Jump to content

  • Quick Navigation
Photo

BRC Agent and Broker Sect 4.3 - Product Security/ Food defence

Share this

Best Answer , 06 June 2018 - 11:30 AM

Hi Dias,

Section 4.3 of Agents & Brokers is really more about the TACCP elements (i.e. malicious threats and security), but obviously there is potentially some overlap with section 4.8 (if you're also preparing for the new Issue 2 standard) that would be more of a VACCP approach.

We have both BRC Agents & Brokers and BRC Food certification, so are in the lucky position of already having confirmation that the systems meet BRC requirements thanks to several years of audits against issue 7 of the Food standard, and as the systems are shared between the two we don't need to write anything new.

Our approach has been to split this into two distinct parts: A TACCP study focussed solely on food (and to some extent broader business) security, and a VACCP approach where I wrote a system of my own to suit the particular activities of our business and the nature of the raw materials we source.

For the TACCP, I'd recommend looking at PAS96 as it's more widely recognised in the UK than e.g. Carver + SHOCK etc. It takes a little while to get your head around it, but work through it slowly and it'll start to make sense if you're familiar with other risk-based approaches like HACCP. Indeed you'll need to do some very similar things in terms of assembling a multi-disciplinary team etc, but you could do that once you've got a better understanding for yourself, as you'll probably need to explain it to the rest of the team!

 

For the VACCP, I completely agree with your approach - we get loads of VACCP questionnaires from customers and I confess I'm completely baffled by the concept of asking your supplier whether they are trustworthy. Has anyone’s supplier ever said “no, we’re really dodgy” in response to these questions?!

Nonetheless I'm guessing that certification bodies find this to be acceptable as it certainly seems to be quite prevalent!

 

Are you buying finished products each with multiple ingredients, or sourcing the separate component ingredients and then paying a separate entity to do the final manufacturing for you as a subcontracted process?

If it’s the latter I’d split the risk assessment into two parts – one for your ingredients and one for the processors to whom you’re subcontracting the work, although arguably they’d have very limited incentive to adulterate if they don’t own any of the materials.

For the former, my approach would be to list out your products and assess both in terms of the manufacturer and the product/components.
For the manufacturer, you’re looking at the usual areas
:

Are they GFSI-certified?

Any other useful certification-based controls in place?

What is your supplier risk score for them?

Are they based in a region you’d consider higher or lower risk?

How well do you understand the supply chain prior to them, and what risk status would you assign to it?
Is there a (reliable!) testing regime in place to verify the authenticity of key ingredients?

Etc

This should give you an overall risk score for the manufacturer.

 

For the ingredients, again you’ll probably want to consider the usual categories that you’ll see in most training/information materials on VACCP:
Is there a history of adulteration?
Are there any current/emerging issues? (you’ll need to cite suitable sources of “horizon scanning” data)

Is it a high-value ingredient? (we also consider changes in price as well as absolute price - so for example if the market value shoots up we’d assign an increased risk as there is greater incentive to adulterate)

What testing or other controls are currently in place?

Are the ingredients from higher-risk origins?

How well do you understand the supply chain, how transparent is it and what risk status would you give it?

Is the raw material of a nature that can easily be adulterated? Powders, liquids etc typically far easier to hide adulterants in than would be the case for a solid – consider e.g. difference between apple juice and a whole apple.

We also have a category for “other” – basically just gives the option to add in any extra specific considerations on a case-by-case basis, although for most products it’s marked as “n/a”.

 

As you’re dealing with composite finished products, you could either consider them as a whole or do each component independently and then combine the results. I don’t know how large your product range is, as that will have an effect on how practical it is to do each component separately. I’d personally favour the latter as the more thorough approach, but either should probably be ok as long as you can justify what you’ve done.

At the end of this you should then have an overall risk score for the product/ingredients.

 

You can then combine the two parts (manufacturer risk score and product/ingredients risk score) to give a final overall risk status for the product that you purchase from each manufacturer, and can then move onto the question of what to do about those where the risk score is higher than you’d like…

 

First post (other than a brief one in the introductions section) on IFSQN and apologies that it’s quite so long, but it’s a topic that is quite sizeable and there are so many different takes on it!
Hope it helps in any case.


  • You cannot start a new topic
  • Please log in to reply
8 replies to this topic

Zac Zara

    Grade - Active

  • IFSQN Active
  • 11 posts
  • 2 thanks
0
Neutral

  • United Kingdom
    United Kingdom

Posted 01 June 2018 - 10:30 AM

Hi Everyone, 

 

I am currently working on BRC Agent and Broker Section 4.3 - Product Security/Food defence.

