6 replies to this topic

[Dehydrated]

Hi,

 

Seeking some clarification on BRCGS 1.1.6 clause and whether the reporting system needs to be confidential or confidential AND anonymous.

 

Clause 1.1.6 itself only states confidential, which is not the same as anonymous. However the interpretation guidelines specifically include the word anonymous as well. I know the guidelines are not the standard but why would BRC include the word anonymous if they did not intend that? Isn't the point that staff can report something without fear of reprimand or retaliation - and the only way to truly do that is by being anonymous.

 

Any BRCGS auditors out there that can share how you're trained to assess this?

 

Thanks.

 

 

 

[Tony-C]

Hi Dehydrated,

 

By the nature of a confidential reporting system it should allow a degree of anonymity, see further info from BRCGS Global Standard for Food Safety Issue 9 Clause 1.1.6 Guidance:

 

As a minimum, the system used must ensure that the confidentiality of the employee reporting the concern is maintained (i.e. the employee’s identity is not known or released to the site or company management) to protect any staff using it, and the confidential and anonymous nature of the system should be clear to all staff. An email or telephone call to an on-site manager, for example, is unlikely to be anonymous or confidential as the manager is likely to know the employee’s email address or recognise their voice. Therefore this would not be considered a confidential system.

 

As well as gathering information, the site is required to collate and act on it. The auditor will expect to see a system in place, and transparency about the content of any reports and actions, although not the source of the original concern.

 

Kind regards,

 

Tony

[Jonathan B.]

In my opinion, keeping the report confidential is a necessary condition to prove the effectiveness of the system. But leaving it anonymously is only a recommendation. In case an individual or organization considers that keeping confidential is not enough for the system to operate truly effectively, then keeping it both confidential and anonymous would be good practice. This should be based on a risk assessment of the organization's background, the culture of the workers in a specific region (some places see raising opinions as more of a problem than keeping quiet), geopolitics, etc.

 

Confidentiality is sufficient in accordance with the standard's requirements; the auditor's assessment aspect is limited to the report system, and the confidential system will be considered compliant with 1.1.6. The decision whether to maintain confidentiality or confidentiality and anonymity depends on the specific organization's objective to strengthen system implementation process effectiveness.

 

If you have other opinions, please contribute to clarify this provision. :)

Edited by JasonDinh, 20 November 2023 - 03:43 AM.

[Dorothy87]

Hi, 

 

We have a whistleblowing procedure where reporting is confidential and anonymous (last year we had boxes under CCTV and this was challenged by the BRC auditor).

 

They were moved, but we are encouraging staff during induction to report things to managers and line leaders anyway. 

 

[hoalefst.vn]

Agreed with Jason Dinh.

In my opinion, based on BRC Standard v9, what mentioned in interpretation is that Anonymous is recommended. That's why it said "May be necessary".

That is to make sure people or employee has courage to speak and report without any impact from the haters/ boss/ revenge. 

Based on each country, company culture, anonymous report should be considered based on actual. 

• In a good culture, who will care personnel identification was disclosed?
• In a bad culture, who will dare to report?

"In 2018 a report from the Association of Certified Fraud Examiners found that reports

from employees and outside parties are by far the most common method of detecting

wrongdoing. It is therefore vital that all sites facilitate effective communication methods

allowing staff to report any concerns. Ideally, this will be achievable using procedures

developed to meet clause 1.2.3. However, from time to time it may be necessary for

individuals to report on hazards or infractions anonymously and confidentially (e.g. if a

staff member felt that a genuine concern raised through other mechanisms, such as those

covered in clause 1.2.3, had not been adequately addressed), so the site (or company) should

have a system in place to manage this. Although the aim of the Standard is to ensure these

reporting systems relate to product safety, authenticity, quality and legality, the company

may choose to incorporate all staff concerns into the system, and not limit it to concerns

related to the scope of the Standard.

