23 replies to this topic

[idealdreams]

Hi guys. The long and short of it is that the company I work for has a level 2 re-certification audit tomorrow, which will be to SQF Edition 8, however the company has not yet fully implemented all of the changes required by the new edition. We're simply not prepared due to bad timing. Our facility was completely renovated, complete with new equipment installed, new staff, etc., etc., and not enough time was allotted for the upgrade of the quality systems established from 7.2 to 8.

 

Obviously we can't back out of the audit or we'll lose our certification altogether, however I'm curious if anyone knows what kind of implications we're looking at for not yet being fully compliant with the changes set forth by the new edition of SQF? Will we just receive non-conformances for those parts we're not yet compliant with? Is there any leniency granted by CBs to smaller companies?

 

Thoughts are appreciated!

[FurFarmandFork]

Really will depend on your auditor. Many new areas in the 8.0 guidance specifically state things will be a minor or major non conformance if they have not been implemented (e.g. environmental monitoring or applicable risk analysis). Depending on the overall state of your existing programs and polished 7.2 provisions, the auditor may see a good system that had a lot going on, or they'll see a management committment failure to provide resources to keep up with the code or other legislative updates.

 

As always, Majors will happen if something poses an imminent food safety risk or if a portion of the code is missing from your quality manual (e.g. you have no allergen program in existence), minors will happen if they have areas where they are being ineffectively implemented.

 

If I was in your position (e.g hired today), I would pour through the provisions of the code today and make sure the policy portions are represented in your SOPs, or make sure a draft of said policy is ready to show the auditor. Then you're only left with minors regarding implementation (e.g. program not yet being followed or used) and upkeep of your quality manual, rather than a Major for having nothing addressing that portion of the code.

 

It's always better to show the auditor something vs nothing, and if your other systems are in such condition that they believe you when you say you plan to implement next week/next month based on a draft, many times that can be enough.

 

Wish you the best of luck tomorrow!

[SQFconsultant]

This is an excellent tip by FFF --- If I was in your position (e.g hired today), I would pour through the provisions of the code today and make sure the policy portions are represented in your SOPs, or make sure a draft of said policy is ready to show the auditor. Then you're only left with minors regarding implementation (e.g. program not yet being followed or used) and upkeep of your quality manual, rather than a Major for having nothing addressing that portion of the code.

 

You could also declare an emergency and cancel the audit of course that would cost on re-schedule, etc.

 

I would hope that your auditor will see a good 7.2 system with intent to upgrade to the 8.0 and will be firm but fair - that is what I would hope for.

[idealdreams]

The existing manual compliant to 7.2 is rock solid with great programs, risk analyses, etc. Module 2 has been 99% updated to account for the changes of 8.0. Module 11, however, is not quite in the same shape, with only one program having been updated at this point. I will scour through the changes of Module 11 and determine what I can do to offset some of the forthcoming non-conformances. Thanks for the great advice!

[Scampi]

Let us know how it went!

[idealdreams]

We completed the audit yesterday evening and ended with 20 minors, none of which were because of Edition 8. We are obviously not happy with the score at all, as now we require a surveillance audit, however we were pretty much expecting it given our timing. Our facility has undergone huge renovations with new equipment, we've hired 20 new employees, we just started manufacturing product we weren't ready to manufacture due to our customer's demand, and on top of all that, we had a two day SQF audit in the mix. Before all of this, the plant was dead. There was no manufacturing, personnel hours were cut back to less than part time. We were coming from a lull to a full swing production with no time to prepare in the middle before the audit so this was expected. But the good news in all of this is that going forward, our schedule will be steady state and will allow for the continuous, smooth implementation of everything the right way, on top of continuing improvement along the way. As far as our auditor, this was his first SQF audit. I feel some of his findings, while justified, should not have made their way into the report as a non-conformance. Three of our OFFICE personnel guiding him through the plant were wearing wrist watches (which he classified as jewelry) and he issued a minor NC for that. I feel as though any other experienced auditor would have simply made note of this or ignored it altogether, as OFFICE personnel do not handle food. It's a risk, sure, but it's a negligible one. As it was his first audit, he had with him a more experienced auditor who was shadowing him to ensure he made the right calls and that he was in the right direction. Allegedly she will have no input on the final report. In any case, we're done now and moving into the corrective action phase. Our intention was to move up to level 3 for our next audit but we weren't anticipating a re-audit in 6 months so that kind of alters our plans a little bit. The mix of everything coming together at once certainly didn't help either.