I am confused with these terms, I Initially thought I need to conduct only TACCP Risk assessment - which is applicable to the work that we do.

I need some clarity on VACCP (We do not handle raw material so at what point should I assess the adulteration) and Food defence plan.

 

Can Anyone tell me if I need to do VACCP, TACCP and also have a Food defence plan?

 

Your help will be must appreciated.

 

Regards

 

Gelcey



redfox

    Grade - SIFSQN

  • IFSQN Senior
  • 481 posts
  • 163 thanks
24
Excellent

  • Philippines
    Philippines

Posted 02 June 2018 - 02:36 AM

Hello,

 

You have to conducts suppliers audit or send questionnaire to you agent/broker ensuring that they product they are selling is authentic and were produced in compliance with statutory and the laws on the country it is sold to. (FS/HACCP and VACCP. That the product is produced and handled, protected from any malicious intent to harm consumer (TACCP). The product must be traceable from where it was manufactured. 

 

You can ask from your broker the LOG (Letter of Guarantee).

 

regards,

redfox



Thanked by 1 Member:

Zac Zara

    Grade - Active

  • IFSQN Active
  • 11 posts
  • 2 thanks
0
Neutral

  • United Kingdom
    United Kingdom

Posted 04 June 2018 - 07:59 AM

Hi, 

 

Thank You for the reply, we conduct supplier approvals based on questionnaire and Vulnerability assessment is one of the sections where we ask multiple questions, also tractability is conducted as part of approval. But some suppliers do not know about VACCP hence leave the section blank. 

 

I think it will be better to have our own VACCP study and score the suppliers and add extra controls where suppliers have no controls. - Can anyone suggest if there is any other way to handle this?

 

The terms used on BRC A&B standard is Product security/ Food defence - does this mean TACCP study? - does anyone have a template to share so that I have a guidance how to do TACCP?

 

 

Regards

 

Gelcey



redfox

    Grade - SIFSQN

  • IFSQN Senior
  • 481 posts
  • 163 thanks
24
Excellent

  • Philippines
    Philippines

Posted 04 June 2018 - 11:59 AM

Hello Gelcey,

 

We are BRC certified plant, we are processing seafood, pasteurized crab meat. It is our 3 yeard being BRC certified, and we have incoming audit on this 3rd week of June. Though in the standard TACCP is mentioned and Food Defense, the auditor focused mainly on VACCP (EMA). But still, we have our Food Defense Plan,  because we also are preparing for USFDA to audit our plant. US FDA (FSMA) is very focused on (TACCP), Food Defense/Food Security against malicious intent..

 

You have to make you're VA (vulnerability assessment) on each raw material. That's why traceability is required so that, from raw material until it reaches your site, you can assess the vulnerability/weak point(s) of the supply chain. There you can make your control measure to mitigate the risk. You can also determine the amount/gravity of risk on each raw material.

 

regards,

redfox



Zac Zara

    Grade - Active

  • IFSQN Active
  • 11 posts
  • 2 thanks
0
Neutral

  • United Kingdom
    United Kingdom

Posted 04 June 2018 - 02:33 PM

Hi, 

 

Thank you, can you tell me, how would you conduct vulnerability assessment for the finished product? where multiple ingredients are used to make  a product and we have no control over the raw material purchase.

We are agent and broker and therefore do not  handle any raw material, suppliers make product for us and label our own brand.

 

 

Regards

 

Gelcey



pHruit

    Grade - FIFSQN

  • IFSQN Fellow
  • 2,071 posts
  • 849 thanks
536
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Interests:Composing/listening to classical music, electronics, mountain biking, science, sarcasm

Posted 06 June 2018 - 11:30 AM   Best Answer

Hi Dias,

Section 4.3 of Agents & Brokers is really more about the TACCP elements (i.e. malicious threats and security), but obviously there is potentially some overlap with section 4.8 (if you're also preparing for the new Issue 2 standard) that would be more of a VACCP approach.

We have both BRC Agents & Brokers and BRC Food certification, so are in the lucky position of already having confirmation that the systems meet BRC requirements thanks to several years of audits against issue 7 of the Food standard, and as the systems are shared between the two we don't need to write anything new.

Our approach has been to split this into two distinct parts: A TACCP study focussed solely on food (and to some extent broader business) security, and a VACCP approach where I wrote a system of my own to suit the particular activities of our business and the nature of the raw materials we source.

