2 5472403383010722278

INTERNATIONAL ISO
STANDARD 22000
Second edition
2018-06
Food safety management systems —

Requirements for any organization in
the food chain
Systèmes de management de la sécurité des denrées alimentaires —
Exigences pour tout organisme appartenant à la chaîne alimentaire
Reference number
ISO 22000:2018(E)
© ISO 2018
ISO 22000:2018(E)
COPYRIGHT PROTECTED DOCUMENT

© ISO 2018
All rights reserved. Unless otherwise specified, or required in the context o f its implementation, no part o f this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country o f the requester.
ISO copyright o ffice
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2018 – All rights reserved

ISO 22000:2018(E)
Contents Page
Foreword .......................................................................................................................................................................................................................................... v
Introduction ................................................................................................................................................................................................................................ vi
1 Scope ................................................................................................................................................................................................................................. 1
2 Normative references ...................................................................................................................................................................................... 1
3 Terms and definitions ..................................................................................................................................................................................... 1
4 Context of the organization ....................................................................................................................................................................... 9
4.1 Understanding the organization and its context ....................................................................................................... 9
4.2 Understanding the needs and expectations o f interested parties .............................................................. 9
4.3 Determining the scope o f the food safety management system ................................................................... 9
4.4 Food safety management system ......................................................................................................................................... 10
5 Leadership ............................................................................................................................................................................................................... 10
5.1 Leadership and commitment .................................................................................................................................................. 10
5.2 Policy ............................................................................................................................................................................................................ 10
5.2.1 Establishing the food safety policy................................................................................................................ 10
5.2.2 Communicating the food safety policy....................................................................................................... 10
5.3 Organizational roles, responsibilities and authorities ....................................................................................... 11
6 Planning...................................................................................................................................................................................................................... 11
6.1 Actions to address risks and opportunities ................................................................................................................ 11
6.2 Objectives o f the food safety management system and planning to achieve them ................... 12
6.3 Planning o f changes ......................................................................................................................................................................... 12
7 Support ........................................................................................................................................................................................................................ 13
7.1 Resources .................................................................................................................................................................................................. 13
7.1.1 General................................................................................................................................................................................... 13
7.1.2 People ..................................................................................................................................................................................... 13
7.1.3 Infrastructure .................................................................................................................................................................. 13
7.1.4 Work environment ...................................................................................................................................................... 13
7.1.5 Externally developed elements o f the food safety management system...................... 14
7.1.6 Control o f externally provided processes, products or services ......................................... 14
7.2 Competence ............................................................................................................................................................................................ 14
7.3 Awareness ................................................................................................................................................................................................ 14
7.4 Communication ................................................................................................................................................................................... 15
7.4.1 General................................................................................................................................................................................... 15
7.4.2 External communication ........................................................................................................................................ 15
7.4.3 Internal communication ......................................................................................................................................... 15
7.5 Documented information ............................................................................................................................................................ 16
7.5.1 General................................................................................................................................................................................... 16
7.5.2 Creating and updating .............................................................................................................................................. 16
7.5.3 Control o f documented information ............................................................................................................ 17
8 Operation .................................................................................................................................................................................................................. 17
8.1 Operational planning and control ....................................................................................................................................... 17
8.2 Prerequisite programmes (PRPs) ........................................................................................................................................ 17
8.3 Traceability system .......................................................................................................................................................................... 18
8.4 Emergency preparedness and response ........................................................................................................................ 19
8.4.1 General................................................................................................................................................................................... 19
8.4.2 Handling o f emergencies and incidents .................................................................................................... 19
8.5 Hazard control ...................................................................................................................................................................................... 19
8.5.1 Preliminary steps to enable hazard analysis ........................................................................................ 19
8.5.2 Hazard analysis .............................................................................................................................................................. 21
8.5.3 Validation o f control measure(s) and combinations o f control measures .................. 23
8.5.4 Hazard control plan (HACCP/OPRP plan) .............................................................................................. 24
8.6 Updating the information speci fying the PRPs and the hazard control plan ................................. 25
© ISO 2018 – All rights reserved iii

ISO 22000:2018(E)
8.7 Control o f monitoring and measuring ............................................................................................................................. 25

8.8 Verification related to PRPs and the hazard control plan ............................................................................... 26
8.8.1 Verification ......................................................................................................................................................................... 26
8.8.2 Analysis o f results o f verification activities ........................................................................................... 26
8.9 Control o f product and process noncon formities .................................................................................................. 27
8.9.1 General................................................................................................................................................................................... 27
8.9.2 Corrections ......................................................................................................................................................................... 27
8.9.3 Corrective actions ........................................................................................................................................................ 27
8.9.4 Handling o f potentially unsafe products .................................................................................................. 28
8.9.5 Withdrawal/recall ....................................................................................................................................................... 29
9 Performance evaluation ............................................................................................................................................................................ 29
9.1 Monitoring, measurement, analysis and evaluation ............................................................................................ 29
9.1.1 General................................................................................................................................................................................... 29
9.1.2 Analysis and evaluation .......................................................................................................................................... 29
9.2 Internal audit......................................................................................................................................................................................... 30
9.3 Management review ........................................................................................................................................................................ 31
9.3.1 General................................................................................................................................................................................... 31
9.3.2 Management review input ................................................................................................................................... 31
9.3.3 Management review output ................................................................................................................................ 31
10 Improvement ......................................................................................................................................................................................................... 32
10.1 Noncon formity and corrective action .............................................................................................................................. 32
10.2 Continual improvement ............................................................................................................................................................... 32
10.3 Update o f the food safety management system ....................................................................................................... 32
Annex A (in formative) Cross references between the CODEX HACCP and this document ......................... 33
Annex B (in formative) Cross references between this document and ISO 22000:2005 .............................. 34
Bibliography ............................................................................................................................................................................................................................. 37
iv © ISO 2018 – All rights reserved

ISO 22000:2018(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation o f national standards
bodies (ISO member bodies). The work o f preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters o f
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the di fferent approval criteria needed for the
di fferent types o f ISO documents should be noted. This document was dra fted in accordance with the
editorial rules o f the ISO/IEC Directives, Part 2 (see www.iso . org/directives).
Attention is drawn to the possibility that some o f the elements o f this document may be the subject o f
patent rights. ISO shall not be held responsible for identi fying any or all such patent rights. Details o f
any patent rights identified during the development o f the document will be in the Introduction and/or
on the ISO list o f patent declarations received (see www.iso . org/patents).
Any trade name used in this document is in formation given for the convenience o f users and does not
constitute an endorsement.
For an explanation o f the voluntary nature o f standards, the meaning o f ISO specific terms and
expressions related to con formity assessment, as well as in formation about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso
. org/iso/foreword .html.
This document was prepared by Technical Committee ISO/TC 34, Food products, Subcommittee SC 17,
Management systems for food safety .
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing o f these bodies can be found at www.iso . org/members .html.
This second edition cancels and replaces the first edition (ISO 22000:2005), which has been technically
revised through the adoption o f a revised clause sequence. It also incorporates the Technical
Corrigendum ISO 22000:2005/Cor.1:2006.
The following annexes are included to provide the users o f this document with further in formation:
— Annex A: cross re ferences between the CODEX HACCP principles and this document;
— Annex B: cross re ference between this document and ISO 22000:2005.
© ISO 2018 – All rights reserved v

