HACCP training course;
    iv. Be competent to implement and maintain HACCP based food safety plans; and
    v. Have an understanding of the SQF Food Safety Code and the requirements to implement and maintain SQF System relevant to the site’s scope of certification.

     

    Here we’ve reiterated the basic requirements of a practitioner, but also provided some additional detail on what needs to be on file. As above, first and foremost the SQF Practitioner needs to be a paid employee with sufficient authority to get things done in the production areas. No interns, no offsite sales representatives, no lawyers on retainer.

     

    A HACCP training course is required (specifically CODEX HACCP, not an FDA juice HACCP, seafood HACCP, and NOT Preventive Controls Qualified Individuals classes, though if you’re in the US those will be required for regulatory compliance reasons). Note that no where in the code or guidance does SQF use the term “certified”.

     

    A personal pet peeve of mine is inappropriate use of the word certified. Certified means that some sort of organization determined that you met their standards and said you can call yourself certified. Therefore, if you want to take my class about HACCP under Fur, Farm, and Fork’s standards, I can call you “certified” under the FF&F standard for HACCP.

    Posted Image

    Certifications are only meaningful based on the granting organization, if someone claims they’re “certified” anything, the key question to ask is “according to whom?” It’s similar to saying something was “published”. As much as I’d like to claim everything “published” on furfarmandfork.com holds the same weight as something published in “science”, unfortunately that’s not the case.
    SQF makes no requirements what “standard” of HACCP training is needed, other than training needs to exist on paper. Therefore, as an example you could take IFSQN’s compact, inexpensive, 4 hour class. By doing so, you’ve met the written requirements of the code and you even have a certificate to show an auditor when they ask. Done and done.

     

    Anything demanded other than “HACCP training was provided and documented” is not code but auditor preference. However, when preference becomes a fight it may not be worth starting to argue early in the audit. Besides, additional training isn’t a bad thing. One industry gold standard for HACCP training is a workshop type HACCP class that incorporates at least 16 hours of classroom time, and is accredited by an organization with some recognized weight such as the international HACCP alliance.

     

    Many certifying bodies sell HACCP training/certification services, feel free to take advantage, but remember that the code does not require anyone’s specific training (despite what salespeople say). Of course, you won’t be able to support the efficacy of the training you received if your HACCP plan isn’t up to snuff, which is why the code follows up the training requirement with “Be competent to implement and maintain HACCP based food safety plans”.

     

    The evidence that the training was effective will be in the plan. If the plan does not include monitoring and verification of critical control points, and you have no idea that it’s incomplete, that’s nonconformance with 2.1.2.5. You demonstrated that the practitioner does not have the required competency to make a functional plan, and it may have been because they didn’t have effective HACCP training.

     

    Finally, SQF basically says that the SQF practitioner needs to know the code well enough to implement it. Again, this can be accomplished through either training, experience, consultant help, or personal study, but it will be evaluated during the audit based on how many times you say “I didn’t know that was in the code”. So, do whatever is necessary to know this stuff; If you’re reading this blog series, you’re on the right track 😉.

     

    2.1.2.6 Senior site management shall ensure the training needs of the site are resourced, implemented, and meet the requirements outlined in system elements, 2.9, and that site personnel have met the required competencies to carry out those functions affecting the legality and safety of food products.

     

    Again, this is reiterating that the training requirements we’ll go into detail on later have evidence that they’re effective, no specific action here other than showing that the auditor is looking for competence, not just paperwork exercises.

     

    2.1.2.7 Senior site management shall ensure that all staff are informed of their food safety and regulatory responsibilities, are aware of their role in meeting the requirements of the SQF food safety code, and are informed of their responsibility to report food safety problems to personnel with authority to initiate action.

     

    The first portion of this is again going to be based on employee interview, knowledge, and demonstrated competency during the audit. However, hidden in this clause is an obvious but not always written requirement that “employees are informed of their responsibility to report food safety problems”.

     

    This can be embedded in the management commitment statements, an employee “day one” SOP, or other training tool. But an employee on the floor needs to be able to say they know that they need to report when something has gone wrong and that they have the support and authority to do so.

     

    Keeping it simple: this reporting method can be as simple as “report to supervisor as soon as condition is observed”. But this reporting method needs to be actually written down and documented in a trained policy or procedure.

     

    The culture change necessary to make consistent reporting a reality is hard, but the demonstrated training portion is easy. When training employees on the basics on day one like when to wash hands, PPE, etc., include a responsibility to report food safety problems.

     

    2.1.2.8 Job descriptions for those responsible for food safety shall be documented and include provision to cover for the absence of key personnel.

