8 replies to this topic

[WallyCleav]

Could really use some help on resolving issues surrounding our first audit.  Independent BRC auditor came to the site as a trainee with another auditor as BRC trainor.  The audit was disorganized, auditors argued amongst themselves, discussed SQF and BRC regulations simultaneously and went beyond the scope of the BRC guideline. The auditor brought with him a copy of a prior audit he performed as a contractor for another company and used that against us during the BRC audit.  

 

Our first audit produced 2 majors and 12 minors.   First in the HACCP section 2 and the other in Section 3 internal audits.

 

Auditor would not recognize yearly signed reviews of HACCP and pre-requisite programs etc.  It was observed that the metal detector CCP developed over 6 years prior did not have decision tree documentation.   Would this be considered a major infraction?

 

Findings for Internal Audits showed no formal program in place or Internal audit SOP.   In my readings it does not say "shall have a documented auditing procedure in palce  etc)  Auditor would not accept work history of training/auditing skill provided in resume indicating internal auditor qualifications.    Hoping some more learned BRC seniors can provide some feedback.  Thanks.

[Charles.C]

Dear wsuwally,

 

Sorry for yr woes. No doubt some comments will follow soon.

 

Just as background, what kind product ? rte ?

 

Rgds Charles.C

[WallyCleav]

dried herbs and seasonings.  Midwest USA

[cazyncymru]

If you look in the back of your copy of the BRC, there are a number of stipulations that the CB / auditor have to adhere to. Look at page 90

 

If you have an issue with an auditor, which you clearly do, then you need to report this to the CB. If the auditors were unprofessional in their actions (arguing etc) then this needs to be reported.

 

If he used an audit that he had carried out of the site, and not one that you were required to supply to the CB (if they were a new CB) then he / she was out of order. The fact that they were discussing your systems as part of SQF was not on; you were being audited against the BRC. You need to inform the CB or BRC about this.

 

 

With regards to HACCP non-conformance, do you have a documented report for your review or are you just signing and dating the plan to say its relevant? 2.14.1 does say it needs to be documented and validated.

2.9.2 says you should validate each CCP. Have you not put that through the decision tree to establish why it is a CCP? (confused?  )

 

With regards to your non-conformance for internal audits,

3.4.1 is emphatic that "There SHALL be a planned programme of internal audits with a scope ...."

3.4.2 "Internal audits SHALL be carried out by appropriate trained competent auditors"- Do you have training documented for these auditors? is someone a lead auditor? what type of training took place?

 

Hope this helps

 

Caz x

[WallyCleav]

Thanks Caz for the input

 

The HACCP plan is reviewed yearly as stated in the plan and in SOP and signed revision/ review histories were presented to the auditor.  CCP, metal detection, was fully validated.  The CCP did not have a decision tree as to why it was chosen to be a CCP so I understand the hit there.  I was questioning the fact that it was considered a major infraction as  more security and safety to a process should more crucial then the reasons why.  If you were eliminating a industry standard CCP I could see the need to have documented justification.

 

As to section 3.   The companies Internal audit program is detailed in seperate SOP's ie ...allergen program review is documented in the allergen SOP and review and validation in the QA laboratory notebooks as per the SOP.  Pest Control Program etc etc internal audits explained in those SOP's .  That is the current company format.  Trainee auditor said it was OK, foreign supervisor auditor argued for over an hour that it was not OK and said the Internal Audit program had to be a separate and distinct program.  I do not see that level of precision in the guidance language.  All audits in our program were shown to be carried out as documented in our SOP's.  I am writing a new document to cover the infraction as a corrective action but again was stymied as to why this was a major infraction.

 

Any help in getting us over the top for our next audit would be appreciated.

[Charles.C]

Dear WallyCleav,

 

AFAIK, it is not obligatory to use a decision tree for CCP determination in haccp/BRC unless the standard specifically states/requires this (not so as far as i can see). Some people (including myself) dislike it and have never used this method. But you do have to be able to justify the method (ie as a  logical approach) which you do use. Literature examples of non-use of decision trees exist although they may differ to the method you hv used.

 

No problem to correct me if anyone has contrary evidence. Also not to say that a decision tree  might not be the easiest solution if you simply do not understand the method you currently have in front of you. If you want an opinion on the latter, you might consider posting it here.

