ISO 22000:2005 Food Safety Management Systems Auditor/Lead Auditor Training Course

Session 1 Objectives
Describe the course aims, objectives, structure, logistics To establish what Students want to gain from the course and to allow each Student to identify themselves to their fellow Students Understand the role of IRCA (IRCA K4.3.1e) Understand the IRCA Food Safety Management Systems Auditor/Lead Auditor certification scheme criteria and process (IRCA K4.3.1e)

Accelerated Learning Introduction

Unless what is learned is applied, there is no learning

Active learning beats Passive learning every time

Learning is an act of creation

RULES OF THIS CLASS -Make mistakes -Ask lots of questions -Cheat -Have fun
What are the order of the planets from the sun?

Aims and Objectives

Describe the fundamental purpose of a Food Safety Management System (FSMS) Explain the purpose, content and interrelationship of: management system standard ISO 22000:2005 and guidance document, industry practice; standard operating procedures; and relevant food safety legislation Explain the role of an auditor to plan, conduct, report and follow up an audit in according with ISO 19011 Plan, undertake and report an audit of a food safety management system in accordance with ISO 19011 Audit the adequacy of an organisations Food Safety Management System

Course Program Day 1

Introduction and Welcome IRCA and Auditor Registration Purpose of a Food Safety Management System HACCP Based Control Systems ISO 22000:2005 series

The International Register of Certificated Auditors (IRCA)

Independent organization within the Institute of Quality Assurance (IQA) IRCA has two principle activities: Certification of Auditors Certification of Auditor Training

IRCA Food Safety Management Systems Auditor Certification Scheme

The objectives of the Food Safety Scheme; To provide confidence to the regulatory authorities, to the accreditation bodies and certification bodies, to business and industry, and indirectly to the public at large, that auditors certified to this scheme are competent.. To benefit the auditor by conferring registration status

IRCA Food Safety Certification Categories

Three certification grades for auditors: Food Safety Provisional Auditor Food Safety Auditor Food Safety Lead Auditor

IRCA Auditor Registration Scheme

Academic Qualification

Work Experience Auditing Experience

Formal Auditor Training

IRCA Contact Information

Address: IRCA, PO Box 25120, 12 Grosvenor Crescent, London SW1X 7ZL

Telephone / Fax: +44 (0)20 7245 6833/ +44 (0)20 7245 6755 E-Mail: fs@irca.org Website: www.irca.org

Session 2 Objectives
Students become familiar with and understand food/ Food Safety Management System (FSMS) terminology including key Food Safety concepts Students understand the ISO 22000 Process Model and its relationship with the PDCA cycle Students understand food safety risk management and its significance as a strategic business driver (IRCA K4.1.1/K4.1.2a) Students understand the social and historical aspects of public health provision (IRCA K4.1.2b)

Key Elements of ISO 22000:2005

ISO 22000:2005 specifies the requirements for a Food Safety Management System (FSMS) that combines the following generally recognized key elements: Interactive communication System management prerequisite programmes CODEX HACCP principles

It is a specification for any organization in the food chain ISO/TC 34, Food Products

ISO 22000:2005 System Management

FMEA

Scope of ISO 22000:2005

Crop producers Producers of pesticides, fertilizers, and veterinary drugs Food chain for the production of ingredients and additives Transport and storage operators Primary food producers Producers of equipment Producers of cleaning and sanitizing agents Producers of packaging materials Service providers Food service operators/caterers Retailers

Feed producers Regulatory authorities

Food producers

2nd food processors

Wholesalers

Consumers

ISO 22000:2005 and the Food Chain

ISO 22000:2005 Philosophy

Old Vision New Vision
Do Check Improve

Process

Inspection

Design Plan

Audit

Correction Action

The primary purpose of a food safety management system is to achieve a balance between a reactive and a preventative approach with greater emphasis or statistical weighting on prevention Simply stated, if we can understand what can go wrong we can prevent it from happening

Definition of Food Safety

Concept that food will not cause harm to the consumer when it is prepared and/or eaten according to its intended use ISO 22000:2005 3.1

ISO 22000:2005 Process Model

Check

Act

Do

Plan

Terms that are often confused

Hazard = agent causing the illness or adverse health affect. See ISO 22000:2005 3.3 Risk = probability of getting ill be ingesting a certain hazard & the severity of that illness Hazard Analysis = Industry task Risk Analysis = Governmental task Monitoring during implementation, verifying that the control measure functions as intended. See ISO 22000:2005 3.12 Verification after implementation, verifiable evidence that the monitoring works and the degree of intended control has been delivered See ISO 22000:2005 3.16 Validation prior to implementation, verifiable evidence that the control measure is capable of delivering the needed objectives See ISO 22000:2005 3.15

Purpose of a Food Safety Management System

Organization provides safe food when it is prepared and/or eaten according to its intended use Demonstrate conformity and compliance Evaluate the overall effectiveness/maturity of the organizations Food Safety Management System Provide a basis for continual improvement Demonstrate a food safety culture within the organization

Food Safety Risk Management as a Strategic Business Driver

Secure in the knowledge that the product is safe when reaching the marketplace Legal requirement Saves money by targeting resources and reducing the requirement for end product testing Will yield a safer product in less time and at lower cost which will satisfy customers requirements Establishes priority for improvement actions There is a demand from customers for a recognised food safety standard Assists new product development Concept of due diligence

