You are on page 1of 8


Effective utilization of the previously acquired certificates (HACCP, ISO 9001)

Reducing cost of implementing the food safety system requirements according to other
standards in the field of food safety (IFS, BRC)
Trustworthy guarantee of food safety confirmed by an independent third party;
Contribution to the process of facilitating communication with trade chains.

ISO 22000:2005 specifies requirements for a food safety management system where an
organization in the food chain needs to demonstrate its ability to control food safety hazards in
order to ensure that food is safe at the time of human consumption.
It is applicable to all organizations, regardless of size, which are involved in any aspect of the
food chain and want to implement systems that consistently provide safe products. The means
of meeting any requirements of ISO 22000:2005 can be accomplished through the use of
internal and/or external resources.

A Food Safety Management System structured with the principles of HACCP will have a
clear focus on food safety which is a Fundamental requirement of any food business
An effectively implemented and applied HACCP based Food Safety Management System
will improve customer confidence in the safety of food
A Food Safety Management System based on HACCP takes a preventative approach that
is designed to reduce and liabilities
An effective Food Safety Management System demonstrates management commitment
to the supply of safe products
Food Safety Management System Records provide evidence of due diligence
HACCP based Food Safety Management Systems can be combined with other
management systems such as ISO 9001:2008. This combination provides a Food Safety
based system also considers quality
Certification to the International Standard ISO 22000 gives all interested parties a clear
message that the organization is serious about Food Safety

Food Safety Management System Certification can be seen by some Senior Managers as an
unnecessary and bureaucratic activity. For this reason Senior Management need to understand
the benefits of an effective Food Safety Management System:
In order to ensure a Food Safety Management System is effectively implemented management
within an organization need to understand:

The benefits of a Food Safety Management System

How lack of an effective Food Safety Management System can cause food borne illness
That a HACCP based Food Safety Management System really is a minimal system to
ensure maximum control

That a HACCP based Food Safety Management System enables businesses to optimise
the use of resources by control of CCPs in an logical manner

When a business has a good understanding of Food Safety principles and has the commitment
and resources to carry them out, a Food Safety Management System will deliver the promised
benefits. Small to medium organizations found in the food industry, have fewer resources
compared with large companies, and so find it difficult to implement an effective system.

ISO 22000:2005 Specifies requirements

To plan, implement, operate, maintain and update a food safety management system
aimed at providing products that, according to their intended use, are safe for the
To demonstrate compliance with applicable statutory and regulatory food safety
To evaluate and assess customer requirements and demonstrate conformity with those
mutually agreed customer requirements that relate to food safety, in order to enhance
customer satisfaction
To effectively communicate food safety issues to their suppliers, customers and relevant
interested parties in the food chain
To ensure that the organization conforms to its stated food safety policy
To demonstrate such conformity to relevant interested parties, and
To seek certification or registration of its food safety management system by an
external organization, or make a self-assessment or self-declaration of conformity to ISO

ISO 22000 Food Safety Management Systems

Comprehensive New Food Safety Management System a Comprehensive ISO 22000 compliant
procedural manual that forms the basis of your food safety management system. The system
has been designed to match the standard for ease of use and includes the following sections:

Food safety management system

Documentation System
Management commitment & responsibility
Food safety policy
Food safety management system planning
Responsibility and authority
Food safety team leader
Emergency preparedness and response
Management review
Provision of resources

Human resources
Work environment
Planning and realization of safe products
Prerequisite programmes (PRPs)
Preliminary steps to enable hazard analysis
Hazard analysis
Establishing the operational prerequisite programmes (PRPs)
Establishing the HACCP plan U
pdating of preliminary information and documents
Verification planning
Traceability system
Control of non-conformity
Validation, verification and improvement of the fsms
Validation of control measure combinations
Control of monitoring and measuring
Food safety management system verification

Food Safety Management System Records

Hygiene Policy Staff Training Record

Complaint Investigation Form
Prerequisite Audit Checklist
Knife Control Record
Knife Breakage Report
Goods in Inspection Record
Equipment Cleaning Procedure
Glass and Brittle Plastic Breakage Record
Metal Detection Record
First Aid Dressing Issue Record
Cleaning Schedule
Cleaning Record
Engineering Hygiene Clearance Record
Glass and Brittle Plastic Register
GMP Audit Checklist
Management Review Minutes
Training Record
Product Release Record
Design and Development Records
Supplier Assessment Record
Validation Record
Identification and Traceability Record
Register of Customer Property