     

    Everyone identified as personnel responsible for food safety in the org chart needs a job description, and that job description specifically needs to call out that they have a responsibility to food safety. But, there’s no requirements about formatting, content, etc. except one.
    In general, when approaching required paperwork for SQF, if they’re mandatory, make them useful to your business. Work with the HR team to generate job descriptions that clarify responsibilities and competencies for employees in key roles and use it for performance accountability. I’ve got a template below of a bare bones description that I’ve found useful.
    There is that one specific requirement for “provision to cover for the absence of key personnel.” Key here is that SQF wants to make sure that food safety isn’t dependent on the practitioner being on vacation, but that the company maintains both standards and tools (e.g. can’t stop verifying thermometers just because the lab tech is out) rather than just placing it all contingent on one person’s presence.

     

    Why I don’t like this provision is that it requires it to be written into the job descriptions. Job descriptions aren’t usually very “live” documents, and making (SQF) certified suppliers document this specific provision in a specific place is burdensome. In my humble opinion, this should be audited similar to other responsibility provisions in that the proof will be in actual demonstration of the coverage. Instead it becomes a checkbox on the audit list, making this is a very common non-conformance when suppliers don’t follow the code and place it exactly where it’s supposed to be in the paperwork.

     

    So, the most audit-proof way to meet this requirement I’ve found is to take the code very literally, and add a “coverage in absence” line to your job descriptions.

    Posted Image

    Alternatively, you might be able to get away with a more general statement that relies on your org chart. Instead write “Coverage in absence: Direct supervisor (see organization chart)”. This would be pretty solid, defensible, and per the code technically written into the job description. You only run into trouble if for some reason coverage isn’t actually provided by a supervisor but by a subordinate. For example, a lab manager may do all of the micro CoA review, but when they’re out a senior technician may cover that task for a week. So be careful with that one.

     

    2.1.2.9 Senior site management shall establish processes to improve the effectiveness of the SQF System to demonstrate continuous improvement.
    Once again, this will be demonstrated through internal audit and management review systems to be discussed further.

     

    2.1.2.10 Senior site management shall ensure the integrity and continued operation of the food safety system in the event of organizational or personnel changes within the company or associated facilities.

     

    Basically, if an SQF practitioner gets laid off or goes on leave, is everything going to fall apart? This is another one that will be demonstrated via observation during the audit. If things have fallen through the cracks that are normally done (supplier review, internal auditing, reporting, verification tasks) and the excuse is that there was an organizational change, that’s a problem under this clause. Doesn’t matter if you just moved into a new building or got a new boss, the standards are supposed to continue to be met.

     

    2.1.2.11 Senior site management shall designate defined blackout periods that prevent unannounced re-certification audits from occurring out of season or when the site is not operating for legitimate business reasons. The list of blackout dates and their justification shall be submitted to the certification body a minimum of one (1) month before the sixty (60) day re-certification window for the agreed up on unannounced audit.

     

    Basically, SQF has no interest in auditing a seasonal facility that is not producing anything that month. Alternatively, if the facility only operates Mon-Thus. Then SQF doesn’t want to pop in unannounced on a Friday and find nobody there. On years with unannounced audits, communicate with the certifying body regarding what days are actually going to be worth visiting.
    As a bonus, you can also try to specify blackouts like planned vacations for key personnel or your SQF practitioner(s). While the SQF system needs to be maintained when those people are out, Audits are a different situation that does not require everyday coverage. There’s an expectation that the system is maintained, but certain folks will be able to explain the system in its entirety during an audit that others will not. I’ve had good luck with CB’s when blacking these out, provided it doesn’t defeat the purpose of an unannounced audit by blocking out the majority of the window.

     

    How will this be audited?
    SQF guidance tells auditors to be patient when gauging compliance with 2.1.2, as it’s the proof that the system isn’t just a pile of SOP’s and verification records. It can take time to tease that out of a company that knows how to “pencil whip” an audit.
    There are some items that will be reviewed at the desk: job descriptions, HACCP training proof, maybe the resume of the SQF practitioner, and organization charts. But the majority of this clause is just saying “we made you do all of this stuff…are you actually doing it even when it’s hard?”