ISO 22000:2018(E)
Introduction
0.1 General
The adoption o f a food sa fety management system (FSMS) is a strategic decision for an organization that
can help to improve its overall per formance in food sa fety. The potential benefits to an organization o f
implementing a FSMS based on this document are:
a) the ability to consistently provide sa fe foods and products and services that meet customer and
applicable statutory and regulatory requirements;
b) addressing risks associated with its objectives;
c) the ability to demonstrate con formity to specified FSMS requirements.
This document employs the process approach (see 0.3), which incorporates the Plan-Do-Check-Act
(PDCA) cycle (see 0.3.2) and risk-based thinking (see 0.3.3).
This process approach enables an organization to plan its processes and their interactions.
The PDCA cycle enables an organization to ensure that its processes are adequately resourced and
managed, and that opportunities for improvement are determined and acted on.
Risk-based thinking enables an organization to determine the factors that could cause its processes
and its FSMS to deviate from the planned results, and to put in place controls to prevent or minimize
adverse e ffects.
In this document, the following verbal forms are used:
— “shall” indicates a requirement;
— “should” indicates a recommendation;
— “may” indicates a permission;
— “can” indicates a possibility or a capability.
“NOTES” provide guidance in understanding or clari fying the requirements in this document.
0.2 FSMS principles
Food sa fety is related to the presence o f food sa fety hazards at the time o f consumption (intake by the
consumer). Food sa fety hazards can occur at any stage o f the food chain. There fore, adequate control
throughout the food chain is essential. Food sa fety is ensured through the combined e fforts o f all the
parties in the food chain. This document specifies the requirements for a FSMS that combines the
following generally recognized key elements:
— interactive communication;
— system management;
— prerequisite programmes;
— hazard analysis and critical control point (HACCP) principles.
In addition, this document is based on the principles that are common to ISO management system
standards. The management principles are:
— customer focus;
— leadership;
— engagement o f people;
vi © ISO 2018 – All rights reserved

ISO 22000:2018(E)
— process approach;
— improvement;
— evidence-based decision making;
— relationship management.
0.3 Process approach
0.3.1 General
This document adopts a process approach when developing and implementing a FSMS and improving
its e ffectiveness to enhance production o f sa fe products and services while meeting applicable
requirements. Understanding and managing interrelated processes as a system contributes to the
organization’s e ffectiveness and e fficiency in achieving its intended results. The process approach
involves the systematic definition and management o f processes, and their interactions, so as to
achieve the intended results in accordance with the food sa fety policy and strategic direction o f the
organization. Management o f the processes and the system as a whole can be achieved using the PDCA
cycle, with an overall focus on risk-based thinking aimed at taking advantage o f opportunities and
preventing undesirable results.
The recognition o f the organization’s role and position within the food chain is essential to ensure
e ffective interactive communication throughout the food chain.
0.3.2 Plan-Do-Check-Act cycle
The PDCA cycle can be described briefly as follows:
Plan: establish the objectives o f the system and its processes, provide the resources needed to
deliver the results, and identi fy and address risks and opportunities;
Do: implement what was planned;
Check: monitor and (where relevant) measure processes and the resulting products and services,
analyse and evaluate in formation and data from monitoring, measuring and verification
activities, and report the results;
Act: take actions to improve per formance, as necessary.
In this document, and as illustrated in Figure 1 , the process approach uses the concept o f the PDCA
cycle at two levels. The first covers the overall frame o f the FSMS (Clause 4 to Clause 7 and Clause 9 to
Clause 10). The other level (operational planning and control) covers the operational processes within
the food sa fety system as described in Clause 8. Communication between the two levels is there fore
essential.
© ISO 2018 – All rights reserved vii

ISO 22000:2018(E)
Figure 1 — Illustration of the Plan-Do-Check-Act cycle at the two levels
0.3.3 Risk-based thinking

0.3.3.1 General
Risk-based thinking is essential for achieving an e ffective FSMS. In this document, risk-based thinking
is addressed on two levels, organizational (see 0.3.3.2) and operational (see 0.3.3.3), which is consistent
with the process approach described in 0.3.2.
0.3.3.2 Organizational risk management
Risk is the e ffect o f uncertainty, and any such uncertainty can have positive or negative e ffects. In the
context o f organizational risk management, a positive deviation arising from a risk can provide an
opportunity, but not all positive e ffects o f risk result in opportunities.
To con form to the requirements o f this document, an organization plans and implements actions
to address organizational risks (Clause 6). Addressing risks establishes a basis for increasing the
e ffectiveness o f the FSMS, achieving improved results and preventing negative e ffects.
0.3.3.3 Hazard analysis — Operational processes
The concept o f risk-based thinking based on the HACCP principles at the operational level is implicit in
this document.
viii © ISO 2018 – All rights reserved

ISO 22000:2018(E)
The subsequent steps in HACCP can be considered as the necessary measures to prevent hazards or
reduce hazards to acceptable levels to ensure food is sa fe at the time o f consumption (Clause 8 ).
Decisions taken in the application o f HACCP should be based on science, free from bias and documented.
The documentation should include any key assumptions in the decision-making process.
0.4 Relationship with other management system standards
This document has been developed within the ISO high level structure (HLS). The objective o f the
HLS is to improve alignment between ISO management system standards. This document enables an
organization to use the process approach, coupled with the PDCA cycle and risk-based thinking, to align
or integrate its FSMS approach with the requirements o f other management systems and supporting
standards.
This document is the core principle and framework for FSMSs and sets out the specific FSMS
requirements for organizations throughout the food chain. Other guidance related to food sa fety,
specifications and/or requirements specific to food sectors can be used together with this framework.
In addition, ISO has developed a family o f associated documents. These include documents for:
— prerequisite programmes (ISO/TS 22002 series) for specific sectors o f the food chain;
— requirements for auditing and certification bodies;
— traceability.
ISO also provides guidance documents for organizations on how to implement this document and
related standards. In formation is available on the ISO website.
© ISO 2018 – All rights reserved ix

INTERNATIONAL STANDARD ISO 22000:2018(E)
Food safety management systems — Requirements for any

organization in the food chain
1 Scope
This document specifies requirements for a food sa fety management system (FSMS) to enable an
organization that is directly or indirectly involved in the food chain:
a) to plan, implement, operate, maintain and update a FSMS providing products and services that are
sa fe, in accordance with their intended use;
b) to demonstrate compliance with applicable statutory and regulatory food sa fety requirements;
c) to evaluate and assess mutually agreed customer food sa fety requirements and to demonstrate
con formity with them;
d) to e ffectively communicate food sa fety issues to interested parties within the food chain;
e) to ensure that the organization con forms to its stated food sa fety policy;
f ) to demonstrate con formity to relevant interested parties;
g) to seek certification or registration o f its FSMS by an external organization, or make a sel f-
assessment or sel f-declaration o f con formity to this document.
All requirements o f this document are generic and are intended to be applicable to all organizations
in the food chain, regardless o f size and complexity. Organizations that are directly or indirectly
involved include, but are not limited to, feed producers, animal food producers, harvesters o f wild
plants and animals, farmers, producers o f ingredients, food manu facturers, retailers, and organizations
providing food services, catering services, cleaning and sanitation services, transportation, storage
and distribution services, suppliers o f equipment, cleaning and disin fectants, packaging materials and
other food contact materials.
This document allows any organization, including small and/or less developed organizations (e.g. a
small farm, a small packer-distributor, a small retail or food service outlet) to implement externally-
developed elements in their FSMS.
Internal and/or external resources can be used to meet the requirements o f this document.
2 Normative references
There are no normative re ferences in this document.
3 Terms and definitions

For the purposes o f this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https: //www.iso . org/obp
— IEC Electropedia: available at http: //www.electropedia .org/
© ISO 2018 – All rights reserved 1

