What's New Unreplied Topics Membership About Us Contact Us Privacy Policy
[Ad]
Forums Blogs Store Members Gallery Directory

Sign In Register

BRC Clause 1.1.6 Whistleblowing

Started by , Jun 25 2021 09:46 AM
Reply to this Topic
9 Replies

We just had our BRC audit and the auditor had some problems with our whistleblowing procedure. Currently we have a paper form that can be completed deposited anonymously in a box. Senior management checks the box and raised issues are discussed in the monthly HACCP meetings. In my opinion this is completely according to the BRC guidelines but the auditor thinks employees need to report to a company outsider. We are a company of 18 people and have an open culture. Hiring outside help for such a thing seems like a waste of money. What do you think? Is the auditor overreacting?

Share this Topic
Topics you might be interested in
SQF Clause 5.2.1 - Artwork customer approval BRCGS Storage and Distribution - Clause 1.1.9 BRCGS Clause 3.11.3 - Incident management test must include a recall test? Clause 8.5.1.2 - Characteristics of raw materials, ingredients and product contact materials FSSC 22000 Clause 2.5.1 - Management of Services and Purchased Materials
[Ad]

The auditor is overstepping here, IMO.

BRC's own Interpretation Guideline even gives an example of the data from a web/phone system being collated and submitted to the production manager, who is presumably an employee of the company...

If you picked up a minor NC for this then I'd consider challenging it with your certification body.

 

My only potential concern with your current system is that a paper form possibly undermines the anonymity aspect IMO, as handwriting can be fairly distinctive, and this is particularly relevant in a small company. If the auditor hasn't flagged it then I wouldn't raise it with them though!

Hello. 

 

We had this last year or the year before. 

 

It wasn't a non-conformance, but the auditor just wanted us to display a sign in the staff facilities area with an external reporting line of contact so we just put an A4 sign on saying:

 

'see something? say something! tellbrcgs.com'  (or whatever the link is)

 

You could use a retailer or other source, doesn't have to be BRC and from my experience they are not asking you to hire an external service they just want an external reporting line available to employees 

1 Like

I'm not sure how BRC deals with it, I've never been under BRC.

However, I've implemented the following to good success and it should satisfy an external reporting option:

  • Poster in visible area
    • Has options to report internally
    • Has options to report externally (make sure it kind of lists this as the option you can use if the internal reporting doesn't work)
      • External option listed:
        • Employee Safety: Call OSHA at XXXX
        • Food Safety: Call FDA Main Emergency # at XXX
        • Discriminatory and Ethical 

I actually worked with my HR and our insurance group on that one. It was the insurance groups poster, we just had to fill in the internal reporting options for them to create it for us.

1 Like

The auditor is overstepping here, IMO.

BRC's own Interpretation Guideline even gives an example of the data from a web/phone system being collated and submitted to the production manager, who is presumably an employee of the company...

If you picked up a minor NC for this then I'd consider challenging it with your certification body.

 

My only potential concern with your current system is that a paper form possibly undermines the anonymity aspect IMO, as handwriting can be fairly distinctive, and this is particularly relevant in a small company. If the auditor hasn't flagged it then I wouldn't raise it with them though!

thank you for the reply.

Luckily this is not a NC but will be next year.

I checked the guideline example, and it says:

 

The auditor sees a ‘whistleblowing’ policy which states that concerns can be reported using an online web

form or telephone number, the content of which is collated and submitted to the production manager,

technical manager and external consultant.

 

So the example is both internal and external.

 

But I agree with your opinion on the written note.

My idea is to change this to an email which anyone can use and send an email to me as Quality manager and the Financial controller. 

 

Hello. 

 

We had this last year or the year before. 

 

It wasn't a non-conformance, but the auditor just wanted us to display a sign in the staff facilities area with an external reporting line of contact so we just put an A4 sign on saying:

 

'see something? say something! tellbrcgs.com'  (or whatever the link is)

 

You could use a retailer or other source, doesn't have to be BRC and from my experience they are not asking you to hire an external service they just want an external reporting line available to employees 

Thank you for the reply.

