Iso 22000 2005 powerpoint presentation ireland revisonلكل مهندسين الجودة

ISO 22000:2005 Food Safety Management Systems Auditor/Lead

Auditor Training Course

Copyright © 2007 Business Edge, All Rights Reserved | ISO 22000:2005 Auditor Lead Auditor Course Ireland Revision 4.0

Session 1 Objectives

• Describe the course aims, objectives, structure, logistics

• To establish what Students want to gain from the course and to allow each Student to identify themselves to their fellow Students

• Understand the role of IRCA (IRCA K4.3.1e)

• Understand the IRCA Food Safety Management Systems Auditor/Lead Auditor certification scheme criteria and process (IRCA K4.3.1e)


Learning is an act of creationActive learning beats Passive learning every time

What are the orderof the planets fromthe sun?

Accelerated Learning Introduction

Unless what is learned is applied, there is no learning

RULES OF THIS CLASS-Make mistakes-Ask lots of questions-Cheat -Have fun


Aims and Objectives

• Describe the fundamental purpose of a Food Safety Management System (FSMS)

• Explain the purpose, content and interrelationship of: management system standard ISO 22000:2005 and guidance document, industry practice; standard operating procedures; and relevant food safety legislation

• Explain the role of an auditor to plan, conduct, report and follow up an audit in according with ISO 19011

• Plan, undertake and report an audit of a food safety management system in accordance with ISO 19011

• Audit the adequacy of an organisation’s Food Safety Management System


Course Program Day 1

Introduction and Welcome

IRCA and Auditor Registration

Purpose of a Food Safety Management System

HACCP Based Control Systems

ISO 22000:2005 series


The International Register of Certificated Auditors (IRCA)

• Independent organization within the Institute of Quality Assurance (IQA)

• IRCA has two principle activities:

– Certification of Auditors– Certification of Auditor Training


IRCA Food Safety Management Systems Auditor Certification Scheme

• The objectives of the Food Safety Scheme;

– To provide confidence to the regulatory authorities, to the accreditation bodies and certification bodies, to business and industry, and indirectly to the public at large, that auditors certified to this scheme are competent..

– To benefit the auditor by conferring registration status


IRCA Food Safety Certification Categories

• Three certification grades for auditors:

– Food Safety Provisional Auditor– Food Safety Auditor– Food Safety Lead Auditor


IRCA Auditor Registration Scheme

Academic Qualification

FormalAuditor TrainingWork Experience

Auditing Experience


IRCA Contact Information

Address: IRCA,PO Box 25120,12 Grosvenor Crescent,London SW1X 7ZL

Telephone / Fax: +44 (0)20 7245 6833/ +44 (0)20 7245 6755

E-Mail: [email protected]

Website: www.irca.org



• Students become familiar with and understand food/ Food Safety Management System (FSMS) terminology including key Food Safety concepts

• Students understand the ISO 22000 Process Model and its relationship with the PDCA cycle

• Students understand food safety risk management and its significance as a strategic business driver (IRCA K4.1.1/K4.1.2a)

• Students understand the social and historical aspects of public health provision (IRCA K4.1.2b)


Key Elements of ISO 22000:2005

ISO 22000:2005 specifies the requirements for a Food Safety Management System (FSMS) that combines the following generally recognized key elements:

- Interactive communication- System management- prerequisite programmes- CODEX HACCP principles

It is a specification for any organization in the food chain

ISO/TC 34, Food Products


ISO 22000:2005 System Management

FMEA


Regulatory authorities

Consumers

Food service operators/caterers

Service providers

Producers of cleaning and sanitizing agents

Producers of equipment

Producers of packaging materials

Producers of pesticides, fertilizers, and veterinary drugsFood chain for the production of ingredients and additives

Transport and storage operators

Crop producers

Feed producers

Primary food producers

Food producers

2nd food processors

Retailers

Wholesalers

Scope of ISO 22000:2005


ISO 22000:2005 and the Food Chain


InspectionProcess

Old Vision New Vision

CorrectionAction

AuditDoCheckImprove

DesignPlan

ISO 22000:2005 Philosophy

• The primary purpose of a food safety management system is to achieve a balance between a reactive and a preventative approach with greater emphasis or statistical weighting on prevention

• Simply stated, if we can understand what can go wrong we can prevent it from happening


Definition of Food Safety

• Concept that food will not cause harm to the consumer when it is prepared and/or eaten according to its intended use

ISO 22000:2005 3.1


ISO 22000:2005 Process Model

Plan

Do

Check

Act


Terms that are often confused

Hazard = agent causing the illness or adverse health affect. See ISO 22000:2005 3.3Risk = probability of getting ill be ingesting a certain hazard & the severity of that illness

Hazard Analysis = Industry taskRisk Analysis = Governmental task

Monitoring – during implementation, verifying that the control measure functions as intended. See ISO 22000:2005 3.12Verification – after implementation, verifiable evidence that the monitoring works and the degree of intended control has been delivered See ISO 22000:2005 3.16Validation – prior to implementation, verifiable evidence that the control measure is capable of delivering the needed objectives See ISO 22000:2005 3.15


Purpose of a Food Safety Management System

• Organization provides safe food when it is prepared and/or eaten according to its intended use

• Demonstrate conformity and compliance

• Evaluate the overall effectiveness/maturity of the organization’s Food Safety Management System

