Opinions on who should do document review
Yesterday I had an audit by a very large online retailer who is dipping toes into selling branded food products.
They have lifted large portions of the BRC standard as their "Standard".
Side rant....If they are going to use the BRC standard, and we are already BRC certificated, what's the point in another audit?
Anyway, the auditor asked about document review. How often do you review your documents and who does the review.
I pointed out that each one of our documents say "This document and all controlled documents that are part of the Food Safety and Quality Management system will be reviewed at least annually as part of the Internal Audit Program."
I explained that as part of the internal audit, all documents that pertain to the particular clause being audited, are reviewed by the internal auditor. The auditor did not think this was sufficient, but did not raise a NC. I also pointed out that BRC, and the retailers "standard", is mute on document review.
With all that being said, what is your opinion on who should be reviewing documents? If you want to hold true to the intent of internal auditing, the person who may have written the document, or is in charge of the program or area where the document is relevant, should not be doing it. And they are not, at least in my case, because the internal auditor for that section did not write the document and is not in charge of the program or area affected.
Thoughts?
Marshall
Hi Marshall,
We normally see the key BRC person and upper senior management involved in the annual review.
As to the side rant, there still are a number of companies that want to do their own audits regardless of whether a company is GFSI or not. As an Auditor some years back I routinely did 3rd party audits on companies that were already SQF certified and a certain large supermarket chain in the US used a great deal of the SQF standards as a part of their audit format.
Sometimes, you just have to roll with it.
Yesterday I had an audit by a very large online retailer who is dipping toes into selling branded food products.
They have lifted large portions of the BRC standard as their "Standard".
Side rant....If they are going to use the BRC standard, and we are already BRC certificated, what's the point in another audit?
Anyway, the auditor asked about document review. How often do you review your documents and who does the review.
I pointed out that each one of our documents say "This document and all controlled documents that are part of the Food Safety and Quality Management system will be reviewed at least annually as part of the Internal Audit Program."
I explained that as part of the internal audit, all documents that pertain to the particular clause being audited, are reviewed by the internal auditor. The auditor did not think this was sufficient, but did not raise a NC. I also pointed out that BRC, and the retailers "standard", is mute on document review.
With all that being said, what is your opinion on who should be reviewing documents? If you want to hold true to the intent of internal auditing, the person who may have written the document, or is in charge of the program or area where the document is relevant, should not be doing it. And they are not, at least in my case, because the internal auditor for that section did not write the document and is not in charge of the program or area affected.
Thoughts?
Marshall
Interesting point. I used to use QPulse and control all documents through that. It reminded the author when documents came up to a year and you could record you'd reviewed them even if no changes were required. Many documents of course were reviewed more often than that so the yearly review would be counted as having been completed if the document had changed and then reset to another year.
That is the only factory in my (many) years in the food industry where review was actually controlled and demonstrable. I would say that in every factory I've ever been to, there are bigger fish to fry. Auditors and technical people need to get away from the mindset that documents create food safety. They are a grounding but they don't. Personally I think the internal audit is sufficient if you audit in the way we do; i.e. check the standards we use, does the document comply with the standard? Then do practices comply with internal documents and comply with the standards? So non cons are raised against documentation and against practices. I suppose you could split those apart and audit the documentation separately but call it a "review" if you like?
We have different levels of Document review.
Food Safety:
HACCP: CCP - reviewed by qualified individual - every time (Supervisor review of pressure differentials for micro filtration)
Hazard Analysis: We perform a hazard analysis of each step in the process and if there is a chance/ or if responding to a non-conformance we institute a secondary review by a qualified individual sometimes with every task, sometimes prior to acceptance of the batch. (Example: full breakdown of blending: second count check on nuts and bolts)
Data review: manually recorded data is always reviewed for completeness, critical data is reviewed daily to ensure all numbers were recorded and there were no deviations (Qualified individual or supervisor depending on risk assessment) (Laboratory review of temperatures, equipment calibrations by qualified individual or Laboratory Manager)
Batch production records including all QC checks: Reviewed by Q A prior to release of product
Incoming materials: Review by QA including all QC checks and Certifications required prior to release into production stream
Internal Audits: Frequency based on Risk assessment: At least once per year for all procedures.
Internal Auditor, department/responsible response, QA approval required with each audit
Documents:
Standard Operating Procedures: Review by department manager: every 2 years
Product Specifications: Review by Quality Assurance Auditor: every year
Regulatory statements: Review by Quality Assurance Auditor: every year
Change to any SOP, Product Specification or Regulatory statement:
Signature of Quality Management: Production, Operations, HACCP, Quality Control, Quality Assurance.
Policy changes and review: Senior Management: President/ Quality Assurance/ Plant Manager.
And then the Annual Review: Comprehensive review of all quality systems, internal and external audits, vendor assessments, complaints, deviations, change controls, etc... by the entire quality group and signed by Senior Management.
This is just a glimpse into our quality system. We are always adding/ adjusting our procedures and checks and balances.
We also have a robust complaint system to ensure a happy customer and that no complaints are repeats.