6 replies to this topic

[Ioannisg2364]

Hello dear IFSQN community. I am sure that many of you have already struggled longer than I have to interprete requirements of the new International Standard EN ISO 22000:2018, so maybe you have already found the right answers to the following question: Clause 8.5.2.4.1, b3: What does the Int. Standard mean when it says that the location of a control measure in relation to other control measure(s must be assessed? I assume this refers to a particular significant hazard (identified at a particular process step) for which control measure(s) have been selected (other than PRPs) and established and it is now time to categorize the selected control measures as related to CCPs or as OPRPs. But, what is the location of a control measure? Is it the sequence it is applied (i.e. implemented) for preventing the hazard or for reducing it to an acceptable level in comparison to additional control limits (if any) for the same hazard, at the same process step? What if there is only one single control measure? What is then the location of the control measure? Maybe an example could provide better clarification on the issue. Thank you.

[Charles.C]

Hello dear IFSQN community.

 

I am sure that many of you have already struggled longer than I have to interprete requirements of the new International Standard EN ISO 22000:2018, so maybe you have already found the right answers to the following question:

 

Clause 8.5.2.4.1, b3: What does the Int. Standard mean when it says that the location of a control measure in relation to other control measure(s must be assessed? 

 

I assume this refers to a particular significant hazard (identified at a particular process step) for which control measure(s) have been selected (other than PRPs) and established and it is now time to categorize the selected control measures as related to CCPs or as OPRPs.

 

But, what is the location of a control measure? Is it the sequence it is applied (i.e. implemented) for preventing the hazard or for reducing it to an acceptable level in comparison to additional control limits (if any) for the same hazard, at the same process step?

 

What if there is only one single control measure? What is then the location of the control measure?

 

Maybe an example could provide better clarification on the issue.

 

Thank you.

 

Seems to be b2 in my copy. IIRC not a new addition. Used to be 7.44 (c).

 

It is analogous  to Q4 in the traditional Codex Decision tree which you are no doubt familiar with.

 

It's as simple as that.

[Ioannisg2364]

Thanks Charles.

 

If it is as the previous 7.44 ( c ), then it is (I guess) supposed to be the most effective control measure (if 'best located') in the system (=process flow diagram) and not in a particular process.

 

It is the CM that prevents a significant hazard or reduces a significant hazard to an acceptable level, provided there is no other (CM) doing the same in any subsequent (or previous) process steps.

 

Is this correct?

 

Sorry, I am just confirming by using my own words-explanation from what I read in your anwer.

Edited by Ioannisg2364, 11 May 2021 - 12:51 PM.

[Charles.C]

Thanks Charles.

 

If it is as the previous 7.44 ( c ), then it is (I guess) supposed to be the most effective control measure (if 'best located') in the system (=process flow diagram) and not in a particular process.

 

It is the CM that prevents a significant hazard or reduces a significant hazard to an acceptable level, provided there is no other (CM) doing the same in any subsequent (or previous) process steps.

 

Is this correct?

 

Sorry, I am just confirming by using my own words-explanation from what I read in your anwer.

 

Hi loannisg,

 

^^^^(red) - Yes, near enough. Can see "No.2"  in the decision tree (iso22000-2005) attached here -

 

https://www.ifsqn.co...18/#entry138212

 

PS - also see Pgs 13,14 of this file (especially Qu4) -

 

 FSSC22000 Guidance ver.5.pdf   666.91KB   81 downloads

(the PRP handling is debatable, it's subjective again)(Overall tree is similar to CocaCola)

Edited by Charles.C, 11 May 2021 - 02:03 PM.
added

[Ioannisg2364]

Thank you Charles. A lot of valuable material to download and study.

 

It finally seems to me that (unfortunately) there are several ways to fulfill the requierements for the categorization of controls measures.

 

To be honest I am always trying to rely on proven (e.g. validated) methods because, among others, they are likely to deliver reproducable results and last but not least one can refer to 'official' sources if needed (for example during an audit or for any other reason).

 

From what I have seen so far, I very much enjoyed (and I will have a much closer look at it in the next days)  the example (metal detector and sieve) you uploaded (folllowing a relevant discussion) with the title Decision Criteria for Categorizing a Control Measure (CM) as a CCP or OPRP.

 

I do really like this, especially because I see a direct correlation to the relevant requirements as mentioned in clauses 8.5.2.4.1 and 8.5.2.4.2 and this approach seems more transparent and clear (at least to me) than other methods I have found so far. However, in order to avoid 'scores' I wish there was an official (i.e. validated-recognized) decision tree for the categorization of control measures.

 

Also I wonder why scores 1,3,5? Is this an official method (if yes is there a reference paper for this?) suggested for ISO 22000:2018? Or should I assume that any reliable risk assessment matrix could be used?

 

If not (i.e. if no relevant decision tree exists yet), then I have a problem deciding which is the limit (total score)  for categorizing a control measure to a CCP or as an OPRP. In your example you mention  that if <38 then OPRP and if 38-45 then CCP. Is this a free (subjective) choice or is there an official paper where those limits are mentioned and which can be used as reference if needed? I always seek for reference if possible.

