6 replies to this topic

[Lorem Ipsum]

Hello,

Could someone share an example of vulnerability assessment plan as per BRCGS 5.4.2 The output from this assessment shall be a documented vulnerability assessment plan. This plan shall be kept under review to reflect changing economic circumstances and market intelligence which may alter the potential risks. It shall be formally reviewed annually.

For the context: UK contract bakery. Current claims: Belgian chocolate, Sicilian lemon, free range and barn eggs. No organic or vegan claims. All ingredients purchased from GFSI certified businesses.

We used to review every single ingredient once a year which I think is not correct.

Thank you for your support!

 

[kingstudruler1]

The plan should include simply identifies what assurance or testing is in place to mitigate the identified risks from the assessment.   see 5.4.3 / 5.4.4 (version 9)

 

depending on the outcome of your assessment you could implement the following (from version 9 guidance):

 

COAs

raw material testing 

use of tamper seals

enhanced supplier approval checks

mass balance exercises at supplier

change the supply chain

 

i think you do need to review the assessments and the plan annually for each ingredient / group of ingredients.   Why do you feel that is incorrect?

If you don't have the version 9 guidance, it is pretty helpful in this area.  it also has some info for supplemental help if needed.  

[Lorem Ipsum]

Hi, thank you kingstudruler1 for your response, much appreciate. Just to clarify – I think reviewing every single ingredient (we have about 200) is time consuming and does not add much value to the business. 

 

I am a bit at a loss as I don’t know what to put on this assessment plan – almost all our ingredients are quite low cost and can be used as adulterants themselves. 

 

What my idea is: assess by raw material groups, by attractiveness, ease of detection, impact, summarise historical data and include market insight of our procurement team. Attaching the draft file. Am I on the right path? 

 

I asked my manager to consider purchasing BRCGS interpretation guide and I also reviewed: IFS Standards Product Fraud, FSSC 22000 Food Fraud Mitigation.

 

Any peer criticism, suggestions are more then welcome.

Attached Files

•  vulnerability assessment draft.xlsx   13.32KB   344 downloads

Edited by sjegorov, 05 January 2023 - 07:52 AM.

[Charles.C]

Hi sjegorov/kingstudruler

 

There may be some numbering/content  confusion(s) somewhere -

 

BRC9 - 5.4.3

 

 BRC9-5.4.3.PNG   42.54KB   3 downloads

 

Perhaps the BRC IG/ver9 has completely changed from ver 8 but the VA recommendations in latter seem totally different to the brief list in Post 2 ?? (Nonetheless "brief" might still be acceptable since BRC auditors must be getting extremely bored with this topic by now !).

 

@sjegorov - It's an interesting draft VA and a good start. Never encountered "Attractiveness" in a VA before.   the typical variable is something like "Likelihood of Occurrence" although various offerings exist on this Forum. afaik, BRC auditors have never rejected any proposed responses.

 

Can compare to VA(s) in this post/thread-

 

https://www.ifsqn.co...542/#entry95464

(also a 5x5 version in Post 11)

 

Above VA also used in BRC(7) raw material risk assessment here -

https://www.ifsqn.co...al/#entry100194

 

I think yr "grouping" idea is the way to go if implementable.

 

PS - there is a rather nice, similar but more compact version of the above excel specifically for a bakery on the forum also.

https://www.ifsqn.co...ate/#entry94144

[kingstudruler1]

I see your point on annual review.  But the standard is pretty clear that they want it done annually.    

 

You should probably already be reviewing them as part of your internal audit anyway.    Quick review to make sure there are no new threads and add a review date.   

 

I think your grouping is the way to go.  That is exactly what I would do.   Just be careful that you aren't including something of risk in a category that you are not addressing to be at risk.    For instance, if you had an "oil" category and you use extra virgin olive oil and make that claim. the risk is much higher than say canola oil as olive oils have been implicated in fraud.   or honey in sweeteners. etc.  You may want to list every ingredient that is included in the "group" to prove that they have been assessed.   

 

I have attached an assessment that my company has used - it has been through numerous sqf and brc audits with no issues.   there are tons of examples of these on this forum and available elsewhere (link).  I like that yours has all groups on one page and not separate pages for each group.   

 

SSAFE (ssafe-food.org)

 

You only need to develop a "Plan" for those items that are "identified as being of particular risk of adulteration or substitution"   With more detail, your "mitigation" section could suffice for a "Plan"   

Attached Files

•  5.4.2.docx   34.35KB   209 downloads

[Lorem Ipsum]

Hi,
Charles.C – yes, the post is about 5.4.3, aplologies, as I got lost with annual assessment plan. We assess vulnerability of individual ingredients when we approve a new supplier or a new RM from existing suppliers. Attractiveness means - economically attractive for fraud. Thank you for the links – I saved the compact bakery version to possibly include into my plan.

kingstudruler1 – thank you for the excellent example of vulnerability assessment as I was struggling to find a structured set of questions to assess RM vulnerability. We use cheapest rapeseed oil but the areas of concern are chocolates and eggs as they carry claims. Those are already covered by traceability exercises. I will just link them with my VA plan.

From my BRCGS experience auditors never questioned reasonings behind assessment, just browsed through assessment dates and turned to the next clause.

Thank you both for your support, best regards, Sergei

[Charles.C]

I have attached an assessment that my company has used - it has been through numerous sqf and brc audits with no issues.   there are tons of examples of these on this forum and available elsewhere (link).  I like that yours has all groups on one page and not separate pages for each group.   

 

SSAFE (ssafe-food.org)

 

You only need to develop a "Plan" for those items that are "identified as being of particular risk of adulteration or substitution"   With more detail, your "mitigation" section could suffice for a "Plan"   

Hi KSR,

 

Thks for the "template" example.

Perhaps one should add that a final overall "result" from the many, many individual L/S contributions listed are eventually magically, subjectively,  combined via manipulations within the complete SSAFE Program.

 

There are innumerable reports of people having problems with downloading/using this free tool, not sure if available/stable at this time ?