We are a winery going for SQF Certification. WE had a consultant perform a desk and site audit, and one of their Non-Conformances stated "The Supplier Approval Program does not define risk levels and the Approved Supplier register does not address the risk level for the supplier".
Can anybody share how they determined risk level for their primary packaging suppliers? My initial thought is to go into our Supplier Survey and assign points to each question and document, tally their scores, and come up with risk levels. I'd much prefer to see what others have done for this exercise though.