• Provide a basis for continual improvement

• Demonstrate a food safety culture within the organization


Food Safety Risk Management as a Strategic Business Driver

• Secure in the knowledge that the product is safe when reaching the marketplace

• Legal requirement• Saves money by targeting resources and reducing the

requirement for end product testing• Will yield a safer product in less time and at lower cost

which will satisfy customers’ requirements• Establishes priority for improvement actions• There is a demand from customers for a recognised

food safety standard• Assists new product development• Concept of due diligence


Historical aspects of public health and food safety provision

• Hunter gatherer to communal life

• First food laws written in 2500 B.C

• Preservation methods – a preventative response

• HACCP predecessors

• HACCP and the space program

• FDA and HACCP

• Regulatory requirement since 1998


Social aspects of public health and food safety provision

• Food safety management is more important now than ever before due to:

– Increased number of pathogens on raw foods due to intensive farming, intensive production and reduced number of slaughterhouses

– Increase in meals consumed outside the home– Increase in ready prepared foods– More foreign holidays– Increased amounts of exotic imported foods– Increase in numbers of susceptible people (elderly)– Reduction in the use of preservatives


Session 3 - Objectives

• Students understand and can describe the CODEX HACCP based control system (IRCA K4.1.2c,f;K4.2.2a)

• Students understand what is a pre-requisite program and its importance within a FSMS (IRCA K4.1.2f)

• Students can evaluate the appropriate attribution of risk to identified hazards and the effectiveness of the organization’s management of risk through its food safety risk assessment and control planning (IRCA K4.1.2c,d,e,f; S4.4.2)

• Students determine appropriate operational controls for specificfood safety hazards and evaluate the implementation of operational risk control, monitoring and measurement (IRCA S4.4.3)


CODEX - Application of a HACCP based hazard control system

Five Steps• Assemble the HACCP team• Describe the product• Identify the intended use• Construct a flow diagram• Confirm accuracy of the flow

diagram

Seven Principles• Carry out Hazard Analysis

and list the control measures• Determine the Critical Control

Points (CCPs)• Establish Critical Limits for

each CCP• Establish monitoring system

for each CCP• Establish corrective actions• Establish verification

procedures• Establish documentation and

record keeping


Definition of a Control Measure

(Food Safety) action or activity that can be used to prevent or eliminate a food safety hazard or reduce it to an acceptable level

ISO 22000:2005 3.7


Definition of a Pre-Requisite Program (PRP)

Basic conditions and activities that are necessary to maintain a hygienic environment throughout the food chainsuitable for the production, handling, storage and provision of safe end products and safe food for human consumption

ISO 22000:2005 3.8


Definition of an Operational Pre-Requisite Program O-PRP

PRP identified by the hazard analysis as essential in order to control the likelihood of introducing food safety hazards to and/or the contamination or proliferation of food safety hazards in the product(s) and safe food for consumption

ISO 22000:2005 3.9


HACCP/FSMS Relationship


HACCP based control system v’sISO 22000:2005 (FSMS)

• Starting point Flow diagram

• What can go wrong (events) ?• Focus on determining the CCPs• Limited documentation of

hazard analysis• Tends to result in a static

control system• Semi-quantitative approach

(zero-tolerance/ALARA)

• Starting point Output/Input• Controls needed/not needed• Focus on determining the

control measure combinations• Full documentation of hazard

analysis• Encourages dynamic control

systems• Enables a quantitative

approach (FSO/PO approach)


House of Safe Food

House of Safe Food

Food Safety Management System

HACCP based control system

Representative Prerequisite Programs

Pro

duct

s or

new

pro

duct

s

Raw

mat

eria

ls, i

ngre

dien

ts a

nd

serv

ices

Pro

duct

ion

syst

ems

and

equi

pmen

t

Pro

duct

ion

prem

ises

, loc

atio

n of

eq

uipm

ent,

surro

undi

ng e

nviro

nmen

t

Cle

anin

g an

d sa

nita

tion

prog

ram

mes

Pac

kagi

ng, s

tora

ge a

nd d

istri

butio

n sy

stem

s

Per

sonn

el q

ualif

icat

ion

leve

ls a

nd/o

ral

loca

tion

of re

spon

sibi

litie

s an

d au

thor

izat

ions

Sta

tuto

rs a

nd re

gula

tory

re

quire

men

ts

Kno

wle

dge

rega

rdin

g fo

od s

afet

y ha

zard

s an

d co

ntro

l mea

sure

s



• Students understand the evolution of Food Safety Management System Standards and the ISO 22000:2005 series (IRCA K4.2.1; K4.1.1; K4.2.2d)

• Students understand the requirements of ISO 22000:2005 and can apply the requirements consistently in the food chain of relevant food category businesses (IRCA K4.2.2b)


Evolution of ISO 22000:2005 Standard Series

• CODEX HACCP principles

• National and voluntarily to International Management Standards

• ISO 9001:2000 and 15161:2002

• ISO 22000:2005 Standard series


ISO 22000:2005 Standard Series Objectives

• Complying with CODEX HACCP principles

• Harmonizing voluntarily to international management standards

• Provides a specification for requirements that can be assessed and achieve certification, either self declaration or for first, second and third party verification

• Is aligned with other management systems standards (ISO 9001:2000, ISO 14001:2004)


ISO 22000:2005 Standard Series ISO 22000:2005 is the first in a family of standards that includesthe following documents:

• ISO/TS 22004, Food safety management systems –Guidance on the application of ISO 22000:2005, November 2005, provides guidance for ISO 22000.

• ISO/TS 22003, Food safety management systems –Requirements for bodies providing audit and certification of food safety management systems, providing harmonized guidance for the accreditation (approval) of ISO 22000 certification bodies and defining the rules for auditing a food safety management system - first quarter of 2006.

• ISO 22005, Traceability in the feed and food chain –General principles and guidance for system design and development.



