Jump to content

  • Quick Navigation
Photo
- - - - -

Supplier approval and monitoring - frequency of audits?

supplier approval supplier monitoring raw materials frequency traceability

  • You cannot start a new topic
  • Please log in to reply
5 replies to this topic

christian91

    Grade - Active

  • IFSQN Active
  • 3 posts
  • 0 thanks
0
Neutral

  • Denmark
    Denmark

Posted 29 September 2021 - 12:19 PM

Hey! 

 

My first post on this forum. I greatly appreciate all the help from topics on here - lots of good insights!

 

I have a question regarding different clauses under 3.7.1 supplier approval and monitoring. My question is whether there is a minimum frequency for auditing of suppliers (or more specifically raw material suppliers)? 

 

So the reason i am slightly confused about this is because i find some of the clauses slightly contradicting. 

 

Clause 3.7.1 states in the interpretation guideline: The standard does not specify the required frequency of supplier assessment, but it should be based on risk, ensuring that the ongoing approval of those raw material suppliers who are most crucial to the safety and legality of the product are monitored on a more regular basis.

 

Clause 3.7.3 states in the interpretation guideline: The frequency of ongoing approval is also important, and this is left to the site to determine. However, where approval is based on supplier questionnaires, these must be reiussed at least every 3 years.

 

So that this point in the standard i understand it as: I can define the frequency of audit / ongoing approval of a supplier based on a risk assessment (of course if you approve by questionnaire it is minimum every third year)

 

However reading further into the standard i reach clause 3.7.5 where the interpretation says: The raw material supplier is audited by the site and the audit includes an assessment of the traceability systems. This would comply with the requirements as traceability has been assessed. The audit should be repeated at least every 3 years.

 

So to my interpretation that actually means you cannot define the frequency of ongoing approval of raw material supplier higher than 3 years? Since 3.7.5 says the audit of traceability should be repeated at least every 3 years.

 

Hope somebody can provide me with some clarification :) 

 

 



Scampi

    Fellow

  • IFSQN Fellow
  • 3,808 posts
  • 1025 thanks
687
Excellent

  • Canada
    Canada
  • Gender:Not Telling

Posted 29 September 2021 - 01:20 PM

It simply means that you must supply your vendors with the questionnaire to complete every 3 years, that gives them the formal opportunity to tell you about changes they may not have disclosed (like now we handle allergens  or we also now store chemicals)

 

If nothing has changed, then your approval would essentially be continuous as long as the vendor maintains the status quo---------you would simply review the questionnaire, sign off on approvals that everything is same same

 

The traceability audit is very different than supplier approval- you MUST verify that their system is still functioning in the event they have a recall/withdrawl event

It DOES NOT mean you cannot still approve them----the traceability exercise should be included in your risk assessments


Please stop referring to me as Sir/sirs


christian91

    Grade - Active

  • IFSQN Active
  • 3 posts
  • 0 thanks
0
Neutral

  • Denmark
    Denmark

Posted 29 September 2021 - 01:50 PM

It simply means that you must supply your vendors with the questionnaire to complete every 3 years, that gives them the formal opportunity to tell you about changes they may not have disclosed (like now we handle allergens  or we also now store chemicals)

 

If nothing has changed, then your approval would essentially be continuous as long as the vendor maintains the status quo---------you would simply review the questionnaire, sign off on approvals that everything is same same

 

The traceability audit is very different than supplier approval- you MUST verify that their system is still functioning in the event they have a recall/withdrawl event

It DOES NOT mean you cannot still approve them----the traceability exercise should be included in your risk assessments

Thanks for your reply. The questionnaire thing is not one i worry about, we got this under control and for our low-risk suppliers questionnaires and traceability is verified at least every 3 years. 

 

It is more of a question of the suppliers where we chose to approve them on the basis of a physical audit. After the initial audit, there has to be some sort of ongoing approval frequency. But as i see it, for raw material suppliers, this frequency must be atleast every 3 years, due to clause 3.7.5. where the suppliers traceability system has to be assessed. 

