Wednesday, September 30, 2015

ISO 22000 Food Safety Management System Documentation

Documentation Structure
This international standard specifies the requirements for a food safety management system (FSMS) that combines the following generally recognized key elements to ensure food safety along the food chain, up to the point of final consumption, that are,
1. Interactive communication
2. System management
3. HACCP principles
4. Prerequisite programs
Communication along the food chain is essential to ensure that all relevant food safety hazards are identified and adequately controlled at each step within the food chain. This implies the importance of communication between organizations between both upstream and downstream in the food chain. Recognition of the organization’s role and the position within the food chain is essential to ensure effective interactive communication throughout chain in order to deliver safe food product to the end user (ISO 22000, 2005).

The Standard defines six types of documentation within a quality management system:
A food safety policy and objectives; a food safety manual (optional);
Documented procedures as required by the standard;
Prerequisite programs
Documents required by the organization to ensure effective planning, operation and control of processes;
Records required by the standard.

However, the amount of documentation will depend on:
The size of the organization, place in the food chain and types of activities; the risk involved; the complexity of processes and their interaction; the competence of personnel. A document is virtually anything that provides information. It may be a record, procedure, specification, drawing or report. The information may be presented on paper, magnetic tape, electronic, computer disc, photograph, master samples or a combination of these.

In those areas where the Standards call for “documented procedures”, one would expect to find information set out in formally, meeting the criteria set out for relevant activity. The flexible approach of the Standard is intended to enhance the implementation, maintenance and improvement of the system. This being the case, management should decide upon structure and format of the documentation that is needed to support the food safety management system. The nature and extent of the documentation should depend upon, and meet, the needs of the organization.

Documentation in the Context of Food Industry
Organization wishing to adapt an existing QMS
An organization with an existing quality management system should not need to rewrite all of its documentation in order to meet the requirements of ISO 22000:2005. This is particularly true if an organization has structured its system in the way it operates effectively, using a risk based management approach. In this case, the existing documentation may be adequate and can be simply referenced in the revised food safety manual (optional) or even in the procedures.

An organization that has not used a risk based management approach in the past will need to define its processes, their sequence and interaction as required by the ISO 22000 Standard. Thus an organization must be able to carry out risk assessment (Hazard Analysis) with some streamlining and/or consolidation of existing documents, in order to simplify its system.

Organizations preparing to implement a FSMS
Since ISO 22000:2005 emphasizes a risk based management approach to food safety management, organizations that are in the process of implementing or have yet to implement a food safety management system should adopt this methodology. The risk assessment and hazard analysis should be the driving force for deciding the amount of documentation needed for the system, taking into account the requirements of ISO 22000:2005; it should not be the documentation that drives the processes. These processes include the management, resources, product realization, hazard analysis validation and continuous improvement.

Based on the ISO 22000:2005 requirements mentioned in the standard, regardless of size, type of activities performed or the place in the food chain; the organization must comply with
o   Food Safety Policy
o   Food Safety Objectives
o   Mandatory Food Safety Procedures
o   Prerequisite Programs
o   Hazard Analysis
o   HACCP Plan
o   OPRAP Plan
o   Work Instructions
o   Specifications/Records/Reports/Check Lists/Guidelines, etc. 

However, the standard did not request to have a Food Safety Manual. But it is much easier and very systematic to have a manual, which can be used as the main document with reference and links to all other documents.  According to the gap analysis results and the ISO 22000:2005 requirements, each and every document must be designed considering the effective implementation and maintenance. It was very important to maintain document linkages as well as the identification of which process required documents and where they should be applied and the way of managing them and the responsibilities and even the distribution as mentioned in the standard.

The following six step process can be adapted as a standard record documentation system development initiative with reference to the ISO 30300:2011 that are needed for the effective operation of the system.
  1. Leadership
  2. Planning
  3. Support
  4. Operation
  5. Performance evaluation
  6. Improvements  
Demonstrating compliance with ISO 22000:2005
In order to claim conformity with ISO 22000:2005, the organization must provide evidence of the effectiveness of the HACCP plan and food safety management system. As noted above, this may not necessarily depend on documented procedures or records, except where these are specifically required by ISO 22000:2005. Organizations, particularly small organizations, may be able to demonstrate compliance without the need for extensive documentation or by adapting externally developed combinations of control measures when the similar industries in existence.

The Food Safety Policy and Objectives
Food Safety policy
The food safety policy should define top management’s commitment to comply with requirements and to continually improve the effectiveness of the food safety management system.

An effectively formulated food safety policy should:
Demonstrate top management commitment to food safety and the provision of adequate resources for its achievement;
Promote a commitment to food safety at all levels in the organization; be consistent with the organization’s overall business policies;
Be consistent with the vision of the organization’s future;
Enable food safety objectives to be understood throughout the organization; address continual improvement and consumer safety;
Food safety policy is a framework for establishing and reviewing food safety objectives.
In establishing the food safety policy, top management should consider:
The expected level of consumer safety;
The needs of other interested parties;
Opportunities and needs for continual improvement; Resources required and;
Contributions of suppliers and partners;

Food Safety Objectives
Food safety objectives are a link between the policy and the commitment to continual improvement. The organization’s objectives should be:
Established during the planning process; set at each relevant function and levels;
Measurable and consistent with the food safety policy;

In establishing food safety objectives, management should consider:
The current and future needs of the organization and the markets served;
Current product and process performance;
The levels of food safety of all interested parties;
Actions arising from management review.
Once decided, the objectives need to be communicated to the appropriate people in a way that they are able to translate these objectives into their individual contributions. Objectives should be reviewed periodically and revised as necessary in order to provide current objectives for continual improvement of the food safety management system.