• Students understand the International Accreditation Forum (IAF) interpretations and guidelines for 3rd party CertificationBodies (Registrars) (IRCA K4.3.1b)

• Students understand the system of accredited certification including the functions of the Accreditation Bodies and Certification Bodies (Registrars) (IRCA K4.3.1c; K4.3.5d)

• Students understand the existence of private schemes and their differences in content and operations, e.g. BRC, Eurepgap (IRCA K4.3.1d)


International Accreditation Forum (IAF)

• The International Accreditation Forum, Inc. (IAF) is the world association of Conformity Assessment Accreditation Bodies

• Its primary function is to develop a single worldwide program of conformity assessment which reduces risk for business and its customers by assuring them that accredited certificates may be relied upon.


IAF Guidance Documents GD Series

• IAF publishes Guidance documents commonly called GD documents. IAF Guidance documents are not intended to establish, interpret, subtract from or add to the requirements of any ISO/IEC Guide but simply to assure consistent application of those Guides.

• Copies of all published IAF Guidance to the application of ISO/IEC Guides are available at www.iaf.nu


Infra-structure for Registration of Management Systems

National Accreditation Board(s)

Quality/Environmental Management

SystemsEN45012

Product ApprovalEN45011

Personnel ApprovalEN45013

Application For Accreditation NAB AUDIT

Certification Body

Industry

Application for Registration

Audit & Surveillance by Certification Body

Consumers and Purchasers

Regional Accreditation

International Accreditation Forum


Roles Of Accreditation & Certification Bodies

• Operate the Accreditation system for Laboratories, Attestors/Attestation bodies and Certification Bodies or Registrars

• Provide accreditation in line with their accreditation field

• Provide a service in line with the requirements of the EN 45000 series/ISO Guide 62 and shortly ISO 17021:2006

• Provide certification in line with their accredited scope

• Issue a Certificate of Registration to organisations who meet the requirement of the relevant System Standard

Accreditation Body Certification Body


Types of Conformity Assessments

• Preliminary Assessment (Mock/Trial)

• Initial Registration assessment (System)

• Surveillance assessment (Partial)

• Follow-up assessment (Partial)

• Re-registration assessment (System)


Private Schemes - BRC• In 1998 the British Retail Consortium, responding to industry

needs, developed and introduced the BRC Food Technical Standard to be used to evaluate manufacturers of retailers own brand food products.

• The Standards are available in Food, Consumer Products, Packaging and Non GM Food Standards

• Further details on the BRC can be found on their website http:// www.brc.org.uk


Private Schemes - EurepGap

• EurepGAP started in 1997 as an initiative of retailers belonging to the Euro-Retailer Produce Working Group (EUREP). It has subsequently evolved into an equal partnership of agricultural producers and their retail customers. Our Mission is to develop widely accepted standards and procedures for the global certification of Good Agricultural Practices (GAP).

• EurepGAP has Standards covering fruit and vegetables; flower and ornamentals; integrated farm assurance; integrated aqua culture assurance; green coffee etc. The standards are based on best practices.

• Further details on EurepGAP can be found on this website http://www.eurep.org



• Students identify and describe the documents and records required by ISO 22000:2005 including hierarchy and benefits of a documented FSMS. This includes the difference between a document and a record (IRCAK4.2.2c)

• Students know what the key document types looks like including their contents (IRCAK4.4.2c)

• Students understand the importance of documents of external origin, how they should be controlled and managed including the difference between auditable standards and guidance documents (IRCA K4.2.2c)

• Students understand the different methods of controlling and managing documents and the implications for Auditors


Objectives of ISO 22000:2005Standards

•• ISO requires (and always ISO requires (and always hashas required) a required) a ““Documented food safety management systemDocumented food safety management system””, , and not a and not a ““system of documentssystem of documents””

•• ISO 22000:2005 allows an organisation flexibilityISO 22000:2005 allows an organisation flexibilityin the way it chooses to document its FSMS. This enables each individual organisation to develop the minimum amount of documentation needed in order to demonstrate the effective development, implementation and updating of the FSMS, when necessary


Typical FSMS Documentation Hierarchy

POLICIES

OBJECTIVES

Hazard Analysis/Control Measure

Combinations

PROCESSES

SUPPORTING DOCUMENTATION


• Demonstrate conformity + compliance• Due Diligence• Communication• Training & Development• Marketing• Auditing

Benefits of a documented FSMS


Session 7 Objectives• Students understand the framework of relevant regional,

national and local legislation, codes of practice etc., and the interaction between the food organization and the relevant authorities (IRCA K4.2.4)

• Students have the skills to determine the legislative and regulatory items appropriate to specific food chain activities and the appropriate activities for an organization to maintain compliance with legislative and regulatory requirements (IRCA S4.4.1)

• Students have the skills to evaluate the capability of an organization to maintain compliance with legislative requirements (IRCA S4.4.4)


Origins of Food Safety Legislation

• Global food safety/health issues

• Increasing scientific understanding

• Increased consumer debate on food safety issues

• Drivers for economic change

• Consumer pressure groups

• Government policies on freedom of information


Food Safety Problems

• Major incidents involving impact on human health

• Labeling

• Use of Harmful substances

• Hygiene Standards

• Enforcement controls


Issues for Industry

• Consumer concerns

• Consumer information/Rapid Alerts

• Prohibition of certain substances

• Labelling

• Food safety enforcement controls

• Food safety legislation


“The Response”

• International– Establishment of the Food Safety Agency (FDA, EFSA)– Closer integration with International Bodies, e.g. United

Nations’ Codex Alimentarius, World Trade Organisation etc.

