SD308 Position Statement, Product Vulnerability Assessment
Hi guys
Ive been working on a Product Vulnerability assessment to satisfy this new addition to the storage & distribution standard but Im struggling as all our products belong to the client and are fully sealed.
The only thing we buy our selves is pallet wrap which is non food contact
Any ideas
Hi Pauline
Thank you for your question because we haven't even had notification of an SD308?? The last position statement we received was 307 back in January 18!
Looks like I need to investigate further....
it came into force on the 1st Feb
Attached Files
Thanks you for sharing
I have contacted BRC this morning as it would appear we have been missed!! :headhurts:
I've spent a few days looking as this position statement and I have to agree I'm also struggling.
Hi guys
Ive been working on a Product Vulnerability assessment to satisfy this new addition to the storage & distribution standard but Im struggling as all our products belong to the client and are fully sealed.
The only thing we buy our selves is pallet wrap which is non food contact
Any ideas
Apart from our current site security procedures and malicious contamination risk assessments implemented from the previous position statement I'm not sure what else we can implement to minimise the risk of vulnerability.
We have approximately 4000 individual products. To conduct a vulnerability assessment for each product would be an impossible task A: because they are not our products and B they are all finished goods, How would we know...............
One idea we have had is to ask our suppliers to complete a declaration that their products are authentic and asking them to advise us of any products that they perceive to be high risk.
Anyone else in Storage and Distribution have any ideas or solutions?
I just documented an overall Vulnerability Risk Assessment listing current control measures (checks made during unloading and checks of vehicles for signs of tampering etc.) the outcome of which was that there is a low risk. Further to this I added a summary box which states along the lines of.... We hold no title to the goods. Goods are only received by the warehouse when the above control measures are met. We have no influence over the choice of product suppliers or the quality control of the finished goods. All products arrive pre packed. This vulnerability assessment dictates no further action is required by us. Where there is a potential for substitution or fraud this would be between the Customer and the Supplier and it is not within the scope of our operation to mitigate these risks beyond the control measures which are already in place and listed above. Furthermore, from the information we have available, the products handled by us are an unlikely target for substitution or adulteration. We have requested all our storage customers to inform us immediately should we need to be made aware of any vulnerability issues regarding their product.
I wasn't sure if it would cut it but our auditor didn't question it.
I just documented an overall Vulnerability Risk Assessment listing current control measures (checks made during unloading and checks of vehicles for signs of tampering etc.) the outcome of which was that there is a low risk. Further to this I added a summary box which states along the lines of.... We hold no title to the goods. Goods are only received by the warehouse when the above control measures are met. We have no influence over the choice of product suppliers or the quality control of the finished goods. All products arrive pre packed. This vulnerability assessment dictates no further action is required by us. Where there is a potential for substitution or fraud this would be between the Customer and the Supplier and it is not within the scope of our operation to mitigate these risks beyond the control measures which are already in place and listed above. Furthermore, from the information we have available, the products handled by us are an unlikely target for substitution or adulteration. We have requested all our storage customers to inform us immediately should we need to be made aware of any vulnerability issues regarding their product.
I wasn't sure if it would cut it but our auditor didn't question it.
Hi afg,
Thks for the feedback. Clearly stated.
I'm rather surprised the auditor didn't request to see a historical check of yr product types case history.
Perhaps even BRC auditors can sense when everybody's time is being wasted. ;)