407468052-ISO-22000-Transition-Training-Powerpoint-FINAL-02-20-19.pptx

ISO 22000: Transition from version 2005 to 2018 Operations training February 20, 2019 Presented by mike Govro, david van leuven & Elizabeth rachwitz

ISO 22000:2005 to ISO22000:2018

Clause 0.1 General Benefits of the FSMS, reference to PDCA (Plan Do Check Act) and clarification in verbal forms (shall, should, may, can) have been included Definitions: Shall – indicates a requirement Should – indicates a recommendation May – indicates a permission Can- indicates a possibility or a capability

Clause 0.2 FSMS Principles Key elements moved from the Introduction section (2005) to a separate subsection. Principles common to ISO Management system standards have been included.

Clause 0.3 Process Approach Process approach, PDCA cycle and risk-based thinking (including relationship with HACCP) explanations included 0.3.2 Plan-Do-Check-Act cycle

Clause 0.3 Process Approach Plan: establish objectives of system and its processes, provide resources needed to deliver results, and identify and address risks and opportunities Do: implement what was planned Check: monitor and (where relevant) measure processes and resulting products and services, analyze and evaluate information and data from monitoring, measuring and verification activities, and report the results Act: take actions to improve performance, as necessary

Clause 0.3 Process Approach The standard clarifies the Plan-Do-Check-Act cycle, by having two separate cycles in the standard working together: one covering Organizational Planning and Control (the management system) and one covering Operational Planning and Control (the principles of HACCP).

Illustration of the Plan-Do-Check-Act cycle at the two levels

0.3.3 Risk-based thinking 0.3.3.1 General Risk-based thinking is essential for achieving an effective FSMS. Risk-based thinking is addressed on two levels, organizational (0.3.3.2) and operational (0.3.3.3), which is consistent with the process approach described in 0.3.2. - notice how this pairs with the PDCA Cycle diagram

0.3.3.2 Organizational risk management Risk is the effect of uncertainty, and any such uncertainty can have positive or negative effects. In the context of organizational risk management, a positive deviation arising from a risk can provide an opportunity, but not all positive effects of risk result in opportunities. To conform to this document’s requirements, an organization plans and implements actions to address organizational risks (6.1). Addressing risks establishes a basis for increasing effectiveness of the FSMS, achieving improved results and preventing negative effects.

0.3.3.3 Hazard analysis — Operational processes The concept of risk-based thinking based on the HACCP principles at the operational level is implicit in this document. The subsequent steps in HACCP can be considered as the necessary measures to prevent hazards or reduce hazards to acceptable levels to ensure food is safe at the time of consumption (Clause 8). Decisions taken in the application of HACCP should be based on science, free from bias and documented . The documentation should include any key assumptions in the decision-making process.

Clause 0.4 Relationship with other Management System Standards This revision of the standard has been developed within the ISO high level structure (HLS). The objective of the HLS is to improve alignment between ISO management system standards (ISO 22000, ISO 9001 and ISO 14001). Enables an organization to use the process approach, coupled with the PDCA cycle and risk-based thinking, to align or integrate its FSMS approach with the requirements of other management systems and supporting standards.

FSMS - Requirements for any organization in the food chain Clause 1 Scope General requirements are the same, but wording has clarified or eliminated redundant terms (e.g. suppliers & customers are now all included under interested parties) This document specifies requirements for a FSMS to enable an organization that is directly or indirectly involved in the food chain: a) to plan, implement, operate, maintain and update a FSMS providing products and services that are safe, in accordance with their intended use; b) to demonstrate compliance with applicable statutory and regulatory food safety requirements;

Clause 1 Scope (cont.) c) to evaluate and assess mutually agreed customer food safety requirements and to demonstrate conformity with them; d) to effectively communicate food safety issues to interested parties within the food chain; e) to ensure that the organization conforms to its stated food safety policy; f) to demonstrate conformity to relevant interested parties; g) to seek certification or registration of its FSMS by an external organization, or make a self-assessment or self-declaration of conformity to this document. Now specifically includes animal food (food for animals not producing food for human consumption.)

FSMS - Requirements for any organization in the food chain Clause 2 Normative references Reference has been eliminated

FSMS - Requirements for any organization in the food chain Clause 3 Terms and definitions Reference to ISO and IEC terminology databases has been included. Number of definitions has been increased from 17 to 45. The term Significant food safety hazard has been included and linked to the definition of control measures. "Elimination" of significant food safety hazards has been removed, leaving only reduction or prevention. Definitions of CCP's and OPRP's have been enhanced with additional elements and linked to significant food safety hazards. Clarification between validation, verification and monitoring included. Food, Feed and animal food terms have also been included.