• National– Establishment of National Food Safety Agencies– Sector Quality Schemes

• Local– Service contracts– Switch from reliance on inspection alone to audit and

inspection


Business Response

• Stronger emphasis on quality

• Adoption of HACCP based control systems

• Support Quality Schemes– Bord Bia (Ireland)


Types of Legislation

• Regulations– same law throughout Community

• Directives– sets out aims to be achieved for countries to enact local

laws• Decisions

– as regulations but addressed to specific individuals, companies or states

• Recommendations– not binding, but may influence policy


European Union Food Safety Policy Objectives

• Food must be safe, wholesome and healthy

• Protect human health

• Promote international action to tackle regional or global problems


European Union Food Safety Policy Principles

• Aim for a high level of protection

• Shared responsibility

• Precautionary principle, where appropriate

• Subsidiary principle


Topics of Legislation

• Food Law, European Food Safety Authority• Hygiene• Residues• BSE• GM Food• Hormones• Supplements• Contaminants• Additives• Labelling• Flavourings


ISO 22000:2005 Requirements

• General Requirements, reference 4.1• Documents Control, reference 4.2.2• Management Commitment, reference 5.1b, 5.2b• External Communication, reference 5.6.1c• Internal Communication, reference 5.6.2h• Competence, Awareness and training, reference 6.2.2a• Prerequisite programmes (PRPs) reference 7.2.2/7.2.3• Product characteristics, reference 7.3.3• Process steps and control measures, reference 7.3.5.2 • Hazard analysis, reference 7.4.2.3• Product withdrawals, reference 7.10.4a,b



• Students have a common definition of employee competence and are able to distinguish between training and competence (IRCA K4.4.2b)

• Students understand the critical elements of employee competence including the relationship with organization capability and performance (IRCA K4.4.2b)

• Students have a methodology for assessing the effectiveness of an organization’s employee competence system and it’s contribution to business performance (IRCA K4.4.2b)


ISO 22000:2005 Human Resource Requirements

• People are competent rather than qualified

• Organizations must provide training or other actions to satisfy competency needs and the training or actions must be evaluated for effectiveness

• Personnel in the organization must be aware of the relevance and importance of their activities and how they contribute to the achievement of the quality objectives

• Training records need to include education, skills and experience


ISO 9000:2005 Definition of Competency

• ISO 9000:2005 defines competency as “the demonstrated ability to apply knowledge and skills” – what a person needs to be doing to demonstrate he or she is competent

• Competencies needs to be defined for hourly and management staff

• Competencies may be established for a specific position, family of positions or cluster of jobs

• There are essentially two types of competencies, namely soft (visible leadership, good listening skills) and hard (planning, scheduling, controlling work or processes)

• Minimum competencies for managers and supervisors, whereas for hourly personnel the focus is typically on the hard skills


Session 9 Objectives• Students understand the scope, principles, terms and

requirements of ISO 19011:2002

• Students will understand the key auditing terms and principles of auditing

• Students will understand what is expected of an audit management program and show to assess the effectiveness of an organization’s internal audit program

• Students will understand the life cycle of an audit and key activities (IRCA K4.3.2a)

• Students will understand the competencies required by Auditors including the relevance of ISO 17024:2003


Introduction and Scope of ISO 19011:2002

• Both the ISO 9000 and ISO 14000 series of standards emphasisethe importance of audits as a management tool for monitoring a management tool for monitoring and verifying the effective implementation of an and verifying the effective implementation of an organization's policy for quality and/or environmental organization's policy for quality and/or environmental managementmanagement

• This International Standard provides guidance on conducting internal or external QMS and/or EMS auditsinternal or external QMS and/or EMS audits, as well as on the management of audit programmes

• It is discretionarydiscretionary whether or not QMS and/or EMS audits are conducted separately or together

• This International Standard can be applied to other can be applied to other management system standardsmanagement system standards


•• AuditAudit, a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.

•• Audit criteriaAudit criteria, set of policies, procedures or requirements

•• Audit evidenceAudit evidence, records, statements of fact or other information, relevant to the audit criteria and verifiable.

•• Audit findingsAudit findings, results of the evaluation of the collected audit evidence against audit criteria.

•• Audit conclusionAudit conclusion, outcome of an audit, provided by the audit team after consideration of the audit objectives and all audit findings

•• AuditorAuditor, person with the competence to conduct an audit

•• Audit ProgrammeAudit Programme, set of one or more audits planned for a specific time frame and directed towards a specific purpose

•• AuditAudit PlanPlan, description of the activities and arrangements for an audit

Key Terms


Principles of Auditing

•• Ethical conductEthical conduct – the foundation of professionalism

•• Fair presentationFair presentation – the obligation to report truthfully and accurately

•• Due professional careDue professional care – application of diligence and judgment in auditing

•• IndependenceIndependence – the basis for the impartiality and objectivity of the audit conclusions

•• EvidencEvidencee--based approachbased approach– the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process


Auditor CompetenceQuality

Quality Specific knowledge and skills

(7.3.3)

Environmental / Food Safety

Environmental /Food safety Specific knowledge and skills

(7.3.4)

Generic knowledge and

skills (7.3.1 and 7.3.2)

Auditor Competency



• Students understand the process approach including its significance when auditing management systems (IRCA K4.2.2a)

• Students know how to assess the capability of a process and its relationship with a Food Business Organization (FBO) objectives (IRCA K4.2.2a)

• Students understand the process methodology for assessing top management in a (FBO) (IRCA K4.3.4c and S4.5.3b)

• Students can identify potential emergency situations and can evaluate the planning and capability of an organization to respond to emergency situations (IRCA S4.4.4)


Understanding the Process Approach

• ISO 9000:2005 defines a ProcessProcess as: – “set of interrelated or interacting activities which transforms

inputs into outputs”

• Processes in an organisation are generally planned and carried out under controlled conditions to add valueadd value

• Data should be gathered to establish process capability and analyse process performance including input and output characteristics


The P-D-C-A Cycle

PLANWhat to do ?

