What's New Unreplied Topics Membership About Us Contact Us Privacy Policy
[Ad]
Forums Blogs Store Members Gallery Directory

Sign In Register

Internal audits

Started by , May 14 2024 06:36 AM
Reply to this Topic
5 Replies

Hi,

 

Most of the GFSI standards state that each requirement of the standard should be audited annually. Does this mean that every requirement of the standard should really be reviewed every year?  Or is it possible to select on a risk basis those topics that probably have room for improvement or are important for the production of a high-quality final product? 
 
I've read several topics here about internal audits and I'm a bit confused.
 
Some say that they audit their operations according to their own written instructions and practices. How does this style take into account the requirements of the standard? You may have an error in the document or practices that does not comply with the standard requirements. This error is ignored because it is not checked that the requirements of the standard are also met. If someone could tell me in a little more detail how this kind of audit is done, I would be grateful.
 
Some, on the other hand, use e.g. the IFS or BRC checklist, which has all the requirements of the standard. In this case, the requirements are reviewed generically, compared to the company's documentation, operations and practices. I have used this method myself. 
 
Share this Topic
Topics you might be interested in
BRC-3.4.1 Internal Audits Discrepancy in Coliform Results – Internal Lab vs Accredited Lab BRCGS Internal Audits – Should You Audit Work Instructions Too? Can Data Cutoff Dates Differ for Audits vs. Internal Analysis? Looking for Internal Auditor or Food Safety Consultant in NJ Area
[Ad]

We are an SQF certified packaging manufacturer (folding paperboard packaging) and my process is to have the code with me during all IAs. I pull all related documents, review them for compliance to the code, take them to the person responsible for that area of our process(es) and we review them for accuracy in comparison to our processes. Any changes needed are made and, if necessary, a new revision is issued and training scheduled (If necessary). I only use the checklist for recertification audit preparation just to confirm the reviews / IAs are completed. That way, every part of the code is reviewed annually. I break the code into 12 parts and review / audit one part each month. I also review (or send for review) all internal procedures on a separate 12 month schedule. This is the way I have the process written in our system. The code states the elements used must be reviewed annually, but it doesn't say how that works so you have to determine that and write your system based on that determination. But any instructions you create on the application of the code have to satisfy the requirements of the code. Hopefully that helps clarify it a little.

Review and audit are two different things - one is a glance and the other (audit) is conducting a comparison against the known standard. The audit actually includes a review.

Speaking to SQF specifically, they require you to audit your program to the standard annually.  And they require that you document affirmative evidence that you are compliant with each code, meaning you must list the language from your programs that prove they meet the code requirements.  This, along with reviewing these programs, are where you're expected to discover the grammatical errors or gaps in the SOP.

If you're talking BRCGS then guess what?  It's risk assessment time!  But I always when I've done one make sure that we include our factory inspections into that audit because if you're doing a GMP inspection every week or month, you don't (in my mind) need to be specifically auditing that clause that you're covering off more regularly.  Likewise there may be other areas you'd cover more than once a year or partially cover in your GMP auditing then cover in more depth in a systems audit, e.g. your CCPs.

 

I have seen plans where some sections are excluded from audit over 12 months completely.  They kinda got away with it at audit, in that there was no non conformance raised against the internal audit section BUT when you looked at their non conformities, they were often in areas they didn't internally audit.  So there's a "well duh" moment for you!

Auditing frequency must be risk assesed taking into account the posibility and the severity of failure. You must also consider how frequent thinks changes in each of the procedures you audit. So if you have a well established risk assesment I do not find a way that an auditor can say something deferent.

In any case you know better that all the others which is the appropriate auditing frequense for all of your procedures.

At list this is my opinion

Reply to this Topic

Similar Discussion Topics
BRC-3.4.1 Internal Audits Discrepancy in Coliform Results – Internal Lab vs Accredited Lab BRCGS Internal Audits – Should You Audit Work Instructions Too? Can Data Cutoff Dates Differ for Audits vs. Internal Analysis? Looking for Internal Auditor or Food Safety Consultant in NJ Area Internal Audit Approach – Should It Be Procedural or Clause-Based? FSSC V6 Internal Audit Checklist Determining Internal System Audits FSSC V6 Internal audit Checklist FSSC Lead Internal Auditor Requirements
About us

IFSQN is an international networking group for food safety professionals. We connect those interested in food safety to information and to each other. The purpose of the website is to share knowledge, experiences and ideas to make food safer.

All content © Copyright 2021 IFSQN