Clause 3 Terms and definitions (cont.) Acceptable level : a control measure is effective if it is able to keep the relevant hazard under the acceptable level in the end product. Contamination is now used for a broader purpose (i.e. now includes effects of food fraud). Harm is replaced by adverse health effect - adds consistency with definition of food safety hazard (where “adverse health effect” is used). The use of assurance highlights relationship between consumer and food product, based on the assurance of safety.

Clause 3 Terms and definitions (cont.) Outsource : An external organization is outside the scope of the FSMS, although the outsourced function or process is within the scope. 6.1.1 states “public authorities are responsible for addressing public health risks . Organizations are required to manage food safety hazards .” The term risk is used at the management system level only, which is the outer PDCA cycle to manage the organizational risk. In the inner PDCA cycle, the operational planning, and control ensuring control of process, the term hazard is used. Control is based on hazard analysis, CCP and oPRP.

Clause 3 Terms and definitions (cont.) A Control Measure should prevent and/or reduce (eliminate has been removed as it is not realistic) significant food safety hazards. Control Measures are managed within the hazard control plan (CCP or oPRP). Section 3.11 has clarified aspects of the Critical Control Point CCP . Section 3.12 requires a Critical Limit MUST be measurable value. (If it is only observable that must be an oPRP).

Clause 3 Terms and definitions (cont.) Monitoring: determining the status of a system, a process or an activity Monitoring is applied during an activity , provides info for action within a specified time frame Validation : obtaining evidence that a control measure/combination of control measures will be capable of effectively controlling significant food safety hazard. Validation is applied prior to an activity , provides info about capability to deliver intended results Verification : confirmation, through the provision of objective evidence, that specified requirements have been fulfilled Verification is applied after an activity and provides info for confirmation of conformity

4.0 Context of the organization

4.1 Understanding the organization & its context 2005 Reference: New section title, New Clause Requirements to determine the external and internal issues relevant to the organization's purpose and ability to achieve intended results, have been included; as well as the review and update of the information.

4.1 Understanding the organization & its context (cont.) What internal and external issues impact the organization? – this exercise helps integrate the FSMS with aspects of the business. Tools such as SWOT or CANVAS may be used by the organization to answer this question, or they may just have a list. The information obtained here is the first building block in developing the organization’s scope. IF organization has done this exercise for another ISO standard, how did they update for FSSC? Info must be reviewed & updated (during periodic event, such as Management Review) Top Management Example Questions: Who determined this information, and how? When would you revise/update this information? How did you document this information, including changes to it?

4.2 Understanding the needs & expectations of interested parties 2005 Reference: New Clause Requirements to determine the needs and expectations of interested parties have been included, as well as the review and update of the information

4.2 Understanding needs & expectations of interested parties (cont.) The organization should identify all internal and external participants (Interested Parties) that have an impact on their Food Safety Management System, and what their Requirements are regarding food safety. The information obtained here is the second building block in developing the organization’s scope. IF organization has already done this exercise for another ISO standard, how did they update for FSSC? Information must be documented, reviewed and updated (during a periodic event, such as Management Review)

4.3 Determining the scope of the FSMS 2005 Reference: Requirements for scope definition already included in 4.1, however further requirements have been added The term services has been added to the scope definition requirement, as well as activities..... that can have an influence on the food safety of the end products of the organization . Link to requirements defined in 4.1 and 4.2 has been added when determining the scope. The organization’s documented information from 4.1 and 4.2 should provide the raw material for them to develop their Scope = the boundaries of their FSMS.

4.3 Determining scope of the FSMS (cont.) The scope: Shall specify products and services, processes and production site(s) included in the FSMS. Shall include activities, processes, products or services that can have an influence on the food safety of its end products. Shall be documented. Is NOT just what is shown on the organization’s certificate or in the FRS! Exclusions are rare as, even if processes, sites, etc. may not be directly managed by the organization, they still must be controlled. Example: an outside warehouse managed and manned by a 3 rd party. The organization would still be expected to ensure this location is meeting their FSMS requirements, as it has influence on the food safety of the organization’s end products.

4.4 Food Safety Management System 2005 Reference: Already existing in 4.1 but more extensive than in the new version. "The organization shall establish, document, implement and maintain an effective food safety management system and update it when necessary in accordance with the requirements of this International Standard". Control of outsourced processes has been moved to clause 7.1 General requirements related to the food safety management system, have been resumed in a single general clause. The word document has been removed giving an open decision how to manage the FSMS . The organization shall establish, implement, maintain, update and continually improve a FSMS, including the processes needed and their interactions, in accordance with the requirements of this document.