ISO 22000:2018(E)
3.1
acceptable level
level o f afood safety hazard (3.22) not to be exceeded in the end product (3.15) provided by the
(
organization 3.31 )
3.2
action criterion
measurable or observable specification for the monitoring (3.27) o f an OPRP (3.30 )
Note 1 to entry: An action criterion is established to determine whether an OPRP remains in control, and
distinguishes between what is acceptable (criterion met or achieved means the OPRP is operating as intended)
and unacceptable (criterion not met nor achieved means the OPRP is not operating as intended).
3.3
audit
systematic, independent and documented process (3.36) for obtaining audit evidence and evaluating it
objectively to determine the extent to which the audit criteria are fulfilled
Note 1 to entry: An audit can be an internal audit (first party) or an external audit (second party or third party),
and it can be a combined audit (combining two or more disciplines).
Note 2 to entry: An internal audit is conducted by the organization itsel f, or by an external party on its behal f.
Note 3 to entry: “Audit evidence” and “audit criteria” are defined in ISO 19011.
Note 4 to entry: Relevant disciplines are, for example, food sa fety management, quality management or
environmental management.
3.4
competence
ability to apply knowledge and skills to achieve intended results
3.5
conformity
ulfilment o f a requirement (3.38 )
f
3.6
contamination
introduction or occurrence o f a contaminant including a food safety hazard (3.22) in a product (3.37 ) or
processing environment
3.7
continual improvement
recurring activity to enhance performance (3.33 )
3.8
control measure
action or activity that is essential to prevent a significant food safety hazard (3.22) or reduce it to an
acceptable level (3.1)
Note 1 to entry: See also significant food sa fety hazard (3.40 ).

Note 2 to entry: Control measure(s) is (are) identified by hazard analysis.
3.9
correction
action to eliminate a detected nonconformity (3.28 )
Note 1 to entry: A correction includes the handling o f potentially unsa fe products and can there fore be made in
conjunction with a corrective action (3.10 ).
Note 2 to entry: A correction may be, for example, reprocessing, further processing and/or elimination o f the
adverse consequences o f the noncon formity (such as disposal for other use or specific labelling).
2 © ISO 2018 – All rights reserved

ISO 22000:2018(E)
3.10
corrective action
action to eliminate the cause o f a nonconformity (3.28) and to prevent recurrence
Note 1 to entry: There can be more than one cause for a noncon formity.
Note 2 to entry: Corrective action includes cause analysis.
3.11
critical control point
CCP
step in the process (3.36) at which control measure(s) (3.8) is (are) applied to prevent or reduce a
(3.40) to an acceptable level, and defined critical limit(s) (3.12) and
significant food sa fety hazard
measurement (3.26) enable the application o f corrections (3.9 )
3.12
critical limit
measurable value which separates acceptability from unacceptability
Note 1 to entry: Critical limits are established to determine whether a CCP (3.11) remains in control. I f a critical
limit is exceeded or not met, the products a ffected are to be handled as potentially unsa fe products.
[SOURCE: CAC/RCP 1-1969, modified — The definition has been modified and Note 1 to entry has
been added.]
3.13
documented information
in formation required to be controlled and maintained by an organization (3.31) and the medium on
which it is contained
Note 1 to entry: Documented in formation can be in any format and media, and from any source.
Note 2 to entry: Documented in formation can re fer to:
— the management system (3.25), including related processes (3.36);
— in formation created in order for the organization to operate (documentation);
— evidence o f results achieved (records).
3.14
effectiveness
extent to which planned activities are realized and planned results achieved
3.15
end product
product (3.37) that will undergo no further processing or trans formation by the organization (3.31)
Note 1 to entry: A product that undergoes further processing or trans formation by another organization is an
end product in the context o f the first organization and a raw material or an ingredient in the context o f the
second organization.
3.16
feed
single or multiple product(s), whether processed, semi-processed or raw, which is (are) intended to be
fed to food-producing animals
Note 1 to entry: Distinctions are made in this document between the terms food (3.18), feed (3.16) and animal
food ( 3.19 ):
— f ood is intended for consumption by humans and animals, and includes feed and animal food ;
— f eed is intended to be fed to food-producing animals;

ISO 22000:2018(E)
— animal food is intended to be fed to non- food-producing animals, such as pets.

[SOURCE: CAC/GL 81-2013, modified — The word “materials” has been changed to “products” and
“directly” has been deleted.]
3.17
schematic and systematic presentation o f the sequence and interactions o f steps in the process
f l o w d i a g r a m
3.18
food
substance (ingredient), whether processed, semi-processed or raw, which is intended for consumption,
and includes drink, chewing gum and any substance which has been used in the manu facture,
preparation or treatment o f “ food” but does not include cosmetics or tobacco or substances (ingredients)
used only as drugs
food (3.19 ):
[SOURCE: CAC/GL 81-2013, modified — The word “human” has been deleted.]
3.19
animal food
single or multiple product(s), whether processed, semi-processed or raw, which is (are) intended to be
fed to non- food-producing animals
food (3.19 ):
[SOURCE: CAC/GL 81-2013, modified — The word “materials” has been changed to “products”, “non”
has been added and “directly” has been deleted.]
3.20
food chain
sequence o f the stages in the production, processing, distribution, storage and handling o f a food (3.18 )
and its ingredients, from primary production to consumption
Note 1 to entry: This includes the production o f feed (3.16) and animal food (3.19 ).
Note 2 to entry: The food chain also includes the production o f materials intended to come into contact with food
or raw materials.
Note 3 to entry: The food chain also includes service providers.
3.21
food safety
assurance that food will not cause an adverse health e ffect for the consumer when it is prepared and/or
consumed in accordance with its intended use
Note 1 to entry: Food sa fety is related to the occurrence o f food safety hazards (3.22 ) in end products (3.15) and
does not include other health aspects related to, for example, malnutrition.

ISO 22000:2018(E)
Note 2 to entry: It is not to be con fused with the availability o f, and access to, food (“ food security”).
Note 3 to entry: This includes feed and animal food.
[SOURCE: CAC/RCP 1-1969, modified — The word “harm” has been changed to “adverse health e ffect”
and notes to entry have been added.]
3.22
food safety hazard
biological, chemical or physical agent in food (3.18) with the potential to cause an adverse health e ffect
Note 1 to entry: The term “hazard” is not to be con fused with the term “risk ” (3.39) which, in the context o f food
sa fety, means a function o f the probability o f an adverse health e ffect (e.g. becoming diseased) and the severity o f
that e ffect (e.g. death, hospitalization) when exposed to a specified hazard.
Note 2 to entry: Food sa fety hazards include allergens and radiological substances.
Note 3 to entry: In the context o f feed and feed ingredients, relevant food sa fety hazards are those that can be
present in and/or on feed and feed ingredients and that can through animal consumption o f feed be trans ferred
to food and can thus have the potential to cause an adverse health e ffect for the animal or the human consumer. In
the context o f operations other than those directly handling feed and food (e.g. producers o f packaging materials,
disin fectants), relevant food sa fety hazards are those hazards that can be directly or indirectly trans ferred to
food when used as intended (see 8.5.1.4).
Note 4 to entry: In the context o f animal food, relevant food sa fety hazards are those that are hazardous to the
animal species for which the food is intended.
[SOURCE: CAC/RCP 1-1969, modified — The phrase “or condition o f” has been deleted from the
definition and notes to entry have been added.]
3.23
interested party (preferred term)
stakeholder (admitted term)
person or organization (3.31) that can a ffect, be a ffected by, or perceive itsel f to be a ffected by a decision
or activity
3.24
lot
defined quantity o f a product (3.37) produced and/or processed and/or packaged essentially under the
same conditions
Note 1 to entry: The lot is determined by parameters established be forehand by the organization and may be
described by other terms, e.g. batch.
Note 2 to entry: The lot may be reduced to a single unit o f product.
[SOURCE: CODEX STAN 1, modified — Re ference to “and/or processed and/or packaged” has been
included in the definition and notes to entry have been added.]
3.25
management system
set o f interrelated or interacting elements o f an organization (3.31) to establish policies (3.34) and
objectives (3.29) and processes (3.36) to achieve those objectives
Note 1 to entry: A management system can address a single discipline or several disciplines.
Note 2 to entry: The system elements include the organization's structure, roles and responsibilities, planning
and operation.
Note 3 to entry: The scope o f a management system may include the whole o f the organization, specific and
identified functions o f the organization, specific and identified sections o f the organization, or one or more
functions across a group o f organizations.

