Vulnerability Assessment and IA

Looking for some insight into this area...

Under the FSMA and BRC Issue 6 (North America) there will be a need to conduct vulnerability assessments against Intentional Adulteration (IA).

I'm interested in learning how this is being addressed practically on the ground by individual food businesses and seeing some examples of these assessments.

Many thanks...

George

A risk assessment can be completed regarding the hazardof intentional contamination / sabotage. Think about all the points in yourprocess that are exposed and the types intentional contamination that could beincurred.

You need to think a bit like a psychopath in the thoughtof "how can I contaminate this companies product?". When you havedone that apply likelihood and consequence rating to provide an overall risk tothe business. You then put in an acceptable strategy to control the hazard.Make sure you document the process to evidence the considerations that you havemade. This is a general piece of evidence that I see as an auditor.

Some examples of IA can include sticking glass/metal/poison into the product. Alot, may be covered in your food safety hazard analysis if you have done this thoroughly.Control strategies include things like background checks on employees, cameras,building security, control of personal belongings etc.

Researching product recalls (not just food) on companiesthat have been subjected to sabotage is also a good resource

Hope this helps.
Amanda

Its obviously an area in which you have very limited control. What you can do:

Control access to your facility... door locks, alarm system, directed flow for employees and visitors
Employees - background checks ...
Visitors - are they reputable employees of the company they are representing
- how can you verify?
Contractors and drivers - same as visitors, plus check of credentials to ensure they are legitimate ... check seals or LTL lock/key for drivers ... check tools for contractors.

Keep limited access to your product formulas
Keep suppliers limited to trusted suppliers who are audited and who can provide audit results and LOGs...

Marshenko, Can you please elaborate, how to keep limited access to product formulae.

I suspect the previous reference to security of product formula. This can be achieved trhough limited access to say base formulas. A business can leave itself open to having its "secret" recipes taken by staff members who may have a vendetta against the employer. For example, Coke, KFC keep their base recipes away from access by employees. Hope this helps.