[MsMars]

Only way to move is up and onward. 

 

The wristwatch NC was probably justified (especially that more than one person was wearing one in production areas, regardless of their role, everyone who is authorized to enter production areas should be trained on GMPs including jewelry).  IMEX jewelry constitutes any decorative item on the hands/wrist/neck/ears etc. that is not medically necessary or for which you have not risk-assessed out.  But at least this NC is an easy fix for you.

 

Fix your minors, get through your surveillance audit, and keep moving forward!   

[idealdreams]

Just received a phone call from our auditor and after he reviewed it, he said he knocked off a few of the findings bringing us from 20 down to 14 minor non-conformances. While 14 still isn't a great score, it puts us at an 86, meaning we no longer require a surveillance audit in 6 months and can again move forward with our plans towards Level 3 unimpeded by a surveillance audit in the middle.

 

Such great news to end a 50 hour work week. 

[EvanAUS]

Hi guys. The long and short of it is that the company I work for has a level 2 re-certification audit tomorrow, which will be to SQF Edition 8, however the company has not yet fully implemented all of the changes required by the new edition. We're simply not prepared due to bad timing. Our facility was completely renovated, complete with new equipment installed, new staff, etc., etc., and not enough time was allotted for the upgrade of the quality systems established from 7.2 to 8.

Obviously we can't back out of the audit or we'll lose our certification altogether, however I'm curious if anyone knows what kind of implications we're looking at for not yet being fully compliant with the changes set forth by the new edition of SQF? Will we just receive non-conformances for those parts we're not yet compliant with? Is there any leniency granted by CBs to smaller companies?

Thoughts are appreciated!

CBs cannot “be lenient” because they are not the standard-owner - they can only audit to the standard.
Yes, you will receive NCs for all clauses that do not meet the standard. Your score will determine the result. Major NCs are commonly being issued against 2.7.1 and 2.7.2.


Sent from my iPhone using Tapatalk

[idealdreams]

Only way to move is up and onward. 

 

The wristwatch NC was probably justified (especially that more than one person was wearing one in production areas, regardless of their role, everyone who is authorized to enter production areas should be trained on GMPs including jewelry).  IMEX jewelry constitutes any decorative item on the hands/wrist/neck/ears etc. that is not medically necessary or for which you have not risk-assessed out.  But at least this NC is an easy fix for you.

 

Fix your minors, get through your surveillance audit, and keep moving forward!   

 

Is it allowable to exempt some personnel based on risk assessment? When I asked the auditor she said she would very much question any program that allowed certain personnel to "break" the policies, however we are a small company and the owners and myself are consistently running back and forth between the offices and the manufacturing area. I am concerned only about wrist watches in this regard - obviously all other jewelry would be prohibited as they're still high risk, but office personnel wearing a wrist watch and not handling food is super low risk to be and therefore allowable. Surely we are going to notice if our watch falls off. Thoughts?

[MsMars]

The code is pretty clear on this one : 

 

 

11.3.4.1 Jewelry and other loose objects shall not be worn or taken into a food handling or processing operation or any area where food is exposed. The wearing of plain bands with no stones and prescribed medical alert bracelets can be permitted, however the site will need to consider their customer requirements and the applicable food legislation.

 

A wristwatch certainly qualifies as a loose object, and I'm not sure how you could risk-assess them out as they have a few more parts than a plain band or medical bracelet. It's not just the chance of foreign material - wristwatches and other jewelry harbor bacteria as well. Plus - you are exempting these for management but not production employees? That shows poor management commitment to your employees.  Why should they care when you don't? 

 

I and I'm sure many more food safety industry personnel have given up the luxury of wearing watches and jewelry on a daily basis, so you would not be alone. Plus, it's not too hard to pop off your watch and leave in your desk when you go out onto the floor.  If you have an absolute need to know what time it is out on the floor, invest in some wall clocks and don't fight this one.

[Scampi]

Once you start making exceptions it will spiral out of control faster than you can imagine...............the employees WILL start to think that nothing matters because the boss doesn't follow the rules............Food Safety must be a top down program or it will fail

 

speaking from experience here----office staff are considered "management" by on floor employees and always will be

 

The only exception I have ever made is for medic alert items on a case by case basis----nothing trumps the employees health and safety.