How to do it?

DODo what was planned

CHECKDid things happen according to plan?

ACTHow to improve next time


Approach to Audit Planning

• Verify the organization’s role in the food chain including scope of registration sought

• Understand the organisation’s food safety goals and objectives including alignment with the food safety policy

• Understand and verify the Food Safety Management System framework

• Develop the Audit Plan based on the process steps within the organization’s food chain/scope of registration sought

• Develop process based Checklist(s)


Understanding the system approach to management

• Individual processes rarely occur in isolation, namely outputs from one process typically form part of inputs into subsequent processes

• Simply stated, a food safety management system comprises a number of interrelated processes

• Inputs and outputs of these processes can often be related to both internal and external customers

• Customer feedback of a process output is an important input to the continual improvement of an organization’s FSMS


S U P P L I ER S

C U S T O M E R S

OutputsInputs Process

High-Level Process Map

S I P O S I P O C C Model


SIPOC Example

Suppliers Inputs Process Outputs Customers

Hazard Analysis

Preliminary Data Hazard Identification

Hazard Evaluation

Validation of Control Measure

Combinations

Process Steps

Statutory & Regulatory

Customer Product Requirements

Various

Codex GuidelinesCodex

Customer

FSMS team

Scientific DataScientific Source

O-PRP Plan

HACCP Plan

Auditors


Emergency Preparedness and Response

• Identifying potential emergency and accidents

• Emergency and accident response procedure

• Emergency and accident response command and control structure

• Competence, awareness, and training

• Emergency preparedness and response plan

• Periodic review and testing, where practical



• Students understand basic audit terminology

• Student understand the audit terms, pre-registration, initial registration, surveillance and re-registration and the difference between them from an audit perspective (IRCA K3.3.6e)

• Students understand the purpose of 1st, 2nd, and 3rd party audits (IRCA K3.3.2a)

• Students understand the qualities and responsibilities of auditors and the management responsibilities of the Lead Auditor in managing the audit and the audit team (IRCA K3.3.3)

• Students understand the need for effective communication with the Auditee throughout the audit process (IRCA K3.3.3c; K3.3.5b)


•• AuditAudit, a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.

•• Audit criteriaAudit criteria, set of policies, procedures or requirements

•• Audit evidenceAudit evidence, records, statements of fact or other information, relevant to the audit criteria and verifiable.

•• Audit findingsAudit findings, results of the evaluation of the collected audit evidence against audit criteria.

•• Audit conclusionAudit conclusion, outcome of an audit, provided by the audit team after consideration of the audit objectives and all audit findings

•• AuditAudit clientclient, organisation or person requesting an audit

•• AuditAuditeeee, organisation being audited

•• AuditorAuditor, person with the competence to conduct an audit

•• AuditAudit teamteam, one or more auditors conducting an audit, supported if needed by technical experts

•• AuditAudit PlanPlan, description of the activities and arrangements for an audit

Key Terms


1st Party

2nd Party

3rd Party

Internal External

Audit of one’sown organisation

Audit of a Supplier by a Customer

Audit by anindependentBody

Audit Types & Roles


Systems vs. Conformance / Effectiveness

ISO Standard FSMS Documentation

Operational Practices


Main Purpose of 1st Party Audits

• To determine if the Food Safety Management System conforms to the agreed audit criteria

• To ensure the Food Safety Management System has been effectively implemented and maintained

• To review the efficiency and effectiveness of its processes

• To identify opportunities for improvement


Main Purpose of 2nd Party Audits

• To evaluate the degree of conformity to customer product criteria

• To evaluate the effectiveness of the supplier’s Food Safety Management System



Main purpose of 3rd Party audits

• To provide objective evidence of conformity with the criteria/requirements of ISO 22000:2005

• To provide objective evidence of the degree of effectiveness of the Food Safety Management System



Personal Qualities of an Auditor

• Precise• Reasonable• Objective• Fair• Energetic• Sensitive• Supportive

• Integrity• Organised• Not afraid of reporting the

facts• Astute and analytical• Listener• Sensitive to local customs

PROFESSIONAL’S


IRCA Code of Conduct

• To act in a trustworthy and unbiased manner

• To disclose any potential conflict of interest

• Not to accept any inducement, gift, commission, discount or any other profit

• To keep the audit findings confidential

• Not to act any any way prejudicial to the reputation or interest of the audit organisation or credibility of IRCA

• Co-operate fully in any formal enquiry procedure


Communication during the Audit

• The audit team should confer periodically to

– Exchange information– Assess audit progress– Reassign work between audit team members as needed– Discuss concerns about any issues outside the scope of

the audit

• The Lead Auditor should communicate to the auditee/audit client any

– Significant risks identified during the audit process– Concerns about any issues outside the audit scope– Evidence which indicates audit objectives are unattainable


Auditor Responsibilities

• Understand the purpose, scope and criteria of the audit

• Ensure adequate planning is carried out prior to the audit

• Conduct the audit in a professional manner

• Establish and maintain good relations with employees

• Produce a factual and balanced audit report, in a timely manner

• Comply with audit organization’s audit rules and guidelines


Lead Auditor Duties and Responsibilities

• Form a competent and capable audit team

• Be the main focal point of contact with the client organisation (auditee)

• Conduct any preliminary visits

• Lead and manage the audit team

• Report the audit findings

• Co-ordinate any follow-up activities


Sub-Team Leader Responsibilities

• Support the Lead Auditor

• Co-ordinate and manage the Sub-team

• Communicate to other team(s)

