What's New Unreplied Topics Membership About Us Contact Us Privacy Policy
[Ad]
Forums Blogs Store Members Gallery Directory

Sign In Register

FSMA- Disclosure of 3rd Party Audits and Other Documentation

Started by , Jan 30 2017 07:25 PM
Reply to this Topic
8 Replies

Can anyone provide input on a requirement for providing actual Third Party- Report and Corrective Actions under FSMA?

 

I work for a flavor company, who supplies ingredients to many larger flavor companies. We just had our first GFSI Audit (FSSC 22000) and passed.

 

The companies we supply are demanding our Audit Report and Corrective Actions, however we are considered a competitor to these companies and ingredients are purchased through brokers. We have patented processes, etc that were written in our audit report.

 

I do not believe it is a big deal to given out our reports and corrective actions, as I have given out all SQF reports to all co-manufacturers in the past- however my boss- is very secretive regarding our products, processes, and formulas.

 

Any input will be great. 

Share this Topic
Topics you might be interested in
SQF & FSMA Plan FSMA- Preventive Controls- Practical example of hazard analysis? BRCGS recognised by the FDA for FSMA Preventative Controls for Human Food Rule FSMA Topics BRCGS Information on FSMA Final Rule on Requirements for Additional Traceability Records for Certain Foods
[Ad]

FSMA doesn't require vendors/suppliers to have third-party audits or supply them to their customers.  However, they can be used to verify a vendor/supplier has a food safety system in place and it has been "verified" by the third-party auditor.

 

With that, you have options:

  1. Provide a standard letter stating specifics about your third-party audit, the results, and that the food safety system was reviewed and verified.
  2. Use a non-disclosure agreement and require the customer to sign-off prior to releasing your third-party audit.
  3. Redact the proprietary and patented process/equipment from the third-party audit report.

If I were you I would choose option 1 and see if that works for your customers.  Most of them would find it acceptable.

1 Thank

I think this stems from FSMA requiring food handlers and food producers to either control contamination or prove that their suppliers are controlling contamination so they don't have to do something to remove contamination from the supplier materials.

 

The company I work for has different opinions about what to send for 3rd party audits and corrective actions.  Some want to keep it confidential.  Others have not problems sending the reports.

 

I would suggest two things:

(1)  Black out any part of the documents that divulge confidential info that you don't want your customer to possibly give to your competitors.

(2)  Ask your customers to sign a confidentiality agreement.  It won't stop them from showing your info to other parties but it gives you recourse to start a lawsuit.

1 Thank

I believe the report and the corrective action system is confidential information. 

 

The verification that there is a food safety plan in place – and an effective food safety plan – is the food safety and quality certificate. 

 

Also, auditors must abide by their code of conduct and not share the results of the audit process with other businesses.  The food safety plan itself should also be confidential information and only reviewed by the auditor on site, rather than sent to the auditor’s office via email, etc. 

I work for a company that makes food contact packaging.  We have many customers asking for copies of our SQF audit and our corrective actions from that audit.

 

They are not simply asking for a copy of our SQF certificate.

 

One way we have gotten around this is to have a summary of the most recent audit and a summary of the corrective actions without giving too many details.

 

I agree with MQA that the report and corrective actions should be confidential but you have to keep your customers happy.

My PCQI training indicated that you must verify the preventive controls of suppliers of "high risk" raw materials.  If you are supplying a material deemed "high risk," your customer is seeking to verify your preventive controls.  One way is to conduct an onsite audit themselves, another is to review your 3rd party audit that specifically indicates the auditor reviewed your preventive controls.

 

For our customers, I plan to redact proprietary information from my audit before providing it to them as, like the OP, some customers are also competitors.

GFSI schemes require to provide the audit certificate and the corrective actions, I'm not certain if it is required to provide the audit report. 

 

Since boss has the final word, I would not give out the audit report.

Some Certification Bodies post your reports on their web site for all to see anyway.

1 Thank

Some Certification Bodies post your reports on their web site for all to see anyway.

 

That depends.  Prior to the audit you can opt out of the disclosure of your facility's report, or not.

Reply to this Topic

Similar Discussion Topics
SQF & FSMA Plan FSMA- Preventive Controls- Practical example of hazard analysis? BRCGS recognised by the FDA for FSMA Preventative Controls for Human Food Rule FSMA Topics BRCGS Information on FSMA Final Rule on Requirements for Additional Traceability Records for Certain Foods Spice Industry Environmental Monitoring Program- Ready to Eat-FSMA Does tea manufacturing fall outside the scope of the FSMA? Differences between FSMA, VQIP and FDA Audits Estimated cost of a FSMA Gap Assessment (21CFR117) FSMA - Domestic Supplier Approval
About us

IFSQN is an international networking group for food safety professionals. We connect those interested in food safety to information and to each other. The purpose of the website is to share knowledge, experiences and ideas to make food safer.

All content © Copyright 2021 IFSQN