Historical aspects of public health and food safety provision

Hunter gatherer to communal life First food laws written in 2500 B.C Preservation methods a preventative response HACCP predecessors HACCP and the space program FDA and HACCP Regulatory requirement since 1998

Social aspects of public health and food safety provision

Food safety management is more important now than ever before due to: Increased number of pathogens on raw foods due to intensive farming, intensive production and reduced number of slaughterhouses Increase in meals consumed outside the home Increase in ready prepared foods More foreign holidays Increased amounts of exotic imported foods Increase in numbers of susceptible people (elderly) Reduction in the use of preservatives

Session 3 - Objectives
Students understand and can describe the CODEX HACCP based control system (IRCA K4.1.2c,f;K4.2.2a) Students understand what is a pre-requisite program and its importance within a FSMS (IRCA K4.1.2f) Students can evaluate the appropriate attribution of risk to identified hazards and the effectiveness of the organizations management of risk through its food safety risk assessment and control planning (IRCA K4.1.2c,d,e,f; S4.4.2)

Students determine appropriate operational controls for specifi food safety hazards and evaluate the implementation of operational risk control, monitoring and measurement (IRCA S4.4.3)

CODEX - Application of a HACCP based hazard control system

Five Steps Assemble the HACCP team Describe the product Identify the intended use Construct a flow diagram Confirm accuracy of the flow diagram Seven Principles Carry out Hazard Analysis and list the control measures Determine the Critical Control Points (CCPs) Establish Critical Limits for each CCP Establish monitoring system for each CCP Establish corrective actions Establish verification procedures Establish documentation and record keeping

Definition of a Control Measure

(Food Safety) action or activity that can be used to prevent or eliminate a food safety hazard or reduce it to an acceptable level ISO 22000:2005 3.7

Definition of a Pre-Requisite Program (PRP)

Basic conditions and activities that are necessary to maintain a hygienic environment throughout the food chain suitable for the production, handling, storage and provision of safe end products and safe food for human consumption ISO 22000:2005 3.8

Definition of an Operational Pre-Requisite Program O-PRP

PRP identified by the hazard analysis as essential in order to control the likelihood of introducing food safety hazards to and/or the contamination or proliferation of food safety hazards in the product(s) and safe food for consumption ISO 22000:2005 3.9

HACCP/FSMS Relationship

HACCP based control system vs ISO 22000:2005 (FSMS)

Starting point Flow diagram What can go wrong (events) ? Focus on determining the CCPs Limited documentation of hazard analysis Tends to result in a static control system Semi-quantitative approach (zero-tolerance/ALARA) Starting point Output/Input Controls needed/not needed Focus on determining the control measure combinations Full documentation of hazard analysis Encourages dynamic control systems Enables a quantitative approach (FSO/PO approach)

Products or new products Raw materials, ingredients and services Production systems and equipment Production premises, location of equipment, surrounding environment Cleaning and sanitation programmes Packaging, storage and distribution systems Personnel qualification levels and/or allocation of responsibilities and authorizations Statutors and regulatory requirements Knowledge regarding food safety hazards and control measures

House of Safe Food

House of Safe Food

HACCP based control system

Food Safety Management System

Representative Prerequisite Programs

Session 4 Objectives
Students understand the evolution of Food Safety Management System Standards and the ISO 22000:2005 series (IRCA K4.2.1; K4.1.1; K4.2.2d) Students understand the requirements of ISO 22000:2005 and can apply the requirements consistently in the food chain of relevant food category businesses (IRCA K4.2.2b)

Evolution of ISO 22000:2005 Standard Series

CODEX HACCP principles National and voluntarily to International Management Standards ISO 9001:2000 and 15161:2002 ISO 22000:2005 Standard series

ISO 22000:2005 Standard Series Objectives

Complying with CODEX HACCP principles Harmonizing voluntarily to international management standards Provides a specification for requirements that can be assessed and achieve certification, either self declaration or for first, second and third party verification Is aligned with other management systems standards (ISO 9001:2000, ISO 14001:2004)

ISO 22000:2005 Standard Series

ISO 22000:2005 is the first in a family of standards that includes the following documents: ISO/TS 22004, Food safety management systems Guidance on the application of ISO 22000:2005, November 2005, provides guidance for ISO 22000. ISO/TS 22003, Food safety management systems Requirements for bodies providing audit and certification of food safety management systems, providing harmonized guidance for the accreditation (approval) of ISO 22000 certification bodies and defining the rules for auditing a food safety management system - first quarter of 2006. ISO 22005, Traceability in the feed and food chain General principles and guidance for system design and development.

Session 5 Objectives
Students understand the International Accreditation Forum (IAF) interpretations and guidelines for 3rd party Certification Bodies (Registrars) (IRCA K4.3.1b) Students understand the system of accredited certification including the functions of the Accreditation Bodies and Certification Bodies (Registrars) (IRCA K4.3.1c; K4.3.5d) Students understand the existence of private schemes and their differences in content and operations, e.g. BRC, Eurepgap (IRCA K4.3.1d)

International Accreditation Forum (IAF)

The International Accreditation Forum, Inc. (IAF) is the world association of Conformity Assessment Accreditation Bodies Its primary function is to develop a single worldwide program of conformity assessment which reduces risk for business and its customers by assuring them that accredited certificates may be relied upon.

