What’s
New in ISO 22000:2018?
The
ISO 22000 family of food safety standards first launch in 2005, since then it
has been adopted by more than 32,000 organizations worldwide (ISO, 2016) as
their food safety management system due to the risk involved in food
manufacturing sectors and as response to consumer demand for food safety. The standard
revision was first announced around 2012, but it was started in 2014 which took
four years to complete the entire revision up to publication in June 2018. The standard
has introduced significant changes by adapting to the ISOs common high level structure
while creating extended PDCA cycle. Hence, standard has adopted 10 section
based high level structure based on identical core text and common terms and
definitions which can be compatible with other ISO family standards to reduce
the complexities while increasing the adaptability to multiple platform
initiative.
The
core changes introduced in the revision will affect organizations that wish to
maintain their existing system certifications, as well as the organizations that
are involved in the auditing compliance. The changes will also effectively impacted on the existing system scope, top management involvement,
documentation of the system, application of the risk based approach to organizational
needs with a clear focus on the process approach through the Plan-Do-Check-Act
(PDCA) cycle. The PDCA cycle has extended by adaptation of separate HACCP cycle
which runs inside the PDCA. Additional changes introduced to the standard are differentiation
of PRPs, OPRPs and CCPs, adaptation of ISO/TS 22002 (1, 2, 3, 4 and 6) prerequisite
programs on food safety, traceability, allergen management, supplier evaluation
and acceptance which were the major criticism from GFSI to build their own FSSC
22000 while other minor changes were adapted to clarify and simplify the long
held issues in the industry as well as to update international developments in
food safety approaches in the last 13 years.
According
to the World Health Organization’s estimates one in ten people fall ill and
420,000 die because of contaminated food every year where food safety standards
are required to reduce such risks by helping food producers to implement food
safety management systems that defend against the potential hazards and risks
that lead to contamination. Hence, ISO
22000 has the advantage over the many private standards due to its generic
nature, minimum enforcement levels, voluntary adaptation and as it covers the
whole organization. The new ISO 22000:2018 will fully contributes to ensure
food safety hazards throughout the whole food chain from farm-to-folk with the
enhanced compliances, which is essential as hazards occur at any stage of the
food chain. ISO 22000 accommodates communication along the food chain and
within the organization. ISO 22000:2018 has ensures fair competition to the
other food safety standards as it has consolidated major complains made by
public regarding traceability, prerequisite programs, allergen management, food
security, other requirements etc.
The
Major Changes
The
new release has undergone a thorough revision for the standard, since it is the
first revision of the standard after 2005. The standard has now been updated
with ISO’s high level structure (HLS) and revised to meet today’s food safety
challenges, where organizations with previous version certificate must transit
to the 2018 version by June 19, 2021. After this date, the 2005 version of the
standard will be withdrawn. The standard has tried to capture recent updates in
the food safety landscape, changes in business diversity, global commerce and
digitalization in food supply chains. The major proposed changes to the
standard include modifications to its structure as well as clarifying key
concepts.
The
High Level Structure
The
expectation to deliver safe, sustainable and socially responsible food has
increased significantly for the food sector during last 13 years since the
standard was first published. In order to make life easier for businesses using
more than one management system standard, the new version of ISO 22000 will
follow the same structure as all the other ISO management system standards, the
High Level Structure (HLS). Annex SL was developed by ISO as a framework for a
generic management system. It’s the framework for a generic management system
and the blueprint for all new and revised management system standards going forward. The HLS will help to keep consistency, align different
management system standards, offer matching sub-clauses against the top level
structure and apply common language across all standards. With the new standard
in place, organizations will find it easier to incorporate their food safety
management system into core business processes and get more involvement from
senior management.