For the TACCP, I'd recommend looking at PAS96 as it's more widely recognised in the UK than e.g. Carver + SHOCK etc. It takes a little while to get your head around it, but work through it slowly and it'll start to make sense if you're familiar with other risk-based approaches like HACCP. Indeed you'll need to do some very similar things in terms of assembling a multi-disciplinary team etc, but you could do that once you've got a better understanding for yourself, as you'll probably need to explain it to the rest of the team!

 

For the VACCP, I completely agree with your approach - we get loads of VACCP questionnaires from customers and I confess I'm completely baffled by the concept of asking your supplier whether they are trustworthy. Has anyone’s supplier ever said “no, we’re really dodgy” in response to these questions?!

Nonetheless I'm guessing that certification bodies find this to be acceptable as it certainly seems to be quite prevalent!

 

Are you buying finished products each with multiple ingredients, or sourcing the separate component ingredients and then paying a separate entity to do the final manufacturing for you as a subcontracted process?

If it’s the latter I’d split the risk assessment into two parts – one for your ingredients and one for the processors to whom you’re subcontracting the work, although arguably they’d have very limited incentive to adulterate if they don’t own any of the materials.

For the former, my approach would be to list out your products and assess both in terms of the manufacturer and the product/components.
For the manufacturer, you’re looking at the usual areas
:

Are they GFSI-certified?

Any other useful certification-based controls in place?

What is your supplier risk score for them?

Are they based in a region you’d consider higher or lower risk?

How well do you understand the supply chain prior to them, and what risk status would you assign to it?
Is there a (reliable!) testing regime in place to verify the authenticity of key ingredients?

Etc

This should give you an overall risk score for the manufacturer.

 

For the ingredients, again you’ll probably want to consider the usual categories that you’ll see in most training/information materials on VACCP:
Is there a history of adulteration?
Are there any current/emerging issues? (you’ll need to cite suitable sources of “horizon scanning” data)

Is it a high-value ingredient? (we also consider changes in price as well as absolute price - so for example if the market value shoots up we’d assign an increased risk as there is greater incentive to adulterate)

What testing or other controls are currently in place?

Are the ingredients from higher-risk origins?

How well do you understand the supply chain, how transparent is it and what risk status would you give it?

Is the raw material of a nature that can easily be adulterated? Powders, liquids etc typically far easier to hide adulterants in than would be the case for a solid – consider e.g. difference between apple juice and a whole apple.

We also have a category for “other” – basically just gives the option to add in any extra specific considerations on a case-by-case basis, although for most products it’s marked as “n/a”.

 

As you’re dealing with composite finished products, you could either consider them as a whole or do each component independently and then combine the results. I don’t know how large your product range is, as that will have an effect on how practical it is to do each component separately. I’d personally favour the latter as the more thorough approach, but either should probably be ok as long as you can justify what you’ve done.

At the end of this you should then have an overall risk score for the product/ingredients.

 

You can then combine the two parts (manufacturer risk score and product/ingredients risk score) to give a final overall risk status for the product that you purchase from each manufacturer, and can then move onto the question of what to do about those where the risk score is higher than you’d like…

 

First post (other than a brief one in the introductions section) on IFSQN and apologies that it’s quite so long, but it’s a topic that is quite sizeable and there are so many different takes on it!
Hope it helps in any case.



Thanked by 3 Members:

Zac Zara

    Grade - Active

  • IFSQN Active
  • 11 posts
  • 2 thanks
0
Neutral

  • United Kingdom
    United Kingdom

Posted 06 June 2018 - 12:05 PM

Hi, 

 

I really appreciate the time you have taken to send a detailed and to the point answer.

It is the first time I will be conducting VACCP and TACCP study from scratch. Your answer will give me the base to start.

 

Regards

 

Dias



DSTechnicalManager

    Grade - AIFSQN

  • IFSQN Associate
  • 26 posts
  • 0 thanks
4
Neutral

  • United Kingdom
    United Kingdom

Posted 01 December 2022 - 11:55 AM

Hi Dias,

Section 4.3 of Agents & Brokers is really more about the TACCP elements (i.e. malicious threats and security), but obviously there is potentially some overlap with section 4.8 (if you're also preparing for the new Issue 2 standard) that would be more of a VACCP approach.

We have both BRC Agents & Brokers and BRC Food certification, so are in the lucky position of already having confirmation that the systems meet BRC requirements thanks to several years of audits against issue 7 of the Food standard, and as the systems are shared between the two we don't need to write anything new.

