FSSC Version 4 - Transition Requirements
The GFSI, Global Food Safety Initiative, published their new benchmarking requirements at the end of February 2017 and in order for FSSC 22000 to be aligned with those, version 4 was launched in December 2016 introducing new requirements that make the scheme more competitive in the food safety certification industry.
From 2010, FSSC was given recognition as one of the food safety management schemes that complies with the minimum food safety requirements specified in the GFSI Guidance Document.
This scheme defers from other food safety management standards due to the length of the certification cycle and its scoring model (just passing or failing the audit).
The certification cycle lasts 3 years: an initial audit conducted in two stages must be completed within the first year and then there will be two surveillance audits which must be conducted annually and no later than twelve months after the previous audit. The recertification audit the fourth year will confirm the continual conformity of the food safety management system with the scheme requirements.
FSSC involves the ISO 22000 standard, a technical specification prerequisite program on food safety depending on the sector being audited and additional FSSC requirements.
So what is new in version 4?
The latest version of the standard has introduced several new requirements that will be mandatory for all certification bodies and also any FSSC certified organization by January 2018.
So let’s summarize the most important changes that the new version includes:
Unannounced surveillance as part of the certification cycle
Food fraud prevention
Unannounced surveillance audit
FSSC version 4 requires all organizations to have an unannounced surveillance visit within their certification cycle. Initial and recertification audits will be always announced, but at least one of the surveillance visits will be carried out with no prior notice to the organization.
The company will be able to have both unannounced surveillance visits if they want to, but only one is mandatory by the scheme.
Critical nonconformities can now be raised during FSSC audits. A critical nonconformity will be issued if food safety is directly impacted during the audit or there is evidence of controls being lost with regards to critical aspects for ensuring safe production.
If a critical nonconformity is found in a certified company, the certificate will be immediately suspended for a maximum of a six-month period and if the nonconformity is not effectively solved within that timeframe, the certificate will be withdrawn.
When a critical nonconformity is found during a certification audit, the full audit will have to be repeated.
Food fraud prevention and food defense
Version 4 of the standard includes now food defense and food fraud prevention as part of FSSC additional requirements.
Specifications for food defense, bio vigilance and bioterrorism were already mentioned in the previous version 3.2 with regard to animal production, but it has been now included for all sectors within the scope of the FSSC scheme in much more detail.
The organization must develop, implement and maintain a documented procedure for food defene threat assessment in order to identify threats that may impact their system, develop preventive measures and prioritise them against the threats. To identify the threats, the organization must carry out a susceptibility assessment on its products to acts of sabotage, vandalism and/or terrorism.
Food fraud prevention is a new requirement of version 4. It was already required by other global food safety standards such as BRC in its latest issue 7. FSSC wants to emphasize now the importance of a transparent production process that must involve the whole supply chain.
What is the difference between food fraud and food defense?
Through the implementation of a food defense procedure, we plan to avoid any intentional act that can impact the safe consumption of food products.
On the other hand, food fraud implies offering products that do not comply with the original specifications provided by the customers and consumers and are only for the economic benefit of the company, without looking at the risk any change could cause.
Therefore, in order to ensure every FSSC certified company is committed to fight against fraudulent acts in food industry, version 4 requires another procedure to be documented, established and maintained for food fraud vulnerability assessment that identifies all potential vulnerabilities, develops preventive measures and prioritises them again against the vulnerabilities.
Both food defense and food fraud prevention procedures; will have to be reviewed annually and after a preventive measure fails.
The auditor competence and the requirements for maintaining the auditor qualification have been also updated and specifically described by each sector within the scope (catering, food manufacturing, farming, feed production, etc.).
In order to maintain the FSSC auditor qualification, every auditor must do at least 5 GFSI on-site audits a year and at least 3 of them must be FSSC audits.
Additionally, the auditor will not be allowed to perform more than two certification cycles at the same organization.
New sectors within the scope
Catering, Distribution (retail and wholesale) and Transport and Storage sectors are now added within the scheme scope. Every sector must then comply with its specific prerequisite program on food safety for basic hygiene conditions.
It has obviously broadened the type of companies that are able to have their system certified against FSSC 22000 requirements.
At NQA we have already implemented all procedures needed to audit your organization against the new version 4. Are you ready too?
Author: Marta Vaquero, Food Safety Certification Manager