IAF Guidance Documents GD Series

IAF publishes Guidance documents commonly called GD documents. IAF Guidance documents are not intended to establish, interpret, subtract from or add to the requirements of any ISO/IEC Guide but simply to assure consistent application of those Guides. Copies of all published IAF Guidance to the application of ISO/IEC Guides are available at www.iaf.nu

Infra-structure for Registration of Management Systems

International Accreditation Forum Regional Accreditation

National Accreditation Board(s)

Application For Accreditation

Quality/ Environmental Management Systems EN45012

Product Approval EN45011

Personnel Approval EN45013

NAB AUDIT

Certification Body

Application for Registration

Audit & Surveillance by Certification Body

Industry

Consumers and Purchasers

Roles Of Accreditation & Certification Bodies

Accreditation Body
Operate the Accreditation system for Laboratories, Attestors/Attestation bodies and Certification Bodies or Registrars Provide accreditation in line with their accreditation field

Certification Body
Provide a service in line with the requirements of the EN 45000 series/ISO Guide 62 and shortly ISO 17021:2006 Provide certification in line with their accredited scope Issue a Certificate of Registration to organisations who meet the requirement of the relevant System Standard

Types of Conformity Assessments

Preliminary Assessment (Mock/Trial) Initial Registration assessment (System) Surveillance assessment (Partial) Follow-up assessment (Partial) Re-registration assessment (System)

Private Schemes - BRC

In 1998 the British Retail Consortium, responding to industry needs, developed and introduced the BRC Food Technical Standard to be used to evaluate manufacturers of retailers own brand food products. The Standards are available in Food, Consumer Products, Packaging and Non GM Food Standards Further details on the BRC can be found on their website http:// www.brc.org.uk

Private Schemes - EurepGap

EurepGAP started in 1997 as an initiative of retailers belonging to the Euro-Retailer Produce Working Group (EUREP). It has subsequently evolved into an equal partnership of agricultural producers and their retail customers. Our Mission is to develop widely accepted standards and procedures for the global certification of Good Agricultural Practices (GAP). EurepGAP has Standards covering fruit and vegetables; flower and ornamentals; integrated farm assurance; integrated aqua culture assurance; green coffee etc. The standards are based on best practices. Further details on EurepGAP can be found on this website http://www.eurep.org

Session 6 Objectives
Students identify and describe the documents and records required by ISO 22000:2005 including hierarchy and benefits of a documented FSMS. This includes the difference between a document and a record (IRCA K4.2.2c) Students know what the key document types looks like including their contents (IRCAK4.4.2c) Students understand the importance of documents of external origin, how they should be controlled and managed including the difference between auditable standards and guidance documents (IRCA K4.2.2c) Students understand the different methods of controlling and managing documents and the implications for Auditors

Objectives of ISO 22000:2005 Standards

ISO requires (and always has required) a Documented food safety management system, and not a system of documents ISO 22000:2005 allows an organisation flexibility in the way it chooses to document its FSMS. This enables each individual organisation to develop the minimum amount of documentation needed in order to demonstrate the effective development, implementation and updating of the FSMS, when necessary

Typical FSMS Documentation Hierarchy

POLICIES

OBJECTIVES Hazard Analysis/ Control Measure Combinations PROCESSES

SUPPORTING DOCUMENTATION

Benefits of a documented FSMS

Demonstrate conformity + compliance Due Diligence Communication Training & Development Marketing Auditing

Session 7 Objectives
Students understand the framework of relevant regional, national and local legislation, codes of practice etc., and the interaction between the food organization and the relevant authorities (IRCA K4.2.4) Students have the skills to determine the legislative and regulatory items appropriate to specific food chain activities and the appropriate activities for an organization to maintain compliance with legislative and regulatory requirements (IRCA S4.4.1) Students have the skills to evaluate the capability of an organization to maintain compliance with legislative requirements (IRCA S4.4.4)

Origins of Food Safety Legislation

Global food safety/health issues Increasing scientific understanding Increased consumer debate on food safety issues Drivers for economic change Consumer pressure groups Government policies on freedom of information

Food Safety Problems

Major incidents involving impact on human health Labeling Use of Harmful substances Hygiene Standards Enforcement controls

Issues for Industry

Consumer concerns Consumer information/Rapid Alerts Prohibition of certain substances Labelling Food safety enforcement controls Food safety legislation

The Response
International Establishment of the Food Safety Agency (FDA, EFSA) Closer integration with International Bodies, e.g. United Nations Codex Alimentarius, World Trade Organisation etc. National Establishment of National Food Safety Agencies Sector Quality Schemes Local Service contracts Switch from reliance on inspection alone to audit and inspection

Business Response
Stronger emphasis on quality Adoption of HACCP based control systems Support Quality Schemes Bord Bia (Ireland)

Types of Legislation
Regulations same law throughout Community Directives sets out aims to be achieved for countries to enact local laws Decisions as regulations but addressed to specific individuals, companies or states Recommendations not binding, but may influence policy