Real Example #1 of how Context of the Organization (ISO 9001:2015 surveillance) section was written up: The site’s SWOT Analysis (January 2019) includes a column for strength, weakness, opportunity and threat questions, and additional columns for the departments/areas impacted by each S, W, O and T, such as Manufacturing, Shipping, Sales, Customer Service and Accounting. An example of how the above works is the question “Where do you lack resources?” (a weakness) is answered “manpower” by both Manufacturing and Shipping. The Management Team revised their analysis in their Quality Management Team (QMT) meeting in early 2019 to include Suppliers as an area potentially impacted by the site’s S, W, O and T determinations. The CLIENT NAME Relevant Interested Party Analysis (01/10/18) was also reviewed at that time and found to still be accurate. The Quality Systems Manager is in charge of the QMS. The Management Team has identified the processes needed for the QMS, including Quality Plan (12/11/17) and Quality Process/Relationships (12/11/17). The Management Team has determined the top three risks to be addressed: 1) resource allocation to improve throughput and reduce overtime, 2) focus on downtime/set-up time, and 3) safety, and determined actions to address these risks; however, they have not documented the effectiveness of those actions (see minor non-conformance raised in section I-9.3.2e).

Real Example #2 of how Context of the Organization section was written up for 1 st time ISO 9001:2015 transition (an extra wordy one!): The objective of this process is to ensure management has fully considered, discussed and addressed all aspects of the context of the organization, with this determination used to continuously improve the quality management system. This process was considered effective and met the intent of the standard. The Context of Organization (Rev 0, 11/27/17), Interested Parties, SWOT and Scope of the Management System were developed by the Management Team. The General Manager, Production Manager and Controller, all members of top management interviewed to ensure management commitment to the ISO 9001:2015 transition and implementation, were able to talk to the SWOT and Interested Parties, giving examples that applied to their specific area/department and to the overall site. Site management determined external and internal issues relevant to its purpose using SWOT Analysis (Rev 2, 03/09/18), with detailed strengths, weaknesses, opportunities and threats. Examples of strengths included GFSI certification for direct food contact, people, reputation and ‘the answer is yes”. Examples of weakness included quality product (R&A), yield and on time delivery (OTD). Opportunities included sales and volume growth, continual training and development of employees. Threat examples included competitor pricing strategies, and paper supply logistics. Each item on the list was scored for likelihood (scale 1-5) and severity (scale 1-5); when those scores was multiplied, it provided a Risk Priority Number (RPN). …continued on next slide (I said it was wordy!)…

…continued from previous slide… The team also developed Relevant Interested Parties (Rev 0, 10/18/17), which included such groups as customers, suppliers, employees and managers/supervisors. The team looked at the requirements of each party and the Management System Processes in place to address each of these requirements. Top management decided to address all opportunities and threats. Actions to improve (reduce the RPN) are discussed and documented in Management Review and in Continual Improvement Teams, if created. All are included in the Action Plan list. Interviews of the GM and Sales Manager included how they plan to increase volume and grow sales, both deemed opportunities and threats. Interviews of the Production Manager included discussion on Yield, a weakness tied to numerous opportunities and threats. In addition, the GM was able to show improvements in their key quality objectives when compared to the same time last year, which he attributed to the Continual Improvement Teams and the training program the site has put in place for employees. Site management determined the Scope of the QMS included all production and service activities that take place at the local address and the outside warehouse. The site uses the flow diagrams in Context of Organization and Process Mapping for CLIENT NAME, most recently reviewed for accuracy on 04/28/18, to document their QMS processes, including inputs and outputs, the sequence of steps, criteria and method, resources needed, and responsibility and authority. Management Team members interviewed for this process: TG, TT, SW, DH and A

5.0 leadership

5.1 Leadership & Commitment 2005 Reference: Partially covered by clause 5.1 & 7.4.3 Responsibilities of top management have been extended, including demonstrable leadership and supporting other relevant management roles. Strengthens emphasis on leadership and management commitment. Top Management Example Questions: How did you establish (and update, if already established) site’s FSMS objectives? How do you communicate these objectives to your employees? How do you ensure adequate resources are given to the FSMS? Examples? What are your current/recent FSMS continual improvement projects?

5.2 Policy 2005 Reference: Partially covered by 5.2 The organization shall establish, implement, maintain, update and continually improve a FSMS, including the processes needed and their interactions, in accordance with the requirements of this document. The word "document” was deleted.