    • A leaky roof or broken floor that’s been there for 2 years of audits is evidence that the business has not been allocating sufficient resources to maintenance.
    • A team that has no idea that they are supposed to be monitoring a critical control point to keep the food safe is not one that was actually trained well.
    • A vacant microbiologist position combined with raw materials no longer being tested on site is evidence that the company has not provided for coverage and the system fails when individuals are absent.
    • A HACCP plan that doesn’t have a process flow for a product launched last month is not being reviewed or updated enough to support food safety in the plant.
    • Not having FSMA requirements in place is evidence that staff are not keeping up with new regulatory requirements and implementing them.
    • A sanitation schedule that says “clean once a day” but records show days are skipped when we “get busy” or too many people call in sick is evidence that the SQF practitioner does not have sufficient authority to implement the plan.
    • Microbiologists were no longer using the paddle blender because they didn’t like waiting for it to finish, signing off one procedure and doing another is evidence of ineffective training and lack of competence for the role.
    • An SQF practitioner that is expected to maintain the system while also performing all front desk, office management, freight scheduling, product testing, production scheduling, and outside sales support; didn’t update the old SOP’s potentially because they have not been allocated the time to do the job properly.
    During the paperwork review, as always be cautious of auditors who may dislike the system used, not doing “what they’ve seen at other plants” does not mean it isn’t in compliance. Always bring it back to the code and identify when a format or statement is actually required or not.

     

    In the plant, while inspecting the line and problems are noted, if you are already aware of them with a plan in place to fix, sharing it demonstrates planned improvement and resource allocation, even if occasionally an auditor with no company responsibility may disagree with the timeline.

     

    In a real business environment, not everything can be fixed right away. But you can demonstrate management responsibility by providing a plan, with deadlines, and how you will mitigate risk until the fix happens. Continuous improvement is not immediate improvement, show what you’ve fixed so far to demonstrate your commitment, and you will give the auditor confidence that the things they see will be fixed according to plan as well.

     

    2.1.2 takes management commitment and calls the bluff. It starts with creating a system and providing resources so that the code can be upheld no matter what, and ends with a competent practitioner that keeps it on track and makes sure the company is never “surprised” by gaps in their system. SQF practitioners should demonstrate command of their own system and facility, with its weaknesses already known and highlighted for future improvements.

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant and manufacturing supervisor in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

    • Jan 12 2020 07:21 PM
    • by Simon
  9. SQF from Scratch: 2.1 Management Commitment, 2.1.1 Food Safety Policy

    Remember, the goal is not “Audit ready 365”, it’s to know that our facility embraces globally recognized best practices to maintain food safety. Because of this, as we dive into each element, we must always remember the quality management system golden rule: Never make systems to “pass audits”. Make systems that work for your company that help it make safer/higher quality products more efficiently.

     

    2.1 Management Commitment

     

    Management commitment is the pre-requisite to company culture. Whether talking about safety culture, lean culture, continuous improvement culture, anti-discriminatory culture, ethical business culture, or food safety culture, company direction and leadership begins with those holding the purse strings at the top.

     

    The fact that this is our FIRST element is not a mistake, it’s an acknowledgement that this process will have no legs if it is not supported by those in control of the business. SQF has taken the same approach that successful safety, lean, and corporate responsibility initiatives have, wherein you begin with missions and core values that provide a compass for company priorities, especially when you get stuck back in the day-to-day.

     

    The code:

     

    2.1 Management Commitment

     

    2.1.1 Food Safety Policy (Mandatory)

     

    2.1.1.1 Senior site management shall prepare and implement a policy statement that outlines as a minimum the:
    i. The site's commitment to supply safe food;
    ii. Methods used to comply with its customer and regulatory requirements and continually improve its food safety management system; and
    iii. The site's commitment to establish and review food safety objectives.

     

    2.1.1.2 The policy statement shall be:
    i. Signed by senior site management;
    ii. Made available in language understood by all staff;
    iii. Displayed in a prominent position; and
    iv. Effectively communicated to all staff

     

    What’s the point? How is this making our product safer?

     

    Food safety procedure is what we tend to think of when we consider GFSI certification, a.k.a. all the stuff we should/need to get done. But each element of the code begins with “policy”; we’re asked to define our values as a company, from which our actions and priorities will follow.

     

    SQF doesn’t begin the code with with any specific rule or task, but by asking us as an organization to establish food safety as part of our company’s core values. Not just a series of forms or tasks to be completed, but a wholistic view that when we strategize and determine the direction our business will take, food safety is going to be just as much a part of that discussion as finance.

     

    Accepting and committing to food safety as a senior management value empowers departments, teams, and individuals to also treat food safety as a priority in their work. It shows all levels of the organization that GFSI certification isn’t just a pile of requirements, but a representation of what leadership is going to look for when they identify high performers and reliable employees.

     

    What am I being asked to do?

     

    You need a sort of company values/mission statement style document, you need the top representatives at your company site to review and sign it, and it needs to be posted and visible to your workforce.