European Union Food Safety Policy Objectives

Food must be safe, wholesome and healthy Protect human health Promote international action to tackle regional or global problems

European Union Food Safety Policy Principles

Aim for a high level of protection Shared responsibility Precautionary principle, where appropriate Subsidiary principle

Topics of Legislation
Food Law, European Food Safety Authority Hygiene Residues BSE GM Food Hormones Supplements Contaminants Additives Labelling Flavourings

ISO 22000:2005 Requirements

General Requirements, reference 4.1 Documents Control, reference 4.2.2 Management Commitment, reference 5.1b, 5.2b External Communication, reference 5.6.1c Internal Communication, reference 5.6.2h Competence, Awareness and training, reference 6.2.2a Prerequisite programmes (PRPs) reference 7.2.2/7.2.3 Product characteristics, reference 7.3.3 Process steps and control measures, reference 7.3.5.2 Hazard analysis, reference 7.4.2.3 Product withdrawals, reference 7.10.4a,b

Session 8 Objectives
Students have a common definition of employee competence and are able to distinguish between training and competence (IRCA K4.4.2b) Students understand the critical elements of employee competence including the relationship with organization capability and performance (IRCA K4.4.2b) Students have a methodology for assessing the effectiveness of an organizations employee competence system and its contribution to business performance (IRCA K4.4.2b)

ISO 22000:2005 Human Resource Requirements

People are competent rather than qualified Organizations must provide training or other actions to satisfy competency needs and the training or actions must be evaluated for effectiveness Personnel in the organization must be aware of the relevance and importance of their activities and how they contribute to the achievement of the quality objectives Training records need to include education, skills and experience

ISO 9000:2005 Definition of Competency

ISO 9000:2005 defines competency as the demonstrated ability to apply knowledge and skills what a person needs to be doing to demonstrate he or she is competent Competencies needs to be defined for hourly and management staff Competencies may be established for a specific position, family of positions or cluster of jobs There are essentially two types of competencies, namely soft (visible leadership, good listening skills) and hard (planning, scheduling, controlling work or processes) Minimum competencies for managers and supervisors, whereas for hourly personnel the focus is typically on the hard skills

Session 9 Objectives
Students understand the scope, principles, terms and requirements of ISO 19011:2002 Students will understand the key auditing terms and principles of auditing Students will understand what is expected of an audit management program and show to assess the effectiveness of an organizations internal audit program Students will understand the life cycle of an audit and key activities (IRCA K4.3.2a) Students will understand the competencies required by Auditors including the relevance of ISO 17024:2003

Introduction and Scope of ISO 19011:2002

Both the ISO 9000 and ISO 14000 series of standards emphasise the importance of audits as a management tool for monitoring and verifying the effective implementation of an organization's policy for quality and/or environmental management This International Standard provides guidance on conducting internal or external QMS and/or EMS audits, as well as on audits the management of audit programmes It is discretionary whether or not QMS and/or EMS audits are conducted separately or together This International Standard can be applied to other management system standards

Key Terms
Audit, a systematic, Audit independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled. Audit criteria, set of policies, criteria procedures or requirements Audit evidence, records, evidence statements of fact or other information, relevant to the audit criteria and verifiable. Audit findings, results of the findings evaluation of the collected audit evidence against audit criteria. Audit conclusion, outcome of conclusion an audit, provided by the audit team after consideration of the audit objectives and all audit findings Auditor, person with the Auditor competence to conduct an audit Audit Programme, set of one Programme or more audits planned for a specific time frame and directed towards a specific purpose Audit Plan, description of the Plan activities and arrangements for an audit

Principles of Auditing
Ethical conduct the foundation of professionalism Fair presentation the obligation to report truthfully

and accurately

Due professional care application of diligence and

judgment in auditing

Independence the basis for the impartiality and

objectivity of the audit conclusions

Evidence-based approach the rational method for approach

reaching reliable and reproducible audit conclusions in a systematic audit process

Auditor Competency
Auditor Competence
Quality
Quality Specific knowledge and skills (7.3.3) Generic knowledge and skills (7.3.1 and 7.3.2)

Environmental / Food Safety

Environmental /Food safety Specific knowledge and skills (7.3.4)

Session 10 Objectives
Students understand the process approach including its significance when auditing management systems (IRCA K4.2.2a) Students know how to assess the capability of a process and its relationship with a Food Business Organization (FBO) objectives (IRCA K4.2.2a) Students understand the process methodology for assessing top management in a (FBO) (IRCA K4.3.4c and S4.5.3b) Students can identify potential emergency situations and can evaluate the planning and capability of an organization to respond to emergency situations (IRCA S4.4.4)

Understanding the Process Approach

ISO 9000:2005 defines a Process as: set of interrelated or interacting activities which transforms inputs into outputs Processes in an organisation are generally planned and carried out under controlled conditions to add value Data should be gathered to establish process capability and analyse process performance including input and output characteristics

The P-D-C-A Cycle

ACT
How to improve next time

PLAN
What to do ? How to do it?

CHECK
Did things happen according to plan?

