Being said that, it was sometime before I
realized a minor mistake that was in my previous model which I eventually
corrected immediately, but I didn’t relieved my embarrassment until I could
come out of a solution after months of brooding and working on it. Thus, I hope
this new model will answer lots of ambiguity in the minds of the users and it
will give a more comprehensive approach to the requirements of the ISO
22000:2018 selection and categorization of control measures. The model given
below is a hybrid development extending my former ISO 22000:2018 decision model
and descriptions given in the ISO/ITC book “ISO 22000:2005 Food safety
Management Systems, An easy-to-use check list for small business – Are you
ready?” as well as codex decision tree and new requirements added in the ISO
22000:2018 version. However, it is not perfect as use to be and application on
your work is completely voluntary, but if you need any clarification; you are
always welcome to write down a comment or send a mail. The site is always happy
to help anyone who is in need.
Now let’s get to
the major facts laid out in the standard where following information is
directly extracted from the standard to give a clear picture of what we are up to.
8.5.2.4
Selection and categorization of control measure(s)
8.5.2.4.1
Based on the
hazard assessment, the organization shall select a n appropriate control
measure or combination of control measures that will be capable of preventing
or reducing the identified significant food safety hazards to defined
acceptable levels.
The organization
shall categorize the selected identified control measure(s) to be managed as
OPRP(s) (3.31) or at CCPs (3.11).
The categorization
shall be carried out using a systematic approach. For each of the control measures selected there
shall be an assessment of the following:
a) The likelihood
of failure of its functioning;
b) The severity
of the consequence in the case of failure of its functioning; this
assessment shall include:
1) The effect on identified significant food safety hazards;
2) The location in relation to other control measure(s);
3) Whether it is
specifically established and applied to reduce the hazards to an acceptable
level;
4) Whether it is a
single measure or is part of combination of control measure(s).
8.5.2.4.2
In addition, for
each control measure, the systematic approach shall include an assessment of the feasibility of:
a) Establishing measurable critical limits
and/or measurable/observable action criteria;
b) Monitoring to detect any failure to remain within critical limit and/or
measurable/observable action criteria;
c) Applying timely corrections in case of failure.
The decision-making
process and results of the selection and categorization of the control measures
shall be maintained as documented information.
External
requirements (e.g. customer requirements) that can impact the choice and the
strictness of the control measures shall also be maintained as documented
information.
(Source: ISO
22000:2018, Food safety management systems – Requirements for any
organization in the food chain)
Mandatory
Definitions
However,
it is mandatory to refer following definitions in order to clearly understand
the complex nature of the requirements for a practical applications of the
above requirements in a decision making process while segregating CCPs, OPRPs
and PRPs. Hence, it is a general norm that, ISO 22000 standard is promoting
more intelligence based decision making instead of logical decision making
through a standard decision tree. In contrast, most of the users prefer logical
sequence even though they apply intelligence based answers for the
requirements. In fact, it is pretty normal situation, because users of the standards
are usually supposed to be looking at standard recognized expert models rather
than wasting time for developing something extravagant. Thus, it is a useful
objective of developing something like a comprehensive decision tree that can
apply standard framer’s intelligence based requirements in the ISO 22000:2018 to
demonstrate logical sequence such as CODEX decision tree, where you need to
consider above 8.5.2.4 with the following definitions to understand
the complete picture.
Action criterion (3.2)
Measurable or
observable specification for the monitoring of an OPRP
Control Measure
(3.8)
Action or activity
that is essential to prevent a significant food safety hazard or reduce it to
an acceptable level
Correction (3.9)
Action to eliminate
a detected nonconformity
Critical control
point - CCP (3.11)
step in the process
(3.36) at which control measure(s) is (are) applied to prevent or reduce a
significant food safety hazard to an acceptable level, and defined critical
limit(s) and measurement enables the application of corrections
Critical limit (3.12)
Measurable value
which separates acceptability from unacceptability
Food safety hazard (3.22)
Biological, chemical
or physical agent in food with the potential to cause an adverse health effect
Measurement (3.27)
Process to determine
a value
Monitoring (3.28)
Determining the
status of a system, a process or an activity
Operational
prerequisite programme - OPRP (3.31)
Control measure or
combination of control measures applied to prevent or reduce a significant food
safety hazard to an acceptable level, and where action criterion and
measurement or observation enable effective control of the process and/or
product
Prerequisite
programme - PRP (3.35)
Basic conditions and
activities that are necessary within the organization and throughout the food
chain to maintain food safety
Significant food
safety hazard (3.40)
Food safety hazard,
identified through the hazard assessment, which needs to be controlled by
control measures
(Source: ISO
22000:2018, Food safety management systems – Requirements for any
organization in the food chain)
By considering
above all information you can distinguish CCP and OPRP with following specific differences.