 

So maybe this is actually what you are saying/confirming? That raw material suppliers that are approved on the basis of an audit, needs to be re-approved atleast every 3 years to satisfy clause 3.7.5



pHruit

    Grade - FIFSQN

  • IFSQN Fellow
  • 1,800 posts
  • 717 thanks
431
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Interests:Composing/listening to classical music, electronics, mountain biking, science, sarcasm

Posted 29 September 2021 - 03:02 PM

So maybe this is actually what you are saying/confirming? That raw material suppliers that are approved on the basis of an audit, needs to be re-approved atleast every 3 years to satisfy clause 3.7.5

You don't need to do either a "full" approval exercise or a physical audit to complete the requirements of 3.7.5 - it's not at all uncommon for the same element of the Food standard to be covered by a remote exercise, so for example you'd send your supplier a batch code you picked at random, ask them to complete a traceability exercise and send you the result within X hours, and then review this to verify that their system is still working correctly.

 

It's an aside from your actual question, but I'm genuinely curious about a circumstance where you've determined that you need to physically audit a supplier, so they're not low enough risk to be able to use the questionnaire approach, but that they're low enough risk to need no assessment other than an audit e.g. once every five years (aside from the traceability bit!) - is this something that you're actually currently dealing with?

Not a criticism but genuinely curious :)



christian91

    Grade - Active

  • IFSQN Active
  • 3 posts
  • 0 thanks
0
Neutral

  • Denmark
    Denmark

Posted 30 September 2021 - 08:22 AM

You don't need to do either a "full" approval exercise or a physical audit to complete the requirements of 3.7.5 - it's not at all uncommon for the same element of the Food standard to be covered by a remote exercise, so for example you'd send your supplier a batch code you picked at random, ask them to complete a traceability exercise and send you the result within X hours, and then review this to verify that their system is still working correctly.

 

It's an aside from your actual question, but I'm genuinely curious about a circumstance where you've determined that you need to physically audit a supplier, so they're not low enough risk to be able to use the questionnaire approach, but that they're low enough risk to need no assessment other than an audit e.g. once every five years (aside from the traceability bit!) - is this something that you're actually currently dealing with?

Not a criticism but genuinely curious :)

It's abit complex to explain. But our organisation setup means that some suppliers, lets call them "large suppliers", primarely some larger raw material suppliers, are controlled by an international head sourcing department and then our own local sourcing department controls the rest of our suppliers. This head department do not really have a BRC focus (although they include the most necessary product safety, traceability, hara review and gmp questions as a small part of their audits), which means that many of these suppliers have only been approved once. Many of them have ongoing re-audits, but far from every third year. Which means that for some, i cannot prove their traceability have been tested within the last 3 years. We do our local supplier risk-assessment, every ½ year and i have to look into the audit data from our head sourcing department to verify that these "large-suppliers" comply to our BRC requirements.

So i wanted to by 100% sure on this clause, before trying to push the issue on to the head sourcing deparment. And yes perhaps i could just try and do the traceability exercise with these large suppliers myself, but it is easier said than done, since they respond very slowly to requests from a local company like ours and since all contact is usually through the head-department.

 

In terms of your "aside" question. For the suppliers we control locally, they have been assessed and they are all low-risk. We have a supplier risk assessment every ½ year to determine the status of the supplier. For our "low-risk" suppliers, we are considering auditing these for other purposes than just the BRC requirements, which is why we may chose to audit them instead of sending a questionnaire.

The "large suppliers" controlled by our head sourcing departments are always physically audited ((although sometimes remotely) because the audit they conduct involve many other areas than just brc requirements.

So yes - the head sourcing deparment have situations where they may have a supplier that have only been audited once within the last 5 years. And this becomes an issue because the traceability bit is now out-dated for this supplier and i cannot verify this supplier in my own local assessment, where i have to be in compliance with 3.7.5.



pHruit

    Grade - FIFSQN

  • IFSQN Fellow
  • 1,800 posts
  • 717 thanks
431
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Interests:Composing/listening to classical music, electronics, mountain biking, science, sarcasm

Posted 30 September 2021 - 10:36 AM

Ah, you have my sympathies - I have been in similar positions, with suppliers mandated by group head office who have a relatively relaxed approach to audit frequencies (I recall a particularly memorable one who hadn't been assessed for 11 years!), and trying to cajole information out of them / make them look vaguely defensible from a BRC (and indeed common sense...) perspective.

 

It sounds like the easiest approach will be the remote traceability exercise at least every three years, so hopefully your main purchasing people can get behind and help push this!







0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users