Our approach has been to split this into two distinct parts: A TACCP study focussed solely on food (and to some extent broader business) security, and a VACCP approach where I wrote a system of my own to suit the particular activities of our business and the nature of the raw materials we source.

For the TACCP, I'd recommend looking at PAS96 as it's more widely recognised in the UK than e.g. Carver + SHOCK etc. It takes a little while to get your head around it, but work through it slowly and it'll start to make sense if you're familiar with other risk-based approaches like HACCP. Indeed you'll need to do some very similar things in terms of assembling a multi-disciplinary team etc, but you could do that once you've got a better understanding for yourself, as you'll probably need to explain it to the rest of the team!

 

For the VACCP, I completely agree with your approach - we get loads of VACCP questionnaires from customers and I confess I'm completely baffled by the concept of asking your supplier whether they are trustworthy. Has anyone’s supplier ever said “no, we’re really dodgy” in response to these questions?!

Nonetheless I'm guessing that certification bodies find this to be acceptable as it certainly seems to be quite prevalent!

 

Are you buying finished products each with multiple ingredients, or sourcing the separate component ingredients and then paying a separate entity to do the final manufacturing for you as a subcontracted process?

If it’s the latter I’d split the risk assessment into two parts – one for your ingredients and one for the processors to whom you’re subcontracting the work, although arguably they’d have very limited incentive to adulterate if they don’t own any of the materials.

For the former, my approach would be to list out your products and assess both in terms of the manufacturer and the product/components.
For the manufacturer, you’re looking at the usual areas:

Are they GFSI-certified?

Any other useful certification-based controls in place?

What is your supplier risk score for them?

Are they based in a region you’d consider higher or lower risk?

How well do you understand the supply chain prior to them, and what risk status would you assign to it?
Is there a (reliable!) testing regime in place to verify the authenticity of key ingredients?

Etc

This should give you an overall risk score for the manufacturer.

 

For the ingredients, again you’ll probably want to consider the usual categories that you’ll see in most training/information materials on VACCP:
Is there a history of adulteration?
Are there any current/emerging issues? (you’ll need to cite suitable sources of “horizon scanning” data)

Is it a high-value ingredient? (we also consider changes in price as well as absolute price - so for example if the market value shoots up we’d assign an increased risk as there is greater incentive to adulterate)

What testing or other controls are currently in place?

Are the ingredients from higher-risk origins?

How well do you understand the supply chain, how transparent is it and what risk status would you give it?

Is the raw material of a nature that can easily be adulterated? Powders, liquids etc typically far easier to hide adulterants in than would be the case for a solid – consider e.g. difference between apple juice and a whole apple.

We also have a category for “other” – basically just gives the option to add in any extra specific considerations on a case-by-case basis, although for most products it’s marked as “n/a”.

 

As you’re dealing with composite finished products, you could either consider them as a whole or do each component independently and then combine the results. I don’t know how large your product range is, as that will have an effect on how practical it is to do each component separately. I’d personally favour the latter as the more thorough approach, but either should probably be ok as long as you can justify what you’ve done.

At the end of this you should then have an overall risk score for the product/ingredients.

 

You can then combine the two parts (manufacturer risk score and product/ingredients risk score) to give a final overall risk status for the product that you purchase from each manufacturer, and can then move onto the question of what to do about those where the risk score is higher than you’d like…

 

First post (other than a brief one in the introductions section) on IFSQN and apologies that it’s quite so long, but it’s a topic that is quite sizeable and there are so many different takes on it!
Hope it helps in any case.

Hello pH Fruit.

 

Would you be able to help me with a separate subject - i need to review my SAQ for services suppliers - Logistic and storage and i don't know how to improve it Do you have any example you could share ?



pHruit

    Grade - FIFSQN

  • IFSQN Fellow
  • 2,071 posts
  • 849 thanks
536
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Interests:Composing/listening to classical music, electronics, mountain biking, science, sarcasm

Posted 01 December 2022 - 03:27 PM

Hello pH Fruit.

 

Would you be able to help me with a separate subject - i need to review my SAQ for services suppliers - Logistic and storage and i don't know how to improve it Do you have any example you could share ?

Unfortunately all of the documents I create are owned by the parties for whom I've created them, so this isn't something I can share publicly. There was another thread recently on service provider SAQs so will see if I can dig that out, as it may help.





Share this


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users