     

    Ideally, take some time to work with management to make something unique to your company. Maybe it’s formed on customer issues in the past, or ties into your existing mission statement. At the end of the day, there are some specifics that you, the SQF practitioner, are going to want to stick in there. Our standard approach is going to be taking the code line by line and making sure that language is represented or even mirrored in our documentation.


    Posted Image

     

    Whenever SQF asks for a policy, you have two objectives. First, that the people who are leaders supporting the policy know and embrace it. Second, that you have included language clear enough that you can defend your policy to an auditor who may just be using the code to “tick the box”. Below is an example policy that simply parrots the actual code. This will work very well in an audit but is not tailored specific to any particular company. Ideally your policy will reference your specific products and challenges.

     

    I. Policy
    a. [Company Name] is committed to manufacturing foods that are safe and compliant with both our customer and regulatory requirements. We will do this by:
    i. Ensuring that adequate resources are available to support the continuous improvement of our food safety management system.
    ii. Establishing and reviewing food safety objectives with senior site management.
    iii. Ensuring we remain informed in new regulatory updates, customer requirements, or new technologies that support the mission of safe food.

     

    To make this available, stick it into your SOP’s and maybe regular training. But it’s common (therefore expected by auditors) that it’s incorporated into signage. A simple way to do this is to build a sign in Microsoft PowerPoint (which will create a vector image that will scale indefinitely with size and still print well), then use a local print shop to print a laminated sign (or order a fancier sign if you prefer).

     

    Posted Image

     

    Get that somewhere visible for all staff and you’re good to go!

     

    How will this be audited?

     

    Auditors are going to look at the document, how it’s made available to your staff, and whether anyone on your production floor knows what it is and where to find it. If they talk to several new temps who say, “no idea, I was just put out on the line”, that’s going to be a potential issue. For the most part, effective implementation and evidence of management commitment is going to be more covered by 2.1.2 Management Responsibility.

     

    Typically points of contention will be when auditors disagree with the language in your policy, that’s fine as long as you can defend it! Make sure your policy obviously covers all the components identified in the code, and don’t worry about an auditor who wants to go after semantics. It isn’t law if an auditor claims “you didn’t say continuously improve” when your statement says, “our system is going to be flexible and achieve the highest quality possible to support our customers”. OF COURSE that means you’re going to review and improve it! Back it up with evidence that you actually do and feel free to let the auditor grouse about how they would have written something different.

     

    It’s not their company, their liability, its yours. And the opinion of a single audit should not change the way your entire facility communicates its food safety values from the top the other 364 days of the year. Modifying your mission statement based on auditor preference violates our golden rule.

     

    Author Biography:

     

    Posted Image

     

    Austin Bouck is a food safety consultant and manufacturing supervisor in Oregon, USA. You can find more food safety resources and discussion on his website, Fur, Farm, and Fork, as well as contact information for consulting services.

  10. GFSI Announce Consultation for SQF Scope Extension for Storage and Distribution

    GFSI are inviting stakeholders to comment on the thorough process that SQF, the Benchmark Committee Leader and the Benchmark Committee Members have been involved in over the past months.

     

    The SQF scope extension benchmarking process consisted of:

    • 2 desktop reviews and corresponding responses from SQF providing the required information.
    • A review of the SQF response by the Benchmark Committee Members.
    The extension of scope Benchmarking Application is open for a consultation until 8th December 2014.

     

    Download the benchmarking summary report and send any comments on the benchmarking form to Adria Bryan at a.bryan@theconsumergoodsforum.com.

     

    About SQF:

     

    The SQF Code is a process and product certification standard. It is a Hazard Analysis Critical Control Points (HACCP)-based food safety and quality management system that utilizes the National Advisory Committee on Microbiological Criteria for Food (NACMCF) and the CODEX Alimentarius Commission HACCP principles and guidelines, and is intended to support industry or company branded product and to offer benefits to suppliers and their customers. Certifications under the SQF Code retain a high degree of acceptance in global markets.

     

    Edition 7 of the SQF Code was redesigned in 2012 for use by all sectors of the food industry from primary production to transport and distribution. It replaced the SQF 2000 Code edition 6 and the SQF 1000 Code edition 5.

     

    About GFSI:

     

    The Global Food Safety Initiative (GFSI) is a business-driven initiative for the continuous improvement of food safety management systems to ensure confidence in the delivery of safe food to consumers worldwide. GFSI was launched in 2000 following a number of food safety crises when consumer confidence was at an all-time low. Its collaborative approach to food safety brings together international food safety experts from the entire food supply chain at technical working group and stakeholder meetings, conferences and regional events to share knowledge and promote a harmonized approach to managing food safety across the industry.

    • Jun 29 2020 06:31 PM
    • by Simon