ISO 22000:2018(E)
Note 4 to entry: Relevant disciplines are, for example, a quality management system or an environmental
management system.
3.26
measurement
process (3.36) to determine a value
3.27
monitoring
determining the status o f a system, a process (3.36) or an activity
Note 1 to entry: To determine the status, there may be a need to check, supervise or critically observe.
Note 2 to entry: In the context o f food sa fety, monitoring is conducting a planned sequence o f observations or
measurements to assess whether a process is operating as intended.
Note 3 to entry: Distinctions are made in this document between the terms validation (3.44), monitoring (3.27 )
and verification (3.45 ):
— validation is applied prior to an activity and provides in formation about the capability to deliver intended
results;
— monitoring is applied during an activity and provides in formation for action within a specified time frame;
— verification is applied a fter an activity and provides in formation for confirmation o f con formity.
3.28
nonconformity
non- fulfilment o f a requirement (3.38 )
3.29
objective
result to be achieved
Note 1 to entry: An objective can be strategic, tactical, or operational.
Note 2 to entry: Objectives can relate to di fferent disciplines (such as financial, health and sa fety, and
environmental goals) and can apply at di fferent levels (such as strategic, organization-wide, project, product and
process (3.36 )).
Note 3 to entry: An objective can be expressed in other ways, e.g. as an intended outcome, a purpose, an
operational criterion, as a FSMS objective, or by the use o f other words with similar meaning (e.g. aim, goal, or
target).
Note 4 to entry: In the context o f FSMS, objectives are set by the organization, consistent with the food sa fety
policy, to achieve specific results.
3.30
operational prerequisite programme
OPRP
(
control measure 3.8) or combination o f control measures applied to prevent or reduce a significant food
( ( (
safety hazard 3.40) to an acceptable level 3.1), and where action criterion 3.2) and measurement 3.26 ( )
(
or observation enable e ffective control o f the process 3.36) and/or product 3.37 ( )
3.31
organization
person or group o f people that has its own functions with responsibilities, authorities and relationships
to achieve its objectives (3.29)
Note 1 to entry: The concept o f organization includes, but is not limited to sole-trader, company, corporation, firm,
enterprise, authority, partnership, charity or institution, or part or combination thereo f, whether incorporated
or not, public or private.

ISO 22000:2018(E)
3.32
outsource , verb
make an arrangement where an external organization (3.31) per forms part o f an organization’s function
or process (3.36)
Note 1 to entry: An external organization is outside the scope o f the management system (3.25), although the
outsourced function or process is within the scope.
3.33
performance
measurable result
Note 1 to entry: Per formance can relate either to quantitative or qualitative findings.
Note 2 to entry: Per formance can relate to the management o f activities, processes (3.36), products (3.37 )
(including services), systems or organizations (3.31).
3.34
policy
intentions and direction o f an organization (3.31) as formally expressed by its top management (3.41)
3.35
prerequisite programme
PRP
basic conditions and activities that are necessary within the organization (3.31) and throughout the
food chain (3.20) to maintain food sa fety
Note 1 to entry: The PRPs needed depend on the segment o f the food chain in which the organization operates
and the type o f organization. Examples o f equivalent terms are: good agricultural practice (GAP), good veterinary
practice (GVP), good manu facturing practice (GMP), good hygiene practice (GHP), good production practice
(GPP), good distribution practice (GDP) and good trading practice (GTP).
3.36
process
set o f interrelated or interacting activities which trans forms inputs to outputs
3.37
product
output that is a result o f a process (3.36 )
Note 1 to entry: A product can be a service.
3.38
requirement
need or expectation that is stated, generally implied or obligatory
Note 1 to entry: “Generally implied” means that it is custom or common practice for the organization and
interested parties that the need or expectation under consideration is implied.
Note 2 to entry: A specified requirement is one that is stated, for example in documented in formation.
3.39
risk
e ffect o f uncertainty
Note 1 to entry: An e ffect is a deviation from the expected – positive or negative.
Note 2 to entry: Uncertainty is the state, even partial, o f deficiency o f in formation related to, understanding or
knowledge o f, an event, its consequence, or likelihood.
Note 3 to entry: Risk is o ften characterized by re ference to potential “events” (as defined in ISO Guide 73:2009,
3.5.1.3) and “consequences” (as defined in ISO Guide 73:2009, 3.6.1.3), or a combination o f these.

ISO 22000:2018(E)
Note 4 to entry: Risk is o ften expressed in terms o f a combination o f the consequences o f an event (including
changes in circumstances) and the associated “likelihood” (as defined in ISO Guide 73:2009, 3.6.1.1) o f occurrence.
Note 5 to entry: Food sa fety risk is a function o f the probability o f an adverse health e ffect and the severity o f that
e ffect, consequential to (a) hazard(s) in food (3.18), as specified in the Codex Procedural Manual[11] .
3.40
f f
food safety hazard 3.22), ( identified through the hazard assessment, which needs to be controlled by
s i g n i fi c a n t o o d s a e t y h a z a r d
control measures 3.8 ( )

3.41
top management
person or group o f people who directs and controls an organization (3.31) at the highest level
Note 1 to entry: Top management has the power to delegate authority and provide resources within the
organization.
Note 2 to entry: I f the scope o f the management system (3.25) covers only part o f an organization, then top
management re fers to those who direct and control that part o f the organization.
3.42
traceability
ability to follow the history, application, movement and location o f an object through specified stage(s)
o f production, processing and distribution
Note 1 to entry: Movement can relate to the origin o f the materials, processing history or distribution o f the
food ( 3.18 ).
Note 2 to entry: An object can be a product (3.37), a material, a unit, equipment, a service, etc.
[SOURCE: CAC/GL 60-2006, modified — Notes to entry have been added.]
3.43
update
immediate and/or planned activity to ensure application o f the most recent in formation
Note 1 to entry: Update is di fferent from the terms “maintain” and “retain”:
— “maintain” is to keep something on-going/to keep in good condition;
— “retain” is to keep something that is retrievable.
3.44
validation
< food sa fety> obtaining evidence that a control measure (3.8) (or combination o f control measures) will
be capable o f e ffectively controlling the significant food safety hazard (3.40)
Note 1 to entry: Validation is per formed at the time a control measure combination is designed, or whenever
changes are made to the implemented control measures.
Note 2 to entry: Distinctions are made in this document between the terms validation (3.44), monitoring (3.27 )
and verification (3.45 ):
— validation is applied prior to an activity and provides in formation about the capability to deliver intended
results;
— monitoring is applied during an activity and provides in formation for action within a specified time frame;
— verification is applied a fter an activity and provides in formation for confirmation o f con formity.

