By Luciareli Garcia, Global Standards Auditor

 

The FSSC 22000 scheme is made up of three elements, the base standard of ISO 22000, the prerequisites for each category of the food chain (based on technical specifications for the sector e.g. ISO/TS 22002-x; PAS xyz); and additional requirements set by GFSI stakeholders.

 

The additional requirements are established by GFSI because the prerequisites lack some specific points that stakeholders consider important to maintain quality and safety in each category of the food chain.

 

In this blog, we will describe the additional requirements as well as changes that have been developed for FSSC 22000 V6.0.

 

2.5.1 Management of purchased services and materials (All categories)

 

Laboratories used for verification or validation must be able to ensure the accuracy and repeatability of tests using validated methods and good laboratory practices (e.g. ISO 17025).

 

Organizations with categories C, D, I, FII, G, and K, must document a procedure to make purchases in emergencies, to ensure safety and quality.

 

For food chain categories C0, CI, CIll, and CIV the organization shall have a policy for the procurement of animals, fish, and shellfish that are subject to the control of prohibited substances (e.g. pharmaceuticals, veterinary drugs, heavy metals, and pesticides).

 

Categories C, D, I, FI, G, and K must have a procedure to review raw materials, in compliance with the specifications of materials and finished products to ensure compliance with food safety, quality, legal, and customer requirements.

 

For Category I, the organization must establish criteria for the use of recycled packaging that will be used as raw material in the production of finished packaging material. These criteria must ensure that no F.Q.B. hazard is introduced and ensure quality compliance.

 

2.5.2 Labeling of products and printed materials (all categories).

 

Finished products must be labeled under all applicable legal and regulatory requirements in the country of sale ensuring allergen declarations and customer requirements.

 

Where a product is not labeled, all relevant product information should be available to ensure the safe use of the food by the customer or consumer.

 

Where a claim (e.g. allergen, nutritional, production method, etc.) is made on the product label or packaging, the organization shall maintain evidence of validation to support the claim and shall have verification systems in place, including traceability and mass balance, to ensure that product integrity is maintained.

 

For Category I, a procedure for graphic material management and print control, shall be established to ensure that printed material complies with legal and customer requirements. The procedure will address, at a minimum: the approval of standard samples or artwork; the process for changes in printing specifications and management of obsolete material; the process to ensure effective segregation of different print variants, and the handling of unused printed products.

 

2.5.3 Food defense (all categories)

 

The organization shall have a documented procedure to perform food defense threat assessment based on a defined methodology (e.g. TACCP (Threat Analysis and Critical Control Points; recommended by PAS96), CARVER + Shock, and FDA Food Defense Plan Builder), which can be used by organizations to identify potential threats linked to processes and products within the scope of the organization. The organization should implement appropriate mitigation measures for threats that prove to be significant, derived from the assessment.

 

The organization should document a mitigation plan and verification procedures covering processes and products within the scope of the food safety management system, this plan should conform to applicable legislation and be supported by the FSMS and senior management of the organization; it should contain elements such as verification activities, corrections and corrective actions, responsibilities, and continuous improvement, because it is information for management review.

 

For the FIl food chain category, in addition to the above, the organization must request that suppliers have a food defense plan.

 

2.5.4 Mitigation of food fraud (all categories)

 

Conduct a Food Fraud Vulnerability Analysis based on a methodology that identifies potential vulnerabilities such as substitution, unapproved improvements, misbranding, counterfeiting, stolen products, or others.

 

Identify and select proportionate control measures for significant vulnerabilities, including all processes, and products that are within the scope of the management system.

 

Document vulnerability analysis, control measures, verification, and incident management procedures in a Food Fraud Prevention Plan supported by the Food Safety Management System that should contain system elements such as training, internal audits, management review, etc., as well as operational control measures, verification activities, corrections and corrective actions, responsibilities, record keeping, verification activities, and continuous improvement.

 

For the FIl food chain category, in addition to the above, the organization must request that suppliers have a food fraud mitigation plan in place.