[FurFarmandFork]

Ditto the others. Really it's evidence of management committment. If your management staff can't be bothered to remove watches, wear hairnets, or other such simple things, why should your employees care, and why would we think you would do much harder things like pay for sanitation or shut down production when there are issues?

 

Management embracing hairnets, jewelry rules, etc. is an auditing canary. It's simple and easy, therefore it reflects extremely poorly on you if you don't embrace it.

 

Be grateful, many places have to completely gown up, hairnet, watch, shave just to enter the facility.

[idealdreams]

Great input guys. The owners are very set in their ways and are forever looking for ways to ensure things "don't apply to them" so at the potential to appease them, I figured I'd ask, however I didn't think anything said would be in their favor!

[EvanAUS]

Great input guys. The owners are very set in their ways and are forever looking for ways to ensure things "don't apply to them" so at the potential to appease them, I figured I'd ask, however I didn't think anything said would be in their favor!

I have conducted hundreds of SQF audits (in Australia and New Zealand) and possibly the first ever Edition 8 Audit in the first week of January.
It sounds like you got off lightly.
The Auditor should have raised Major NCs against clauses where you have no evidence to demonstrate conformance to upgraded requirements, e.g. Food Defense and Food Fraud. And then a Major against Management Commitment. I think you would have failed the audit in Australia.
The size of your business is irrelevant - to be certificated, you must meet the standard.
The global average score for SQF audits is 94. This indicates that many audits receive unrealistically high scores. I can count on one hand the number of audits where I have issued a score above 90 and only twice a score of 96. Never have I audited a business that has achieved 100% and yet this must occur for the global average to be so high.
You should be telling the owners how lucky you are to receive the score that you did.
The “canary” analogy above was a good one. If I had seen willingness to break ANY policy, it would have alerted me to look closely at commitment generally.
I wish you well. Try to get your Root Cause Analysis, Corrective Actions and objective evidence to the Auditor a week before the 30 days has passed, so he has time to ask for any further information that he may require to close your NCs.
Note that few businesses have implemented formal Root Cause Analysis - a requirement of Edition 8.


Sent from my iPhone using Tapatalk

[liberator]

Re-watches - our policy prohibits the wearing of watches in the plant no matter who you are or what your doing - including just walking through the plant and not part of process/manufacturing contact.

 

Working in the food industry for such a long time means I haven't worn a watch in the past 30 years as the need to constantly remove it every time I went into the plant got ridiculous.

 

We have Vendors come on site to observe their packaging materials being used in the plant, first thing we do before they go out into the plant - "Are you wearing any jewellery/watches etc?" If yes they have to remove them.

 

I just don't see the need to wear watches at work nowadays. The office usually has a clock or two somewhere. We nearly all work on computers nowadays which has the time. Our desk phones have the time displayed and we have our mobile phones which display the time - so why a watch at work to tell time?

 

Now mobile phones is another thing we now have to consider, especially with regards to glass/brittle plastic register - handling this issue is a nightmare. All of our Managers/Supervisors carry these around with them day to day both inside and outside the plant and if they drop/break/lose one what next?

[Ryan M.]

Pat yourself on the back and consider yourself lucky to have only 14 minor NC's.

 

Don't quibble over the wristwatch, it is justified.  Make a blanket policy for everyone and provide no exceptions.  It isn't that hard to keep people from wearing wristwatches or jewelry in a facility regardless of their position.

 

One thing that may help is to empower your floor employees to call out and identify individuals who are not conforming to the GMP's.  We do this with our personnel and on many occasions they have identified owners of the company, bankers, high level execs touring the facility not following proper GMP's.  They will go up to them and explain the GMP's...do you know how they react?  The persons in violation are impressed by the employees who do this.  They come tell me an employee corrected their GMP's and show a great level of appreciation.

 

It helps we reward those employees with "Quality / Safety Bucks".  They can use these bucks to purchase entertainment tickets or work shoes through our employee program.

[Julz]

CBs cannot “be lenient” because they are not the standard-owner - they can only audit to the standard.
Yes, you will receive NCs for all clauses that do not meet the standard. Your score will determine the result. Major NCs are commonly being issued against 2.7.1 and 2.7.2.