ISO 22000:2018(E)
3.45
verification
con fi rmation, th rough the provi s ion o f obj e c tive evidence, th at s p e ci fie d requirements ( 3 . 3 8 ) have b e en
fu l fi l le d
N o te 1 to entr y: D i s ti nc tion s a re m ade i n th i s do c u ment b e twe en the ter m s validation ( 3 . 4 4) , monitoring ( 3 .27 )
a nd verification ( 3 . 45 ):
— va l id atio n i s app l ie d p r ior to a n ac tivity a nd p rovide s i n for m atio n ab out the c ap abi l ity to del iver i ntende d
re s u l ts;
— mon itor i ng i s ap p l ie d du r i ng a n ac ti vity a nd provide s i n fo r m ation for ac tion with i n a s p e c i fie d ti me fra me;
— ver i fic ation i s ap p l ie d a fter a n ac tivity a nd provide s i n for m ation fo r con fi r m ation o f con for m ity.
4 Context of the organization
4.1 Understanding the organization and its context

T he organ i z ation sh a l l de term i ne e xterna l a nd i nterna l i s s ue s that a re relevant to its pu rp o s e a nd that
a ffe c t its abi l ity to ach ieve the i ntende d re s u lt(s) o f its F S M S .
T he o r ga n i z atio n shall ide nti fy, re v i e w a nd up d ate i n fo r m ati o n r e l ate d to the s e e x te r n a l a nd
i nte r n a l i s s ue s .
NO TE 1 I s s ue s c a n i nclude p o s itive a nd ne gative fac to rs o r cond itio n s fo r con s ideratio n .
NO TE 2 Unders ta nd i ng the conte x t c a n b e fac i l itate d b y co n s ider i ng e x ter n a l a nd i nter n a l i s s ue s , i nclud i n g ,
b ut no t l i m ite d to , le ga l , te ch nolo gic a l , comp e titive , m a rke t, c u ltu ra l , social a nd e cono m ic envi ro n ments ,
c yb ers e c u r ity a nd fo o d fraud , fo o d de fence a nd i ntention a l co nta m i n atio n , knowle dge a nd p er fo rm a nce o f the
orga n i z ation , whe ther i nter n ation a l , n atio n a l , re gion a l o r lo c a l .
4.2 Understanding the needs and expectations of interested parties

To en s u re that the organ i z ation ha s the abi l ity to con s i s tently provide pro duc ts and s er vice s that me e t
app l ic able s tatutor y, regu lator y a nd c u s tomer re qui rements with re gard to fo o d s a fe ty, the organ i z ation
sh a l l de term i ne:
a) the i ntere s te d p a r tie s that are relevant to the F S M S;
b) the releva nt re qu i rements o f the i ntere s te d p ar tie s o f the F S M S .
T he organ i z ation sha l l identi fy, review a nd up date i n formation relate d to the i ntere s te d p ar tie s a nd
thei r re qu i rements .
4.3 Determining the scope of the food safety management system

T he orga n i z ation sh a l l de term i ne the b ou nda rie s and appl ic abi l ity o f the FS M S to e s tabl i s h its s cop e .
T he s cop e sh a l l s p e c i fy the pro duc ts a nd s er vice s , pro ce s s e s a nd pro duc tion s ite(s) that are i nclude d
i n the F S M S . T he s cop e sh a l l i nclude the ac tivitie s , pro ce s s e s , pro duc ts or s er vice s th at c a n h ave an
i n fluence on the fo o d s a fe ty o f its end pro duc ts .
When de term i n i ng th i s s cop e, the organ i z ation sh a l l con s ider:
a) the e xterna l and i nterna l i s s ue s re ferre d to i n 4.1 ;
b) the re qui rements re ferre d to i n 4. 2 .

T he s cop e s ha l l b e avai lable and mai ntai ne d a s do c umente d i n formation .

ISO 22000:2018(E)
4.4 Food safety management system

T he orga n i z ation s ha l l e s tabl i s h, i mplement, ma i ntai n, up date a nd conti nua l ly i mprove a FS M S ,
i nclud i ng the pro ce s s e s ne e de d and thei r i nterac tion s , i n accordance with the re qu i rements o f th i s
document.
5 Leadership
5.1 Leadership and commitment

Top management s ha l l demon s trate le aders h ip a nd com m itment with re s p e c t to the F S M S b y:
a) en s u ri ng that the fo o d s a fe ty p ol ic y a nd the obj e c tive s o f the FSMS are e s tabl i she d and a re
comp atible with the s trategic d i re c tion o f the orga n i z ation;
b) en s u ri ng the i nte gration o f the FS M S re qu i rements i nto the organ i z ation’s bu s i ne s s pro ce s s e s;
c) en s u ri ng that the re s ou rce s ne e de d for the FS M S are ava i lable;
d) com mu n ic ati ng the i mp or tance o f e ffe c tive fo o d s a fe ty management and con form i ng to the F S M S
re qui rements , appl ic able s tatutor y and re gu lator y re qu i rements , and mutua l ly agre e d c u s tomer
re qui rements relate d to fo o d s a fe ty;
e) en s u ri ng that the FS M S i s eva luate d a nd mai ntai ne d to ach ieve its i ntende d re s u lt(s) (s e e 4.1) ;
f) d i re c ti ng a nd s upp or ti ng p ers on s to contribute to the e ffe c tivene s s o f the FS M S;
g) promo ti ng conti nua l i mprovement;
h) s upp or ti ng o ther relevant ma nagement role s to demon s trate thei r le aders h ip a s it appl ie s to thei r
are as o f re s p on s ibi l ity.
NO TE Re ference to “ b u s i ne s s ” i n th i s do c u ment c a n b e i nter pre te d bro ad l y to me a n tho s e ac tivitie s th at a re
core to the pu r p o s e s o f the o rga n i z atio n’s e xi s tence .
5.2 Policy
5.2.1 Establishing the food safety policy

Top management s ha l l e s tabl i sh, i mplement and mai nta i n a fo o d s a fe ty p ol ic y that:
a) i s appropri ate to the pu rp o s e a nd contex t o f the organ i z ation;
b) provide s a framework for s e tti ng and reviewi ng the obj e c tive s o f the F S M S;
c) i nclude s a com m itment to s ati s fy appl ic able fo o d s a fe ty re qu i rements , i nclud i ng s tatutor y and
regu lator y re qu i rements and mutua l ly agre e d c u s tomer re qu i rements relate d to fo o d s a fe ty;
d) add re s s e s i nterna l a nd ex terna l com mun ication;
e) i nclude s a com m itment to conti nua l i mprovement o f the F S M S;
f) add re s s e s the ne e d to en s ure comp e tencie s relate d to fo o d s a fe ty.
5.2.2 Communicating the food safety policy

T he fo o d s a fe ty p ol ic y s ha l l:
a) b e ava i l able and mai nta i ne d a s do c u mente d i n formation;
b) b e com mu n ic ate d, u nders to o d and appl ie d at a l l level s with i n the organ i z ation;

