The food safety guaranteeing a safe supply chain has become a priority for companies in the food industry after the pandemic, which is why revision and receipts regained their importance for the sector.
One of them is Food safety system certification about FSSC 22000therefore, it is imperative that companies involved in the production of products of animal origin, i.e. perishable vegetables, must prepare for this procedure.
In this regard, Dimitra Sandrou, Certification Specialist at AIB International, shares that information and communication technologies can be used to prepare for the FSSC 22000 audit process.
An approach using such tools consists of a two-step process, including a remote audit focused on document review, followed by an internal audit to verify the implementation of FSSC 22000 scheme requirements.
This approach can also be used in the future as a method for regular audit; however, the procedure must be mutually agreed between the certification body and the audited organization.
Before performing, the organization must present a risk evaluation documented, conducted to understand the feasibility and comfort level of using digital platforms to perform the remote part of the audit.
This risk assessment will take into account the company’s food safety management system and its operational history. For example, if the company had significant non-conformities in the previous audit, this could be a reason to avoid the audit. remote audit.
It will also be important to assess the organization’s ability to participate, including the availability of electronic files, technology tools, data protection and security measures.
Before the remote part, the audited organization and certification body will need to test the chosen platform to ensure several key factors:
- Adequate internet connection
- Documented training of the audit team
- Data security and confidentiality agreements
- Sufficiently detailed audit plan
- When planning the duration of a two-stage audit, the remote part should be planned for approximately half a day, while the field part cannot be shorter than one day.
- The time between a remote audit and an on-site audit should not exceed 30 days, unless there is a serious event such as a pandemic that causes an interruption, in which case it may be extended to 90 days.
Dimitra Sandrou, shares the five steps for the FSSC 22000 audit process:
- Applicability: For initial certification audits, the first stage can be carried out remotely with live streaming of facilities, while the second stage must be carried out only in the plant. For surveillance audits, both phases must be completed within the same calendar year, regardless of the time allotted between phases. For recertification audits, both phases must be completed before the certificate expires. For unannounced audits, the first will be an internal audit, followed by a remote audit within 48 hours.
- Remote audit: During the remote phase, a desktop review will be performed, evaluating the organization’s documents and procedures. Key changes since the last audit will also be reviewed, along with HACCP plans, food safety management system objectives, KPIs, management reviews and internal audits. The auditor will also conduct interviews with management and key personnel, focusing on assessing the organization’s understanding of ISO 22000 requirements.
- Plant revision: The facility audit will focus on the physical inspection of the facility, including HACCP prerequisites and enforcement. The auditor should also close any open issues from the remote audit, such as documentation that was not available during the desk review or non-conformities from the remote part of the audit. It should be noted that it will be the same auditor for the remote and internal parts of the audit to ensure continuity. However, they accept different auditors during the pandemic as the same auditor may not always be available due to travel restrictions.
- Non-conformance management: Both the remote and in-plant part of the mentioned action can result in non-conformities, and those at each stage must be closed separately, in accordance with the rules of the scheme. Organizations will have 28 days to submit their root cause analysis, remediation and corrective action plan. If there are outstanding issues from a remote audit, they can be resolved during an internal audit or updated if system flaws are found. Critical issues require a follow-up review, which usually takes one day.
- Audit report: After each stage of the audit is completed, a non-conformance report is generated. After removing all non-conformities, an independent technical verification will ensure the accuracy of a full audit report, which will be generated and uploaded to the FSSC 22000 portal within two months of the plant audit.