Sent from my iPhone using Tapatalk

 

Hi EvanAUS,

I have an SQF audit scheduled for Monday/Tuesday next week.  Could you please expand on what type of major NC's are being issued against std 2.7.1 and 2.7.2?  I am interested what these might be and would like to ensure I have covered the NC's.

THanks 

[EvanAUS]

Hi EvanAUS,

I have an SQF audit scheduled for Monday/Tuesday next week.  Could you please expand on what type of major NC's are being issued against std 2.7.1 and 2.7.2?  I am interested what these might be and would like to ensure I have covered the NC's.

THanks 

I have conducted 5 x SQF Ed.8 Manufacturing and Quality audits, 1 x BRC audit and 3 x FSSC22000 audits so far this year (note there is no such thing as a "Level 2" SQF audit or certificate anymore - if you were audited to Level 3 in Ed.7.2, you will now receive 2 certificates and the Quality audit will add 4 hours to the duration of your audit). 4 of the 5 SQF audits have resulted in Major NCs to 2.7.1 and 2.7.2, because the clients had done nothing to meet the clauses in the Edition 8 Standard - simply continued with the Edition 7.2 Food Defense and Food Fraud "assessments". The Manufacturing Standard states:

 

2.7 Food Defense and Food Fraud 2.7.1 Food Defense Plan (Mandatory)

2.7.1.1 The methods, responsibility and criteria for preventing food adulteration caused by a deliberate act of sabotage or terrorist-like incident shall be documented, implemented and maintained.

2.7.1.2 A food defense plan shall include:

i. The name of the senior site management person responsible for food defense;

ii. The methods implemented to ensure only authorized personnel have access to production equipment and vehicles, manufacturing and storage areas through designated access points;

iii. The methods implemented to protect sensitive processing points from intentional adulteration;

iv. The measures taken to ensure the secure receipt and storage of raw materials, packaging, equipment and hazardous chemicals;

v. The measures implemented to ensure raw materials, ingredients, packaging materials, work-in progress, process inputs and finished products are held under secure storage and transportation conditions; and

vi. The methods implemented to record and control access to the premises by employees, contractors, and visitors.

2.7.1.3 The food defense plan shall be reviewed and challenged at least annually.

2.7.1.4 Records of reviews of the food defense plan shall be maintained.

 

2.7.2 Food Fraud

2.7.2.1 The methods, responsibility and criteria for identifying the site's vulnerability to food fraud shall be documented, implemented and maintained. The food fraud vulnerability assessment shall include the site's susceptibility to product substitution, mislabeling, dilution, counterfeiting or stolen goods which may adversely impact food safety.

2.7.2.2 A food fraud mitigation plan shall be developed and implemented which specifies the methods by which the identified food fraud vulnerabilities shall be controlled.

2.7.2.3 The food fraud vulnerability assessment and mitigation plan shall be reviewed and verified at least annually.

2.7.2.4 Records of reviews of the food fraud vulnerability assessment and mitigation plan shall be maintained.

 

If you have evidence that you have addressed these requirements, you won't receive a NC against each section. 

 

These clients have also received a Minor NC (deserved a Major, but would have failed the audit) against 2.1.2.2 The senior site management shall make provision to ensure food safety practices and all applicable requirements of the SQF System are adopted and maintained.

 

All of these clients dropped from either E or G Grade to C grade and 1 of them failed - because they failed to address the new requirements of Edition 8.

 

It is now possible to raise NCs against Management Responsibility when any part of the SQF System has not been adopted and maintained.

 

I am staggered that idealdreams did not fail the initial Edition 8 Manufacturing audit. The SQF Standard is becoming more prescriptive (like BRC) with each revision/edition - because the integrity of the Standard is compromised when Auditors "go easy".

 

I continue to be amazed that receiving NCs at external audit is considered to be a bad thing. It's a GOOD THING because it gives you the opportunity to fix issues - and increases the integrity of your SQF System so that you can sleep easy at night knowing that you have done everything in your power to produce safe food.

[EvanAUS]

It is interesting that 99.5% of SQF certificates in Australia are both Manufacturing and Quality certificates (because the major retailers require the Quality certificate) and less than half (47%?) of the certificates in USA are Manufacturing only.