Calibration Record
Internal Audit Record
Records of Non-conforming Product
Corrective Action Request Form
Preventative Action Request Form
Supplier Self-Assessment and Approval Form
Equipment Commissioning Record
Return to Work Form
Vehicle Hygiene Inspection Record
Outgoing Vehicle Inspection Record
Pre-Employment Medical Questionnaire
Visitor Questionnaire
Product Recall Record
Shelf Life Confirmation Record
Accelerated Keeping Quality Log
Goods In QA Clearance Label
Maintenance Work Hygiene Clearance Form
Changing Room Cleaning Record
Color Coding Red Process Areas
Daily Cleaning Record for Toilets and Changing Rooms
Drain Cleaning Procedure Filler Areas
General Cleaning Procedure
Product QA Clearance Label
CIP Programmed Log
Sample Filler Cleaning Record
Pipe Diameter Flow Rate Conversion Table
QC Online Check Sheet

Use of ISO 22000:2005

Since ISO 22000 is a generic food safety management standard it can be used by any
organization directly or indirectly involved in the food chain including- Farms, Fisheries and
Dairies, Processors of Meats, Fish and Feed, including Manufacturers of soups, snacks, bread,
cereal, beverages, canned and frozen food, etc. as well as food service providers such as
restaurants, fast food chains, hospitals and hotels.
Supporting services should not be forgotten and providers of food transportation storage and
distribution, catering services as well as product suppliers for equipment, additives, raw
materials, cleaning and sanitizing products, packaging. In short if your products touch the food
industry or the food we eat, part or all of the ISO 22000 requirements will apply.

Scope and Exclusions

The scope of the registration is important for setting boundaries of the FSMS and the
registration activities. This scope must be documented in your FSMS and will appear on the
final certificate of registration. NQA can help guide appropriate verbiage for the scope to

ensure clarity both during the audits and for the future registration (see pre application
checklist for details). The scope shall specify the products or product categories, processes and
production sites that are addressed by the FSMS. FSMS documentation shall include
documented statements of a food safety policy and related objectives, documented procedures
and records required by ISO 22000:2005 and other documents needed by the organization to
ensure the effective development, implementation and updating of the food safety
management system but not necessarily a quality manual.

Audit Process
The NQA audit process for FSMS audits begins with the on-site assessments of HACCP plans,
other related documents, data, records, activity and personnel. Process audit trails are followed
by interviews of personnel responsible for the tasks and reviewing associated activity and
records of occurrence. The audit trail will follow interactions between HACCP plans and
processes as well as the details of the process itself. Following are the stages of the audit

Pre-assessment (optional)
If a pre-assessment is requested by the organization, it will typically occur prior to the Stage 1
Readiness Assessment. This activity is optional and is not required to achieve certification,
however, it provides several benefits including identification of system gaps and familiarity with
the auditor and auditing process. The client has full discretion in the scope and duration of the
activity, although NQA will recommend the number of days per a general rule of thumb of half
the allotted Stage 2 Registration Assessment.

Registration Audit (Readiness Review) - Stage 1

The Readiness Review is an on-site audit that includes a comprehensive review of
documentation, including HACCP plans, PRPs, OPRPs and other key management processes to
ensure their adherence to the requirements by using information provided on the pre-visit
questionnaire. The Stage 1 review also includes:

Applicable/identified legal requirements and compliance data

Production, product and monitoring data
Product/process flows
Site plans and production layout
All applicable audit plans, audit results, corrective actions, including customer county
and governmental audits
f) Selection and qualification of key management personnel, including internal auditors
This sets the stage for the review of implementation at the Stage 2 (Registration Assessment).
The organization will receive the results of this analysis in a documented report with any
findings listed which will be discussed during a closing meeting. Any finding raised during the
Stage 1 review should be corrected prior to the next visit taking place. An unsuccessful Stage 1
visit will require a second visit to take place.

The auditor will generate an audit plan for the Stage 2 audit. The audit plan shall include
evaluation of all of the clients FSMS as well as all regulatory and statutory requirements.
Additional time should be added to the audit plan when excessive personal hygiene/protective
equipment changing is required between processes/products/production areas.

Registration Audit - Stage 2

The objective of the Stage 2 audit is to assess the organizations adherence to its own policies,
objectives and procedures and their conformance to the requirements of their FSMS including
specific customer requirements. To accomplish this, the audit will address implementation of all
the elements of the standard with the audit team observing, interviewing and reviewing
processes, personnel and objective evidence of conformance to the FSMS requirements.
NQA utilizes a process audit approach, interviewing process owners, employees and top
management throughout the organization. Review of documentation and records to support
the implementation is an expected part of the assessment process. Effectiveness of the system
is considered to be how well the system is deployed. This is demonstrated by the measures
defined by the organization to meet customer satisfaction and company objectives, as well as
conformance to the standard.