5.2 Policy (cont.) The organization’s Food Safety Policy must: include a commitment to satisfy applicable food safety requirements (statutory, regulatory, mutually agreed customer requirements related to food safety) address internal and external communication include a commitment to continual improvement of the FSMS address the need to ensure competencies related to food safety be part of documented information (document control) Top management must facilitate understanding of the Food Safety Policy by their employees. It is no longer enough that employees know where the policy is hung in the plant.

5.3 Organizational roles, responsibilities & authorities 2005 Reference: Partially covered by 5.4, 5.5 and 7.3.2 Responsibilities and authorities for relevant roles shall also be understood , not only defined and communicated (new requirement). Additional requirements have been assigned to top management, related to the assignation of specific responsibilities and authorities within the FSMS.

5.3 Organizational roles, responsibilities & authorities (cont.) It should be evident that top management assigned the responsibility and authority for all aspects of the FSMS. Responsibilities of the Food Safety Team Leader are included here. How has top management alerted all personnel that they should report FSMS problems? Who should they report these problems to?

6.0 planning

6.1 Actions to address risks & opportunities 2005 Reference: New section title, New clause New requirements added related to determining risks and opportunities, actions to address them and their planning . Important Note added (6.1.1) to clarify the concept of risks and opportunities in the context of the standard (events and their consequences relating to performance & effectiveness of the FSMS)

6.1 Actions to address risks & opportunities (cont.) This new section requires organizations to determine, consider, and where necessary, take action to address any risks that may impact (positively or negatively) the ability of the management system to deliver its intended results. There should be evidence the organization used information determined in sections 4.1, 4.2 and 4.3 to develop risks and opportunities to be addressed.

6.1 Actions to address risks & opportunities (cont.) How did they decide which to address? Not all items stemming from their work in 4.1 – 4.3 need to be addressed at the same time. It is up to the organization to determine which they address and timeframe. The organization should be able to provide how they have/will evaluate effectiveness of actions taken to address these risks and opportunities (this is an input to Management Review, see 9.3.2c8)

6.2 Objectives of the FSMS and planning to achieve them 2005 Reference: Partially covered by 5.3 Additional specific requirements for the definition of objectives have been incorporated (SMART), as well as requirements related to the planning to achieve them. New requirement : Food safety, statutory, regulatory and customer requirements shall be taken into account when defining objectives. Are objectives SMART ? S pecific – M easurable – A chievable – R elevant – T ime Based?

6.2 Objectives of the FSMS and planning to achieve them (cont.) This section strengthens focus on FSMS objectives as drivers for improvement. How did organization take into account applicable food safety requirements (statutory, regulatory and customer) when planning objectives? This section ties to section 9.1.1 Monitoring, measurement, analysis and evaluation.

6.3 Planning of Changes 2005 Reference: Partially covered by 5.3 The general requirement in clause 5.3 (v2005) has been extended to include additional considerations when planning and carrying out changes within the FSMS How has organization ensured integrity of FSMS is maintained when a change is required (to process, product, personnel, equipment, regulation, raw material, etc.)? Ask for real-life examples.

7.0 support

7.1.1 General 2005 Reference: New section title, Partially covered by clause 6.1 Consideration of capability & constraints of existing resources as well as the need for external resources in the determination of resources needed, has been added as a requirement Is a part of top management’s planning/budget used for FSMS maintenance and continual improvement?

7.1.2 People 2005 Reference: Partially covered by 6.2, 6.2.2. Separated as a sub-clause under resources. Requirements applicable to external experts have been included under this sub-clause. Definition of competency in the agreement/contracts with external experts has been added. Does/did the organization use an external expert to help install/maintain their FSMS? If so, ask to see documented evidence of an agreement/contract defining the competency, responsibility and authority of that expert.

7.1.3 Infrastructure 2005 Reference: Partially covered by clause 6.3 Wording has been changed slightly and a note added with examples of infrastructure (land, vessels, buildings and associated utilities; equipment, including hardware and software; transportation; information and communication technology).

7.1.4 Work Environment 2005 Reference: Partially covered by clause 6.4 Wording has been changed slightly and a note added giving examples of human and physical factors comprising a suitable environment (social; psychological; physical).

7.1.5. Externally developed elements of the FSMS 2005 Reference: Partially covered by 1 Specific requirements applicable to externally developed elements have been introduced under this clause If the organization used an external resource to assist in developing parts or the whole of their FSMS, how did the organization ensure these elements were applicable, adapted to their processes, and remain current?