 

2.5.5 Use of logos (All categories)

 

The use of the FSSC 22000 logo image is for advertising purposes only, it should not be used on documents that infer that the product has been certified, such as COAs or quality certificates, on the label, on the product, on the primary or secondary packaging, or where exclusions to the scope of certification apply.

 

2.5.6 Allergen management (all categories)

 

A documented Allergen Management Plan should be in place, including a list of all allergens handled on-site (raw materials and finished products). A risk assessment should be performed covering all possible sources of allergen cross-contact contamination and derived from this assessment Identify and implement control measures to reduce or eliminate the risk of allergen cross-contact contamination.

 

The plan should include validation and verification of control measures and when more than one product is produced in the same production area that has different allergen profiles, allergen-free verification should be performed at a frequency based on the risk of allergen cross-contact contamination..

 

When an allergen warning is declared on the labels, it must be justified by the result of the risk assessment. The application of warning labels does not exempt the organization from implementing the necessary allergen control measures or verification testing.

 

The organization shall ensure that all personnel receive allergen awareness training and identification of control measures associated with their work area.

 

The allergen management plan shall be reviewed at least annually, and after any significant change affecting food safety, a public recall or product recall by the organization, or when industry trends show allergen contamination in products or processes similar or related to the organization.

 

The review of the plan should include an assessment of the effectiveness of existing control measures and the need for additional measures.

 

For Category D: When there is no allergen-related legislation for the country of sale for animal feed, this section of the scheme requirements may be indicated as “Not applicable”.

 

2.5.7 Environmental monitoring (categories BIII, C, I & K)

 

The organization should conduct a risk-based environmental monitoring program for relevant pathogens, spoilage, and indicators.

 

A procedure establishing microbiological controls should be documented and should comply with legal and customer requirements. These controls should be monitored and analyzed for trends.

 

At least once a year the program should be verified to ensure its effectiveness; or when any change occurs such as changes in products, processes, or legislation; when a prolonged period when there are no positive results for the sought microorganisms over a prolonged time when the trend of microbiological results is out of specification; when a pathogen is detected and when there are alerts, recalls or withdrawals related to the organization’s product/process.

 

2.5.8 Quality Culture and Food Safety (all categories)

 

Senior management should establish, implement, and maintain quality and food safety culture objectives, establishing a work plan that addresses communication, training, feedback, and employee engagement, as well as performance measurement. The objectives should be supported by the quality and food safety culture plan, should have measurable objectives, and established timelines for achieving them, and such information should be input for management review and continual improvement.

 

2.5.9 Quality Control (all categories)

 

The organization shall establish, implement, and maintain a quality policy and quality objectives and quality parameters for all products and/or product groups within the scope of the safety management system, including product launches addressing quality control and approvals.

 

An analysis and evaluation of the results of the quality control parameters (objectives, specifications, or quality parameters) should be carried out and reported for management review.

 

The audit scope shall include quality elements defined in this requirement.

 

The organization shall establish and implement quantity control procedures to ensure that products comply with applicable legal and customer requirements. This shall include a program for calibration and verification of equipment used for quality and weight control.

 

Start-up and line changeover procedures shall be established and implemented to ensure that products, including packaging and labeling, comply with applicable legal and customer requirements. This shall include the implementation of controls to ensure that labeling and packaging from the previous run have been removed from the line.

 

2.5.10 Transport and storage (all categories)

 

The organization should establish, implement, and maintain a procedure and specified stock rotation (FIFO, FEFO) in the warehouse.

 

For category C0, the organization must have specific requirements defining the post-slaughter storage time and temperature for chilling or freezing the products.

 

For the Fl food chain category, in addition to BSI/PAS 221:2013 clause 9.3, the organization shall ensure that the product is transported and delivered under conditions that minimize potential contamination.