• Assemble evidence

• Report (verbally or in written form) when requested

• Be available for follow-up reviews


Trainee Auditor Duties and Responsibilities

• Conduct the audit under the supervision of a Competent Auditor/Lead Auditor

• Provide feedback to audit organization on learning experience




Technical Expert Duties and Responsibilities


• Take notes




Translator Duties and Responsibilities



• Take notes

• Establish and maintain good relations with Audit team and employees


Observer Duties and Responsibilities

• Not to influence or interfere with the audit activity - focus on the audit process

• Maintain confidentiality

• Provide feedback to own organisation on learning experience


Guide Duties and Responsibilities

Assist the Auditors during the audit process by:

• Conducting the Auditors from area to area

• Introducing area manager(s) + employee(s)

• Occasionally providing clarification, when requested

• Obtaining additional support documentation, if requested

• Ensure rules concerning site safety and security procedures are known and respected by audit team members


Consultant Duties and Responsibilities

• Not to influence or interfere with the audit activity, findings or audit conclusion

• Provide feedback/input to the client on audit findings and/or audit performance

• Due professional care


Auditee Responsibilities

• Create the ‘right environment’ for the audit to take place

• Ensure employee(s) are aware of the audit

• Support the audit process by providing facilities and support services, when requested

• Support the agreed audit plan

• Provide access to people, processes, products, areas, and data and records

• Ensure the audit team receive open co-operation throughout the audit



• Students know the activities and task to be completed during theplanning phase of the audit life cycle (IRCA K3.3.4a, c; S3.4.1)

• Students know how to approach an organization which does not have a formal documented FSMS based on ISO 9001:2000 (IRCA K3.3.4f)

• Students have the skill to conduct a document review, determine its conformity and whether there is adequate arrangements to justifyproceeding with the on-site audit (IRCA K3.3.4b; S3.4.2a)

• Students have the skill to develop an audit plan based on the scope of registration sought and the food chain process steps of the organization (IRCA K3.3.4 S3.4.2d)

• Students have the knowledge and skill to develop and technicallyassess a process based checklist (IRCA K3.3.4e, f; S3.4.2e)


Main activities during the Planning Phase

• Agreeing the audit objectives, scope and criteria

• Communicating with the Auditee/Audit Client

• Determining the feasibility of the audit

• Forming a competent audit team/audit team assignments

• Developing an audit plan

• Creating process based checklists

• Holding an audit team briefing, if required

Initiating the Audit Preparing for the Audit


Establishing Initial Contact with the Auditee

• Establish communication channels with Auditee Representative/FSMS Team Leader

• Confirm the authority to conduct the audit

• Request access to relevant documents, including records

• Provide information on proposed timing and audit team composition

• Establish what, if any applicable site safety rules and PPE

• Make arrangements for the audit

• Agree attendance of Trainee Auditors, Observers and the need for Guides


Determining the Feasibility of the Audit

• Verifying and validating the data provided by the Auditee

• Conducting a preliminary document review

• Conducting a preliminary audit visit


Audit Team Selection

• Audit objectives, scope, criteria and estimated duration of the audit

• Statutory, regulatory, contractual and accreditation/ certification requirements

• Overall competence of the audit team to needed to achieve the objectives of the audit including audit team assignments

• Independence from the activities to be audited including conflict of interest

• Ability of the audit team to interact with the auditee and work together

• Availability


What is an Audit Plan?

• Description of the activities and arrangements for an audit

ISO19011:2002


Factors to be considered when developing an Audit Plan

• The audit objectives, scope and criteria including the role of the organization in the food chain

• The product categories, processes and locations/shifts where the on-site audit activities are to be carried out

• The expected duration and time for the on-site activities including safety/security requirements

• Persons to be interviewed

• Competency of auditors

• Audit team performance monitoring


Audit Team Briefing

• Introduce team members

• Present a briefing statement about the auditee

• Assign roles and responsibilities

• Distribute relevant audit working documentation

• Ensure specialist team members / technical expert are clear on the area(s) they need to focus on

• Discuss any queries with the audit plan

• Reconfirm commitment, availability and independence and impartially of the audit team


What is a Checklist?

• A structured list of points to evaluate

• Identifies and communicates the scope of an audit

• An Auditor’s tool to gather evidence and provide an audit trail

• Guides the course and controls the pace of an audit


Benefits of a Checklist

• Helps an Auditor understand the food safety hazards, processes and control measures associated with the food chain process/activity assigned by the Lead Auditor/Audit Plan including its significance for the auditor

• A record agreed audit criteria was checked and audit objectives fulfilled

• Helps an Auditor manage time in line with the audit plan and covers agreed audit criteria

• Assists future audit preparation


Key points when developing a Process-Based Checklist

• Audit objectives and criteria

• Audit sample/time available

• Format of checklist

• Food categories

• Associated risks/hazards and control measures associated with the food categories

• Risk assessment techniques in place


Types of Checklists

Standard

• Ready formatted• Facilitates consistency

across different area(s)• Uniform questions• Can be inflexible• Not suited to all types of

audit

Customised

• Constructed as and when needed

• Usually specific to a particular audit

• Assists preparation by Auditee

• Demonstrates professional approach by Audit team



• Students understand the reasons for an Opening Meeting (IRCA K3.3.5b; S3.4.3a)

• Students know the typical agenda for an Opening Meeting (IRCA K3.3.5b)

• Students have the skill to be able to run an Opening Meeting (IRCA K3.3.5b)