DO
Do what was planned

Approach to Audit Planning

Verify the organizations role in the food chain including scope of registration sought Understand the organisations food safety goals and objectives including alignment with the food safety policy Understand and verify the Food Safety Management System framework Develop the Audit Plan based on the process steps within the organizations food chain/scope of registration sought Develop process based Checklist(s)

Understanding the system approach to management

Individual processes rarely occur in isolation, namely outputs from one process typically form part of inputs into subsequent processes Simply stated, a food safety management system comprises a number of interrelated processes Inputs and outputs of these processes can often be related to both internal and external customers Customer feedback of a process output is an important input to the continual improvement of an organizations FSMS

High-Level Process Map

S
S U P P L I E R S

P
Model

C
C U S T O M E R S

Inputs

Process

Outputs

SIPOC Example
Suppliers Inputs Process Outputs Customers

Various

Statutory & Regulatory HACCP Plan FSMS team Codex Guidelines Customer Product Requirements Scientific Data

Codex

Customer Scientific Source

Hazard Analysis

O-PRP Plan

Auditors

Process Steps

Preliminary Data

Hazard Identification

Hazard Evaluation

Validation of Control Measure Combinations

Emergency Preparedness and Response

Identifying potential emergency and accidents Emergency and accident response procedure Emergency and accident response command and control structure Competence, awareness, and training Emergency preparedness and response plan Periodic review and testing, where practical

Session 11 Objectives
Students understand basic audit terminology Student understand the audit terms, pre-registration, initial registration, surveillance and re-registration and the difference between them from an audit perspective (IRCA K3.3.6e) Students understand the purpose of 1st, 2nd, and 3rd party audits (IRCA K3.3.2a) Students understand the qualities and responsibilities of auditors and the management responsibilities of the Lead Auditor in managing the audit and the audit team (IRCA K3.3.3) Students understand the need for effective communication with the Auditee throughout the audit process (IRCA K3.3.3c; K3.3.5b)

Key Terms
Audit, a systematic, Audit independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled. Audit criteria, set of policies, criteria procedures or requirements Audit evidence, records, evidence statements of fact or other information, relevant to the audit criteria and verifiable. Audit findings, results of the findings evaluation of the collected audit evidence against audit criteria. Audit conclusion, outcome of conclusion an audit, provided by the audit team after consideration of the audit objectives and all audit findings Audit client, organisation or client person requesting an audit Auditee, organisation being ee audited Auditor, person with the Auditor competence to conduct an audit Audit team, one or more team auditors conducting an audit, supported if needed by technical experts Audit Plan, description of the Plan activities and arrangements for an audit

Audit Types & Roles

Internal External

1st Party

Audit of ones own organisation Audit of a Supplier by a Customer Audit by an independent Body

2nd Party

3rd Party

Systems vs. Conformance / Effectiveness

ISO Standard
FSMS Documentation

Operational Practices

Main Purpose of 1st Party Audits

To determine if the Food Safety Management System conforms to the agreed audit criteria To ensure the Food Safety Management System has been effectively implemented and maintained To review the efficiency and effectiveness of its processes To identify opportunities for improvement

Main Purpose of 2nd Party Audits

To evaluate the degree of conformity to customer product criteria To evaluate the effectiveness of the suppliers Food Safety Management System To identify opportunities for improvement

Main purpose of 3rd Party audits

To provide objective evidence of conformity with the criteria/requirements of ISO 22000:2005 To provide objective evidence of the degree of effectiveness of the Food Safety Management System To identify opportunities for improvement

Personal Qualities of an Auditor

Precise Reasonable Objective Fair Energetic Sensitive Supportive Integrity Organised Not afraid of reporting the facts Astute and analytical Listener Sensitive to local customs

PROFESSIONALS

IRCA Code of Conduct

To act in a trustworthy and unbiased manner To disclose any potential conflict of interest Not to accept any inducement, gift, commission, discount or any other profit To keep the audit findings confidential Not to act any any way prejudicial to the reputation or interest of the audit organisation or credibility of IRCA Co-operate fully in any formal enquiry procedure

Communication during the Audit

The audit team should confer periodically to Exchange information Assess audit progress Reassign work between audit team members as needed Discuss concerns about any issues outside the scope of the audit

The Lead Auditor should communicate to the auditee/audit client any Significant risks identified during the audit process Concerns about any issues outside the audit scope Evidence which indicates audit objectives are unattainable

Auditor Responsibilities
Understand the purpose, scope and criteria of the audit Ensure adequate planning is carried out prior to the audit Conduct the audit in a professional manner Establish and maintain good relations with employees Produce a factual and balanced audit report, in a timely manner Comply with audit organizations audit rules and guidelines

Lead Auditor Duties and Responsibilities

Form a competent and capable audit team Be the main focal point of contact with the client organisation (auditee) Conduct any preliminary visits Lead and manage the audit team Report the audit findings Co-ordinate any follow-up activities

Sub-Team Leader Responsibilities

Support the Lead Auditor Co-ordinate and manage the Sub-team Communicate to other team(s) Assemble evidence Report (verbally or in written form) when requested Be available for follow-up reviews

Trainee Auditor Duties and Responsibilities

Conduct the audit under the supervision of a Competent Auditor/Lead Auditor Provide feedback to audit organization on learning experience Establish and maintain good relations with employees Comply with audit organizations audit rules and guidelines

