As an SQF consultant, I have helped in the development of many SQF compliant allergen control plans. In the SQF Code Section 2.8.2, there is guidance for comprehensively helping to understand and control the potential hazards of allergen cross-contamination.
The first step to complying with this section of the code is to write a clear procedure. The procedure and included work instructions will detail the programs in place for the specific elements in the section.
Instructions must be written for the process of reviewing raw materials for potential allergen contamination, including indirect additives like non-stick sprays, and lubricants and assigning risk. For example, an almond supplier, who also processes peanuts, is of a higher risk then a supplier that only produces nuts. Then control measures must be developed to reduce the risk and more closely monitor it. The hazards and the controls of each ingredient should be written into a risk analysis for each raw material. The allergen hazard is also a chemical hazard, in the HACCP plans, hazard analysis.
It is required that an allergen register be created. For many processors, it makes sense to post the allergen register in the allergen storage area to reinforce the allergen awareness training and reinforce the handling requirements.
The employees working with allergens must be trained on handling requirements, including written instructions for identifying allergens upon receipt. For example, casein may not be readily identified as milk derived. It is important to make sure that employees properly identify and store it. The storage area must be clearly marked with a tag for the specific allergen designated there. The allergen location would typically only have same-over-same or like-over-like, based on the risk assessment, but a universal best practice for allergen segregation is to have each unique allergen located on the bottom rack.
Where dedicated lines and equipment are not feasible, it is most important to assure that allergens are effectively removed at change-over. The cleaning can be visually monitored to assure effectiveness, but a documented residue testing protocol is typically part of the verification process.
In the section there is also Element 220.127.116.11 requiring the identification of, in accordance with regulatory requirements, the allergens that were made on the same line. While disclaimers like, “may contain…” are common place in labeling, and are part of the code, there are no excuses for cross-contaminating foods with allergens through improper handling or cleaning.
Also in the section is a requirement to take into account the conditions in which a product is produced. So, where non-allergen containing foods are not scheduled before allergen containing foods, it is particularly important the production schedule provides enough detail to investigate instances of potential cross-contamination.
Finally, rework containing allergens must be handled in accordance with the allergen policy and traceability details from the batch of rework must be completely preserved in the finished product.
Need HACCP training? Go to https://foodqualityservices.com/upcoming-food-safety-training-courses/
It is required in all GFSI standards that there is a documented approval process for all suppliers of packaging, raw materials, ingredients and services. Within this section of the code is a specific requirement that there is a documented process for selecting, approving and monitoring suppliers.
Another requirement in the code is that past performance of the supplier be detailed and the risk level of the material or service supplied assigned.
To comply with this section of the code, there must be a procedure for the supplier approval process, an approved supplier register, and a methodology for approving suppliers. The method, can be in the form of a supplier approval checklist, which can be completed during an on-site inspection, and include the requirement that specific food safety documentation be provided. Another method calls for a questionnaire to be completed by the supplier and returned with supporting documentation.
On-site inspections are a good methodology because it allows the customer to actually see that GMPs are being followed. Suppliers have been known to prepare for their 3rd party audit, and run a somewhat “tighter ship” on audit day, but the day their customer comes may not warrant the same amount or preparation and perhaps allow for a more representative view of the day to day goings on in the operation. On-site inspections are recommended for high risk and high impact suppliers.
Most food processors have a multitude of suppliers and they are often located throughout the country and often overseas. For most of them, it is not economically feasible to visit each one every year. Using the supplier questionnaire allows you to remotely evaluate them and fulfill the requirements of the standard.
When developing a vendor approval questionnaire, you should ask the basic questions like:
• Their name and address.
• Their 3rd party food safety certification standard, level and body.
• Contact information for QA, customer service and emergency contacts (including after hours).
It is also common to ask basic questions about their quality systems, and their HACCP plan.
• What are their critical control points and critical limits?
• Do they have a site diagram and a flow diagram that they can provide you?
• Would they provide you with their personal hygiene policy?
• Would they describe their product/environmental testing program, including information on the laboratory that they use for testing the samples?
Some questionnaires are very elaborate. If any Nestle suppliers are reading this, you know what I mean. The questionnaire is a tool to get a picture of what you would see if you were on site, you can add any questions that you feel are necessary. Just remember, that frivolous questions will frustrate your supplier and increase the likelihood of non-answers or non-conforming answers, which will require additional work on their part and your part. I am an advocate of K.I.S.S (keep it simple stupid). Questionnaires with fewer and more meaningful questions will get turned around more quickly and will be complete more fully.