I checked the website and it is https://tellusbrcgs....wernetwork.net/

Sadly this is not in our language and not all employees speak English so we cannot use this as for BRC it needs to be accessable for all.

The guideline is not the standard, bringing it up is outside the scope of the audit & a good auditor will not slap you with a Non-conformity.

If you do get handed a NC, appeal to the CB. If it stands, correct and reconsider your relationship with the CB & auditor.

There's more than one way to skin a cat.

1 Like

Hi there,

 

I think the main point here is that whistleblowing is meant to inform about "misconducts" happening in companies. In this way, persons who seek to expose such actions need to be protected, and such information must get somewhere. By proposing it internally, there is a risk that such notice gets nowhere (which is exactly the opposite of the purpose of such new rules), or even worse, that there is some retaliation against the person who "denounced" the action (for example bosses may consider employees who complain threatening). 

I think this is why the auditor may not be satisfied. But providing some source where to expose such actions externally (simply BRC, FDA, or something similar, as others already commented) should suffice.

So clause 1.1.6 states:

 

The company shall have a confidential reporting system to enable staff to report concerns relating to product safety, integrity, quality and legality.
The mechanism (e.g. the relevant telephone number) for reporting concerns must be clearly communicated to staff.
The company’s senior management shall have a process for assessing any concerns raised. Records of the assessment and, where appropriate, actions taken, shall be documented.
 
For the company's senior management to have a process for assessing concerns raised, the confidential reporting system must alert the internal senior management. If the confidential reporting system targeted an (independent) outsider, that would preclude any possibility of appropriate actions resulting from confidential reports because the information wouldn't be directed to the company's senior management.
 
There's also a conflict of interests raised if confidential reporting goes to an external body because there would be the potential for maliciously making false reports of wrong-doing by disgruntled employees, routed in the idea that confidential reports made to an external authority could result in penalties for the company. An internal confidential reporting system isn't completely free from the possibility of abuse, but I'd say there's less of an incentive for malicious abuse.
 
 In general, I agree that paper-based systems are not the best option for confidential reporting.. Happily, there is a free confidential reporting tool here:
xxxxxxxx
With the above web form, all you need to do is set up an email address for confidential reports to be submitted to, and communicate that email address to your staff. Ideally, food businesses should have multiple reporting channels, so including a phone line in addition to a web form. Using the free confidential reporting system on Food Portal, sites would still need to do an effective job of communicating to staff how to access the confidential reporting system, and what email address to report to. That said, this presents an immediate solution that safeguards the anonymity of the reporter, so I hope this helps :) 

www.foodsafereports.com is a cheap solution that will cover you against BRC clause 1.1.6.  When you register your company on the website, your employees are able to make anonymous reports by using a unique company code.  Once the report is made, the company will get a notification that a report has been made.  The website is language enabled so this function will aid employees who's first language is not English.  

I've done many BRC audits and having the box with training on how employees are to use it will work just fine. Maybe the box is out in the open and you need to find a way to make it more concealed? Honestly I think only having  physical paper is the way to go, what if an employee does not have access to the internet? If this gets brought up at your next audit challenge it and change your CB.

Reply to this Topic

Similar Discussion Topics
SQF Clause 5.2.1 - Artwork customer approval BRCGS Storage and Distribution - Clause 1.1.9 BRCGS Clause 3.11.3 - Incident management test must include a recall test? Clause 8.5.1.2 - Characteristics of raw materials, ingredients and product contact materials FSSC 22000 Clause 2.5.1 - Management of Services and Purchased Materials BRCGS clause 3.5 BRCGS Clause 3.7.5 - Supply Chain Traceability FSSC 22000 Clause 2.5.7 - Environmental Monitoring Programme Addressing clause 6.1 and clause 8.1 in ISO 22000:2018 BRCGS issue 9 Clause 1.1.3 - Food Safety and Quality Objectives
About us

IFSQN is an international networking group for food safety professionals. We connect those interested in food safety to information and to each other. The purpose of the website is to share knowledge, experiences and ideas to make food safer.

All content © Copyright 2021 IFSQN