ISO 22000:2018(E)
c) be available to relevant interested parties, as appropriate.
5.3 Organizational roles, responsibilities and authorities
5.3.1 Top management shall ensure that the responsibilities and authorities for relevant roles are
assigned, communicated and understood within the organization.
Top management shall assign the responsibility and authority for:
a) ensuring that the FSMS con forms to the requirements o f this document;
b) reporting on the per formance o f the FSMS to top management;
c) appointing the food sa fety team and the food sa fety team leader;
d) designating persons with defined responsibility and authority to initiate and document action(s).
5.3.2 The food safety team leader shall be responsible for:

a) ensuring the FSMS is established, implemented, maintained and updated;
b) managing and organizing the work o f the food sa fety team;
c) ensuring relevant training and competencies for the food sa fety team (see 7.2);
d) reporting to top management on the e ffectiveness and suitability o f the FSMS.
5.3.3 All persons shall have the responsibility to report problem(s) with regards to the FSMS to
identified person(s).
6 Planning
6.1 Actions to address risks and opportunities
6.1.1 When planning for the FSMS, the organization shall consider the issues re ferred to in 4.1 and
the requirements re ferred to in 4.2 and 4.3 and determine the risks and opportunities that need to be
addressed to:
a) give assurance that the FSMS can achieve its intended result(s);
b) enhance desirable e ffects;
c) prevent, or reduce, undesired e ffects;
d) achieve continual improvement.
NOTE In the context o f this document, the concept o f risks and opportunities is limited to events and their
consequences relating to the per formance and e ffectiveness o f the FSMS. Public authorities are responsible for
addressing public health risks. Organizations are required to manage food sa fety hazards (see 3.22) and the
requirements related to this process that are laid down in Clause 8 .
6.1.2 The organization shall plan:

a) actions to address these risks and opportunities;
b) how to:
1) integrate and implement the actions into its FSMS processes;
2) evaluate the e ffectiveness o f these actions.
ISO 22000:2018(E)
6.1.3 The actions taken by the organization to address risks and opportunities shall be proportionate to:
a) the impact on food sa fety requirements;
b) the con formity o f food products and services to customers;
c) requirements o f interested parties in the food chain.
NOTE 1 Actions to address risks and opportunities can include: avoiding risk, taking risk in order to pursue an
opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or accepting
the presence o f risk by in formed decision.
NOTE 2 Opportunities can lead to the adoption o f new practices (modification o f products or processes), using
new technology and other desirable and viable possibilities to address the food sa fety needs o f the organization
or its customers.
6.2 Objectives of the food safety management system and planning to achieve them
6.2.1 The organization shall establish objectives for the FSMS at relevant functions and levels.
The objectives o f the FSMS shall:
a) be consistent with the food sa fety policy;
b) be measurable (i f practicable);
c) take into account applicable food sa fety requirements, including statutory, regulatory and customer
requirements;
d) be monitored and verified;
e) be communicated;
f ) be maintained and updated as appropriate.
The organization shall retain documented in formation on the objectives for the FSMS.
6.2.2 When planning how to achieve its objectives for the FSMS, the organization shall determine:
a) what will be done;
b) what resources will be required;
c) who will be responsible;
d) when it will be completed;
e) how the results will be evaluated.
6.3 Planning of changes

When the organization determines the need for changes to the FSMS, including personnel changes, the
changes shall be carried out and communicated in a planned manner.
The organization shall consider:
a) the purpose o f the changes and their potential consequences;
b) the continued integrity o f the FSMS;
c) the availability o f resources to e ffectively implement the changes;
d) the allocation or re-allocation o f responsibilities and authorities.

ISO 22000:2018(E)
7 Support
7.1 Resources
7.1.1 General
The organization shall determine and provide the resources needed for the establishment,
implementation, maintenance, update and continual improvement o f the FSMS.
The organization shall consider:
a) the capability o f, and any constraints on, existing internal resources;
b) the need for external resources.
7.1.2 People
The organization shall ensure that persons necessary to operate and maintain an e ffective FSMS are
competent (see 7.2 ).
Where the assistance o f external experts is used for the development, implementation, operation or
assessment o f the FSMS, evidence o f agreement or contracts defining the competency, responsibility
and authority o f external experts shall be retained as documented in formation.
7.1.3 Infrastructure
The organization shall provide the resources for the determination, establishment and maintenance o f
the in frastructure necessary to achieve con formity with the requirements o f the FSMS.
NOTE In frastructure can include:
— land, vessels, buildings and associated utilities;
— equipment, including hardware and so ftware;
— transportation;
— in formation and communication technology.
7.1.4 Work environment

The organization shall determine, provide and maintain the resources for the establishment,
management and maintenance o f the work environment necessary to achieve con formity with the
requirements o f the FSMS.
NOTE A suitable environment can be a combination o f human and physical factors such as:
a) social (e.g. non-discriminatory, calm, non-con frontational);
b) psychological (e.g. stress-reducing, burnout prevention, emotionally protective);
c) physical (e.g. temperature, heat, humidity, light, air flow, hygiene, noise).
These factors can di ffer substantially depending on the products and services provided.

ISO 22000:2018(E)
7.1.5 Externally developed elements of the food safety management system

When an organization establishes, maintains, updates and continually improves its FSMS by using
externally developed elements o f a FSMS, including PRPs, the hazard analysis and the hazard control
plan (see 8.5.4), the organization shall ensure that the provided elements are:
a) developed in con formance with requirements o f this document;
b) applicable to the sites, processes and products o f the organization;
c) specifically adapted to the processes and products o f the organization by the food sa fety team;
d) implemented, maintained and updated as required by this document;
e) retained as documented in formation.
7.1.6 Control of externally provided processes, products or services

The organization shall:
a) establish and apply criteria for the evaluation, selection, monitoring o f per formance and re-
evaluation o f external providers o f processes, products and/or services;
b) ensure adequate communication o f requirements to the external provider(s);
c) ensure that externally provided processes, products or services do not adversely a ffect the
organization's ability to consistently meet the requirements o f the FSMS;
d) retain documented in formation o f these activities and any necessary actions as a result o f the
evaluations and re-evaluations.
7.2 Competence
The organization shall:
a) determine the necessary competence o f person(s), including external providers, doing work under
its control that a ffects its food sa fety per formance and e ffectiveness o f the FSMS;
b) ensure that these persons, including the food sa fety team and those responsible for the operation
o f the hazard control plan, are competent on the basis o f appropriate education, training and/or
experience;
c) ensure that the food sa fety team has a combination o f multi-disciplinary knowledge and experience
in developing and implementing the FSMS (including, but not limited to, the organization’s products,
processes, equipment and food sa fety hazards within the scope o f the FSMS);
d) where applicable, take actions to acquire the necessary competence, and evaluate the e ffectiveness
o f the actions taken;
e) retain appropriate documented in formation as evidence o f competence.
NOTE Applicable actions can include, for example, the provision o f training to, the mentoring o f, or the re-
assignment o f currently employed persons; or the hiring or contracting o f competent persons.
7.3 Awareness
The organization shall ensure that all relevant persons doing work under the organization’s control
shall be aware o f:
a) the food sa fety policy;
b) the objectives o f the FSMS relevant to their task(s);

ISO 22000:2018(E)
c) thei r i nd ividua l contribution to the e ffe c tivene s s o f the FS M S , i nclud i ng the b enefits o f i mprove d
fo o d s a fe ty p er formance;
d) the i mpl ic ation s o f no t con form i ng with the FS M S re qu i rements .
7.4 Communication
7.4.1 General
T he organ i z ation s ha l l de term i ne the i nterna l and ex terna l com mun ic ation s relevant to the FS M S ,
including:
a) on wh at it wi l l com mu n ic ate;
b) when to com mu n ic ate;
c) with whom to com mu n ic ate;
d) how to com mu n ic ate;
e) who com mu n ic ate s .
T he orga ni z ation s ha l l en s u re that the re qu i rement for e ffe c tive com mu n ic ation i s u nders to o d b y a l l
p ers on s who s e ac tivitie s h ave an i mp ac t on fo o d s a fe ty.
7.4.2 External communication

