Auditing HACCP Programs 10.2.09 - Certified Quality … HACCP Programs ... (ISO 22000 Lead Auditor...
Transcript of Auditing HACCP Programs 10.2.09 - Certified Quality … HACCP Programs ... (ISO 22000 Lead Auditor...
© EAGLE Registrations Inc. 2009 CONFIDENTIAL 1
Auditing HACCP Programs
Roger RoethOctober 2, 2009
2© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditing HACCP Programs
Types of Audits
• First-party – Internal audit
• Second-party – Customer or supplier audits
• Third-party – External audit where auditor is unrelated to business
3© EAGLE Registrations Inc. 2009 CONFIDENTIAL
First-party Audits
Internal Audits
• To evaluate the organization’s own process, procedures, and products
• Undertaken by the organization on its own QMS and FSMS
• How many parties involved = 1 (the organization)
• The organization gets the report
4© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Second-party Audits
Also known as external audits, customer audits or supplier audits
Parties involved – two
• Organization and the customer or supplier
Audit is completely flexible – based on what the customer wants
Report goes to the customer
5© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Also known as registration audit
Parties involved – three
• Organization, customer and the certification body
Carried out by an independent organization
Very inflexible as it must follow the audit process completely
Report goes to the organization and the certification body
Third-party Audits
6© EAGLE Registrations Inc. 2009 CONFIDENTIAL
How to audit HACCP
The method to audit HACCP for any type of audit follows the same basic process with some minor differences
7© EAGLE Registrations Inc. 2009 CONFIDENTIAL
How to audit HACCP
Main requirements
• Auditor needs to understand the principles of HACCP
• Auditor needs to understand the process and the product which is produced
8© EAGLE Registrations Inc. 2009 CONFIDENTIAL
How to audit HACCP
Steps to Audit
• Audit the entire HACCP plan– Include prerequisite programs– Review the entire 12 step HACCP process,
however address each component separately– Compare to Codex or NACMCF
• Communicate to all parties to be audited
• Use the process audit approach
9© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Understanding the HACCP Plan
HACCP
• Includes 12 step process (five initial steps and the seven HACCP principles)
• Five initial steps– Assemble food safety team– Describe the product– Identify intended use– Flow diagram– On-site verification of flow diagram
10© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Understanding the HACCP Plan
Seven HACCP Principles
• Hazard Analysis
• Identify CCP
• Establish critical limit
• Establish monitoring procedure for each CCP
• Establish corrective action
• Establish verification procedure
• Establish documentation and record keeping
11© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditing the HACCP Plan
Review the documentation• Understand the details of their HACCP Plan
– Is their Hazard Analysis complete?– Don’t forget to review PRPs
• Take notes on important procedures• Ask for a copy of the flow chart and HACCP Plan
so you can take to the floor
Facility inspection• Verify documentation to what is really occurring• Condition of facility
12© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditing the HACCP Plan
Monitoring - Observe employee performing task
• Compare to written procedures
• Use of calibrated instruments
• Interview the employee– Ask open ended questions?– What are their authority?– Do they understand what and why they are
doing their task?
• Review their training records
13© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditing the HACCP Plan
Corrective Actions
• Review past deviations
• Look for trends
• Were actions complete?
• Was suspect product contained?
• Review records
14© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditing the HACCP Plan
Verification
• Observe and compare
• Review records
• Who is verifying?
• How were deviations handled?
15© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditing the HACCP Plan
Recordkeeping
• If it is not recorded, assume it is not being done!
• Review records for completeness– Signature of person monitoring– Time and date– Critical limit recorded– Correcting mistakes on paperwork
• Electronic data– Assurance of integrity
16© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditing the HACCP Plan
Validation
• Biggest challenge for small and very small plants
• Review documentation
• Supporting documents sufficient and credible
Reassessment
• Review records
• Frequency
• Ask about changes in process
17© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Common HACCP Failures
CCP Identification
• Too many CCPs identified
Ineffective monitoring
• CCP not monitored frequently enough to control
• Personnel unsure of task
• Not performed as described in HACCP Plan
18© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Records
• Records not complete– missing times, signatures
• False times recorded
• Recorded prior to completion of task
• Use of whiteout or pencil
• Use of obsolete forms
• Not quickly accessible
Common HACCP Failures
19© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Common HACCP Failures
Missing HACCP Plan
• Each product or product group has to have their own plan
Lack of training
• General staff
• Quality Assurance/HACCP Monitors
• Do not understand the “whys”
• Lack of documentation to support training
• Proper monitoring procedures
20© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Instruments used in monitoring
• Not calibrated
• Not calibrated correctly
• Calibrated inconsistently
• Record of calibration missing
• No procedure or action for handling an instrument found to be out of calibration
Common HACCP Failures
21© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Common HACCP Failures
Documentation missing
• CCP decision tree
• Hazard analysis
• Identification of food safety team
Corrective Action not complete
• Root cause not identified
• Observe reoccurrence of problem
• Four criteria of corrective action not met
22© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Common HACCP Failures
Methods not validated
• Is there scientific proof to support control measures and critical limits?
• Is supporting documents from a credible source?
