With the new version of BRC (version 8) a lot about security has been added.
I'm trying to have a more complete plan.
How do you elaborate your risk assessment?
Did you analyse your site by room and all the access to identify the room where a threat to your product can occur? office, dock, storage, etc.
It's kind of difficult to establish a clear method to identify the risk and classify them.
Do you list a series of threat possible and you only classify them by low risk, medium, high? green, yellow, red?
The interpretation guide is kind of blurry... 😕
How did you manage to cover the 4.2.1, 4.2.2 and 4.2.3?
Do you have some example of what is sufficient for BRC?