CCP OPRP
Step in the process Step in the process or not in the
process
Single control
measure Control measure
or combination of CMs
Critical limits Action
criteria or control limits
Measurement Measurement or observation
Enable correction Enable control of product or process
Once you have a clear idea of what you need
to separate through your process, it is becomes easy to deal with 8.5.2.4 selection and categorization of control measure(s), the most critical
and most ambiguous explanation of the standard. However, clause 8.5.2.4.1 (a, b:1-4)
and 8.5.2.4.2 (a, b, c) share eight basic requirements which further needs to
be evaluated based on above differentiation in mind. In fact, given 10 questions
in the ISO 22000:2018/FSSC 22000 decision tree and in CCP/OPRP Decision Table were
developed to differentiate above requirements in a sequential order with familiar
terminologies used in available HACCP decision tree questions as the process is
basically a more comprehensive extension of CODEX HACCP process.
Once you look at
the given ISO 22000:2018 and FSSC 22000 compatible decision tree, it is obvious
that question Q2, Q3 and Q4 are exactly the same questions in the codex
decision tree in the same positioning while question Q5 has slightly deviated and
extended from the question Q1 of the codex diagram. However, the given model is
not as same as its predecessor, because it has very limited window of eliminating
a process step, if it is identified as a prone to functional failures or has a
significant food safety hazard. The only possibility of slipping off of any
step/process/product from the process of evaluation through questions Q3 or Q4 (the
basic codex decision tree questions). However, those “not a CCP/OPRP” steps are
still needs to identify with relevant PRPs to monitor its environment. If a step is identified
as not prone to failures or no significant food safety hazard at the beginning,
the step still needs to be managed with relevant PRPs as they are usually
managed.
ISO
22000:2018/FSSC 22000 Decision Tree Model - A Trickledown Approach
Thus, a step,
process or a product reaches up to the question Q5 means that, it is supposed
to be repeatedly going in comprehensive cycles of loops before it is categorized
in to a CCP or an OPRP in most occasions. As it developed, it is more obvious
that there will be very few CCPs while many OPRPs in a process. In fact, all the
identified CCPs and OPRPs are required to be addressed in the Hazard Control Plan
which is another term to a preventive control plan. This part of the standard is more aligned with
FSMA requirements as it was in consideration at the time of its revision
process. Hence, if an organization trying to operate an ISO/FSSC 22000 FSMS
with the status of a FDA registered facility complying to FSMA requirements or
FSVP, it is actually very easily
compatible with each other as both documents are preventive control plans that requiring
almost same requirements while documenting it. As such, the framers of the
standard has smoothly aligned its requirements with FDA regulations promoting
more effective synchronization.
Therefore, the
given decision tree “ISO 22000:2018/FSSC 22000 Decision Tree Model - A
Trickledown Approach” basically designed to trickle down the CCPs while making
sure that almost any of a kill-step or a critical control point is a
specifically designed process step for its objectives and open for continuous improvements.
Further, it has been looped inside logical sequence to provide any rejection to
flow-back to the top of the decision tree, and move down through the process until
it is accurately assigned according to the standard requirements.
In addition, the
questions used in the decision tree can be converted to a CCP/OPRP Decision Table,
which eventually becomes the part of Hazard Control Plan. The following example
provide clear dynamics of the application based on the previous article “ISO 22000:2018 Decision Tree”.
The CCP/OPRP table can be used as an alternative to decision tree or both can
be used in a combination with more clarity and transparency for decision making
process.
ISO 22000:2018 Decision Table