 

Where transport tankers are used, a documented risk-based plan should be in place to address the cleanliness of transport tanks and should consider potential sources of cross-contamination and appropriate control measures, including validation of cleanliness. Measures should be implemented to assess tank truck cleanliness at the point of receipt of the empty tank truck, before loading. Request from the supplier as a minimum to ensure product safety and avoid cross-contamination: validation of tank truck cleanliness, restrictions linked to previous use, and applicable control measures relevant to the product being transported.

 

2.5.11 Control of hazards and measures to prevent cross-contamination (all categories of the food chain, excluding FII).

 

For food chain categories BIII, C & I, specific requirements must be in place when packaging is used to impart or provide a functional effect on food (e.g. shelf-life extension).

 

As for food chain category C0, there must be specific requirements for an inspection process in the livestock breeding and/or evisceration process to ensure that the animals are fit for human consumption.

 

For category D, procedures must be in place to manage the use of additive ingredients containing component nutrients that may hurt animal health.

 

For all food chain categories except FII, it must meet the following requirements:

 

The organization should conduct a risk analysis to determine the need and type of foreign body detection equipment required (magnets, metal detectors, x-rays, filters, or sieves). Procedures for the use of such equipment should be documented.

 

If the organization considers that foreign body detection equipment is not necessary, it should be justified and maintained as documented information.

 

The organization should have an established control for the handling of foreign materials, including procedures for handling all breakage.

 

2.5.12 Verification of PRPs (Categories BIII, C, D, G, I & K).

 

Clause 8.8.1 of ISO 22000, verification of PRPs and hazard control plan, is reinforced in such a way that the organization shall verify the implementation of PRPs through periodic inspections, with a frequency justified by the level of risk. Inspections and verification sheets should be linked to relevant technical specifications (such as ISO/TS, Codex, or local regulations).

 

2.5.13 Product design and development (Categories BIII, C, D, E, F, I & K).

 

A design and development procedure should be established for new products and product or process changes.

 

The impact of the change on the safety management system and any introduction of new hazards (e.g. allergens) should be assessed. Consider all necessary resources and training, equipment, and maintenance requirements.

 

A process should be in place for ongoing verification of service life at a risk-based frequency.

 

For ready-to-cook (RTC) foods, cooking instructions should be validated to ensure that safety is preserved.

 

2.5.14 Health status (category D food chain)

 

The organization shall have a procedure to ensure that the health of personnel does not hurt food production operations. Employees shall undergo a medical examination before working in food contact operations unless the risk analysis or medical assessment indicates otherwise is not permitted by law.

 

2.5.15 Equipment management (all categories, except FII)

 

Organizations should have purchasing specifications that address the hygienic design of equipment, customer requirements, intended use of the equipment, and the type of product handled. Equipment suppliers should be able to provide evidence that equipment specifications are met before installation. Risk-based processes should be established and implemented to manage changes to new or existing equipment.

 

These processes shall be adequately documented, with evidence of their successful implementation.

 

2.5.16 Food waste (All categories, except I)

 

There should be a policy and measurable objectives detailing the strategy for reducing food waste both within the organization and throughout the supply chain.

 

This requirement will require controls to ensure the safety of donated food.

 

Surplus or by-products destined for animal feed should be managed in such a way as to prevent their contamination.

 

All these processes must comply with local regulations, be kept up to date, and not hurt safety.

 

2.5.17 Communication requirements (All categories)

 

Certified organizations must communicate to CBs, serious events that impact the FSMS, legality, and/or integrity of certification, including situations that pose a threat to food safety or certification integrity as a result of force majeure events, natural or man-made disasters (e.g. war, strike, terrorism, crime, flood, earthquake, malicious hacking, etc.), as well as serious situations where the integrity of certification is at risk and/or where the Foundation may be discredited.

 

2.5.18 2.5.18 Requirements for multisite certified organizations (categories E, F & G)

 

Central function management should ensure that sufficient resources are available, and that roles, responsibilities, and requirements are clearly defined for management, internal auditors, technical staff reviewing internal audits, and other key personnel involved in the FSMS.

