8 replies to this topic

[DenisB]

Hi everyone,

I have a debat here with my colleages - we are located in Canada and are a federally registered dairy company that volontary applied to the CFIA (Canadian Food Inspection Agency) FSEP program (not mandatory for dairy) (Food Safety Enhancement Program) that is HACCP based.

To me, the CFIA - FSEP audits are 2nd party audits as they come to our facility to validate that we apply their program accordingly - there are no 3rd parties involved.

Why would some consider it a 3rd party audit ?

Thanks for your help!

DenisB

[D-D]

My limited understanding is that 2nd party audits are from customers and 3rd part audits from certification / regulatory bodies...(?).

[SpursGirl]

I would say that this is a 3rd party audit........

A 1st party audit (or internal audit) is performed by your own employees for your own use ie the results are not shared elsewhere

A 2nd party audit is performed by an external party with whom you have a relationship and the results matter to both parties - ie a customer/supplier audit

A 3rd party audit is from an external party with whom you have no relationship and the results only matter to the auditee ie certification (SQF) or regulatory (CFIA)



Hope that helps!

[ravkotamsetty]

It is a 3rd Party Audit.


You are the first party and audit conducted by your own qualified internal auditors is an Internal Audit and is a First Party Audit

Your customer or a supplier is the second party - If a customer is doing an audit at your premises or you are doing an audit of your supplier then it is a Second Party Audit

And the one who is not directly related to your except for conducting an audit or your customer hired an auditing body to assess your premises/system is called a 3rd Party and the audit is called as Third Party Audit.


Believe these explanations clear your confusion.


Ravi Kumar Kotamsetty

[George @ Safefood 360°]

Essentially the nature of the audit is based on how you (1st Party) view the party conducing the audit. If they are a customer who buys your product then it is clear they are a 2nd party in the relationship. The CFIA are not a customer but should be viewed as such in terms of a direct party whos 'needs' need to be addressed. They themselves conduct the audit without the involvement of another party and therefore should be viewed as 2nd party. If the CFIA retained the services of another company or individual to audit you to their requirements then this might be considered a 3rd party audit.

In short it does not really matter what term you use to describe the audit as long as you meet the requirements and understand the nature of the relationship. In this case I would say it is a 2nd party audit.



George

[Rizwan Ali]

this is second party audit. CFIA has direct interests in your compliance with FSEP.

[DenisB]

Thanks for your comment, in my opinion, the canadian goverment acts as representative of the canadian consumers, in order to protect thehose who buy and consumes our products - also, since the CFIA owns the FSEP program, it is in their interest to assure them selves that the program is followed accordingly - therefore, second party audit

I would say that this is a 3rd party audit........

A 1st party audit (or internal audit) is performed by your own employees for your own use ie the results are not shared elsewhere

A 2nd party audit is performed by an external party with whom you have a relationship and the results matter to both parties - ie a customer/supplier audit

A 3rd party audit is from an external party with whom you have no relationship and the results only matter to the auditee ie certification (SQF) or regulatory (CFIA)



Hope that helps!

[DenisB]

Thanks George, it is my interpretation as well.

Essentially the nature of the audit is based on how you (1st Party) view the party conducing the audit. If they are a customer who buys your product then it is clear they are a 2nd party in the relationship. The CFIA are not a customer but should be viewed as such in terms of a direct party whos 'needs' need to be addressed. They themselves conduct the audit without the involvement of another party and therefore should be viewed as 2nd party. If the CFIA retained the services of another company or individual to audit you to their requirements then this might be considered a 3rd party audit.

In short it does not really matter what term you use to describe the audit as long as you meet the requirements and understand the nature of the relationship. In this case I would say it is a 2nd party audit.



George

[Charles.C]

Dear All,

I suspect George’s previous post / penultimate sentence may be the best answer.

No idea if there is an absolute source for the terms involved but one possibility might be ISO 19011 (2011) :

NOTE 1 Internal audits, sometimes called first party audits, are conducted by the organization itself, or on its behalf, for management review and other internal purposes (e.g. to confirm the effectiveness of the management system or to obtain information for the improvement of the management system). Internal audits can form the basis for an organization’s self-declaration of conformity. In many cases, particularly in small organizations, independence can be demonstrated by the freedom from responsibility for the activity being audited or freedom from bias and conflict of interest.
NOTE 2 External audits include second and third party audits. Second party audits are conducted by parties having an interest in the organization, such as customers, or by other persons on their behalf. Third party audits are conducted by independent auditing organizations, such as regulators or those providing certification.

The above is also available in a Praxiom “clarified” version -

There are three types of audits: first-party, second-party, and third-party. First-party audits are internal audits. Second and third party audits are external audits.
Organizations use first party audits to audit themselves. First party audits are used to confirm or improve the effectiveness of management systems. They're also used to declare that an organization complies with an ISO standard (this is called a self-declaration). Of course, such a declaration is credible only if first party auditors are genuinely independent and free of bias. If you decide to use first party auditors to make a self-declaration of compliance, make sure that they aren't auditing their own work.
Second party audits are external audits. They’re usually done by customers or by others on their behalf. However, they can also be done by regulators or any other external party that has a formal interest in an organization.
Third party audits are external audits as well. However, they’re performed by independent organizations such as registrars (certification bodies) or regulators

.
http://www.praxiom.c...definitions.htm

So, what is “Interest / Formal Interest” ?? Maybe should ask CFIA ? (I would hv thought they were operationally "independent" ?)

Rgds / Charles.C