Auditing HACCP Programs 10.2.09 - Certified Quality … HACCP Programs ... (ISO 22000 Lead Auditor...

© EAGLE Registrations Inc. 2009 CONFIDENTIAL 1

Auditing HACCP Programs

Roger RoethOctober 2, 2009

2© EAGLE Registrations Inc. 2009 CONFIDENTIAL

Auditing HACCP Programs

Types of Audits

• First-party – Internal audit

• Second-party – Customer or supplier audits

• Third-party – External audit where auditor is unrelated to business


First-party Audits

Internal Audits

• To evaluate the organization’s own process, procedures, and products

• Undertaken by the organization on its own QMS and FSMS

• How many parties involved = 1 (the organization)

• The organization gets the report


Second-party Audits

Also known as external audits, customer audits or supplier audits

Parties involved – two

• Organization and the customer or supplier

Audit is completely flexible – based on what the customer wants

Report goes to the customer


Also known as registration audit

Parties involved – three

• Organization, customer and the certification body

Carried out by an independent organization

Very inflexible as it must follow the audit process completely

Report goes to the organization and the certification body

Third-party Audits


How to audit HACCP

The method to audit HACCP for any type of audit follows the same basic process with some minor differences


How to audit HACCP

Main requirements

• Auditor needs to understand the principles of HACCP

• Auditor needs to understand the process and the product which is produced


How to audit HACCP

Steps to Audit

• Audit the entire HACCP plan– Include prerequisite programs– Review the entire 12 step HACCP process,

however address each component separately– Compare to Codex or NACMCF

• Communicate to all parties to be audited

• Use the process audit approach


Understanding the HACCP Plan

HACCP

• Includes 12 step process (five initial steps and the seven HACCP principles)

• Five initial steps– Assemble food safety team– Describe the product– Identify intended use– Flow diagram– On-site verification of flow diagram


Understanding the HACCP Plan

Seven HACCP Principles

• Hazard Analysis

• Identify CCP

• Establish critical limit

• Establish monitoring procedure for each CCP

• Establish corrective action

• Establish verification procedure

• Establish documentation and record keeping


Auditing the HACCP Plan

Review the documentation• Understand the details of their HACCP Plan

– Is their Hazard Analysis complete?– Don’t forget to review PRPs

• Take notes on important procedures• Ask for a copy of the flow chart and HACCP Plan

so you can take to the floor

Facility inspection• Verify documentation to what is really occurring• Condition of facility



Monitoring - Observe employee performing task

• Compare to written procedures

• Use of calibrated instruments

• Interview the employee– Ask open ended questions?– What are their authority?– Do they understand what and why they are

doing their task?

• Review their training records



Corrective Actions

• Review past deviations

• Look for trends

• Were actions complete?

• Was suspect product contained?

• Review records



Verification

• Observe and compare

• Review records

• Who is verifying?

• How were deviations handled?



Recordkeeping

• If it is not recorded, assume it is not being done!

• Review records for completeness– Signature of person monitoring– Time and date– Critical limit recorded– Correcting mistakes on paperwork

• Electronic data– Assurance of integrity



Validation

• Biggest challenge for small and very small plants

• Review documentation

• Supporting documents sufficient and credible

Reassessment

• Review records

• Frequency

• Ask about changes in process


Common HACCP Failures

CCP Identification

• Too many CCPs identified

Ineffective monitoring

• CCP not monitored frequently enough to control

• Personnel unsure of task

• Not performed as described in HACCP Plan


Records

• Records not complete– missing times, signatures

• False times recorded

• Recorded prior to completion of task

• Use of whiteout or pencil

• Use of obsolete forms

• Not quickly accessible




Missing HACCP Plan

• Each product or product group has to have their own plan

Lack of training

• General staff

• Quality Assurance/HACCP Monitors

• Do not understand the “whys”

• Lack of documentation to support training

• Proper monitoring procedures


Instruments used in monitoring

• Not calibrated

• Not calibrated correctly

• Calibrated inconsistently

• Record of calibration missing

• No procedure or action for handling an instrument found to be out of calibration




Documentation missing

• CCP decision tree

• Hazard analysis

• Identification of food safety team

Corrective Action not complete

• Root cause not identified

• Observe reoccurrence of problem

• Four criteria of corrective action not met



Methods not validated

• Is there scientific proof to support control measures and critical limits?