 

For internal audits, in addition to clause 9.2 of ISO 22000-2018, the organization shall comply with the following requirements:

 

Corporate or head office, establish internal audit procedures and programs ensuring fairness at the sites. Ensure that all sites are audited at least annually or more frequently based on a risk assessment and demonstrate the effectiveness of corrective action.

 

FSSC 22000 in its constant updates seeks that organizations ensure safe and good quality food. In the FSSC 22000 V6.0 version, quality requirements have been added as a fundamental part of the scheme, covering points that perhaps were left aside, as well as importance so that in the end quality and safety are not different definitions, but elements that converge to ensure the health of the consumer.

 

 

 

 

 

 

IIA. Marlem Guadalupe Diaz Alvarado: Safety Coordinator, Global Standards

 

As time goes by, food safety and quality standards have become more demanding. An example of this is the FSSC Foundation: FSSC 22000, which has presented a new version to standardize the categories of the food chain according to the recently published one ISO 22003-1:2022 standard, which at the same time has focused on strengthening its requirements to support organizations in their contributions to meeting the sustainable development objectives, among which quality control, food loss, and waste stand out.

 

The food chain categories and related supply chain sectors that fall within the scope of FSSC 22000 certification are defined in Part I of the standard documents. Moreover, manufacturing sub-categories are assigned based on the final product produced by each organization. Additionally, more detailed clauses on validation/verification of packaging claims, criteria for the use of recycled materials, allergen management, environmental monitoring, quality control, purchase and installation of new equipment, and food waste management are included.

 

Currently, in version 5.1 category BIII has been included, that focuses on the pre-process handling of vegetable products, which is based on the handling of vegetables that do not transform the product from its original whole form (e.g. washing, sorting, waxing, etc.). It also considers category D with its sub-categories DI, DIIa, and DIIb to produce food for animals (breeding) and pets. However, for version 6, DI is maintained only for food intended for animal consumption (breeding), and categories DIIa and DIIb are grouped in category C.

 

In version 6, category C0 is an additional category dealing with primary animal processing, which alludes to further processing such as slaughtering, evisceration, chilling, freezing, or bulk storage.

 

On the other hand, transportation was merged and will be integrated into category G, while e-commerce will be included in category FI. The scope has also been expanded to add commerce and intermediation or trading and brokering (FII), which promotes the purchase and sale of products without physical manipulation on one’s own behalf or for third parties (intermediaries).

It is worth mentioning that within the relevance we also found that the category of Agriculture-Farming (A) and the option of FSSC 22000-Quality were eliminated; the latter will be addressed as an additional mandatory requirement “Quality Control” in version 6 of the FSSC 22000 scheme.

 

       Inclusion of categories

 

Categories	Description	Examples of activities	Applicable technical specification
BIII	Pre-process handling of vegetable products	They do not transform the product from its original form. Cleaning, washing, sorting, separation, etc. are included.	ISO/TS 22002-1:2009
C0	Animals- Primary Transformation	Further processing, including lairage, slaughter, evisceration, bulk chilling, etc.	ISO/TS 22002-1:2009
FII	Brokerage/trading/  e-commerce	Purchase and sale of products on one’s own account without physical manipulation or as a third-party agent of any item that enters the food chain.	No technical specification

 

In conclusion, the main changes published with the new version of the scheme are focused on defining more clearly the applicability and compliance with the requirements through the creation of new categories such as BIII and C0, as well as simplifying some categories through the standardization of criteria. In addition, additional requirements such as quality control, equipment management, food waste, communication requirements, quality culture, and food safety have been added to bring the food safety system to a more complete implementation.

 

References:

• Food Safety System Certification. Annex 1: CB Certificate scope statements.
• FSSC 22000 Scheme food safety management system certification. Part 1, num.3, pp. 9-14. April 2023.

 

 

 

 

 

Food safety and the supply chain are two crucial components in delivering food to customers. While they are not the sole factors in management, analyzing each is essential to establish a potential relationship between them.

