6 replies to this topic

[hadtoregister]

Hi,

 

We are a small private company and performing on-site audit to our suppliers is not an option at all.

Under this circumstance, I would like to know what we could do to meet the expectations.

 

I am trying to interpret clause 3.5.1.2 and 3.5.1.3.

- How do we evaluate supplier's legality? 

- The validation process of the supplier's BRC certification status???

-When we conduct supplier risk assessment, how do you define if the supplier is low risk in your case? If the supplier did not have any fraud and recall history, would it be a low risk?

- What is the main difference between 3.5.1.2 and 3.5.1.3 ?

[Scampi]

I'm not very familiar with BRC but thought these would help generally

 

You can request a copy of license/registration in the country where they operate to determine legality of said companie(s).  You can also find legal information online via registered numbered companies (once yo start looking you'll be amazed at what you can find

 

I'm pretty sure BRC has a list of all certified companies OR you can simply email them and request they confirm (SQF and FSSC both have that information available to the public) and you should be able to download a copy of the certificate yourself

 

Low risk suppliers are generally suppliers with a good track record AND providing a low risk material

[Charles.C]

Hi hadtor,

 

I can only speak for BRC7.

 

Re - Supplier Low Risk

 

IIRC, sadly, BRC only divulge their (limited) thoughts on the meaning of  Low Risk in the I.Guidelines. I interpreted this omission to giving auditees carte blanche to make their own (logical) choice which i based only on the raw material risk evaluation. Subsequent discussion here suggested that BRC likely preferred a "blend" of audit result (direct/3rd Party) / material risk. BRC apparently only desire H/L decisions, ie no medium. Whether H(materials) + L (audit) = "L" is obviously problematic. Or vice-versa. (Or whether H(audit) = an anyway unacceptable Supplier for that matter).

 

Some Official Organisations, eg UK, Australia have published checklists / criteria for the Risk Evaluation of Manufacturing Facilities. These are utilised for determining the frequency of Inspection purposes. The criteria involve aspects like type of Food (eg RTE/NRTE), Production Volume, HACCP etc.

 

Unsure as to supplier legality (whatever that means ?) since afaik this is unmentioned in BRC7. I assume now stated in BRC8 (not read yet)..

[pHruit]

Hi Hadtoregister,

 

^{I am trying to interpret clause 3.5.1.2 and 3.5.1.3.}

^{- How do we evaluate supplier's legality?} 

 

I can't see any mention of assessing the legality of the supplier in 3.5.1.1 / 3.5.1.2 / 3.5.1.3 in Issue 8 - the "fundamental" requirement for section 3.5.1 mentions legality with regard to the raw materials and products.

 

- The validation process of the supplier's BRC certification status??? 

You're expected to check that the certificate is valid for any supplier GFSI certification.
For BRC you can use: https://brcdirectory.co.uk/

There are equivalent online resources for FSSC22000 (https://portal.fssc22000.com/dashboard) and SQF (https://www.sqfi.com.../public-search/). IFS is a bit of an oddity but has now put a system in where you scan a QR code on the certificate, but this has only been put in place very recently. Otherwise you can email the certification body / scheme owner and ask them to confirm a certificate's validity.

 

- What is the main difference between 3.5.1.2 and 3.5.1.3 ?

3.5.1.2 is really concerned with approval of the supplier, whereas 3.5.1.3 is about ongoing monitoring and performance review.
We'd follow our supplier approval procedure for 3.5.1.2 for any new supplier, and generally every three years thereafter to renew/reapprove each supplier.

For 3.5.1.3 we do an annual performance review of every supplier, where we look at performance indicators such as complaints, general service and support levels etc and sscore them all based on this. The scoring then feeds back into the supplier risk ratings and approval status, so e.g. if we've had significant issues with a supplier then their risk score will increase and this might then corresponding have an effect on reassessment frequency or requirement for full audit rather than relying on their GFSI certification.

 

 

-When we conduct supplier risk assessment, how do you define if the supplier is low risk in your case? If the supplier did not have any fraud and recall history, would it be a low risk?

We use a scoring matrix for this, the same as we use for all suppliers irrespective of certification.  

Ours considers GFSI certification, other certification (we assign a value to ISO9001, ISO22000, HACCP etc), annual performance review score, geographical location, product type, value/volume of business we put through them, length of successful trading relationship, transparency index rating and a final adjustment factor based on audit results where we've audited them. This generates a numerical score and we set risk bandings based on this.

It's been enough to keep multiple auditors for both BRC Food and BRC Agents & Brokers standards happy, but if you look around the forum here you'll find that there are probably as many different interpretations of the requirement for the "low risk" clause as there are BRC auditors.

Our overriding impression is that it is in part intended to apply pressure along the supply chain to encourage everyone to go for GFSI certification, as it's become gradually harder to justify use of non-GFSI sources unless you audit them...
 

[hadtoregister]

Hi Charles,

 

Do you know any guidelines could be based on to determine whether the materials are H or L ? Or it is our own judgment?

 

 

 

 

 

Hi hadtor,

 

I can only speak for BRC7.

 

Re - Supplier Low Risk

 

IIRC, sadly, BRC only divulge their (limited) thoughts on the meaning of  Low Risk in the I.Guidelines. I interpreted this omission to giving auditees carte blanche to make their own (logical) choice which i based only on the raw material risk evaluation. Subsequent discussion here suggested that BRC likely preferred a "blend" of audit result (direct/3rd Party) / material risk. BRC apparently only desire H/L decisions, ie no medium. Whether H(materials) + L (audit) = "L" is obviously problematic. Or vice-versa. (Or whether H(audit) = an anyway unacceptable Supplier for that matter).

 

Some Official Organisations, eg UK, Australia have published checklists / criteria for the Risk Evaluation of Manufacturing Facilities. These are utilised for determining the frequency of Inspection purposes. The criteria involve aspects like type of Food (eg RTE/NRTE), Production Volume, HACCP etc.

 

Unsure as to supplier legality (whatever that means ?) since afaik this is unmentioned in BRC7. I assume now stated in BRC8 (not read yet)..

[QM-OS]

Hi Charles,

 

Do you know any guidelines could be based on to determine whether the materials are H or L ? Or it is our own judgment?

 

Use the results you get from preforming the risk assessment according to 3.5.1.1

[Charles.C]

Hi Charles,

 

Do you know any guidelines could be based on to determine whether the materials are H or L ? Or it is our own judgment?

 

Hi hadtor,

 

As per Post 6, risk assessment is always subjective. So is the interpretation of what specific safety-related  criteria should be used to determine whether H or L.

 

BRC do at least suggest a minimal set of criteria to use even though their interpretation is a "mixture" of safety and non-safety related factors. This is the due diligence effect at work.

 

Can see this thread for some BRC-oriented thoughts (there are others also) -

 

http://www.ifsqn.com...al/#entry100194