Jump to content

  • Quick Navigation

Advertisement

Featured Implementation Packages

* * * * *

TACCP & VACCP Demystified!

TACCP VACCP

One of my main lines of work at the moment is helping my manufacturing clients complete their TACCP/VACCP study. The understanding within the industry of what TACCP and VACCP is, is very confused right now. There have been many mixed messages on this subject and many conflicting explanations as to what TACCP and VACCP are and which should be applied to what situation. Within this short article I intend to clarify the subject.

TACCP is 'Threat Assessment & Critical Control Point'

 

VACCP is 'Vulnerability Assessment & Critical Control Point'

 

It's unclear how long the terms TACCP and VACCP have been around. The standard that drives the requirement is PAS 96:2014 (PAS stands for Publicly Available Specification) and it refers to a TACCP approach.

 

As a specialist in HACCP, when the Campden Guideline 72 TACCP book was published I was keen to get a copy to understand how TACCP should be carried out. I expected the guideline to give me step by step instructions on how the assessment should be completed, like the Campden Guideline on HACCP. I also expected it to link clearly with what was required in the BRC V7 (which was in draft at the time). In my opinion the TACCP book did not provide me with the information I was expecting, as:

  • The main aim of the TACCP guideline was to assess threats mainly from within the manufacturing environment and not from food fraud threats of ingredients prior to delivery at the manufacturing site.
  • BRC required a vulnerability assessment and the guideline only covered threat assessment (with the exception of one small paragraph which didn't really tell me much).
  • TACCP stands for Threat Assessment and Critical Control Point and nowhere in the guideline did it tell me how to pinpoint what a CCP was or how to control it.
  • The focus of the book was about carrying out an assessment but there didn't seem to be much guidance on what to do when the assessment had been completed - I expected an output with controls around the issues highlighted.
  • There wasn't a clear methodology I could pick up and use.
So, all in all I personally found the guideline very confusing. After spending time searching for other methods I could use, Adele Adams and I then decided we needed to fill this gap and provide the industry with some clear methodology that could be used, which is why we wrote the book "Assessing Threats & Vulnerabilities for Food Defence".

 

You'll note that the book title has both the words threats (TACCP) and vulnerabilities (VACCP) in it. That's very intentional, because the two things are fundamentally linked.

 

The definition of a threat is "A deliberate act by someone to cause harm to the consumer or loss to the business due to the effect on the consumer".

 

The definition of a vulnerability is "How exposed the business is to the threat having an impact on the consumer".

 

Therefore what we really should be asking is:

 

"How vulnerable are we to the threat occurring and having an impact on the consumer/on our business?"

 

When BRC are asking you to complete a raw material vulnerability assessment, they are asking you to establish what threats are your ingredients vulnerable to? Let's take the horse meat issue as an example:

  • The threat - horse meat being delivered to your site instead of beef due to fraudulent activity in the supply chain.
  • If the meat is delivered minced, then you can't tell by looking at it if it's beef or horse meat - so you're vulnerable.
  • If the meat is delivered as a joint, you are less vulnerable as you can probably tell that the joint doesn't look like beef.
  • If the meat is delivered to you as a carcass, you're definitely going to be able to tell it's not a cow and so you're not vulnerable.
So I believe the term should be 'Threat & Vulnerability Assessment'. A threat and vulnerability assessment can be carried on both raw materials prior to delivery or on the manufacturing process - both assess threats (a deliberate act) and the vulnerabilities of the threats having an impact on the consumer, which has a subsequent impact on the business.

 

What is the point of using the term TACCP (Threat Assessment & Critical Control Point) when it does not include any mention of CCPs?

 

We've come up with the term TVA (Threat & Vulnerability Assessment) as we think this makes it much clearer that both threats and the vulnerabilities to those threats should be covered. It also doesn't mention CCPs as this term is a HACCP food safety term and has nothing to do with threat and vulnerability assessment.

 

Within the book we have provided an alternative to CCPs, which we call VTPs (vulnerable threat points) and we also provide guidance on how these should be managed.

 

I hope this has been of help to you and makes things a little clearer. If you have any questions please get in touch using the comments section below. I'd also love to hear your thoughts or challenges in this subject - does my explanation make sense to you? Do you agree/ disagree?

 

If you’d like to find out more about the methodology that we’ve developed in our book, you can go to:
www.techni-k.co.uk/shop/books/assessing-threat-vulnerability-for-food-defence

 

Kassy Marsh, Director at Techni-K
www.techni-k.co.uk



Share this

6 Comments

Thanks Kassy

just now I understood wat is TACCP&VACCP

thanks so much for the clarification

I sincerly don't understand why TVA is not related to HACCP. I work for a Food and Beverage Manufacturing company as the Quality Assurance Officer.Now are you saying this can't be applied in our control measures ?

Thanks Kassy

just now I understood wat is TACCP&VACCP

thanks so much for the clarification

You're welcome! I'm glad it was of help.  If you have any other queries about the subject please feel free to come back to me! Thanks, Kassy

I sincerly don't understand why TVA is not related to HACCP. I work for a Food and Beverage Manufacturing company as the Quality Assurance Officer.Now are you saying this can't be applied in our control measures ?

Hi Charles

The risk assessment for HACCP and TVA is quite different, because you are assessing two different subjects.  One you can control (HACCP) and one you can't (TVA).  With TVA all you can do is to put protection measures in place, to ensure that your vulnerability is reduced. You can want to include these protection measures into your current systems - they do not need to sit separately.

I hope that helps, but if not - please come back to me.

Thanks

Kassy

Hi Charles

The risk assessment for HACCP and TVA is quite different, because you are assessing two different subjects.  One you can control (HACCP) and one you can't (TVA).  With TVA all you can do is to put protection measures in place, to ensure that your vulnerability is reduced. You can want to include these protection measures into your current systems - they do not need to sit separately.

I hope that helps, but if not - please come back to me.

Thanks

Kassy

 

Personally I see the link to HACCP for these types of assessment being that they form part of your defined pre requisite programme for suppliers and raw materials.

 

Given the nature of the vulnerabilities and the threats to your ingredients and processes they are not going to be controlled by the single action within the process, but by implementing in a number of actions to mitigate the risk. This is the approach we have taken and it has allowed us to develop a comprehensive system, vulnerability and threats are not new issues but something we are only recently starting to talk about a lot more. Many companies are doing a lot more to mitigate these risks than they realise and often get themselves bogged down trying to reinvent the wheel. 

 

I share the authors frustration at the TACCP guideline as it does suggest a confused approached with very little detail on how to actually complete these types of assessments and as it is something that many are not trained in or have a depth of understanding of they look for the familiar and as a result companies are left with assessments that may tick a box for an audit but really don't offer them protection against these risks. I have lost track of the number of times an email has been passed onto me from a customer who wants to quote to me what I should have in place for VACCP / TACCP and wanting copies of our studies without actually taking the time to talk to us about our approach nor recognise that we have already been audited against BRC 7. 

In my point of view, and after we audited against BRC version 7 recently, the auditor only looked for the VACCP which only tackles about EMA. The auditor did not look for food defence where TACCP is needed. In my undesrtanding, TACCP is necessary when you're audited the USFDA.

 

HACCP-Food Safety

VACCP-Economically Motivated Adulteration(profit/gain)

TACCP-Food Defense