 

A supply chain constitutes a network encompassing the entire structure of your resources. It involves the journey of materials from extraction, through various transformation stages, until reaching the consumer. After obtaining finished products, they are directed to distribution networks that cater to wholesalers and retailers, ultimately reaching the end consumer.

 

The FDA Food Safety Modernization Act of 2011 (FSMA) designates the U.S. Food and Drug Administration (FDA) as the regulatory body responsible for food oversight within the U.S. Department of Health and Human Services. The primary aim is to enhance and safeguard public health through a modern, preventative, risk-based approach to food safety regulation.

 

On September 17, 2015, the FDA published the ‘Good Manufacturing Practices, Hazard Analysis and Risk-Based Preventive Controls for Foods for Human Consumption’ rule under FSMA. This rule mandates that entities engaged in manufacturing/processing, packing, or food storage for human or animal consumption in the United States must register with the FDA unless exempted under 21 CFR 1.226.

 

The regulation, titled ’21. Food and Drugs; Chapter I – Food and Drug Administration; Department of Health and Human Services; Subchapter b – Foods for Human Consumption, part 117 Current Good Manufacturing Practice, Hazard Analysis, and Risk-Based Preventive Controls for Human Food,’ is divided into seven subparts:

 

• Subpart A – General Provisions.
• Subpart B – Current Good Manufacturing Practice.
• Subpart C – Hazard analysis and risk-based preventive controls.
• Subpart D – Modified Requirements.
• Subpart E – Withdrawal of a qualified facility exemption.
• Subpart F – Requirements Applying to records that must be established and maintained.
• Subpart G – Supply-Chain Program.
•  

In this article, our focus is on Subpart G and its key requirements for a supply chain program. It stipulates that facilities must institute and execute a risk-based supply chain program for raw materials, materials, and other ingredients with controlled hazards prior to receipt. Essentially, this enforces control measures throughout the supply chain.

 

Requirements Subpart G – Supply Chain Program:

 

• 117.405 – Obligation to Establish and Execute a Supply Chain Program: At this juncture, the receiving facility is mandated to institute and execute a risk-based supply chain program, barring specific circumstances. This program, documented in writing, is custom-tailored to address hazardous raw materials and other ingredients identified by the receiving facility, necessitating control measures throughout the supply chain.

 

A receiving facility that operates as an importer, adhering to the foreign supplier verification program requisites and possessing records of verification activities, is exempted from conducting supplier verification for that particular raw material or ingredient.

 

Exemptions Under this Subpart: The stipulations of this subpart do not extend to foods supplied exclusively for research or evaluation purposes. However, such foods must fulfill the following criteria:

 

• Not intended for retail distribution or public consumption.
• Appropriately labeled as “Food for research or evaluation use.”
• Supplied in a limited quantity aligning with research, analytical, or quality control aims. Solely intended for these purposes, any unused quantity is to be disposed of properly.
• Accompanied by documentation confirming the food’s allocation for research or evaluation, explicitly prohibiting public sale or distribution.

 

Third-Party Supply Chain Control:

 

In cases where an external entity other than the receiving facility’s supplier exercises control over the supply chain, the receiving facility must:

 

• Validate the accuracy of the supply chain control measures and acquire verifiable proof of validation from the external entity.
• Scrutinize and assess the pertinent documentation of the external entity, substantiating this scrutiny and assessment in documented form.

 

• 117.410 – General requirements applicable to a supply chain program.

 

The supply chain program must encompass the following elements:

• Utilizing approved suppliers.
• Defining appropriate supplier verification activities, including the frequency of implementation.
• Carrying out supplier verification activities.
• Recording supplier verification activities.
• If relevant, confirming a control established within the supply chain by an entity other than the receiving facility’s supplier. This confirmation should be documented, or suitable documentation of verification activities from another entity should be acquired. Subsequently, a review and assessment of this documentation must be conducted, with the results documented as well.

 

Several suitable supplier verification activities for raw materials and other ingredients involve:

• Conducting on-site audits.
• Employing sampling and performing analyses on the raw material or ingredient.
• Scrutinizing pertinent food safety records maintained by the supplier.
• Implementing appropriate supplier verification based on the supplier’s historical performance and the inherent risk linked to the raw material or ingredient.