 

Rgds / Charles.C

 

PS IMEX it is customary for the auditing body to send you a detailed report itemising the specific paragraphs in the standard  at fault and defining yr exact non-compliance. You might consider posting such text here if you want a more focused analysis.

 

Caz's numbered IA queries are basic requirements, it is not clear to me whether your use of SOPs is appropriate to the standard or not.  It looks like yr auditors had a similar interpretive difficulty. Basically yr program must, at a minimum, cover paragraphs 3.4.1 -3.4.4. You need to examine yr submitted data to see if this is so. many people simply avoid the potential nuances by creating a checklist from the standard and then "planning" it out to an audit format, maybe with a little risk assessment (eg 3.4.4) thrown in regarding frequencies/follow-ups if necessary. Not very creative but reasonably demonstrative,

 

PPS - regarding the metal detector, note that BRC have developed their own decision tree to decide as to the necessity of using  a MD but this is not directly linked to the ccp evaluation procedure per se. Just wondered if there is some confusion over the "tree" NC to which you are referring (probably unrelated since the BRC tree only appeared in 2012).

[SQFconsultant]

"Could really use some help on resolving issues surrounding our first audit.  Independent BRC auditor came to the site as a trainee with another auditor as BRC trainor.  The audit was disorganized, auditors argued amongst themselves, discussed SQF and BRC regulations simultaneously and went beyond the scope of the BRC guideline. The auditor brought with him a copy of a prior audit he performed as a contractor for another company and used that against us during the BRC audit. "

----

I am assuming this was a "the" audit and not a pre-assessment, with that in mind I am only going to comment on this part above...

 

There are protocols, code of practice, etc that govern how Auditors are to conduct themselves. Obviously if this is the case of what happened, they did not follow professional conduct and most certainly violated a couple of other areas as well.

 

So, if I had been you that day I would have allowed them to go on only long enough to gather enough issues to put a complaint into the CB and then shown them the door, they would never have completed the audit day.

 

Since this was not the case however - this is what I suggest you do.

 

You document everything that happened and file a complaint with the CB and back-up contact to BRC.  Depending on what your relationship is with the CB you may (this is actually what I have seen happen) either ask for a new and experienced BRC Auditor from them for an entirely new audit with no additional out of pocket expenses - because you already paid for professionals and didn't get what you paid for. Or two, you demand the audit is rescinded, get your money back, and cut your relationship with the CB and get another one.

 

 

 

 

 

[HACCP Mentor]

Internal Auditor training - as a general rule, if I find numerous non-conformances relating to issues that should have been identified and fixed prior to me undertaking the BRC audit, I will raise a CAR on auditor competency. Issues that relate to procedures being written and available, records completed and available, verification activities completed as scheduled (anything paper work related). If the internal audit has been completed as required, I should not find issues relating to "paperwork" - it is a no brainer as far as I am concerned. Another side note - when they say undertake an internal audit, that means against the standard that are being certified against - all parts. Look at doing your internal audit just as an external auditor would (you will have a far better outcome).

[Tony-C]

It was observed that the metal detector CCP developed over 6 years prior did not have decision tree documentation.   Would this be considered a major infraction?

 

First of all BRC requires a logical approach to determining CCP’s this does not have to be by using the decision tree.

 

BRC Standard 2.8 Determine CCP  2.8.1... This requires a logical approach and may be facilitated by use of a decision tree.

BRC Guidance……Records shall be available showing how this has been conducted and how decisions have been reached. The use of a two or four question decision tree may be useful

 

Quite clearly you should have a record, your validation may be sufficient but let's take a step back and consider the food safety aspects of this situation.

 

You are controlling metal detection as a CCP, so the worst case scenario is you are applying stricter controls than necessary and there is no risk to food safety.

 

BRC defines a 'Major Non-conformity as a 'Substantial failure to meet a statement of intent or clause of the standard or a situation ....where there is ....significant doubt as to the conformity of the product being supplied'
 

So you have strong grounds for appeal on this one.

 

I think others have covered the internal audit, you should have a programme and internal auditor training records.

 

Regards,

 

Tony