7.1.6 Control of externally provided processes, products or services 2005 Reference: Partially covered by 4.1 Version 2005 required the definition and documentation of the control of outsourced processes, however under version 2018 the requirements have been extended to also providers of products and services. Requirements have also been enhanced and made more specific. Requirements for evaluation , selection, monitoring of performance/ re-evaluation of external providers have been added as well as requirements for adequate communicatio n. Performance of external providers has also been added as an input for Management Review.

7.1.6 Control of externally provided processes, products, services (cont.) This clause introduces the need to control the suppliers of processes, products and services (including outsourced processes) and to ensure adequate communication of relevant requirements in order to ensure FSMS requirements are met. Relevant documented evidence of this monitoring must be retained. Performance of external suppliers is an input to Management Review, see 9.3.2c7. Examples of externally provided processes, products or services include raw material suppliers, transportation, outsourced services, warehousing/distribution, janitorial services, contractors, temporary labor services, etc.

7.2 Competence 2005 Reference: Partially covered by clauses 6.2.1, 6.2.2, 7.3.2 Food safety team competence has been included under this clause, scope of necessary competence includes now also specifically external providers. Requirement for personnel responsible of the operation of the hazard control plan has been changed from trained to competent. Awareness requirements have been moved to clause 7.3. Requirements related to personnel understanding of effective communication has been moved to clause 7.4

7.2 Competence (cont.) Organization must determine required competencies for anyone who impacts the FSMS Food Safety Team members Personnel responsible for operation of the Hazard Control Plan Personnel responsible for performing tasks related to CCPs oPRP and PRP. External providers are specifically mentioned! Subcontractors ALL personnel, as they are responsible for reporting issues with the FSMS How does the auditor determine a person is competent? Use challenge questions. What are some food safety specific issues that would make you stop your line? What changes to your organization would warrant revising the Hazard Control Plan? How would you know if a raw material supplier had to get a component from another location?

7.3 Awareness 2005 Reference: Partially covered by 6.2.2 Awareness requirements previously mentioned in clause 6.2.2 e) have been moved to clause 7.3 and extended with specific awareness related to the food safety policy, objectives (relevant to their tasks), improved safety performance and implications of non-conforming with the FSMS requirements.

7.3 Awareness (cont.) Does the person you’re interviewing understand their impact (positive and negative) on the organization’s FSMS? Potential auditor questions: Does your site have a Food Safety Policy? What is your understanding of it? How can you personally impact Food Safety? (job and person) Who would you talk to if you had a concern with Food Safety? (then ask that person what they would do with this information) How does your management alert you re Food Safety concerns (such as chemical control, cleaning, audit results, Food Defense, etc.)?

7.4.1 Communication - General 2005 Reference: Partially covered by 6.2.2 Additional requirements regarding the scope of the internal and external communications have been added. Understanding of effective communication requirements have been included under this clause. There has to be a clear decision on whether, what and how to communicate.

7.4.2 External Communication 2005 Reference: Partially covered by 5.6.1 Additional requirements have been added in regards to the external communication related to customers/consumers. The term suppliers has been changed to external provider . The issues that need to be communicated are now to be defined in a previous step (clause 7.4.1) by the organization, thus they are not longer restricted only to issues concerning food safety, but all communication relevant to the FSMS.

7.4.3 Internal Communication 2005 Reference: Was 5.6.2, with existing requirements maintained Personnel qualification has been changed to competencies . The organization should be able to show how information from internal communication to/with the Food Safety Team can be tied back to updating of the FSMS (see 4.4 and 10.3) AND is used as an input to Management Review (see 9.3.2c1)

7.5.1 Documented Information - General 2005 Reference: Partially covered by 4.2.1, 5.6.1 Requirement for documented information required by statutory, regulatory authorities and customers has been added. Documented statements of the food safety policy and objectives are no longer mentioned separately under this clause, however the requirements for this documents are stated under 5.2.2. and 6.2.1

7.5.1 Documented Information – General (cont.) The term documented information relates to both how to operate a process (procedure, work instruction, etc.) and evidence of the results achieved (completed record). A documented Food Safety Manual is no longer required.

7.5.2 Creating and Updating 2005 Reference: Partially covered by 4.2.2 Requirement made applicable to all types of documented information (including records). Requirements for identification, description and format

7.5.3 Control of documented information 2005 Reference: Partially covered by 4.2.2, 4.2.3 Scope extended for all types of documented information Organization must control changes to documents AND records. Documented information of external origin determined by the organization to be necessary for the planning and operation of the FSMS shall be identified, as appropriate, and controlled. A written procedure for controlling documents and records is no longer required .