Technical Expert Duties and Responsibilities

Conduct the audit under the supervision of a Competent Auditor/Lead Auditor Take notes Establish and maintain good relations with employees Comply with audit organizations audit rules and guidelines

Translator Duties and Responsibilities

Comply with audit organizations audit rules and guidelines Conduct the audit under the supervision of a Competent Auditor/Lead Auditor Take notes Establish and maintain good relations with Audit team and employees

Observer Duties and Responsibilities

Not to influence or interfere with the audit activity - focus on the audit process Maintain confidentiality Provide feedback to own organisation on learning experience

Guide Duties and Responsibilities

Assist the Auditors during the audit process by: Conducting the Auditors from area to area Introducing area manager(s) + employee(s) Occasionally providing clarification, when requested Obtaining additional support documentation, if requested Ensure rules concerning site safety and security procedures are known and respected by audit team members

Consultant Duties and Responsibilities

Not to influence or interfere with the audit activity, findings or audit conclusion Provide feedback/input to the client on audit findings and/or audit performance Due professional care

Auditee Responsibilities
Create the right environment for the audit to take place Ensure employee(s) are aware of the audit Support the audit process by providing facilities and support services, when requested Support the agreed audit plan Provide access to people, processes, products, areas, and data and records Ensure the audit team receive open co-operation throughout the audit

Session 12 Objectives
Students know the activities and task to be completed during the planning phase of the audit life cycle (IRCA K3.3.4a, c; S3.4.1) Students know how to approach an organization which does not have a formal documented FSMS based on ISO 9001:2000 (IRCA K3.3.4f) Students have the skill to conduct a document review, determine its conformity and whether there is adequate arrangements to justify proceeding with the on-site audit (IRCA K3.3.4b; S3.4.2a) Students have the skill to develop an audit plan based on the scope of registration sought and the food chain process steps of the organization (IRCA K3.3.4 S3.4.2d) Students have the knowledge and skill to develop and technically assess a process based checklist (IRCA K3.3.4e, f; S3.4.2e)

Main activities during the Planning Phase

Initiating the Audit Agreeing the audit objectives, scope and criteria Communicating with the Auditee/Audit Client Determining the feasibility of the audit Preparing for the Audit Forming a competent audit team/audit team assignments Developing an audit plan Creating process based checklists Holding an audit team briefing, if required

Establishing Initial Contact with the Auditee

Establish communication channels with Auditee Representative/FSMS Team Leader Confirm the authority to conduct the audit Request access to relevant documents, including records Provide information on proposed timing and audit team composition Establish what, if any applicable site safety rules and PPE Make arrangements for the audit Agree attendance of Trainee Auditors, Observers and the need for Guides

Determining the Feasibility of the Audit

Verifying and validating the data provided by the Auditee Conducting a preliminary document review Conducting a preliminary audit visit

Audit Team Selection

Audit objectives, scope, criteria and estimated duration of the audit Statutory, regulatory, contractual and accreditation/ certification requirements Overall competence of the audit team to needed to achieve the objectives of the audit including audit team assignments Independence from the activities to be audited including conflict of interest Ability of the audit team to interact with the auditee and work together Availability

What is an Audit Plan?

Description of the activities and arrangements for an audit ISO19011:2002

Factors to be considered when developing an Audit Plan

The audit objectives, scope and criteria including the role of the organization in the food chain The product categories, processes and locations/shifts where the on-site audit activities are to be carried out The expected duration and time for the on-site activities including safety/security requirements Persons to be interviewed Competency of auditors Audit team performance monitoring

Audit Team Briefing

Introduce team members Present a briefing statement about the auditee Assign roles and responsibilities Distribute relevant audit working documentation Ensure specialist team members / technical expert are clear on the area(s) they need to focus on Discuss any queries with the audit plan Reconfirm commitment, availability and independence and impartially of the audit team

What is a Checklist?
A structured list of points to evaluate Identifies and communicates the scope of an audit An Auditors tool to gather evidence and provide an audit trail Guides the course and controls the pace of an audit

Benefits of a Checklist
Helps an Auditor understand the food safety hazards, processes and control measures associated with the food chain process/activity assigned by the Lead Auditor/Audit Plan including its significance for the auditor A record agreed audit criteria was checked and audit objectives fulfilled Helps an Auditor manage time in line with the audit plan and covers agreed audit criteria Assists future audit preparation

Key points when developing a Process-Based Checklist

Audit objectives and criteria Audit sample/time available Format of checklist Food categories Associated risks/hazards and control measures associated with the food categories Risk assessment techniques in place

Types of Checklists
Standard
Ready formatted Facilitates consistency across different area(s) Uniform questions Can be inflexible Not suited to all types of audit

Customised
Constructed as and when needed Usually specific to a particular audit Assists preparation by Auditee Demonstrates professional approach by Audit team

Session 13 Objectives
Students understand the reasons for an Opening Meeting (IRCA K3.3.5b; S3.4.3a) Students know the typical agenda for an Opening Meeting (IRCA K3.3.5b) Students have the skill to be able to run an Opening Meeting (IRCA K3.3.5b)

