Methods for conducting a Risk Assessment

I saw that you guys discuss this subject many times. I didn't really look through all the discussion. One way of doing risk assessment that I know is using the scaling matrix - likelihood vs severity. I seen the are argument about the down side of this system (border line theory). Other than the matrix system, how do you conduct risk assessment? Another important question is, what required risk assessment?

Dear rotiboy,

Two possibilities from Googles 25 million. One approx. form of categorisation might be into “quantitative”, “semi-qualitative/quantitative” and “qualitative”.

General – http://en.wikipedia....Risk_assessment

Food – risk management - w4982e00.pdf   115.36KB   617 downloads

As an example, the < 100cfu/g numerical micro.criteria used internationally (but not exclusively) for certain scenarios of L.monocytogenes were derived from quantitative MRA (microbial risk assessment). Unfortunately in most food cases the required baseline "numbers" are scarce. Hence more qualitative methods like likelihood-severity matrices, fmea, nomograms.

For something in between, maybe - http://www.foodsafet.../riskranger.php
risk ranger-semi quantitative - y4722e08.htm   40.09KB   269 downloads

They all involve probability somewhere.

Rgds / Charles.C

PS - (added) - I subsequently noticed you posted in the BRC forum however i am not sure if yr query was specific or not ? And, if for BRC, it depends whether yr question was focussed on haccp or not ?

If yes and not for haccp, I think the vast majority of responses posted here hv been focused on likelihood/severity type procedures but not with risk matrices, ie using simpler decision logic. Some designs are also more tailored to specific sections within BRC plus others also contain “templates”. For example these 2 threads (one more general/one more targetted) hv been frequently accessed (but there are many more) -

http://www.ifsqn.com...dpost__p__24125


http://www.ifsqn.com...dpost__p__32862

What kind of risk assessment does BRC requested?

What kind of risk assessment does BRC requested?

Dear rotiboy,

It depends.

As you can see from the examples in the links in my previous post, in most cases, a basic (generic) likelihood / severity format has been acceptable. The only obvious exception is the HACCP part where, as i expect you know, some prescriptive answers do exist and the standard refers to Codex although this is ultimately very flexible.

It is presumably an (audit) advantage if yr basic method can be validated.

Some sections of the standard do imply a minimum content / format to be included according to the text itself.

Do you hv a specific item in mind ?

Rgds / Charles.C

perhaps you can try "baking" step for a brownie.

perhaps you can try "baking" step for a brownie.

Dear rotiboy,

I'm guessing you mean - is the baking step a CCP or not ?

I'm not familiar with biscuit processing but I'm guessing again that the step/conditions are similar to "baking" bread ?

If so there are about 3 threads here all with opinions on the above question in last 3 months. I'm guessing the conclusion was approx.75/25 for CCP although some of the "pro" votes were partly due to a wish to avoid auditor arguments. One auditor vote was strongly "con" also.

If yr question is more basic, ie what is the risk analysis, it depends on what tools you use, eg for a particular standard or not ? (eg should be Codex-compatible or not.)

If free choice of methodology, may depend on use of 2-factor, 3-factor, whatever,eg fmea. For example if one used the typical 2-factor method plus "ease of detection" factor, I would imagine that the likelihood of a CCP would be substantially decreased (agree??).

Similarly, the Codex tree can be interpreted as -ve for CCP since the conditions are not "designed" to control pathogens. On the other hand, some decision trees (otherwise identical to Codex) do not contain the word "designed" so give a CCP.

I'm guessing a (fearless) purist would maybe say "No CCP", a pragmatist probably yes. It would be interesting to know if there are any epidemiological incidents on record to further justify a CCP? My guess is not.

Rgds / Charles.C

I found this hazard evaluation chart from Kraft's supplier HACCP manual. What do you think if I use this as a risk assessment instead of the standard risk matrix? risk tree.jpg   66.65KB   73 downloads

Hi Rotiboy1002,

According to the BRC Issue 6, it states the following: "Requirements: Section II, nº2 - Fundamental Item - The company shall have a fully implemented and effective food safety plan based on Codex Alimentarius HACCP principles", So you should follow the CAC/RCP - 1- 1964, Rev.4-2003.
Regarding your question, if you could use the matrix from Kraft, on the CAC/RCP-1, starting with the HACCP Principle 1 you must do a hazard analysis, and the recomendation is: "In conducting the hazard analysis, wherever possible the following should be included: • the likely occurrence of hazards and severity of their adverse health effects;

• the qualitative and/or quantitative evaluation of the presence of hazards;

• survival or multiplication of micro-organisms of concern;

• production or persistence in foods of toxins, chemicals or physical agents; and,

• conditions leading to the above."

And after analyzing Kraft's flowdiagram, you do have every step identified by Codex.

Now regarding the baking step for cookies, should not be a CCP, because reporting to the step analysis the baking of cookies is a step first and at most for organoleptical issues and not designed specifically to control a hazard.

In conclusion, BRC requires Codex analysis, and you Kraft document could be a helpfull instrument if you use it correctly. There is no recommendation for a specific method on the Codex how to perform a risk matrix.

I hope i've helped.

regards,
Paulo

Hi Rotiboy1002,

According to the BRC Issue 6, it states the following: "Requirements: Section II, nº2 - Fundamental Item - The company shall have a fully implemented and effective food safety plan based on Codex Alimentarius HACCP principles", So you should follow the CAC/RCP - 1- 1964, Rev.4-2003.
Regarding your question, if you could use the matrix from Kraft, on the CAC/RCP-1, starting with the HACCP Principle 1 you must do a hazard analysis, and the recomendation is: "In conducting the hazard analysis, wherever possible the following should be included: • the likely occurrence of hazards and severity of their adverse health effects;

• the qualitative and/or quantitative evaluation of the presence of hazards;

• survival or multiplication of micro-organisms of concern;

• production or persistence in foods of toxins, chemicals or physical agents; and,

• conditions leading to the above."

And after analyzing Kraft's flowdiagram, you do have every step identified by Codex.

Now regarding the baking step for cookies, should not be a CCP, because reporting to the step analysis the baking of cookies is a step first and at most for organoleptical issues and not designed specifically to control a hazard.

In conclusion, BRC requires Codex analysis, and you Kraft document could be a helpfull instrument if you use it correctly. There is no recommendation for a specific method on the Codex how to perform a risk matrix.

I hope i've helped.

regards,
Paulo

Valuable information, I appreciate that.