T he orga ni z ation s ha l l en s u re th at s u ffic ient i n formation i s com mu n ic ate d ex terna l ly a nd i s avai lable
for i ntere s te d p ar tie s o f the fo o d chai n .
T he organ i z ation sh a l l e s tabl i s h, i mplement a nd mai ntai n e ffe c tive com mu n ic ation s with:
a) e xterna l providers and contrac tors;
b) c u s tomers and/or con s umers , i n rel ation to:
1) pro duc t i n formation relate d to fo o d s a fe ty, to enable the h and l i ng , d i s play, s torage, prep aration,
d i s tribution and u s e o f the pro duc t with i n the fo o d ch ai n or b y the con s u mer;
2) identi fie d fo o d s s a fe ty ha z ard s th at ne e d to b e control le d b y o ther organ i z ation s i n the fo o d

ch ai n a nd/or b y con s u mers;
3) contrac tua l a rrangements , enqu i rie s and orders , i nclud i ng thei r amend ments;
4) c u s tomer a nd/or con s u mer fe e db ack, i nclud i ng compl ai nts;
c) s tatutor y a nd re gu lator y authoritie s;
d) o ther organ i z ation s that have an i mp ac t on, or wi l l b e a ffe c te d by, the e ffe c tivene s s or up dati ng o f
the F S M S .
D e s ignate d p ers on s s ha l l h ave defi ne d re s p on s ibi l ity and authority for the e xterna l com mu n ic ation
o f any i n formation concern i ng fo o d s a fe ty. Where releva nt, i n formation ob ta i ne d th rough ex terna l
com mu n ic ation sha l l b e i nclude d as i nput for ma nagement review (s e e 9. 3 ) a nd for up dati ng the FS M S
(see 4.4 a nd 10 . 3 ).
E vidence o f e xterna l com mu n ic ation sh a l l b e re ta i ne d a s do c u mente d i n formation .
7.4.3 Internal communication

T he organ i z ation s ha l l e s tabl i sh, i mplement and ma i ntai n a n e ffe c tive s ys tem for com mu n ic ati ng i s s ue s
havi ng a n i mp ac t on fo o d s a fe ty.

ISO 22000:2018(E)
To mai ntai n the e ffe c tivene s s o f the FS M S , the orga n i z ation s ha l l en s u re that the fo o d s a fe ty te a m i s
i n forme d i n a ti mely man ner o f change s i n the fol lowi ng:
a) pro duc ts or new pro duc ts;
b) raw materi a l s , i ngre d ients a nd s er vice s;
c) pro duc tion s ys tem s a nd e qu ipment;
d) pro duc tion prem i s e s , lo cation o f e qu ipment a nd s u rround i ng envi ron ment;
e) cle a ni ng a nd s a n itation pro gram me s;
f) p ackagi ng , s torage and d i s tribution s ys tem s;
g) comp e tenc ie s and/or a l lo c ation o f re s p on s ibi l itie s and authori z ation s;
h) appl ic able s tatutor y and regu lator y re qu i rements;
i) knowle dge re gard i ng fo o d s a fe ty h a z a rd s and control me as u re s;
j) c u s tomer, s e c tor a nd o ther re qu i rements that the organ i z ation ob s er ve s;
k) releva nt enqu i rie s and com mu n ic ation s from e xterna l i ntere s te d p ar tie s;
l) comp lai nts and a ler ts i nd ic ati ng fo o d s a fe ty ha z a rd s as s o c i ate d with the end pro duc t;
m) o ther cond ition s that have an i mp ac t on fo o d s a fe ty.
T he fo o d s a fe ty te am s ha l l en s ure that th i s i n formation i s i nclude d when up dati ng the F S M S (s e e 4.4
and 10 . 3 ).
Top management s ha l l en s u re th at relevant i n formation i s i nclude d as i nput to the management review
(see ).9. 3
7.5 Documented information
7.5.1 General
T he organ i z ation’s FS M S s ha l l i nclude:
a) do c u mente d i n formation re qu i re d b y th i s do c u ment;
b) do c u mente d i n formation de term i ne d by the organ i z ation as b ei ng ne ce s s ar y for the e ffe c tivene s s
o f the FS M S;
c) do c u mente d i n formation and fo o d s a fe ty re qu i rements re qu i re d by s tatutor y, regu lator y
authoritie s and c u s tomers .
NO TE T he e x tent o f do c u mente d i n for m ation fo r a F S M S c a n d i ffer fro m o ne o rga n i z ation to a no ther due to:
— the s i z e o f o rga n i z ation a nd its typ e o f ac tivitie s , p ro ce s s e s , pro duc ts a nd s er vice s;
— the co mp le xity o f p ro ce s s e s a nd thei r i nterac tio n s;
— the competence of persons.

7.5.2 Creating and updating
When c re ati ng and up dati ng do c u mente d i n formation, the orga n i z ation s ha l l en s u re appropriate:
a) identi fic ation a nd de s c rip tion (e . g. a title, date, author, or re ference nu mb er) ;
b) format (e . g. language, s o ftwa re vers ion, graph ics) a nd me d ia (e . g. p ap er, ele c tron ic) ;

ISO 22000:2018(E)
c) review and approval for suitability and adequacy.
7.5.3 Control of documented information
7.5.3.1 Documented information required by the FSMS and by this document shall be controlled to
ensure:
a) it is available and suitable for use, where and when it is needed;
b) it is adequately protected (e.g. from loss o f confidentiality, improper use, or loss o f integrity).
7.5.3.2 For the control o f documented in formation, the organization shall address the following
activities, as applicable:
a) distribution, access, retrieval and use;
b) storage and preservation, including preservation o f legibility;
c) control o f changes (e.g. version control);
d) retention and disposition.
Documented in formation o f external origin determined by the organization to be necessary for the
planning and operation o f the FSMS shall be identified, as appropriate, and controlled.
Documented in formation retained as evidence o f con formity shall be protected from unintended
alterations.
NOTE Access can imply a decision regarding the permission to view the documented in formation only, or
the permission and authority to view and change the documented in formation.
8 Operation
8.1 Operational planning and control

The organization shall plan, implement, control, maintain and update the processes needed to meet
requirements for the realization o f sa fe products, and to implement the actions determined in 6.1 , by:
a) establishing criteria for the processes;
b) implementing control o f the processes in accordance with the criteria;
c) keeping documented in formation to the extent necessary to have the confidence to demonstrate
that the processes have been carried out as planned.
The organization shall control planned changes and review the consequences o f unintended changes,
taking action to mitigate any adverse e ffects, as necessary.
The organization shall ensure that outsourced processes are controlled (see 7.1.6 ).
8.2 Prerequisite programmes (PRPs)
8.2.1 The organization shall establish, implement, maintain and update PRP(s) to facilitate the
prevention and/or reduction o f contaminants (including food safety hazards) in the products, product
processing and work environment.
8.2.2 The PRP(s) shall be:

a) appropriate to the organization and its context with regard to food sa fety;

