Since the draft BRC V8 was released for consultation, I thought you might like to see my thoughts on the changes to the standard and my feedback that I submitted to the BRC. We can then use this post, to compare the changes in the actual standard, when V8 is issued. So here is my feedback to BRC as part of the consultation process for the draft BRC V8 – word for word, as it was actually submitted…
Food safety culture
Does the addition of the clause 1.1.2 to the management commitment section, which states the site must have a food safety culture plan, mean that the food safety culture additional module is being incorporated into the main standard? Or will it still be an additional and optional module? Could you please can you clarify in the interpretation guide.
1.1.5 also now refers to integrity. Will ‘integrity’ be defined in the definitions section?
The HACCP section has been amended in line with FSMA, however it still refers to CCPs (which are not a requirement of FSMA) and does not refer to PCs (which are a requirement to FSMA). I presume that either PCs or CCPs or a combination of both are acceptable. If this is the case, could this be clarified.
Clause 184.108.40.206 has been amended to state that a 2nd or 3rd party audit is acceptable, but only if the stated elements can be evidenced. Following the publication of version 7; the 2nd and 3rd party audit was clarified (on the BRC website or through a position statement), to state that any non GFSI audit was acceptable as long as the audit report was available, along with the evidence of close out of any non-conformances raised during the audit. This included SALSA. Given that we now need to provide evidence of the competency of the auditor, would an auditor that has been vetted by SALSA or any others certification body be sufficient, or would we need actual evidence such as training certificates? In which case, this would eliminate the application of 3rd party audits, where such evidence wouldn’t be available. Please could you clarify in the interpretation guide.
Also, when approving farm level suppliers, where certificates such as red tractor are applicable, the scope of the audit would be different from the elements stated (e.g. HACCP review would not be completed). Can the standard make reference to this type of approval and what the requirements would be?
I really like the addition to clause 3.9.3; the trace test should include a summary of the documents used during the test and clearly show the links between them. This will help sites to make sure that each document is clearly linked. In addition to this, it would be good, if you could clarify that this includes where traceability information changes. i.e. where one trace code changes to another – at a point of the process; that the documentation must show both the old and the new lot code (on the same document) and the link between them.
3.11.1 now has cybercrime included. It would be beneficial to include loss of IT infrastructure (not due to crime).
Would it be possible for you clarify in the introduction to the standard, why this section has been removed again; to aid our understanding of the development of the standard.
Really pleased to see that food defence has been added to the standard, in line with GFSI. Clause 4.2.1 states that both internal and external threats shall be included in the assessment. My interpretation of ‘internal’ is on site threats which would include both outsiders gaining access to materials (e.g. unlocked silos) and also, site personnel causing contamination or damage maliciously. If this is the case, then I don’t think ‘internal’ clarifies both of these types of internal threats. Could this be further clarified please?
Could clause 220.127.116.11 be amended, as a memory/reset function test requires clear packs to be placed in between the 3 packs. 3 consecutive (successive) packs is not a memory test. Therefore, the clause is confusing.
High care & high risk
Given that you’ve now moved all the high care and high risk elements to its own new section, section 8, I would like to request that we take this opportunity to simplify the zones and eliminate the need for high care. I understand the current definitions of high risk (cooked) and high care (treated but not cooked), but they don’t really make sense when you look at them closely. Where both sets of products have a use by, require chilled storage and have the potential to allow pathogenic growth – why do we say that it’s ‘acceptable’ to ‘contaminate’ high care products, whereas it’s not acceptable to ‘contaminate’ high risk products? Take the examples provided on the decision tree; a “prepared meal without a garnish” is a high risk product, because it’s been cooked. So, we’re saying it has a higher potential to cause food poisoning. But, a “prepared meal with garnishes” is a high care product. So, we’ve taken potentially the same high risk product, and added something that is not as ‘clean’ to it and now it has less potential to cause food poisoning, so we don’t have to protect it as much from contamination.
High care and high risk cause so much confusion in industry and essentially anything entering a high level zone should have gone through sufficient decontamination to make it safe to eat within its given life and not contaminate the high level zone. Why confuse matters any more than that?