This article is written to meet the following sections of the standards:

BRCGS Food Safety Issue 83.2.1 Records
3.4.1 Internal audit programme
3.4.2 Training and independence
3.4.4 Documented inspections
7.2.1 Personal hygiene
BRCGS Packaging Issue 63.5.1 Internal audit frequency
3.5.2 Scheduling
3.5.3 Competency
3.5.5 Hygiene and fabrication-based inspections
6.2.5 Personal hygiene checks
BRCGS Agents & Brokers Issue 33.5.1 Internal audit programme
3.5.2 Training and independence
BRCGS Storage & Distribution Issue 43.2.1, 11.1.3 Internal audit programme
3.2.2 Training and independence
3.2.5 Documented inspections
3.3.2 Records
4.4.10 XD Fabrication audits
8.2.2 Personal hygiene checks
FSSC22000 Version 5.1ISO 22000 8.8.1 Verification
2.5.12 Site inspections
IFS Food Version 75.2.1 Internal audit programme
5.2.2 Frequency
5.2.3 Competency and independence
5.2.1 Site and factory inspections
SQF Edition 92.5.4.1 Internal audits
2.5.4.2 Competency and independence
2.5.4.3 GMP inspections

Internal audit programme

There must be an internal audit programme which consists of system audits and GMP inspections (not applicable for agents and brokers).

Where the business has more than one site location or unit, all the locations or units must be covered by the internal audit programme.

System audits

Scope

The scope of the system audits must cover the procedures implemented within the management system, to meet customer and certification requirements, including additional modules.

This means that the following must be included:

  • HACCP or product safety plan, including CCP inspections.
  • Prerequisite programmes including product defence (product security and fraud).

The system audits must include the facilities and activities covered by the scope of the certification, including off-site storage and cross-docking facilities.

Each system audit must have a defined scope, which details exactly what’s going to be audited.

Risk assessment

The frequency of each system audit must be determined using risk assessment, which considers:

  • The potential consequences of non-conformance.
  • Known issues.
  • The previous performance of the system.
  • Industry best practice or customer requirements.

Each system must be audited at least once a year.

GMP inspections

Scope

The GMP inspections shall include inspections of:

  • Hygiene.
  • Fabrication.
  • Equipment.
  • Personal hygiene.

The external areas of the site must also be included in GMP inspections.

Risk assessment

The frequency of the GMP inspections must be determined by risk and will be no less than once per month for open product areas.

High-risk areas must be more frequent (at least weekly).

Scheduling

The dates of system audits and GMP inspections must be predefined and scheduled.

At a minimum, for all BRCGS standards except packaging, the programme must include at least:

  • Two different audit dates, spread evenly throughout the year for storage and distribution businesses.
  • Four different audit dates, spread evenly throughout the year for all other businesses.

Non-conformance action

Action must be taken as soon as practically possible where non-conformances are identified, so that product risk is minimised.

Where repairs are needed, these must be completed immediately or scheduled at the earliest opportunity.

Competency

System audits and GMP inspections must be carried out by appropriately trained and competent people, such as internal staff or external consultants.

Records for either formal internal or external training must be available to prove that:

  • Auditors are competent in internal auditing and related systems.
  • Inspectors are competent in GMP inspections.

Where external consultants are used, their training records must be available.

Internal courses

If you provide an internal (in-house) training course, your training materials will need document control, so you can prove what was taught during the course.

The teacher will also need to have:

a) A teaching qualification
b) a qualification in internal auditing.

External courses

External courses can be split into three categories:

  1. Accredited
  2. Recognised
  3. Independently certified

Accredited

An accredited course in the UK means that the training provider and the qualification has been recognised and approved by OFQUAL. This means that the training provider adheres to the OFQUAL Conditions of Recognition. It’s a bit like a manufacturing site being approved to a certification standard – where you have to comply with the clauses of the standard.

Accredited courses in our industry, historically have been preferred but are not a requirement of any of the standards. And they do have their disadvantages, which we’ll come onto.

Recognised

It takes a huge amount of work to become recognised and get qualifications approved with OFQUAL, so that they can be labelled as accredited. An alternative is for training providers to get their course recognised by an official body. This means that the course has been reviewed by the given body and they have deemed it to be of a standard that they are happy with.

The problem with this type of recognition is that the body assessing the course, isn’t necessarily a specialist in the given field. For example, have a food safety course recognised by a health and safety body, doesn’t add any value as they’re not qualified to assess the content. This means you need to be pragmatic when looking at recognitions.

Independently certified

The last option is where the training provider approves their own course. This is sometimes the best option and that’s what we do here at Techni-K. From our own experience we have tried and tested both the accredited and recognised routes and found that they are not for us. Here’s why…

To be recognised by OFQUAL there are set and stringent standards to comply with – which we love, as we love structure. However, this extends to the content of the course. The courses you provide must be equivalent to what is already out there, and this isn’t what we wanted to do. We wanted to build courses that were fit for the industry today, not to replicate courses that were designed sometime around or before the 1980’s.

We also looked into recognition and went for one of the most well-known providers. Unfortunately, this didn’t add any value, we just paid for the privilege, and it didn’t drive any improvement. The recognition body even asked for the answers to the test questions, so they could pass the test without taking any notice of the course content. Which we felt defeated the purpose.

This is why we’ve come up with our own certification programme. We have used what we learnt from the OFQUAL recognition process to build a robust course development, approval and monitoring process.

Which one is best?

There is no one best type of course, the main thing to take into consideration is the content of the course and the competency results it provides. Getting a 100% pass rate doesn’t make it a good course, if the learner hasn’t been taught what they need to do the job right. Competency is key, which we’ll come onto next.

Internal auditors

To be able to provide robust audit, the internal auditor must have a thorough understanding of the subject that they’re auditing.

Think about it:

  • Would you ask your doctor to check if your boiler was working correctly?
  • Would you ask your car mechanic to give you a personal health check?

That’s why we shouldn’t ask internal auditors to audit subjects that they have no understanding of, or GMP inspectors to inspect an area without any GMP knowledge. They need training in the subject matter that they’re going to check.

Really, if you think about it, internal auditors should be the most knowledgeable people on site. They need to really know the detail of each part of the standard, because if they don’t, they won’t know whether what they’re looking at – is right or not.

If you’re on the HACCP team, you’ll know what a complicated subject it is and how much you need to know and remember to pass a HACCP course. Asking someone to complete a HACCP audit who hasn’t passed a HACCP course is a lot to ask. It’s no wonder that you don’t get a thorough audit and then get non-conformances on your external audit for HACCP.

Internal auditors are superstars. They protect your business from product contamination incidents, complaints and from non-conformances at external audits.  Your internal audit programme will be more effective, when you train them in the subject matter that they’ll be auditing – so that they can do their job properly.

GMP inspectors

Inspectors who carry out GMP inspections don’t need as much training as your auditors, but they must be trained in GMP and practical controls – so that they know what to look for.

Impartiality

Auditors must not audit any systems that they’re directly responsible for.

Inspectors must not inspect any practical controls that they’re directly responsible for.

Records

The records of system audits, GMP inspections, non-conformances and actions must be retained.

Records can be in either paper or electronic form, providing all the relevant information is collated in a single place, to allow investigation or review.

Have your say…

Share your thoughts…

Your email address will not be published.