It is common to use the questionnaire to ask for supporting documents to comply with the standard. The questionnaire process can include a request for copies of:
• Most recent 3rd party audit certification
• Continuing guarantee
• Allergy Policy
Finally, it is a good idea to add a “customer only” section to the questionnaire. The procedure must dictate, who, how and when the supplier is evaluated and what criteria is used to determine if a supplier is approved, not approved or conditionally approved. To that end, the returned questionnaire can be used as a supplier evaluation document. A customer review section would include:
• The date that the questionnaire is returned.
• The date assessed.
• The supplier risk rating.
• Signature line for the reviewer and the senior person verifying it.
• Comments and details of the evaluation process.
o Corrective actions
o Planned improvements
o Review of complaints
Once the questionnaire is reviewed, the approved supplier register could then be updated. A date for re approval can then be scheduled.
The monitoring of control points and critical control points can provide more information than just an indication that a deviation has occurred, leading to a risk of a hazard at a CCP. I think about this when I inspect walk-in coolers or freezers and I notice ice build-up or dripping condensation. Since, someone is checking the temperature two or more times per day, then why not including a quick inspection of the cooling unit as part of the monitoring activity.
It is smart to add to the monitoring activity the requirement that the person responsible for monitoring will look for “warning signs” that equipment is not operating properly. To do that properly, the monitoring document must include written instructions and have a space on it to prompt and encourage the employee to include those observations on the document right away.
There are really three objectives to monitoring.
1) The monitoring should help spot trends and identify warning signs that a loss of control could happen. By doing this, you are making the monitoring record into a powerful tool that can be used to correct a situation before a deviation occurs. This is why quantitative data (an actual number) is preferred over qualitative data (pass/fail). Quantitative data can provide trending data to show when recorded values are trending toward a critical limit. This is one of the reasons that continuous cooking charts can be so useful. They show with precision and accuracy detailed and easily comparable data.
2) All CCP monitoring must identify when a loss of control exists. This is why rapid analysis is used when taking CCP measurements. Examples of commonly used monitoring methods used to monitor CCPs are; visual inspections, metal detection, temperature measuring and water activity testing. These measurements provide fast results. Microbiological analysis can be used for a CCP, but it is usually considered too times consuming and difficult to manage because it requires holding product for two or more days until the results are ready.
3) Lastly, the monitoring activity must provide useful records to be used to prove that the monitoring activity is being conducted consistently. The records must also be useable as a tool to investigate. For example, when pest control inspection records are detailed on a trending sheet, the data is very useful for investigating pest issues. Many of the old fashion methods or recording activity is not as useful. Records, like hand written service reports and inspection cards are harder to trend and use to investigate pest control issues.
At the heart of HACCP is the effective application of corrective actions. If the corrective actions are not proactively written into the HACCP plan and supporting procedures, the corrective actions may not be applied properly. In some cases the corrective actions may not be applied at all.
Take for example a receiving person who knows that the temperature of incoming product is supposed to be <41°F. On this occasion, before receiving the load, he takes the measurement and reads it to be 46°F. He looks around for his supervisor, but the supervisor is busy with something else. Then, the driver explains to him that the temperature was high because he opened the doors before backing in. Anyway, the trucks temperature is set at 36°F and he shows the temperature setting to the receiver. The product also looks good and feels cold. The receiver finally decides that the product is okay. He decides that the best thing to do is to write down that the product was 40F and then wheels it into the cooler as fast as possible to chill it down to 40°F.
The monitoring of all prerequisite programs and critical control points must be accompanied with an understanding and an expectation that the person responsible for the monitoring activity will know what the limit is and will know what to do if the limit is exceeded.
It is important to write the procedure well, and make sure that the responsibility for the employee’s part in the procedure when non-conformances are discovered is clearly written. It is equally as important that the employee is trained on the prerequisite program and the rationale for the monitoring activity. The employee must leave the training session with an understanding that the procedure must be literally followed.
Some corrective actions can be detailed directly on the monitoring document. For example, if cooked product doesn’t meet temperature; the product can go back in again to continue cooking, but it is required that corrective action is documented. This corrective action must be detailed so that the systemic problem of the oven not properly cooking the product can be understood and remedied.
From my example of the receiver receiving warm product; the monitoring procedure may require the receiver to put the product on hold and to “notify the supervisor”, who would then be called upon to perform a more detailed evaluation of the product. That evaluation method would be detailed in the procedure, and would be followed by the responsible person identified in the procedure and would then result in the proper disposition of the product.
