Dear Amirhosein,
Two initial suggestions –
It is useful to understand the basic philosophy of the 3 items, prp/oprp/ccp, as used to describe and quantitate the food safety characteristics of yr system.
It is also useful to appreciate that an auditor typically expects to see certain key “steps” in yr documented system which are necessary to match his understanding of the standard’s philosophy. And a satisfactory subsequent implementation of course.
IMEX, for any auditable standard, it is likely that yr interpretation of the text may occasionally differ from the projected auditor’s for various reasons, eg linguistic style of the standard’s contents. This is one reason why it may be a worthwhile procedure to invest in an appropriate consultant from the beginning (or a “package”) and/or to carry out a trial audit to maximise yr chances of passing the real thing. Personally I suggest the second part is an absolute minimum, the first depends on available knowledge / support / funding, and yr own preferences (confidence?).
These kind of issues can already be seen in the excellent links provided above. For example, Bennii’s document which has probably received the most favourable overall comments on this forum so far uses an initial risk analysis to select prps. I’m not a user of ISO 22000 but, looking at the definition of prp and the standard’s text, I do not see the necessity for this step, and particularly in view of the advent of the PAS etc documents which now attempt to formalise this prerequisite stage as far as possible.
It remains to select the ccps / oprps.
It is interesting to note the comment in iso 22004 –
Categorization of control measures: The organization may focus on having as many of the control measures
as possible managed by operational PRPs and only a few managed by the HACCP plan, or the opposite. It
should be noted that, in certain cases, no CCP can be identified, for example because monitoring results cannot be provided within an adequate time frame.
As the effects of the combination of control measures are validated prior to categorization, food safety will be achieved in cases even when all control measures are to be managed through operational PRPs.
Personally I find this logic rather disappointing / unsatisfactory since it seems to downgrade the original fundamental
haccp principle of focussing on
ccps but that is the iso's decision.
The above extract should support a method similar to Bennii’s (there are several variations on this forum) as being appropriate although simpler formats with non-uniform weighting of parameters are indicated as probably being equally useful (see the iso 22004 text following the above ) and probably also acceptable to an auditor. My guess is that even a condensed D-tree wud be possible in the limit.
Regardless, the choice of
ccp / oprp is clearly quite flexible (similar to
ccp/prp options for traditional
haccp for certain parameters). Nonetheless, I wud imagine that any iso selection procedure will be pragmatically and auditorially convenient if the result(s) matches current traditional
haccp plans as far as the typical
ccps, (eg cooking controls in RTE products) are concerned. The remaining oprps can then “look after themselves”.
The above is only intended as a very brief summary of my current visualisation of achieving compliance with a small segment of the standard. Users are only too welcome to disagree, preferably constructively.
Rgds / Charles.C