Audit Findings
Any deviations from procedures or ISO requirements will be identified as audit findings, which
will be documented in the audit report in the three categories defined as follows:
Critical/major finding could be one or more of the following:
The absence of or total breakdown of a system to meet an ISO22000:2005 requirement. A
number of minor non-conformities against one requirement can represent a total breakdown
of the system and thus be considered a major non-conformity.
A non-compliance that judgment and experience indicate is likely either to result in the failure
of the management system or to materially reduce its ability to assure controlled processes and
Critical control limits for CCPs have been exceeded or controls have been lost, probable or
likely shipment of non-conforming product or product that does not conform to statutory or
regulatory requirements.
Failure to respond to potentially unsafe products, withdraw products or communicate to
affected customers.

A minor non-conformity relates to a single observed lapse in a procedure not related to

a food safety issue. Non-conformities shall never be worded in such a way as to advise
the company of action which should be taken in order to comply with the requirements.

An observation or opportunity for improvement relates to a matter about which the

auditor is concerned but which cannot be clearly stated as non-conformity.
Observations also indicate trends which may result in a future non-conformity.

Corrective Action Response

The organization is required to respond to all findings within a duration stated on the audit
report following the activity. Typically opportunities for improvement would be addressed as
preventative actions by the organization, while non-conformances would be addressed as
corrective actions in their own PAR/CAR system. The Corrective Action Plan (CAP) and any
associated evidence should be documented and sent to NQA for review. Where critical or major
non-compliances have been raised typically on site closure by a member of the original audit
team will be required

Certificate Issuance
Following a successful review of the audit teams report and associated Corrective Action Plan,
NQA will authorize issuance of a certificate that is valid for a period of three years. The
organization can expect to receive its certificate within 1-2 weeks of successful CAP submittal.

Surveillance Audits
NQA will conduct Surveillance Audits based on an agreed upon schedule, either once or twice
per year. The purpose of the Surveillance Audit is to ensure that the QMS continues to conform
to both the organizations and the ISO22000:2005 requirements. Surveillance audit plans
should take into consideration shift working and production schedules, including dedicated
weekend/24 hour operation.

Each surveillance visit will consider the following and will be carried out no later than
one month after planned date:
Customer complaints and organizations response
Organizations internal audit and management review results and actions
Progress made toward continuous improvement targets
Effectiveness of the corrective actions and verifications since the last visit
Any change to the system since the last audit
Effectiveness of the FSMS with regards to achieving the certified clients objectives
Continuing operational control
Use of marks and/or any other reference to certification
Sections 4 and 5, as well as elements 7.3; 7.4; 7.5; 7.6; 7.8; 8.1; 8.2; 8.3; 8.4.2; 8.5.2
Safe Product Realization processes will be sampled to cover all processes within a three
year period.

The organization is required to respond to all findings within a duration stated on the audit
report following the activity. Typically opportunities for improvement would be addressed as
preventative actions by the organization, while non-conformances would be addressed as

corrective actions in their own PAR/CAR system. The Corrective Action Plan does need to be
sent to NQA for Surveillances when non-compliances have been identified.

Re-assessment Audits
All accredited registrars are required to perform a re-assessment every three years. The
purpose of the re-assessment is to verify the overall continuing effectiveness of the
organizations quality management system in its entirety. Additional audit days will typically be
added to accomplish this activity. Following successful re-assessment a new certificate will be
issued to extend your certification for an additional three years.
A full on-site re-certification audit shall be carried out within 3 years of the date of issue of your
ISO 22000:2005 certificate. Re-certification may require a new Stage 1 audit for significant
changes to management, scope, customer base or other.
Auditors should plan to carry out re-certification audits at least 3 months prior to expiry date of
client certificates to prevent laps of certification. A re-assessment check list will be completed
to ensure all requirements are covered. When possible, audit team members will be changed at
the re-assessment visit.

Transfer of Certification
If a certified organization wishes to transfer their certificate from another certification body to
NQA, they will be required to submit a copy of the organizations existing certificate issued by a
certification body accredited by a signatory to the IAF MLA. To perform an ISO 22000 transfer
from another certification body the auditor must perform a document review of the quality
system and key performance indicator readiness evaluation followed by a full re-certification
Any findings from this review will be documented and handled in a similar manner to the
Registration Assessment. Following the successful completion of the review, the organization
will be awarded an NQA ISO 22000 certificate with a 3 year expiry date.