Reasons for an Opening Meeting

• Cover the main points of the audit plan

• Courtesy to talk to the Auditee managers and employees

• Create the ‘right’ atmosphere

• Audit process can be explained

• Confirm communication channels

• Expectations can be set

• Questions can be answered


A Typical Opening Meeting Agenda

• Introductions, if applicable

• Confirmation of the objectives, scope and criteria of the audit

• Confidentiality Statement/Sample

• Confirmation of audit plan

• Outline the audit process and approach

• Explain the reporting method

• Confirmation of availability and roles of guides

• Provide any clarifications which may be required


How to Manage the Opening Meeting

• Be prepared

• Control the meeting

• Keep it short and stick to the point

• Be professional

• Keep a record of people who attend


What information can be gathered at an Opening Meeting

• Who the Guides are

• Confirmation employees are aware of the audit

• What the layout of the site/facility is

• Confirmation of support services available

• Confirmation of relevant work safety, emergency and security procedures for the audit team

• What management’s commitment is

• What the real power structure is



• Students know the activities and tasks to be completed investigative phase of the audit life cycle

• Students understand the term audit evidence, the requirement for audit evidence and the primary methods for obtaining audit evidence (IRCA K3.3.5e)

• Students understand the benefits and limitations of sampling (IRCA K3.3.5d)

• Students understand and demonstrate the communication skills required to obtain audit evidence (IRCA S3.4.3)

• Students know how to manage difficult situations while obtaining audit evidence (IRCA S3.4.3)


Main activities during the Performance Phase

• Opening Meeting

• Gathering Evidence

• Writing Audit Finding Reports

• Collating and generating the Final Audit Report

• Preparing for the Closing Meeting

• Closing Meeting


What is Evidence?

Qualitative or quantitative information, records, orstatements of fact pertaining to:

a. the quality, safety, and environment of the product or service

b. to the existence and implementation of a food safety management system requirement

which is based on observation, measurement or test andwhich can be independently verified


Procedure for Gathering Evidence

Question/Analyze

CheckObserve/Analyze


General Points on Questioning Techniques

• Use appropriate types of question

• Adopt a logical approach

• Follow a natural sequence

• Actively listen to what is being said

• Use silence appropriately

• Seek clarification, where necessary

• Verify responses, where necessary


Typical Questions

• Information

• How• What• When• Where• Who• Why

Verification

• Show me


Types of Questions

• Open

• Closed

• Hypothetical

• Obvious

• Answered


Observation

• People

• Product and service

• Processes

• Information systems


Taking Notes

• Employee names and job titles

• Product identification

• Quotes and statements

• Rough sketches

• Surroundings

• Issues which may impact other functions/Audit team members


Mental Notes

• Workload

• Employee behaviour

• Management approach

• Organisation

• Knowledge of business and applicable standards

• Reactions


Reaching Audit ConclusionsSources of information

Collecting byappropriate sampling

and verifying

Evaluating against auditcriteria

Reviewing

Audit conclusions

Audit Evidence

Audit Findings


Sampling

• Sample frame/Sample

• Representative

• Random

• Reduced time and costs


Role of the Technical Expert

• Listen

• Watch

• Audit

• Provide expertise

• Take notes


Importance of Audit Team Performance

• Keep to the original audit plan

• Auditor/Lead auditor checks progress regularly

• Manage delays


Communication Skills

• Verbal

• Body language

• Style and tone of speech

• Facial

• Range of literacy


Handling Difficult Situations

• Time Wasting

• Discrimination

• Hostility

• Avoidance

• Finger Pointing

• Undermining

• Deception

• Obstruction

• Usurping Control

• Flattery



• Students understand what a non-conformity audit finding is and the typical content of a non-conformity and are able to describe and apply the risk classification system used (IRCA K3.3.6a,b)

• Students are able to write both a non-conformity (NCR) and Opportunity for Improvement (OI) audit finding (S3.3.4a,d)

• Students understand the contents of an audit report and are able to write one (IRCA S3.4.4b,e)

• Students understand who gets a copy of the audit report, when, and the retention period


What is a Nonconformity?

• The absence of, or the failure to implement and maintain, one ormore food safety management system requirements, or a situation which would, on the basis of available objective evidence, raise significant doubt as to the safety of the product the organization is supplying

• A nonconformity exists where there is evidence of a failure to comply with a requirement of a:

Statutory and regulatory requirementProduct or Service SpecificationCustomer requirementProcess and procedureFood Safety Management System requirement


Typical Root Causes of Nonconformities

• Organisation structure

• Management System Standard

• Education and training

• Resources

• Adherence to defined processes and procedures

• Management leadership and support

• Information

• Legal & Regulatory Requirements


NCR Definitions• A Major nonconformity is where there is a total break-down or

absence of objective evidence to satisfy one or more food safety management system requirements, or a situation which would, on the basis of available objective evidence, raise significant doubt as to the safety of what the organization is supplying.

• A Minor nonconformity is where there is a defined and documented system which generally satisfies one of more food safety management system requirements, or a situation which would, on the basis of available objective evidence, raise concern as to the potential safety of what the organization is supplying, e.g. the system and/or one or more processes have not reached an acceptable maturity level.

• An observation/Opportunity for Improvement is a remark by an Auditor which warrants clarification or investigation so as to improve the overall effectiveness and/or efficiency of the organization's Food Safety Management System.


An Audit Report is

• A summary or record of the outcome of an audit, in line with the agreed audit objectives, scope and criteria


Contents of an Audit Report• Audit objectives, scope and criteria• Statement of the confidential nature of contents• Audit conclusions• Strengths and Weaknesses• Number of nonconformities (including classification) and

observations, if any• Nonconformity/Observation Reports• Recommendations (risk assessment audit findings), if any• Obstacles encountered• Follow-up activities• Audit Plan• Audit Checklists (Appendix)• Identification of the Lead Auditor and team members• Identification and contact details of Auditee• Opening/Closing Meeting Minutes


Audit Reporting Principles

• Never loose sight of the basic aim of an audit, namely to get management commitment to act on the findings

• It should be fair and balanced

• Never point the finger!