The
Risk Approach
The
standard now includes a different approach to understanding risk where standard
clarifies the Plan-Do-Check-Act cycle, by having two separate cycles in the
standard working together by one covering the management system and the other,
covering the principles of HACCP. The initiative will combine both
organizational and operational risk management into one management system. Application
of PDCA cycle to manage business risk while using HACCP to identify, prevent
and control food safety hazards, ISO 22000:2018 helps organizations to reduce
exposure to risk and improve safety. The risk is now distinguished between the
operational level and the strategic level, where strategic level of the
management system (business risk), organizations can embrace opportunities in
order to reach a business’s specific goals. On the other hand the operational
level, users can use the Hazard Analysis Critical Control Point (HACCP)
approach. The approach provides the opportunity to consider all the different aspects
that might impact any organization, either good or bad, while allowing to
prioritize the objectives of the organization’s FSMS to implement in a way that
can accommodate the effects of these risks should they occur. The revision has placed
a heavy focus on risk in which organization required to tackle the risks in daunting
and seemingly overwhelming force for better accommodating risk surround
concerns with a FSMS and its processes. Food safety encompasses the prevention,
elimination, and control of foodborne hazards, from the site of production to
the point of consumption. The potential benefits of combining risk-based
thinking, PDCA and the process approach includes focus of FSMS and activities
on high risk processes and understanding how processes within the organization
are interdependent. It will further help more effective use of resources, improved
agility in meeting the requirements of new customers and/or meet new
requirements established by existing customers.
The
Operation Processes
To
help food sector organizations manage the challenges in distinguishing different
key terms, a clear description is given of the differences between key terms
such as Critical Control Points (CCPs), Operational Prerequisite Programs
(OPRPs) and Prerequisite Programs (PRPs). On the operational side, risk-based
thinking provides additional benefits to organizations throughout the food chain
that includes improved control over food safety activities, customer, statutory
and regulatory compliance, facilitated market growth, increased customer/stakeholder
and consumer confidence in products, improved risk management and integration
with other ISO management systems. In addition, ISO 22000:2018 has been changed
it process to offer a dynamic control of food safety hazards through combining
interactive communication, systems management, Prerequisite Programs (PRPs),
and the principles of HACCP. The standard also clearly describes the
differences between these key operation process elements while creating strong
links to Codex Alimentarius HACCP principles.
Context
of Organization and Interested Parties
The
context of organization expanded and the interested parties are added to
provide a high-level, strategic understanding of the important issues that can
affect, either positively or negatively, the way of an organization manages
food safety. It gives food safety team the opportunity to identify and
understand factors and parties that affect the intended outcome(s) of the FSMS,
which also addresses the concept of preventive action. The organization will need
to determine external and internal issues that are relevant to its purpose,
while considering the relevant internal and external issues that could have an
impact or effect on the FSMS in achieving its intended outcome(s). Hence,
system can enable an organization either directly or indirectly involved in the
food chain to plan, implement, operate, maintain, and update a FSMS providing
safe products and services. It also assures the organization’s conformance to
its stated food policy, while evaluating and assessing mutually agreed customer
safety requirements and demonstrating conformity with customers and any other
interested parties.
Leadership
and Commitment
There
is a much greater focus has given on top management to demonstrate their leadership
and commitment with respect to the ISO 22000:2018 to ensure consultation and
participation of top management in the development, planning, implementation
and continual improvement of the food safety management system. Top management
have a responsibility to ensure that the importance of effective food safety management
and clear communication to the all employees and that they understood to ensure
FSMS achieves its intended outcomes. Risk and opportunity ISO 22000:2018 takes
a business orientated approach that requires broader risks and opportunities to
be identified. This robust approach will enable the identification of
opportunities that contribute to further improvement in food safety performance,
which will improve their ability to identify and manage risks more effectively
making them more resilient.
Documented
Information
The
basic changes to the system through HLS is the convergence of ‘procedures’ and
‘records’ into ‘documented information’, which gives the freedom for the organization
to define the type and extent of documented information to be defined, although
some mandatory documentation is still specified, where established controls for
documents in the system are retained. Nonetheless, number of requirements
relating to basic system elements are clarified and strengthened, including
communication systems and needs. Now resource planning is required along with
tighter controls over external contributors to system development, where the needs
of competence of relevant personnel, both internal and external, are more fully
explained, while documented system required for greater control of suppliers of
goods and services.