8.0 operation

8.1 Operational Planning and Control 2005 Reference: New title, Partially covered by 7.1a, 8.3, 8.5.2 The requirements originally included under 7.1 were extended to take into consideration the implementation of actions defined to address risks and opportunities (6.1) . Responsibility of the organization to take under control the planned & unintended changes , as well as outsourced processes has been added in this clause

8.1 Operational Planning and Control (cont.) Part of the PDCA Cycle Includes the codex Alimentarius 7 principles/12 steps. Includes reference to control of changes (6.3) and control of outsourced processes (7.1.6).

8.1 Operational Planning and Control (cont.) How does the organization ensure food safe product is consistently realized through each step in the process (each hand off)? How do they control the actions put in place to address the risks and opportunities determined in section 6.1 so they achieve planned outcome? What process( es ) do they have in place to control planned changes? How do they learn from changes that unintendedly impact their FSMS? How do they control outsourced processes – external design company, transportation, warehousing, production competitor used for overflow orders, etc. – to maintain food safe product to final customer?

8.2 Pre-Requisite programs 2005 Reference: Partially covered by 7.2 Wording has been changed slightly and appropriateness of the PRP linked to the context of the organization. Reference to consider ("should") the applicable ISO/TS document (ISO-22000:2018 audits only) in the definition of PRP has been added. Supplier approval and product information/consumer awareness have been included in the list of minimal PRPs needed by the organization. PRP's Documented information shall now also specify their selection, applicable monitoring and verification.

8.2 Pre-Requisite programs (cont.) 8.2.1 now requires PRPs are updated to prevent/reduce contamination risk. Did results of verification activities show a PRP should be updated? Ask for documented evidence of this planned change. Section 8.2.3 includes items the organization should consider when establishing PRPs. Section 8.2.4 includes the minimum list the organization shall consider when establishing PRPs: supplier approval and assurance added (8.2.4f) – was “management of purchased materials” Product information/consumer awareness – new! (8.2.4k)

8.3 Traceability system 2005 Reference: Partially covered by 7.9 Wording has been changed, minimum requirements when establishing a traceability system have been added (including reworking). Requirement for verification and testing of the effectiveness of the traceability system has been added . A note has been added regarding the reconciliation of quantities of end products & ingredients.

8.3 Traceability system (cont.) Now includes requirements for taking rework into account and ensuring retention time of records related to the shelf life of the products. Reconciliation of quantities of end products with the quantity of ingredients should be considered. Is the organization tracking scrap? The organization MUST verify and test the effectiveness of the traceability system . If records show the system was not effective (did not meet organization’s planned results), what did they do about this? - Organization’s system shall be challenged with a trace exercise during the audit

8.4 Emergency preparedness and response 2005 Reference: Partially covered by 5.7 Responsibility is still assigned to top management. The word accidents has been changed to incidents . A requirement for documented information regarding the management of these situations has been included. Procedures to respond to these situations are still required

8.4 Emergency preparedness and response (cont.) Documented information shall be established and maintained to manage situations and incidents that have occurred. Documented information must be reviewed and, where necessary, updated after the occurrence of any incident, emergency situation or test. The organization should periodically test procedures, where practical. An annual fire drill is not good enough. Was the test a success, or did it reveal an unintended impact that requires a revision to procedures?

8.5.1 Preliminary steps to enable hazard analysis 2005 Reference: Partially covered by 7.3. Description of process steps and control measures (7.3.5.2) has been replaced by Description of process and process environment, and the scope of the requirements has been extended to include additional descriptions. Variations from expected seasonal changes & shift patterns shall also be included. Requirements related to the competence of the Food Safety Team have been relocated to Clause 7.2 Competence. General: Minimum relevant information to be considered when conducting the Hazard Analysis has been added.

8.5.1 Preliminary steps to enable hazard analysis (cont.) Characteristics Raw Material : Source (e.g. animal, mineral or vegetable) has been included in the list of characteristics of raw materials and clarification given in regards to place of origin. Characteristics end product: wording such as Methods of distribution and delivery has been added. Flow Diagrams : Inputs and Outputs to be detailed in the flow diagrams have been extended and the on-site verification requirements described separately (8.5.1.5.2).

8.5.1 Preliminary steps to enable hazard analysis (cont.) 8.5.1.4 Intended use: Groups of consumers/users, especially those known to be especially vulnerable to specific food safety hazards, shall be identified (was considered). 8.5.1.5.1 Preparation of the flow diagrams: c) has added processing aids, packaging materials and utilities to be included in flow diagrams (as appropriate) 8.5.1.5.3 Descriptions of processes and process environment: the number of issues the Food Safety Team must address when describing processes for the hazard analysis has been greatly expanded .