Food Safety Manual (Optional)
Contents
The food safety manual must clearly define the scope of the food safety management system where food safety manual provides an overview of the food safety management system.  Each manual will be unique to the organization but should contain:

Title page;
Table of contents;
Introduction to the organization; Quality Policy;
The scope of the system, including the details and justification for any exclusion;
Organization structure (for example charts and scopes of responsibility);
A description of the interaction of the processes of the system;
The documented procedures or reference to them;
Amendment record (if appropriate);
A cross-reference between the organization’s system and the requirements of the Standard;
(Adapted from ISO 9001:2008)

Role of the food safety manual is to demonstrate the organization’s ability to operate a food safety management system and impress the customer or to meet customer requirements while defining and clarifying the food safety assurance, facilitate change, improve communications, meet international business requirements, act as a training aid, provide a system of audits and act as a guide for suppliers. The Standard requires that responsibilities and authorities and the interrelation between them are defined and communicated within the organization.  One way of doing this is through organization charts and scopes of responsibility and these may well be presented in the manual. The lines of reporting of the food safety team leader, especially in terms of food safety related decisions should be clearly defined in the organization structure.

Documented Procedures
The ISO 22000:2005 management elements are handled through mandatory food safety procedures, that consists,
Control of documents
Control of records
Corrections
Corrective Actions
Potentially Unsafe products
Withdrawals
Internal Audits 

These procedures are basically identical to ISO 9001, and compatible with its requirements.

The ISO 22000 FSMS also has procedure/ protocol for emergency preparedness and response, which is inherited from reputed safety standards while identical to ISO 9001. However, some organizations may need documented procedures in other areas covering particular departments, functions, or processes.

Procedures should be written in an agreed format and the following are typical sections or headings;
Purpose
The objective or intention of the procedure
Scope
Applicability, boundaries
Procedure/method
Who is responsible for the action/control?
What is actioned/controlled and how, (including how information is processed);
Methods and equipment used
Records to be completed/processed
Where: location.
When: timing, frequency
References
Other documents quoted and those that may need to be read to understand the procedure.
The documented procedures may be contained within the food safety manual or in a separate Procedures manual.

Other Documents
These are documents required by the organization to ensure the effective planning, operation and control of its processes.
Such documents may include:
Product flowcharts; 
Process flowcharts; organization charts; production schedules; work instructions; operating  instructions; Job cards; User manuals; Inspection plans; Test methods and instructions; drawings;
Approved supplier lists; technical manuals;
Manufacturer’s recommendations;
Performance standards;

Prerequisite Programs
However, when you are implementing an ISO 22000:2005 FSMS, initially don’t plan to have all these PRPs in your system, first design and implement mandatory PRPs initially to observe their performance as a dummy. When you complete the hazard analysis, validate all the PRPs before implementation. In this stage you will realize the real additional needs or modifications to the prepared PRPs, where you can decide exact number and the control measures according to ISO 22000 FSMS. According to the ISO 22000:2005, the organization shall establish, implement and maintain PRP(s) to assist in the following:

Controlling the likelihood of introducing food safety hazards to the product through the work environment;
Controlling biological, chemical and physical contamination of the product(s) including cross contamination between products;
Controlling food safety hazard(s) levels in the product and product processing environment.

The PRP(s) shall be appropriate to the organizational needs with regard to food safety, be approved by the food safety team, and their relevance and appropriateness for controlling food safety hazards shall be included in the hazard analysis (7.4).
The PRPs consist of two types:
Infrastructure and maintenance programs (see 7.2.2);
Operational PRP(s) (see 7.2.3).

When selecting and designing PRP(s), the organization shall consider and utilize appropriate existing information (e.g. regulations, customer requirements, guidelines, Codex principles and codes of practices, national, international or industrial standards) that is relevant for the design of the PRP(s).

The prerequisite program requirements (recommended by Codex Alimentarius) are generic which basically designed to cater ISO 22000 food safety management system/HACCP systems. Thus your establishment will need to ensure that the criteria in these programs (including regulatory requirements) are being met within the plant environment as requested by the ISO 22000 standard.
  
Each prerequisite program is structured according to the following example:
A Program (e.g. Premises)
A 1 Element (e.g. Building Exterior)
A 1.1 Sub-element (e.g. Outside Property and Building)
A 1.1.1 Bullet (e.g. Building facility not located close to any environmental contaminants and the surroundings/ roadways are free of debris and refuse, adequately drained and maintained to minimize environmental hazards).
Conduct your final assessment at the sub-element level for each prerequisite program.

Records 
ISO 22000:2005 recognizes records as a special type of document. The organization needs to maintain records to demonstrate compliance with food safety requirements for determining the effectiveness of the food safety management system. Records should be simple, effective and accurate, and provide information for staff to access as they work towards continuous improvement. Records should provide top management with useful information for continual improvement and should provide data for improving processes. Records may appear in any form which means that in many organizations, records will be held electronically.


No comments:

Post a Comment