As a food safety consultant, I have had the opportunity to review numerous HACCP plans. Often, they are not adequately detailed and often miss one or more of the steps needed for proper HACCP plan development. This was one of the driving forces that motivated me to become certified as a HACCP instructor this year. The following twelve steps (and seven principles) outline the framework that you must follow when developing a HACCP Plan. There are also one or two elaborative bullet points after each step.
The 12 Steps.
- Assembling a Team
- The HACCP team needs a least one certified HACCP member. Everyone else on the team must also have some level of HACCP Training.
- Describe the Product and the Target Customers
- The significance of a hazard in a ready to eat food is much greater than the same hazard in an ingredient that will be further processed by the consumer.
- List all of the Ingredients (Including Packaging)
- The list must have enough detail so that ingredients with unique food safety characteristics stand out.
- Create the Flow Diagram
- Every step in the processes where hazards are potentially introduced must be broken out in the flow diagram.
- Make sure that the points where rework is introduced are made clear.
- Verify the Accuracy of the Flow Diagram
- It is hard to conduct a proper hazard analysis without observing and confirming the accuracy of the process.
- Analyze Every Potential Hazard at Each Step in the Flow Diagram. (Principle 1)
- Most students finish HACCP training with the knowledge that the hazards are either PHYSICAL, CHEMICAL, or BIOLOGICAL, but how does that apply to the hazard analysis? It is recommended that the first step of hazard analysis be that the HACCP team brainstorms every possible hazard that could potentially contaminate the product. They can consider the likelihood of the hazard occurring during the next step.
- Create a HACCP decision Tree to Identify Critical Control Points. (Principle 2)
- If the team doesn’t consider the hazard to be a critical control point because it is controlled by a prerequisite program, then the team should explain their rational for the decision in the hazard analysis.
- Establish Critical Limits (Principle 3)
- The critical limit must be science based. For example, Appendix A and B for cooking and chilling of meat.
- Establish Monitoring Procedures (Principle 4)
- The monitoring of ALL HACCP related monitoring must always be documented.
- Employees conducting the monitoring are often under-trained. The training of these employees must be is a key prerequisite program supporting the HACCP plan.
- Establish Corrective Actions (Principle 5)
- You must have a documented corrective action process to show what happened every time a critical limit wasn’t met.
- Establish Verification Procedures (Principle 6)
- You must have a responsible HACCP team member verify that the HACCP plan is being followed as written.
- Establish Record Keeping (Principle 7)
- All HACCP related records must be organized and must be used as a tool to track non-conformance’s and can be later used for validation.
The steps listed above are central to a successful HACCP plan, but some of them are often overlooked. I would stress that all of the 12 steps (7 principles) be reviewed during the HACCP meetings so that they are not forgotten during the HACCP plan writing process.
If you think that your integrated pest management program is SQF compliant because it is outsourced to a 3rd party pest control operator (PCO), then you may be mistaken. Many PCOs have limited experience complying with SQF requirements. You must talk with your PCO to make sure that they have experience complying with SQF. If they do not, then they must work with your SQF consultant to get compliant, or you should really consider switching PCO’s. I had a good experience this year with a pest control company in New Jersey. They had their internal QA person physically come and visit the client before their audit and review and update their program. They also responded quickly to non-conformances after the audit. I felt that they were good partners to their client. They had the knowledge and the willingness to work with them to get the job done.
Most SQF auditors spend a significant amount of time reviewing the supplier’s pest control system. When you are planning for your SQF audit, check these often cited non-conformances to make sure:
• Your program is thoroughly documented. There should be a detailed procedure which must include the frequency of routine visits, the target pests, the methods of pest control, and planned corrective actions when pests are found.
• The management team must review and approve a list of all chemicals that may be used by the PCO.
• The pest control monitoring records must be usable for trending. Many PCO’s use cards that are tucked into each trap, dating each inspection. The cards are good for making sure that the technician actually opens up the trap, but not useful for trending effectiveness. There must be a separate trending sheet used to verify the effectiveness of the program.
• The traps and maps are up to date. All of the traps must be numbered and there must be a corresponding wall sign for each trap. All traps must be accounted for and in their correct location.
• The integrated pest management system includes staff awareness training. Your employees must be trained to know the target pests and control practices. They must understand their roll and managements roll in reducing the likelihood of pest problems in the facility. For example, employees need to know what to do if they come in contact with poisons. They need to know what to do if they observe pest activity.
While the integrated pest management program represents a relatively small portion of the audit, it is notorious for being cited during the SQF audit. And, while most pest control issues are minor non-conformances, it is always better to anticipate them in your current system and correct them before your auditor cites them during your audit.