8.5.1 Preliminary steps to enable hazard analysis (cont.) The number of issues that the food safety team must address when describing processes for the hazards analysis was expanded to include:

8.5.2 Hazard analysis 2005 Reference: Partially covered by 7.4 Hazard identification & acceptable levels : internal epidemiological/ scientific/ historical data shall also be used as an input in the identification of hazards, as well as statutory/regulatory/customer requirements . Clarification Notes have been added. Recommendation to consider hazards in sufficient detail has been added. Requirement to use the pre-defined flow diagram has been added in alignment to the Codex. Hazard Assessment : The word elimination of food safety hazards has been removed. Requirement to identify significant food safety hazards has been included.

8.5.2 Hazard analysis (cont.) Selection of control measures : The word elimination (re food safety hazards) has been removed and the wording significant food safety hazards has been added to scope of application of this sub-clause. Also clarification on control measures to be managed as OPRPs or as CCPs, (replacement of the words HACCP plan. CCP and OPRP to be managed via a Hazard Control Plan ). Inputs for conducting the assessment & categorization of control measures have been extended to include feasibility of establishing measuring Critical Limits and applicability of timely corrections. External requirements that can impact the choice and strictness of control measures shall be documented.

8.5.2 Hazard analysis (cont.) 8.5.2.2.2 has strengthened identification of step(s) (e.g. receiving raw materials, processing, distribution and delivery) at which each food safety hazard can be present, be introduced, increase or persist. When identifying hazards, the organization shall consider: a) the stages preceding and following in the food chain; b) all steps in the flow diagram ; c) the process equipment, utilities/services, process environment and persons .

8.5.3 Validation 2005 Reference: Partially covered by 8.2 and 7.6 Wording has been changed to clarify that validation applies to both single control measures and combinations of control measures . Requirement to maintain the validation methodology and evidence of capability has been added.

8.5.4 Hazard Control Plan 2005 Reference: Partially covered by 7.5 and 7.6 The HACCP plan and OPRP document have been combined in a single document called Hazard Control Plan . Requirements for both OPRP and CCP (monitoring, critical limits/action criteria/ corrections/corrective actions) have been combined under this clause (8.5.4) Action Criteria definition has been included as a requirement for OPRP as well as specific requirements to define them.

8.5.4 Hazard Control Plan (cont.) The input of monitoring methods has been added as an additional option next to monitoring devices. For OPRPs, equivalent methods of verification of reliable measurements are now permitted in place from calibration methods. Requirements for actions to be taken are not only applicable for when critical limits are not met but also when action criteria is not met .

8.5.4 Hazard Control Plan (cont.) 8.5.4.2 Determination of critical limits and action criteria contains a key change to the standard. It clarifies the difference between CCPs and oPRPs Monitoring of a CCP is a measurable critical limit Monitoring of an oPRP is a measurable or observable action criteria

8.6 Updating information specifying the PRP and Hazard control plan 2005 Reference: Partially covered by 7.7 Change in wording to substitute HACCP Plan & OPRP for Hazard Control Plan. Additional information has been added in the outputs of the update process

8.7 Control of monitoring & measuring 2005 Reference: Partially covered by 8.3 The scope of application of 8.7 has been clarified: methods and equipment related to PRP and hazard control plan . Frequency of calibration/verification has been modified to specified intervals prior to use . Requirements for validation of software used in monitoring and measuring within the FSMS have been added, including documented information in validation activities. updates and management of changes of the software.

8.8 Verification related to PRP and the hazard control plan 2005 Reference: Partially covered by 7.8, 8.4.2 The activities to be covered by the verification activities have been extended: effectiveness of PRPs has been added and Hazard Control Plan replaces the terms HACCP Plan and oPRP. Requirement for impartiality of person conducting the verification has been added (not the same person that performs the monitoring). Application of corrective actions has been included in case potentially unsafe product is detected via the verification activities.

8.8 Verification related to PRP and the hazard control plan (cont.) PRP verification not only confirms PRP was implemented but also that it is effective . Person performing verification activities can not be a person who is involved in the monitoring of that PRP.

8.9 Control of product and process nonconformities 2005 Reference: Partially covered by 7.10 Corrections/ Corrective Actions: Actions to review the non-conformance identified by regulatory inspections reports & consumer complaints have been added. The term action criteria has been defined as a trigger of corrections/Corrective Actions. The wording "evaluating the need for action to ensure that non conformities do not recur" has been replaced with determining & implementing actions to ensure...