As a minimum, the system used must ensure that the confidentiality of the employee

reporting the concern is maintained (i.e. the employee’s identity is not known or released

to the site or company management) to protect any staff using it, and the confidential and

anonymous nature of the system should be clear to all staff. An email or telephone call to an

on-site manager, for example, is unlikely to be anonymous or confidential as the manager is

likely to know the employee’s email address or recognize their voice. Therefore this would

not be considered a confidential system"

To Dorothy87, camera (CCTV) is a tool for protect employee, not a tool for supervise. That's why auditor may challenged.
Do you monitor how many issue was reported before and after you remove the CCTV?

A good practice that i have been experienced in some facility: Create a QR code links at shopfloor to link to a reporting system (E.g: Google, Google Survey...). It was free, convenient, confidential and anonymous. 

[Dorothy87]

 

Agreed with Jason Dinh.

In my opinion, based on BRC Standard v9, what mentioned in interpretation is that Anonymous is recommended. That's why it said "May be necessary".

That is to make sure people or employee has courage to speak and report without any impact from the haters/ boss/ revenge. 

Based on each country, company culture, anonymous report should be considered based on actual. 

• In a good culture, who will care personnel identification was disclosed?
• In a bad culture, who will dare to report?

"In 2018 a report from the Association of Certified Fraud Examiners found that reports

from employees and outside parties are by far the most common method of detecting

wrongdoing. It is therefore vital that all sites facilitate effective communication methods

allowing staff to report any concerns. Ideally, this will be achievable using procedures

developed to meet clause 1.2.3. However, from time to time it may be necessary for

individuals to report on hazards or infractions anonymously and confidentially (e.g. if a

staff member felt that a genuine concern raised through other mechanisms, such as those

covered in clause 1.2.3, had not been adequately addressed), so the site (or company) should

have a system in place to manage this. Although the aim of the Standard is to ensure these

reporting systems relate to product safety, authenticity, quality and legality, the company

may choose to incorporate all staff concerns into the system, and not limit it to concerns

related to the scope of the Standard.

As a minimum, the system used must ensure that the confidentiality of the employee

reporting the concern is maintained (i.e. the employee’s identity is not known or released

to the site or company management) to protect any staff using it, and the confidential and

anonymous nature of the system should be clear to all staff. An email or telephone call to an

on-site manager, for example, is unlikely to be anonymous or confidential as the manager is

likely to know the employee’s email address or recognize their voice. Therefore this would

not be considered a confidential system"

To Dorothy87, camera (CCTV) is a tool for protect employee, not a tool for supervise. That's why auditor may challenged.
Do you monitor how many issue was reported before and after you remove the CCTV?

A good practice that i have been experienced in some facility: Create a QR code links at shopfloor to link to a reporting system (E.g: Google, Google Survey...). It was free, convenient, confidential and anonymous. 

 

 

 

Hi, 

 

The auditor said that is not anonymous any more if the CCTV is above - I agreed totally. 

 

We introduced a food safety champions and our food safety culture is well managed, employees reporting incidents, observations to Quality Assurance and the level of trust if quite high. We had a few last year but nothing in 2023.  

 

However the CCTV is not to protect employee, but to protect business.

 

Not sure about QR code, only managers and QA can use mobile phones in the factory (Glass & Plastic Procedure, PPE rules etc). 

 

[hoalefst.vn]

Hi, 

 

The auditor said that is not anonymous any more if the CCTV is above - I agreed totally. 

 

We introduced a food safety champions and our food safety culture is well managed, employees reporting incidents, observations to Quality Assurance and the level of trust if quite high. We had a few last year but nothing in 2023.  

 

However the CCTV is not to protect employee, but to protect business.

 

Not sure about QR code, only managers and QA can use mobile phones in the factory (Glass & Plastic Procedure, PPE rules etc). 

 

Protect business. Yes. I agree

However, I can not agree what you said CCTV is not to protect employee.
Some simple search on google about "purpose of CCTV in workplace" will give us more insights.

In my understanding, employee is most valuable asset. What i have been trained for the purpose of CCTV is to protect employee first.

About QR code, may be worth to try. I've experienced this at many organizations and it works.
Why employee can not report with QR code in (E.g: Canteen, Locker room, Board of Information...) or saving the code in their phone.
Then, they even can report when they are at home, or in rest time (e.g: Lunch...).