Why Structural
Changes of ISO 22000:2018 are Important?
As
of 2005, International Organization for Standardization launched ISO 22000 and
by 2016 the famous food safety management system (FSMS) standard has been
adopted more than 32,000 organizations worldwide according to the annual ISO
Survey last published in 2016. Nonetheless, more than 16,000 organizations have
been certified under the Food Safety System Certification 22000 (FSSC) private
certification scheme, where core of the FSSC 22000 is ISO 22000 while
adaptation of several other additional compliances but keeping the core
requirements exactly align to ISO 22000. Hence, improvements in the revision
will also effect these companies to upgrade all systems, because ISO 22000 is
anyway revised where FSSC 22000 is majorly depend on its progress, thus there
is no alternative for organizations practicing GFSL standard since it is not
independent. Thus, standard has created vacuums in existing systems where
organizations required to adjust their system with considering the core changes
and improvements to comply with new requirements. considering the broadness of ISO 22000's core changes, the standard has given a reasonable time period to convert the existing systems. The auditing model of the FSSC 22000 is much better and superior to ISO 22000, because they also conduct once a year unannounced audit to keep organizations continuously following their compliance rather than audit day fireworks.
The
Process Approach
As
ISO 22000:2018 explains, the process approach of the standard involves
systematic definition and management of processes, and their interactions, to
achieve the intended results in accordance with the food safety policy and
strategic direction of the organization. Hence, management of the processes and
the system can be achieved using the PDCA cycle as a whole with an overall
focus on risk-based thinking aimed at taking advantage of opportunities and
preventing undesirable results, because understanding and managing interrelated
processes as a system contributes to the organization’s effectiveness and
efficiency in achieving its intended results. Thus, communication along the
food chain is essential to ensure that all relevant food safety hazards are
identified and adequately controlled at each step within the food chain. This
implies the importance of communication between organizations between both
upstream and downstream in the food chain. Nonetheless, recognition of the
organization’s role and the position within the food chain is essential to
ensure effective interactive communication throughout chain in order to deliver
safe food product to the end user.
Further,
ISO 22000:2018 has expanded the use of PDCA (plan-do-check-act) cycle while
integrating HACCP into the common cycle used in the ISO 9001 which has been
segregated to two levels as organizational planning and control and operational
planning and control. Hence, first covers the overall frame of the FSMS (Clause
4 to Clause 7 and Clause 9 to Clause 10), while operational planning and
control covers the operational processes within the food safety system as
described in Clause 8, where communication between two levels is essential.
Here is the brief explanation given by the standard regards to its new
expansion.
Plan:
Establish the objectives of the system
and its processes, provide the resources needed to deliver the results, and
identify and address risks and opportunities;
Do:
Implement what was planned;
Check:
Monitor and (where relevant) measure
processes and the resulting products and services, analyze and evaluate
information and data from monitoring, measuring and verification activities,
and report the results;
Act:
Take actions to improve performance,
as necessary.
The
new version integrates PDCA in a more comprehensive manner where planning has
absorbed the HACCP system and application steps developed by Codex Alimentarius
Commission; by means of auditable requirements, it combines the HACCP plan with
(PRPs) perquisite programs, traceability system and emergency preparedness and
response through operational planning and control. On the other hand, standard
offers an alternative to food manufacturers who do not implement ISO 9001,
while they want to have an effective food safety management system as it
combines a series of advantages, involving quality management, external and
in-house communications, designating responsibility, implementing crisis
management, continual improvement, good health practices and differentiating
between PRP, OPRP and CCP.
As
we already discussed, PDCA cycle has been applied to the operational planning
and controls for food safety in the organization, which is more clearly
established based on HACCP principles and the latest versions of the Codex
Alimentarius standards, the requirements clarify the role of PRPs, OPRPs and
CCPs in the system. The applicable Technical Specification ISO/TS 22002-X must
be considered in the determination of PRPs for the relevant sector in the food
chain. A new entity – ‘action criteria’ – is introduced for the control of
OPRPs and which will be determined from the hazard analysis. A ‘hazard control
plan’ must include relevant OPRPs and CCPs which are now dealt with in similar
ways within the system, albeit recognizing the different food safety risk
levels involved. A number of other requirements such as those relating to
traceability and emergency response are tightened up, including a range of new
verification activities.
The
Foundation
The
ISO 22000 FSMS has been developed based on risk based management model focusing
the entire food supply chain through harmonization. The risk based management
model has eight steps. Through RBMM, each and every processing step is
evaluated for its suitability, if any step is not complying with validation
requirements, will start from the beginning until it can be validated.
The
3 major pillars/layers of ISO 22000 FSMS has not changed from its initial debut
in the new version; they can be shown below figure 5.3, where ISO 22000 has
been developed basically merging GMP, HACCP and ISO 9001 as to the initial
development of the standard. Hence, core of the standard is still the same,
even though there are several new changes has been proposed. As to the figure
5.3, the foundation layer is consist of GMP/GHP/GAP, Codex General Principles
of Food Hygiene and Prerequisite programs which altogether creates very sound
infrastructure and physical requirements to implement food safety requirements
inside the plant focusing on basic food hygiene standards.
The
total food safety is achieved through HACCP system of Codex Alimentarius while
using its seven principles indirectly in different terminologies to identify
hazards and to control them under strict management plan (figure 5.1). This
includes the hazard analysis, identification of critical control points,
establishment of critical control limits, monitoring procedures, corrective
actions, record keeping, validation and verification activities. However, the
use of HACCP word has been minimized to the bare minimum while promoting the
hazard analysis.
Context
and Scope
As
to the modern context in the food industry as well as Annex SL format, ISO
22000:2018 has requested organizations to consider upstream and downstream
issues affecting customers and consumers as well as suppliers of products and
services. Thus, standard requesting organizations to consider their context in
supply chain as well as scope which was already a part of the food safety
system. The context required to consider events or incidents such as food
fraud, food terrorism and related legal issues, which is likely to have a
bearing on the management of food safety risk both for the management system
and the product/process operations.
Management
Involvement
The
role of top management and their engagement in the food safety management
system is emphasized through the responsibility to demonstrate leadership and
commitment to food safety, which further requested to develop an appropriate
food safety policy with relevant business objectives. Hence, overall
responsibility is vested on top management for oversight of system planning,
communication, resource provision and ongoing improvement by reviewing the
system’s suitability, adequacy and effectiveness.
System
Support
The
new edition has concentrated relevant topics in appropriate headings while
eliminating the most of the repetitions where basic system elements
requirements are clarified and strengthened, including communication systems
and needs. Nonetheless, resource planning has been improved with tighter
controls over external contributors to system development, while further
strengthening the previous requirements such as competence of employees, both internal and
external, are more fully explained. In addition, supplier control mechanism are
requested under prerequisite programs for greater control of suppliers of goods
and services.
Evaluation
and Improvement
The
requirements for evaluation of the performance of the FSMS by monitoring,
measurement, auditing and review are retained, with a greater emphasis on the
use of a more integrated, systematic approach to performing these activities
across the whole system. Evaluation outcomes should be directed towards the
prevention of failure in the food safety management system in order to improve
the effectiveness of the system.