• Is supporting documents from a credible source?

Lack of HACCP Plan review

• Minimum requirement is annually

• Required to review whenever there is a change in the system


Auditor Requirements

Requirements for a third-party auditor for Food Safety Management Systems• ISO 22000• Safe Quality Food (SQF)


ISO 22000 Auditor Requirements

Found in ISO/TS 22003

Education

• Post-secondary education

• Includes microbiology and chemistry

Food Safety Training

• Recognized HACCP course



Audit Training

• Audit techniques based on ISO 19011

• Relevant FSMS standard (ISO 22000 Lead Auditor course)

Work Experience

• Five years full time

• Two years in Quality Assurance or Food Safety



Audit Experience

• Twelve FSMS audits in last three years (four different organizations)

• Under supervision of a qualified auditor

Competencies

• Audit skills

• Regulation knowledge

• Food safety principles



Auditor Approval

• Criteria reviewed by certification body (CB)

• CB determines if criteria is acceptable

• Categories determined and justified

• CB maintains file of all required documentation

• CB audited by accreditation body



Requirements to maintain ISO 22000 auditor status

• Monitored by CB

• Minimum of five external audits (including two FSMS audits/year)

• Minimum of four FSMS on-site external audits or 10 FSMS audit days/year


FSSC 22000 Auditor Requirements

Similar to ISO 22000 requirements as it is also based off of ISO 22003

Minor Differences

• Does not allow education to replace one year of work experience

• Must conduct three supervised audit days to FSSC 22000 scheme

• Reduced number of Food Sector Categories


SQF Auditor Requirements

Listed on SQFI Web site – www.sqfi.com

Education

• Bachelor’s degree in Food Science

• Demonstrate skill

HACCP Training

• Recognized HACCP course



SQF Systems Training

• Implementing SQF Systems (optional)

• Auditing SQF Systems (SQF training course only)

Auditor Training

• Attend an objective “Auditor Training” course of at least eight hours in length



Work Experience

• Five years

Audit Experience

• Low risk = 15 audit days/category (120 hrs)

• High risk = 20 audit days/category (160 hrs)



Competencies

• Proficiency in auditing and communication

• Ability to identify potential quality defects

• Ability to identify and assess potential food safety hazards and the effectiveness of control measures

• HACCP principles

• Technical knowledge of product and process

• Knowledge of relevant PRPs, industry codes of practice, legal requirements, industry guidelines and standards



Has to be approved and registered with SQF

Complete Application

• Sponsored by a CB

• Identify categories

• Reviewed by SQF

• Fee for each category

• Signed Code of Conduct

• Once approved, listed on SQF Web site



All approved SQF auditors will be issued an ID card

• List categories approved to audit

• Identifies expiration date

• It is the company’s responsibility that their scope matches the auditor’s credentials



Requirements to maintain SQF auditor status

• Submit audit log – Minimum of six complete SQF System audit

days

• Professional Development – Minimum 15 hours

• SQFI four hour Professional Update


Questions?


Contact Information

For more information please call 800.795.3641, visit www.eagleregistrations.com

or e-mail [email protected].


ABOUT EAGLE

EAGLE Registrations Inc. services and accreditations* include:

ISO9001* • ISO14001* • ISO/TS16949* • AS9100*

ISO13485 • OHSAS18001

EAGLE Food Registrations Inc. services include:

ISO22000 • Safe Quality Food (SQF)

*Accreditation by ANSI-ASQ National Accreditation Board (ANAB) and International Automotive Oversight Bureau (IATF)

EAGLE Registrations Inc. is an accredited* third-party certification body, providing personalized, value-added third-party certification for international quality, environmental and food standards. We help our clients maximize their quality system investment and improve business results through personalized service, compliance analysis, constructive feedback and superior industry knowledge.

Auditing HACCP Programs 10.2.09 - Certified Quality … HACCP Programs ... (ISO 22000 Lead Auditor...

Documents

Transcript of Auditing HACCP Programs 10.2.09 - Certified Quality … HACCP Programs ... (ISO 22000 Lead Auditor...