[EvanAUS]

I meant less than half are Manufacturing + Quality.


Sent from my iPhone using Tapatalk

[FurFarmandFork]

 if you were audited to Level 3 in Ed.7.2, you will now receive 2 certificates

 

 

 

Well, one certificate that says you meet both standards. :) #qualitycodeclub

[EvanAUS]

Well, one certificate that says you meet both standards. :) #qualitycodeclub

Yes, of course - you will receive 2 audit reports. The Quality report will include Module 2 only and the Manufacturing report will include Module 2 + other applicable Modules.


Sent from my iPhone using Tapatalk

[Julz]

 

I have conducted 5 x SQF Ed.8 Manufacturing and Quality audits, 1 x BRC audit and 3 x FSSC22000 audits so far this year (note there is no such thing as a "Level 2" SQF audit or certificate anymore - if you were audited to Level 3 in Ed.7.2, you will now receive 2 certificates and the Quality audit will add 4 hours to the duration of your audit). 4 of the 5 SQF audits have resulted in Major NCs to 2.7.1 and 2.7.2, because the clients had done nothing to meet the clauses in the Edition 8 Standard - simply continued with the Edition 7.2 Food Defense and Food Fraud "assessments". The Manufacturing Standard states:

 

2.7 Food Defense and Food Fraud 2.7.1 Food Defense Plan (Mandatory)

2.7.1.1 The methods, responsibility and criteria for preventing food adulteration caused by a deliberate act of sabotage or terrorist-like incident shall be documented, implemented and maintained.

2.7.1.2 A food defense plan shall include:

i. The name of the senior site management person responsible for food defense;

ii. The methods implemented to ensure only authorized personnel have access to production equipment and vehicles, manufacturing and storage areas through designated access points;

iii. The methods implemented to protect sensitive processing points from intentional adulteration;

iv. The measures taken to ensure the secure receipt and storage of raw materials, packaging, equipment and hazardous chemicals;

v. The measures implemented to ensure raw materials, ingredients, packaging materials, work-in progress, process inputs and finished products are held under secure storage and transportation conditions; and

vi. The methods implemented to record and control access to the premises by employees, contractors, and visitors.

2.7.1.3 The food defense plan shall be reviewed and challenged at least annually.

2.7.1.4 Records of reviews of the food defense plan shall be maintained.

 

2.7.2 Food Fraud

2.7.2.1 The methods, responsibility and criteria for identifying the site's vulnerability to food fraud shall be documented, implemented and maintained. The food fraud vulnerability assessment shall include the site's susceptibility to product substitution, mislabeling, dilution, counterfeiting or stolen goods which may adversely impact food safety.

2.7.2.2 A food fraud mitigation plan shall be developed and implemented which specifies the methods by which the identified food fraud vulnerabilities shall be controlled.

2.7.2.3 The food fraud vulnerability assessment and mitigation plan shall be reviewed and verified at least annually.

2.7.2.4 Records of reviews of the food fraud vulnerability assessment and mitigation plan shall be maintained.

 

If you have evidence that you have addressed these requirements, you won't receive a NC against each section. 

 

These clients have also received a Minor NC (deserved a Major, but would have failed the audit) against 2.1.2.2 The senior site management shall make provision to ensure food safety practices and all applicable requirements of the SQF System are adopted and maintained.

 

All of these clients dropped from either E or G Grade to C grade and 1 of them failed - because they failed to address the new requirements of Edition 8.

 

It is now possible to raise NCs against Management Responsibility when any part of the SQF System has not been adopted and maintained.

 

I am staggered that idealdreams did not fail the initial Edition 8 Manufacturing audit. The SQF Standard is becoming more prescriptive (like BRC) with each revision/edition - because the integrity of the Standard is compromised when Auditors "go easy".

 

I continue to be amazed that receiving NCs at external audit is considered to be a bad thing. It's a GOOD THING because it gives you the opportunity to fix issues - and increases the integrity of your SQF System so that you can sleep easy at night knowing that you have done everything in your power to produce safe food.

 

I agree with you EvanAUS, the NC's should be seen as opportunities to improve.  This is the view of the company I work for.  In saying that, I don't want many NC's unless they are warranted.  

Thank you for explaining the majors received for standard 2.7.1 and 2.7.2 - this is pretty obvious, I thought there may have been something else that I might have been missing.