Can someone help me by sharing a comprehensive template for Threat Assessment (TACCP)?

Hello Everyone !!

 

Can someone help me by sharing a comprehensive template of Threat assessment for BRC audit. This is the first BRC audit I'm facing and i'm really stuck at this point.

https://www.fda.gov/...113684/download = Mitigation Strategies to Protect Food Against Intentional Adulteration: Guidance for Industry- FDA

 

https://www.foodfrau...ample-v1.0.xlsx  (this company is selling the whole unlocked version of this template-  https://www.foodfrau...r-food-defense/)

Above is a link to a free sample of a Food Defense Plan including a tab with a Vulnerability Assessment Worksheet, though not all headers are present. For KATs you need:

Process Step, Process Description, Explanation, and Action Process Step (Yes or No)- like in the FDA's example. There is a tab on the sample template starting to list processing steps and whether or not they're a KAT.  "Process steps that fit within one or more of the KATs are actionable process steps."  You must then implement mitigation strategies for actionable process steps- "“Mitigation strategies” are those risk-based, reasonably appropriate measures that a person knowledgeable about food defense would employ to significantly minimize or prevent significant vulnerabilities identified at actionable process steps, and that are consistent with the current scientific understanding of food defense at the time of the analysis. (21 CFR 121.3)."

 

So, you have 1 additional table listing all of the actionable steps, with corresponding mitigation strategy and explanation (pg 84 of guidance)

Thanks a Lot @QA&R Miller. The information you shared was quite helpful.

could you use the FDA food defense plan builder 2.0?

I have notooked at it closely, but I thought it was suppose to help achieve compliance.

https://www.fda.gov/...se-plan-builder

thanks

could you use the FDA food defense plan builder 2.0?

I have notooked at it closely, but I thought it was suppose to help achieve compliance.

https://www.fda.gov/...se-plan-builder

 

Has anyone used this tool yet? Feedback?

Has anyone used this tool yet? Feedback?

Hi iamin,

 

Yes, there are some mentions in other threads here.

But the preferred choice may also relate to whom you wish to see/audit it.

Hello Everyone !!

 

Can someone help me by sharing a comprehensive template of Threat assessment for BRC audit. This is the first BRC audit I'm facing and i'm really stuck at this point.

 

 

I've attached an example vulnerability assessment based on egg powder being the raw material. It pretty much boils down to applying 'low', 'medium', and 'high' risk ratings to each of the vulnerability parameters. Just sharing in case it's useful to you.

I've attached an example vulnerability assessment based on egg powder being the raw material. It pretty much boils down to applying 'low', 'medium', and 'high' risk ratings to each of the vulnerability parameters. Just sharing in case it's useful to you.

Hi Duncan,

 

Thanks for yr input. Nice compilation although this is a somewhat "simplistic" approach as compared to, say, HACCP where "Risk" is typically based on Likelihood and Severity.  (BRC/IFS advocate a "vaguely" analogous methodology to HACCP but adapted for Vulnerability Assessments).

 

An additional difficulty with the Qualitative approach presented (and also for analogous Quantitative versions)  is how to make a specific (ie combined) conclusion for the overall vulnerability when you have 6 components which, in the current case, respectively yield -

 

LOW V. =2 Occurrences

MEDIUM V. = 3 Occurrences

HIGH V. = 1 Occurrence

 

This is a well known "combination" problem occurring in many different fields and has generated some complex mathematical discussion (mostly over my head) however a number of "approximate" solutions have been proposed/published such as  -

 

(1) Replace "Qualitative" by "Quantitative" values and take a straight average of the data. Then implement a Subjective Grading System. This is essentially as per earlier Posts in this thread.

(2) Use BRC's adapted 2-way matrix and ("somehow") make an intuitive average.

(3) As per (1) but introduce Subjective weighting coefficients for the respective inputs.

(4) IFS (and Codex/Micro-Risk Assessment) (conservatively) recommend/suggest to take the highest  individual Risk component as decisive.

 

All the above options, just like HACCP, have their respective caveats however afaik all these methods (and many, sometimes IMO  more questionable,  others) have been accepted for auditorial purposes.

Hi Charles

 

Really great points! I  really like the way you've summed that up.

 

I once created a scoring system that gave a heavier weighting to historical evidence and economic incentive. My reasoning was that one might have the ability to commit food fraud, but that by itself is fairly uncompelling if there isn't a coinciding motivation to commit food fraud... So you might have access to the material, and the nature of the material might lend itself to dilution - but if the food material is of lower economic value that common adulterants then there would still be negligible risk of fraud.

 

That might be a bit of a clumsy/simplistic way of expressing a combined risk outcome because it's quite simplistic, but in general I think it serves to illustrate that there's nothing inherently wrong with applying a certain degree of subjective reasoning to these things.

 

I'm pleased that you described my approach as simplistic, by the way :) My intention was to produce something that anyone could use and I've tried to strip a lot of the complexity back. My idea here is that an easy/accessible solution that can be consistently applied and maintained will often yield more practical benefit than a more technically comprehensive solution that requires a lot of expertise to engage with. There's always a compromise to be made.