Reasons for an Opening Meeting

Cover the main points of the audit plan Courtesy to talk to the Auditee managers and employees Create the right atmosphere Audit process can be explained Confirm communication channels Expectations can be set Questions can be answered

A Typical Opening Meeting Agenda

Introductions, if applicable Confirmation of the objectives, scope and criteria of the audit Confidentiality Statement/Sample Confirmation of audit plan Outline the audit process and approach Explain the reporting method Confirmation of availability and roles of guides Provide any clarifications which may be required

How to Manage the Opening Meeting

Be prepared Control the meeting Keep it short and stick to the point Be professional Keep a record of people who attend

What information can be gathered at an Opening Meeting

Who the Guides are Confirmation employees are aware of the audit What the layout of the site/facility is Confirmation of support services available Confirmation of relevant work safety, emergency and security procedures for the audit team What managements commitment is What the real power structure is

Session 14 Objectives
Students know the activities and tasks to be completed investigative phase of the audit life cycle Students understand the term audit evidence, the requirement for audit evidence and the primary methods for obtaining audit evidence (IRCA K3.3.5e) Students understand the benefits and limitations of sampling (IRCA K3.3.5d) Students understand and demonstrate the communication skills required to obtain audit evidence (IRCA S3.4.3) Students know how to manage difficult situations while obtaining audit evidence (IRCA S3.4.3)

Main activities during the Performance Phase

Opening Meeting Gathering Evidence Writing Audit Finding Reports Collating and generating the Final Audit Report Preparing for the Closing Meeting Closing Meeting

What is Evidence?
Qualitative or quantitative information, records, or statements of fact pertaining to: a. the quality, safety, and environment of the product or service b. to the existence and implementation of a food safety management system requirement which is based on observation, measurement or test and which can be independently verified

Procedure for Gathering Evidence

Question/Analyze

Observe/Analyze

Check

General Points on Questioning Techniques

Use appropriate types of question Adopt a logical approach Follow a natural sequence Actively listen to what is being said Use silence appropriately Seek clarification, where necessary Verify responses, where necessary

Typical Questions
Information How What When Where Who Why Verification Show me

Types of Questions
Open Closed Hypothetical Obvious Answered

Observation
People Product and service Processes Information systems

Taking Notes
Employee names and job titles Product identification Quotes and statements Rough sketches Surroundings Issues which may impact other functions/Audit team members

Mental Notes
Workload Employee behaviour Management approach Organisation Knowledge of business and applicable standards Reactions

Reaching Audit Conclusions

Sources of information

Collecting by appropriate sampling and verifying Audit Evidence

Evaluating against audit criteria

Audit Findings

Reviewing

Audit conclusions

Sampling

Sample frame/Sample Representative Random Reduced time and costs

Role of the Technical Expert

Listen Watch Audit Provide expertise Take notes

Importance of Audit Team Performance

Keep to the original audit plan Auditor/Lead auditor checks progress regularly Manage delays

Communication Skills
Verbal Body language Style and tone of speech Facial Range of literacy

Handling Difficult Situations

Time Wasting Discrimination Hostility Avoidance Finger Pointing Usurping Control Flattery Undermining Deception Obstruction

Session 15 Objectives
Students understand what a non-conformity audit finding is and the typical content of a non-conformity and are able to describe and apply the risk classification system used (IRCA K3.3.6a,b) Students are able to write both a non-conformity (NCR) and Opportunity for Improvement (OI) audit finding (S3.3.4a,d) Students understand the contents of an audit report and are able to write one (IRCA S3.4.4b,e) Students understand who gets a copy of the audit report, when, and the retention period

What is a Nonconformity?
The absence of, or the failure to implement and maintain, one or more food safety management system requirements, or a situation which would, on the basis of available objective evidence, raise significant doubt as to the safety of the product the organization is supplying A nonconformity exists where there is evidence of a failure to comply with a requirement of a:

Statutory and regulatory requirement Product or Service Specification Customer requirement Process and procedure Food Safety Management System requirement

Typical Root Causes of Nonconformities

Organisation structure Management System Standard Education and training Resources Adherence to defined processes and procedures Management leadership and support Information Legal & Regulatory Requirements

NCR Definitions
A Major nonconformity is where there is a total break-down or absence of objective evidence to satisfy one or more food safety management system requirements, or a situation which would, on the basis of available objective evidence, raise significant doubt as to the safety of what the organization is supplying. A Minor nonconformity is where there is a defined and documented system which generally satisfies one of more food safety management system requirements, or a situation which would, on the basis of available objective evidence, raise concern as to the potential safety of what the organization is supplying, e.g. the system and/or one or more processes have not reached an acceptable maturity level. An observation/Opportunity for Improvement is a remark by an Auditor which warrants clarification or investigation so as to improve the overall effectiveness and/or efficiency of the organization's Food Safety Management System.