 

If I find answers to my above questions I may have found the method I have been looking for in order to categorize control measures in a relatively simple and understood (to me) way.

 

Thanks for your efforts to support others in this community and for challenging fruitful discussions at the same time.

 

Regards,

 

Ioannis

[Charles.C]

Thank you Charles. A lot of valuable material to download and study.

 

It finally seems to me that (unfortunately) there are several ways to fulfill the requierements for the categorization of controls measures.

 

To be honest I am always trying to rely on proven (e.g. validated) methods because, among others, they are likely to deliver reproducable results and last but not least one can refer to 'official' sources if needed (for example during an audit or for any other reason).

 

From what I have seen so far, I very much enjoyed (and I will have a much closer look at it in the next days)  the example (metal detector and sieve) you uploaded (folllowing a relevant discussion) with the title Decision Criteria for Categorizing a Control Measure (CM) as a CCP or OPRP.

 

I do really like this, especially because I see a direct correlation to the relevant requirements as mentioned in clauses 8.5.2.4.1 and 8.5.2.4.2 and this approach seems more transparent and clear (at least to me) than other methods I have found so far. However, in order to avoid 'scores' I wish there was an official (i.e. validated-recognized) decision tree for the categorization of control measures.

 

Also I wonder why scores 1,3,5? Is this an official method (if yes is there a reference paper for this?) suggested for ISO 22000:2018? Or should I assume that any reliable risk assessment matrix could be used?

 

If not (i.e. if no relevant decision tree exists yet), then I have a problem deciding which is the limit (total score)  for categorizing a control measure to a CCP or as an OPRP. In your example you mention  that if <38 then OPRP and if 38-45 then CCP. Is this a free (subjective) choice or is there an official paper where those limits are mentioned and which can be used as reference if needed? I always seek for reference if possible.

 

If I find answers to my above questions I may have found the method I have been looking for in order to categorize control measures in a relatively simple and understood (to me) way.

 

Thanks for your efforts to support others in this community and for challenging fruitful discussions at the same time.

 

Regards,

 

Ioannis

 

Hi Ioannis,

 

Thks above Post. I agree yr philosophy regarding Official/validated methods although It depends somewhat on yr interpretation of "Official".

 

The nearest equivalents to "Official" opinion are probably summarised in the two ISO22004 Guidance texts (earlier version is IMO more conceptually readable but the OPRP definition therein radically changed in later version so as to be compatible with iso22000-2018). Sadly, no explicit examples are included.

Regardless, it seems to be a common auditorial  experience that almost any methodology to select CCP/OPRP is acceptable as long as it appears logical and does not "visibly/significantly" fail to comply with the text of iso22000. In this respect ISO-haccp is similar to Codex haccp for which a multitude of risk matrices exist having variable decision criteria but which are all readily accepted for determining CCPs.

 

The answer to yr query regarding various numbers is that basically they are all arbitrary, just like the decision criteria in haccp risk matrices. Theoretically the scoring numbers should be weighted and some approaches do this but it's "subjective" again .  A few (equally arbitrary) examples of numerical approaches analogous to  my Excel option do exist in the Literature (I can probably find 1-2 accessible refs if you wish) however If this quantitative approach worries you, I suggest to utilize a qualitative decision tree format similar to references in my Post 4. Most auditors are probably more familiar with the latter variety.

 

The reality is maybe summarised in this statement in iso22004-2005 -

 

Categorization of control measures: The organization may focus on having as many of the control measures as possible managed by operational PRPs and only a few managed by the HACCP plan, or the opposite.
As the effects of the combination of control measures are validated prior to categorization, food safety will be achieved in cases even when all control measures are to be managed through operational PRPs.

 

 

PS - A model example of the use of my numerical system for iso22000-2005 is illustrated here -

http://www.ifsqn.com...ge-7#entry50651

[Ioannisg2364]

Charles,

 

It all makes sense to me now. At least I clearly understand that it is very 'subjective' how to categorize CMs at CCPs and as OPRPs. And yes, I fully agree that the last quote in your previous posting provides all answers.....An Organization may theoretically (even practically) determine only OPRPs (and no CCPs) and food safety in the end product (s) can still be ensured. I have the updated version of ISO 22004:2014 and it seems that they have removed that particular paragraph or maybe I need to look better by reading each sentence. Maybe ISO is sometimes a bit more complicated than it could be...but who am I.

 

Also the introduction of OPRPs makes IMO things a bit more complicated because I feel like 'repeating' control measures which are actually already established as PRPs but more 'enhanced' or 'improved' to call them OPRPs. I sometimes feel that OPRPs are there because PRPs aren't good enough! Anyway...

 

Thanks again! I now have sufficient information to work with and decide on the methodology that is more convenient to me and yet a reliable one (at least for me).

Edited by Ioannisg2364, 12 May 2021 - 06:19 AM.