 

During the process of approving suppliers and determining the frequency of supplier verification activities, the subsequent factors should be taken into account:

 

– An analysis of food hazards, encompassing the nature of the controlled hazard before the receipt of the raw material or other ingredient.

 

– Verification that the entity or entities responsible for implementing controls on the hazards have, indeed, applied controls within the supply chain.

– Evaluation of supplier performance.

 

**Food Safety and Supply Chain Management: Key Regulations and Documentation**

 

In the realm of food safety and supply chain management, adhering to specific regulations and maintaining meticulous documentation is crucial. Let’s delve into the provisions outlined in various sections and understand the requirements they entail.

 

**117.415 – Responsibilities of the Receiving Facility**

 

The receiving facility is mandated to undertake supplier approval, perform appropriate supplier verification activities, and comply with the documentation prerequisites set forth in this subpart. While entities other than the receiving facility can conduct supplier verification activities, the receiving facility must review and evaluate pertinent documentation, such as raw material receiving procedures.

 

For this subpart, supplier verification cannot involve supplier audits, reviews of supplier’s food safety records, or other verification activities.

 

**117.420 – Using Approved Suppliers**

 

Supplier approval, as dictated by the provisions in 117.410, is granted by the receiving facility. Procedures for receiving raw materials and ingredients must be established and followed, ensuring that materials are sourced solely from approved suppliers. Written procedures for this process must be documented.

 

**117.425 – Determining Appropriate Supplier Verification Activities and Frequency**

 

Appropriate supplier verification activities, along with their frequency, are determined based on the requirements outlined in 117.410.

 

**117.430 – Conducting Supplier Verification Activities**

 

For each supplier, one or more supplier verification activities specified in 117.410 must be executed before and periodically after using their raw material or ingredient. When a supplier controls a hazard in the raw material or ingredient, and there’s a potential for severe adverse health consequences, an on-site audit is required before use and at least annually thereafter. Notably, financial conflicts of interest and payment related to activity results are prohibited.

 

**117.435 – On-site Audit**

 

Qualified auditors conduct on-site audits of suppliers. If the supplier’s material is subject to FDA food safety regulations, the audit should encompass those regulations and involve a review of the supplier’s food safety plan.

 

For foreign suppliers, written results are valid when the FDA or the food safety authority of a recognized country conducts inspections.

 

**117.475 – Records for the Supply Chain Program**

 

Records documenting the supply chain program adhere to subpart F requirements. The receiving facility reviews and documents records as appropriate to its supply chain program. The documentation includes:

 

– Supplier approval records.

– On-site audit documentation.

– Sampling and testing records for supplier verification.

– Review records of the supplier’s relevant food safety data.

– Documentation of other applicable supplier verification activities.

– Records indicating alternative verification activities.

– Actions taken for supplier non-compliance.

– Verification documentation of supply chain controls by entities other than the supplier or receiving facility.

 

Balancing regulatory requirements and customer demands is essential for effective supply chain management. This balance involves profitability, customer value, consumer cost, quality, safety, delivery speed, reliability, and flexibility. Understanding these elements underscores the significance of the supply chain in the food industry.

 

References:

CFR – Code of Federal Regulations Title 21. (n. d.). https://www-accessdata-fda-gov.goog/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=117&_x_tr_sl=en&_x_tr_tl=es&_x_tr_hl=es-419&_x_tr_pto=sc

Tech, R. T. F. (2021, September 15). Food safety in the supply chain. THE FOOD TECH – Leading news media in the Food & Beverage Industry. https://thefoodtech.com/seguridad-alimentaria/inocuidad-de-los-alimentos-en-la-cadena-de-suministro/

21 CFR part 117 Guidance for Industry: Small Entity Compliance Guide https://www.fda.gov/downloads/Food/GuidanceRegulation/GuidanceDocumentsRegulatoryInformation/UCM526507.pdf