An Audit Report is

A summary or record of the outcome of an audit, in line with the agreed audit objectives, scope and criteria

Contents of an Audit Report

Audit objectives, scope and criteria Statement of the confidential nature of contents Audit conclusions Strengths and Weaknesses Number of nonconformities (including classification) and observations, if any Nonconformity/Observation Reports Recommendations (risk assessment audit findings), if any Obstacles encountered Follow-up activities Audit Plan Audit Checklists (Appendix) Identification of the Lead Auditor and team members Identification and contact details of Auditee Opening/Closing Meeting Minutes

Audit Reporting Principles

Never loose sight of the basic aim of an audit, namely to get management commitment to act on the findings It should be fair and balanced Never point the finger! Keep it simple and concise Keep the audit outcome confidential Publish in a timely manner

Audit Report Approval

The Auditor/Lead Auditor should sign and date the final audit report signifying the audit objectives have been met and the fact the report is accurate and complete The Top Executive and/or Food Safety Team Leader should sign and date the report to signify agreement with and commitment to act on the findings

Audit Report Distribution, Timing & Retention

Distribution should be limited to the Food Safety Team Leader and the audit organisation Ideally it should be available for the Closing Meeting. If not, it should be available within an agreed timescale It should be retained in accordance with Audit organization policy and/or regulatory requirements

Session 16 Objectives
Students understand the activities to be covered during a final team meeting including its importance Student can describe the process for collating the findings of the audit team Students know how to manage situations where the organizations QMS is deemed not to conform and to correctly assess the maturity of the organizations QMS and risk to the integrity of the registration and supplier approval (IRCA S3.4.4e, f) Students understand the ISO policy on recommendations and offers of advice Students understand the importance of audit follow-up; the terms correction, corrective action and CAPA process including responsibilities including the objective evidence required to demonstrate effective implementation of CAPA (IRCA K3.3.6c, d; S3.4.4g)

Activities to be covered during the Final Team Meeting

Review the audit findings against the audit objectives Agree the audit conclusions (recommendation) recommendation Decide your strategy for presenting the findings Ensure any nonconformity and/or observation reports are signed in advance of the closing meeting Anticipate possible areas of disagreement Decide the follow-up strategy (recommendation)

Process for Collating the Audit Findings

Collate all the information List the strengths Evaluate and distil List the weaknesses (Nonconformities) Evaluate and distil List any observations List any obstacles encountered, if any Decide the overall conclusion (recommendation) recommendation Decide the follow-up strategy (recommendation)

Lead Auditors Facilitation Role

Lead and maintain control Create a positive team climate Use the synergy of the audit team Remain objective Distil and analyse the audit teams findings In summary, Keep it simple, add value where practical

If the Auditee does not conform

Be mindful of the level of your authority Maintain control Double check the findings are based upon sound evidence Do not waiver from the intended message Ensure the Auditee does not see it as purely a negative message Check the tone and choice of language used

Offers of Advice Are they a good idea?

Promotes a spirit of were here to help There is no obligation on the part of the Auditee organisation to implement offers of advice There are risks associated with giving advice

Risks associated with Offers of Advice

Ownership Possible confusion in roles Legal and financial Therefore, never give advice in an external audit. There is greater scope to give advice in an internal audit, however the risks albeit small still exist

Contributions during the Closing Meeting

The Lead Auditor should always lead and manage the presentation and deliver the audit report executive summary The Lead Auditor may request individual auditors to clarify individual nonconformities, if required The Lead Auditor should assign an audit team member to take minutes of the meeting and record attendance

Audit Follow-up, why is it important ?

Corrective action takes place in a timely manner Corrective action is effective and suitable The real benefits of the audit can be realised The effectiveness of the audit programme can be measured

Session 17 Objectives
Students understand the reasons for a Closing Meeting (IRCA K3.3.5b) Students know the typical agenda for a Closing Meeting (IRCA K3.3.5b) Students have the skill to manage a Closing Meeting and evaluate proposal for corrective action (IRCA K3.3.5b; S3.4.4b,e,f,g) Students understand the audit records to be maintained during the life cycle of an audit Students understand the methods for improving audit performance including the importance of improving audit performance

Purpose of a Closing Meeting

To verbally present the audit teams findings and conclusions in such a manner that they are understood and acknowledged by the auditee, and to agree, if appropriate, on the time period for the auditee to present a corrective action plan

Who attends the Closing Meeting?

Audit Team Lead Auditor Auditor(s) Observer(s), if used Auditee Top Executive/Manager Food Safety Team Leader Functional Representative(s) Guide(s) (Optional) Employees (Optional)

A Typical Closing Meeting Agenda

Re-statement of audit objectives, scope, and criteria Representative sample statement/confidentiality Audit conclusion - executive summary Audit findings detail Follow-up activities Obtaining ownership and commitment Reporting Questions

Hidden Agenda
Preparation Objectivity Control Constructive attitude Professional, businesslike and polite at all times Avoid traps Timing

Evaluating CAPA Proposals?

The Lead Auditor or assigned Auditor technically assesses the proposed corrective and preventative action and root cause analysis data Ideally the Auditor/Lead Auditor who raised the audit finding should verify and validate closure of any nonconformities raised CAPA proposals should be received and reviewed within 10 calendar days or sooner and verified + validated and closed out within 12 weeks, unless a variation is granted

Methods for Closing Out Corrective Actions

Documentation review Re-audit - Partial - Full

Audit Objective
To obtain commitment to act on findings so that the real benefits of an audit can be realised. The ultimate Auditor is the consumer!