• Keep it simple and concise

• Keep the audit outcome confidential

• Publish in a timely manner


Audit Report Approval

• The Auditor/Lead Auditor should sign and date the final audit report signifying the audit objectives have been met and the fact the report is accurate and complete

• The Top Executive and/or Food Safety Team Leader should sign and date the report to signify agreement with and commitment to act on the findings


Audit Report Distribution, Timing & Retention

• Distribution should be limited to the Food Safety Team Leader and the audit organisation

• Ideally it should be available for the Closing Meeting. If not, it should be available within an agreed timescale

• It should be retained in accordance with Audit organization policy and/or regulatory requirements



• Students understand the activities to be covered during a final team meeting including its importance

• Student can describe the process for collating the findings of the audit team

• Students know how to manage situations where the organization’s QMS is deemed not to conform and to correctly assess the maturity of the organization’s QMS and risk to the integrity of the registration and supplier approval (IRCA S3.4.4e, f)

• Students understand the ISO policy on recommendations and offers of advice

• Students understand the importance of audit follow-up; the terms correction, corrective action and CAPA process including responsibilities including the objective evidence required to demonstrate effective implementation of CAPA (IRCA K3.3.6c, d; S3.4.4g)


Activities to be covered during the Final Team Meeting

• Review the audit findings against the audit objectives

• Agree the audit conclusions (recommendationrecommendation)

• Decide your strategy for presenting the findings

• Ensure any nonconformity and/or observation reports are signed in advance of the closing meeting

• Anticipate possible areas of disagreement

• Decide the follow-up strategy (recommendation)(recommendation)


Process for Collating the Audit Findings

• Collate all the information• List the strengths• Evaluate and distil• List the weaknesses (Nonconformities)• Evaluate and distil• List any observations• List any obstacles encountered, if any• Decide the overall conclusion (recommendationrecommendation)• Decide the follow-up strategy (recommendation)(recommendation)


Lead Auditor’s Facilitation Role

• Lead and maintain control

• Create a positive team climate

• Use the synergy of the audit team

• Remain objective

• Distil and analyse the audit team’s finding’s

In summary, “Keep it simple, add value where practical”


If the Auditee does not conform

• Be mindful of the level of your authority

• Maintain control

• Double check the findings are based upon sound evidence

• Do not waiver from the intended message

• Ensure the Auditee does not see it as purely a negative message

• Check the tone and choice of language used


Offers of Advice – Are they a good idea?

• Promotes a spirit of “were here to help”

• There is no obligation on the part of the Auditeeorganisation to implement offers of advice

• There are risks associated with giving advice


Risks associated with Offers of Advice

• Ownership

• Possible confusion in roles

• Legal and financial

Therefore, never give advice in an external audit.

There is greater scope to give advice in an internal audit, however the risks albeit small still exist


Contributions during the Closing Meeting

• The Lead Auditor should always lead and manage the presentation and deliver the audit report executive summary

• The Lead Auditor may request individual auditors to clarify individual nonconformities, if required

• The Lead Auditor should assign an audit team member to take minutes of the meeting and record attendance


Audit Follow-up, why is it important ?

• Corrective action takes place in a timely manner

• Corrective action is effective and suitable

• The real benefits of the audit can be realised

• The effectiveness of the audit programme can be measured



• Students understand the reasons for a Closing Meeting (IRCA K3.3.5b)

• Students know the typical agenda for a Closing Meeting (IRCA K3.3.5b)

• Students have the skill to manage a Closing Meeting and evaluate proposal for corrective action (IRCA K3.3.5b; S3.4.4b,e,f,g)

• Students understand the audit records to be maintained during the life cycle of an audit

• Students understand the methods for improving audit performance including the importance of improving audit performance


Purpose of a Closing Meeting

• To verbally present the audit team’s findings and conclusions in such a manner that they are understood and acknowledged by the auditee, and to agree, if appropriate, on the time period for the auditee to present a corrective action plan


Who attends the Closing Meeting?

• Audit Team

• Lead Auditor• Auditor(s)• Observer(s), if used

Auditee

• Top Executive/Manager• Food Safety Team Leader• Functional Representative(s)• Guide(s) (Optional)• Employees (Optional)


A Typical Closing Meeting Agenda

• Re-statement of audit objectives, scope, and criteria

• Representative sample statement/confidentiality

• Audit conclusion - executive summary

• Audit findings – detail

• Follow-up activities

• Obtaining ownership and commitment

• Reporting

• Questions


Hidden Agenda

• Preparation

• Objectivity

• Control

• Constructive attitude

• Professional, businesslike and polite at all times

• Avoid traps

• Timing


Evaluating CAPA Proposals?

• The Lead Auditor or assigned Auditor technically assesses the proposed corrective and preventative action and root cause analysis data

• Ideally the Auditor/Lead Auditor who raised the audit finding should verify and validate closure of any nonconformities raised

• CAPA proposals should be received and reviewed within 10 calendar days or sooner and verified + validated and closed out within 12 weeks, unless a variation is granted


Methods for Closing Out Corrective Actions

• Documentation review

• Re-audit

- Partial- Full


Audit Objective

• To obtain commitment to act on findings so that the ‘real’ benefits of an audit can be realised.

• The ultimate Auditor is the consumer!

Science

Iso 22000 2005 powerpoint presentation ireland revisonلكل مهندسين الجودة