was successfully added to your cart.

Internal Auditing: Non-Conformance No’9

In the next few weeks I’m going to cover the top 9 non-conformances that sites are getting since the launch of version 7. A summary of these non-conformances is provided below. In each newsletter of the coming weeks I’ll break each one down and explain how you can make sure you don’t fall foul of these at your site.

NCN

#1
#2
#3
#4
#5
#6
#7
#8
#9

Topic

Raw material & supplier approval & monitoring
Traceability
Vulnerability assessment
Cleaning
Chemicals
Equipment & maintenance
Door control
Ceilings & overheads
Scheduling of audits

Clause(s)

3.5.1.2 & 3.5.1.1
3.9.1 & 3.9.3
5.4.2
4.11.1
4.9.1.1
4.6.1
4.4.9
4.4.5
3.4.1

% NCN’s

33.9
22.4
16.1
14.0
13.7
12.4
11.6
10.1
10.1

Data source: Campden BRI MIG Jan 2016. Data taken from 1120 sites and 12,330 NCNs.

 

I’m going to work my way up the chart, so this week we’ll start with NCN#9 – Scheduling of audits (clause 3.4.1)

Top V7 NCN’s – #9 Scheduling of Audits…

For version 7, BRC made some small but important changes to the wording in clause 3.4.1, see the comparison below:

Version 6

There shall be a planned programme of internal audits with a scope which covers the implementation of the HACCP programme, prerequisite programmes and procedures implemented to achieve this Standard. The scope and frequency of the audits shall be established in relation to the risks associated with the activity and previous audit performance; all activities shall be covered at least annually.

Version 7

There shall be a scheduled programme of internal audits throughout the year with a scope which covers the implementation of the HACCP programme, prerequisite programmes and procedures implemented to achieve this Standard. The scope and frequency of the audits shall be established in relation to the risks associated with the activity and previous audit performance; all activities shall be covered at least annually.

The wording was changed to highlight the fact that audits must be scheduled throughout the year, they cannot all be done at the same time. This is to make sure that the system is monitored throughout the year, to make sure it’s effective during the year period.

This means that sites can no longer carry out one big audit once a year, either themselves or using a third party/consultant. I would suspect that sites are getting non-conformances to this clause because:

  1. A consultant carries out their internal audits all in one go, perhaps over one or a few consecutive days
  2. The site carries out one ‘gap analysis’ style audit, which covers all of the BRC clauses, carried out in one go
  3. The site has got behind on their internal audits and has had to catch up, meaning they’ve all been done together as a block

Have a look at how you schedule your audits and make sure that you’ve got them scheduled evenly across the year.

It’s fine to use a consultant to carry out your internal audits for you, but you need to make sure that they do not come and do them all in one go. BRC haven’t provided any guidance as to what the minimum consultant type frequency of audit would look like, but I would suggest you go for at least 3 audits set 4 months apart.

To help you make sure you’ve got this clause covered I’ve included a list below of things you should check your audit schedule against, to make sure you don’t get a non-conformance in this area:

  • Your audits must be scheduled; your auditor will expect to see documented evidence of this – you can do this by showing them planned out on a calendar
  • Each audit needs to have a set frequency, this should also be documented, I find it easiest to add this to the schedule so it’s clear
  • The frequency of your audits need to be determined through risk assessment. The risk assessment working need to also be documented so that the auditor can see how you’ve done it
  • The maximum frequency for any audit should be annually
  • For each audit you need to have a scope. This means you need to have decided and documented what each audit will look at. This may be a list of clauses of the standard that it will cover (and your internal auditor will audit against), a set of questions or checks they will, or a list of procedures they will check against
  • Make sure your audits cover your HACCP and hygiene systems, all your PRPs and your production processes
  • Where your sites processing period is short (seasonal), internal audits need to be scheduled prior to start up and during the processing period to prove that the systems are effective before start and during

This week I’ve included an internal audit record for you to use, which prompts you to record key points to meet the BRC standard, to get yours – just click the button below.

I will be covering some more of the top NCN’s of V7 in our next issue. If you have any questions about this post, or any other BRC-related questions – please feel free to post them in the comments box below.

New For 2016 – Your FSMA Companion

If you’re interested in the FDA’s FSMA (food safety modernization act) recently launched in the USA – this year I’m going to be breaking it down and explaining how you need to comply.  I’d like to share my learnings with you, so if you want to be involved and be notified when I send out new posts, join up using the button below.  The first of the series of posts will be out next week, so don’t miss it!

2 Comments

  • Ian Neve says:

    I am astonished to see that scheduled internal audits are in the list at all. This is hardly anything new.
    I have been doing this for ten years or more.

    • Kassy Marsh says:

      Hi Ian
      Thanks for your comment. I can totally understand what you mean, but perhaps the change in the wording has caught some sites out. Some smaller sites bolster their resource for internal audits by using consultants and this can be expensive if they come to site frequently throughout the year rather than doing it all in one day.
      Thanks
      Kassy

Leave a Reply