Lack of HACCP Plan review
• Minimum requirement is annually
• Required to review whenever there is a change in the system
23© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Auditor Requirements
Requirements for a third-party auditor for Food Safety Management Systems• ISO 22000• Safe Quality Food (SQF)
24© EAGLE Registrations Inc. 2009 CONFIDENTIAL
ISO 22000 Auditor Requirements
Found in ISO/TS 22003
Education
• Post-secondary education
• Includes microbiology and chemistry
Food Safety Training
• Recognized HACCP course
25© EAGLE Registrations Inc. 2009 CONFIDENTIAL
ISO 22000 Auditor Requirements
Audit Training
• Audit techniques based on ISO 19011
• Relevant FSMS standard (ISO 22000 Lead Auditor course)
Work Experience
• Five years full time
• Two years in Quality Assurance or Food Safety
26© EAGLE Registrations Inc. 2009 CONFIDENTIAL
ISO 22000 Auditor Requirements
Audit Experience
• Twelve FSMS audits in last three years (four different organizations)
• Under supervision of a qualified auditor
Competencies
• Audit skills
• Regulation knowledge
• Food safety principles
27© EAGLE Registrations Inc. 2009 CONFIDENTIAL
ISO 22000 Auditor Requirements
Auditor Approval
• Criteria reviewed by certification body (CB)
• CB determines if criteria is acceptable
• Categories determined and justified
• CB maintains file of all required documentation
• CB audited by accreditation body
28© EAGLE Registrations Inc. 2009 CONFIDENTIAL
ISO 22000 Auditor Requirements
Requirements to maintain ISO 22000 auditor status
• Monitored by CB
• Minimum of five external audits (including two FSMS audits/year)
• Minimum of four FSMS on-site external audits or 10 FSMS audit days/year
29© EAGLE Registrations Inc. 2009 CONFIDENTIAL
FSSC 22000 Auditor Requirements
Similar to ISO 22000 requirements as it is also based off of ISO 22003
Minor Differences
• Does not allow education to replace one year of work experience
• Must conduct three supervised audit days to FSSC 22000 scheme
• Reduced number of Food Sector Categories
30© EAGLE Registrations Inc. 2009 CONFIDENTIAL
SQF Auditor Requirements
Listed on SQFI Web site – www.sqfi.com
Education
• Bachelor’s degree in Food Science
• Demonstrate skill
HACCP Training
• Recognized HACCP course
31© EAGLE Registrations Inc. 2009 CONFIDENTIAL
SQF Auditor Requirements
SQF Systems Training
• Implementing SQF Systems (optional)
• Auditing SQF Systems (SQF training course only)
Auditor Training
• Attend an objective “Auditor Training” course of at least eight hours in length
32© EAGLE Registrations Inc. 2009 CONFIDENTIAL
SQF Auditor Requirements
Work Experience
• Five years
Audit Experience
• Low risk = 15 audit days/category (120 hrs)
• High risk = 20 audit days/category (160 hrs)
33© EAGLE Registrations Inc. 2009 CONFIDENTIAL
SQF Auditor Requirements
Competencies
• Proficiency in auditing and communication
• Ability to identify potential quality defects
• Ability to identify and assess potential food safety hazards and the effectiveness of control measures
• HACCP principles
• Technical knowledge of product and process
• Knowledge of relevant PRPs, industry codes of practice, legal requirements, industry guidelines and standards
34© EAGLE Registrations Inc. 2009 CONFIDENTIAL
SQF Auditor Requirements
Has to be approved and registered with SQF
Complete Application
• Sponsored by a CB
• Identify categories
• Reviewed by SQF
• Fee for each category
• Signed Code of Conduct
• Once approved, listed on SQF Web site
35© EAGLE Registrations Inc. 2009 CONFIDENTIAL
SQF Auditor Requirements
All approved SQF auditors will be issued an ID card
• List categories approved to audit
• Identifies expiration date
• It is the company’s responsibility that their scope matches the auditor’s credentials
36© EAGLE Registrations Inc. 2009 CONFIDENTIAL
SQF Auditor Requirements
Requirements to maintain SQF auditor status
• Submit audit log – Minimum of six complete SQF System audit
days
• Professional Development – Minimum 15 hours
• SQFI four hour Professional Update
37© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Questions?
38© EAGLE Registrations Inc. 2009 CONFIDENTIAL
Contact Information
For more information please call 800.795.3641, visit www.eagleregistrations.com
or e-mail [email protected].
39© EAGLE Registrations Inc. 2009 CONFIDENTIAL
ABOUT EAGLE
EAGLE Registrations Inc. services and accreditations* include:
ISO9001* • ISO14001* • ISO/TS16949* • AS9100*
ISO13485 • OHSAS18001
EAGLE Food Registrations Inc. services include:
ISO22000 • Safe Quality Food (SQF)
*Accreditation by ANSI-ASQ National Accreditation Board (ANAB) and International Automotive Oversight Bureau (IATF)
EAGLE Registrations Inc. is an accredited* third-party certification body, providing personalized, value-added third-party certification for international quality, environmental and food standards. We help our clients maximize their quality system investment and improve business results through personalized service, compliance analysis, constructive feedback and superior industry knowledge.