8.9 Control of product and process nonconformities (cont.) Handling of potentially unsafe products: Requirement clarified for evaluating each lot of affected product . Requirement added for not releasing product affected by failure to meet critical limits at a CCP , leaving the evaluation for release only applicable to products that fail to comply with the action criterion of an OPRP. Requirement added to retain as documented information the results of the evaluation of release .

8.9 Control of product and process nonconformities (cont.) An additional potential disposition of non-conforming product has been added (redirected for other use) & requirement to retain documented information. Withdrawal/Recall : Separation between withdrawal and recall has been made, applicability for requirements under 8.9.5 is for both processes.

8.9 Control of product and process nonconformities (cont.) When nonconformity of a product is related to critical limits at CCPs that product is potentially unsafe and shall not be released. When nonconformity of a product is related to action criteria for oPRPs that product may be released, provided the requirements of 8.9.2.3 are successfully met. Documented information must be retained!

9.0 performance evaluation

9.1 Monitoring, measuring, analysis and evaluation 2005 Reference: New section title, Partially covered by 8.4.2 and 8.4.3 General: organization must determine what, when and how they will monitor and measure, and who and when will these results be analyzed and evaluated. Results must be retained as documented information.

9.2 Internal Audits 2005 Reference: Partially covered by 8.4.1 Inputs for generating the audit program have been extended: changes in the FSMS & results of monitoring and measurement shall be taken into account to develop the audit program. Requirement added to ensure that the results of the audit are reported to the FS Team & relevant management. Requirement added related to determining if the FSMS meets the intent of the food safety policy & objectives as part of the internal audit process.

9.2 Internal Audits (cont.) Importance of the Processes : these vary but may include management review, corrective action, internal audit, actions to address risks and opportunities, operational planning, and objectives. Changes Affecting Organization : Unique situations could warrant additional audits. High turnover - competence and awareness. Significant building/equipment upgrades – food defense and visitor/contractor competence. Loss of major customer – operational planning/control and control of product/process nonconformities.

9.3 Management Review 2005 Reference: Partially covered by 5.2, 5.8 MR Inputs: The structure and number of inputs for the management review have been amended. Additional inputs have been included, and a number of inputs grouped under a general input of information on the performance & effectiveness of the FSMS . MR Outputs have also been amended to include specific actions/decisions related to continual improvement opportunities and the need for updates & changes in the FSMS

9.3 Management Review (cont.) Management Review should be about site management looking for trends (in such functions as customer satisfaction, internal/external audits, internal/external corrective action, etc.) NOT just a listing. Did actions to address risks and opportunities (from section 6) achieve intended results? If they did, how was it documented in MR minutes? If they did not, how were actions updated and revised?

10.0 improvement

10.1 Non conformity and corrective action 2005 Reference: New section New clause specifying requirements to deal with non-conformities within the organization, including the requirement to determine if similar non conformities could potentially occur (preventive actions) Site management should not react to a customer’s complaint in a vacuum. They should be looking at similar internal/external issues in other areas of the organization and trends.

10.1 Non conformity and corrective action (cont.) Three types of evidence for you to review: Does the action relate to the root cause? Was the action actually implemented? Was the action effective in preventing the recurrence of the problem? How is site management reviewing the effectiveness of the corrective action(s) ? This is NOT a verification that the action was implemented (i.e. Yes, training was completed on 01/01/19).

10.2 Continual Improvement 2005 Reference: Partially covered by 8.1 , 8.5.1 Requirement extended to include the improvement of the suitability and adequacy of the FSMS, not just the effectiveness. What Opportunities for Improvement are site management working on? These should come from Management Review inputs and outputs, including actions to address risk, plans to achieve objectives, and/or address customer feedback.

10.3 Update of the FSMS 2005 Reference: 8.5.2 Wording changes slightly according to new terms & titles Did these Continual Improvements achieve the intended result(s)? If so, how did site management update the FSMS (focus on section 9.1, 9.3)? If not, how has management adjusted their planning (section 6)?

questions?

Quiz time!

407468052-ISO-22000-Transition-Training-Powerpoint-FINAL-02-20-19.pptx

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

407468052-ISO-22000-Transition-Training-Powerpoint-FINAL-02-20-19.pptx

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Slide 50

Slide 51

Slide 52

Slide 53

Slide 54

Slide 55

Slide 56

Slide 57

Slide 58

Slide 59

Slide 60

Slide 61

Slide 62

Slide 63

Slide 64

Slide 65

Slide 66

Slide 67

Slide 68

Slide 69

Slide 70

Slide 71

Slide 72

Slide 73

Slide 74

Slide 75

Slide 76

Slide 77