ISO 22000:2018(E)
b) appropri ate to the s i z e a nd typ e o f the op eration and the nature o f the pro duc ts b ei ng manu fac tu re d
and/or h and le d;
c) i mplemente d ac ro s s the enti re pro duc tion s ys tem, either as pro gram me s appl ic able i n genera l or
a s pro gra m me s appl ic able to a p ar tic u la r pro duc t or pro ce s s;
d) approve d b y the fo o d s a fe ty te am .
8.2 .3 When s ele c ti ng and/or e s tabl i s h i ng PRP(s) , the organ i z ation s ha l l en s ure that appl ic able
s tatutor y, regu lator y a nd mutua l ly agre e d c u s tomer re qui rements are identi fie d . T he organ i z ation
should consider:
a) the appl ic able p ar t o f the I S O/ T S 2 2 0 02 s erie s;
b) appl ic able s tand ard s , co de s o f prac tice and gu idel i ne s .
8.2.4 When es tab lis hing PRP(s ) the o rganizatio n s hall co ns ider:
a) con s truc tion, layout o f bu i ld i ngs a nd as s o c iate d uti l itie s;
b) layout o f prem i s e s , i nclud i ng z on i ng , works p ace and employe e fac i l itie s;
c) s uppl ie s o f ai r, water, energ y and o ther uti l itie s;
d) p e s t control , wa s te a nd s ewage d i s p o s a l and s upp or ti ng s er vice s;
e) the s u itabi l ity o f e qu ipment a nd its acce s s ibi l ity for cle an i ng and ma i ntenance;
f) s uppl ier approva l a nd a s s u rance pro ce s s e s (e . g. raw materia l s , i ngre d ients , chem ica l s and
p ackagi ng) ;
g) re cep tion o f i ncom i ng materi a l s , s torage, d i s p atch , tran s p or tation a nd hand l i ng o f pro duc ts;
h) me a s u re s for the prevention o f c ro s s conta m i nation;
i) cle a ni ng a nd d i s i n fe c ti ng;
j) p ers ona l hygiene;
k) pro duc t i n formation/con s u mer awa rene s s;
l) o thers , a s appropri ate .
D o c u mente d i n formation sha l l s p e c i fy the s ele c tion, e s tabl i sh ment, appl ic able mon itori ng and
veri fic ation o f the PRP(s) .
8.3 Traceability system
T he trace abi l ity s ys tem sh a l l b e able to u n iquely identi fy i ncom i ng materi a l from the s uppl iers and
the fi rs t s tage o f the d i s tribution route o f the end pro duc t. When e s tabl i s h i ng a nd i mplementi ng the
trace abi l ity s ys tem, the fol lowi ng sh a l l b e con s idere d as a m i n i mu m:
a) rel ation o f lo ts o f re ceive d materi a l s , i ngre d ients a nd i nterme d iate pro duc ts to the end pro duc ts;
b) reworki ng o f materi a l s/pro duc ts;
c) distribution of the end product.

T he orga ni z ation sha l l en s u re that appl icable s tatutor y, regu lator y a nd c u s tomer re qu i rements a re
identi fie d .

ISO 22000:2018(E)
D o c umente d i n formation a s evidence o f the trace abi l ity s ys tem s ha l l b e re tai ne d for a defi ne d p erio d
to i nclude, as a m i n i mum, the s hel f l i fe o f the pro duc t. T he orga ni z ation sh a l l veri fy and te s t the
e ffe c tivene s s o f the trace abi l ity s ys tem .
NO TE Where app rop r iate , the veri fic ation o f the s ys tem i s e xp e c te d to i nclude the re co nc i l i ation o f qu a ntitie s
o f end pro duc ts with the qu a ntity o f i ngre d ients a s e vidence o f e ffe c tivene s s .
8.4 Emergency preparedness and response
8.4.1 General
Top management s ha l l en s u re pro ce dure s a re i n place to re s p ond to p o tenti a l emergenc y s ituation s or
i nc idents th at c an have an i mp ac t on fo o d s a fe ty wh ich a re relevant to the role o f the organ i z ation i n the
fo o d ch ai n .
D o c umente d i n formation s ha l l b e e s tabl i she d and mai ntai ne d to ma nage the s e s ituation s and i nc idents .
8.4.2 Handling of emergencies and incidents

T he organ i z ation sh a l l:
a) re s p ond to ac tua l emergenc y s ituation s and i nc idents by:
1) en s u ri ng appl ic able s tatutor y and regu lator y re qu i rements are identi fie d;
2) com mu n ic ati ng i nterna l ly;
3) com mu n ic ati ng ex terna l ly (e . g. s uppl iers , c u s tomers , appropriate authoritie s , me d ia) ;
b) ta ke ac tion to re duce the con s e quence s o f the emergenc y s ituation, appropri ate to the magn itude o f
the emergenc y or i ncident and the p o tenti a l fo o d s a fe ty i mp ac t;
c) p erio d ic a l ly te s t pro ce dure s where prac tic a l;
d) review a nd, where ne ce s s a r y, up date the do c u mente d i n formation a fter the o cc u rrence o f any
i ncident, emergenc y s ituation or te s ts .
NO TE E xa mp le s o f emergenc y s itu ation s th at c a n a ffe c t fo o d s a fe ty a nd/or pro duc tio n a re n atu ra l d i s a s ters ,
envi ron menta l acc idents , bio ter ro r i s m , workp l ace acc idents , pub l ic he a lth emergenc ie s a nd o ther acc idents , e . g.
i nter r up tion o f e s s entia l s er vice s s uch a s water, ele c tr ic ity or re frigeratio n s upp l y.
8.5 Hazard control
8.5.1 Preliminary steps to enable hazard analysis
8.5.1.1 General
To c arr y out the h a z a rd ana lys i s , prel i m i nar y do c u mente d i n formation sh a l l b e col le c te d, ma i ntai ne d
and up date d b y the fo o d s a fe ty te am . T h i s s ha l l i nclude, but no t b e l i m ite d to:
a) appl ic able s tatutor y, re gu l ator y and c u s tomer re qui rements;
b) the orga n i z ation’s pro duc ts , pro ce s s e s and e quipment;
c) fo o d s a fe ty ha z a rd s relevant to the FS M S .
8.5.1.2 Characteristics of raw materials, ingredients and product contact materials

T he organ i z ation s ha l l en s ure that a l l appl ic able s tatutor y and regu lator y fo o d s a fe ty re qu i rements are
identi fie d for a l l raw materi a l s , i ngre d ients and pro duc t contac t materi a l s .

ISO 22000:2018(E)
T he organ i z ation s ha l l mai nta i n do c umente d i n formation concern i ng a l l raw materi a l s , i ngre d ients
and pro duc t contac t materi a l s to the e xtent ne e de d to conduc t the ha z ard a na lys i s (s e e 8.5.2 ) , i nclud i ng
the fol lowi ng , a s appropri ate:
a) biolo gic a l, chem ic a l a nd phys ic a l charac teri s tics;
b) comp o s ition o f formu late d i ngre d ients , i nclud i ng add itive s a nd pro ce s s i ng a id s;
c) s ou rce (e . g. an i ma l , m i nera l or ve ge table) ;
d) place o f origi n ( provena nce) ;
e) me tho d o f pro duc tion;
f) me tho d o f p ackagi ng a nd del iver y;
g) s torage cond ition s and shel f l i fe;
h) prep aration and/or h and l i ng b e fore u s e or pro ce s s i ng;
i) accep tance criteri a relate d to fo o d s a fe ty or s p e c i fic ation s o f pu rch as e d materi a l s a nd i ngre d ients
appropri ate to thei r i ntende d u s e .
8.5.1.3 Characteristics of end products

T he orga n i z ation sh a l l en s u re that a l l appl ic able s tatutor y and regu lator y fo o d s a fe ty re qu i rements a re
identi fie d for a l l the end pro duc ts i ntende d to b e pro duce d .
T he orga n i z ation sh a l l ma i ntai n do c umente d i n formation concern i ng the cha rac teri s tic s of end
pro duc ts to the ex tent ne e de d to conduc t the h a z a rd ana lys i s (s e e 8.5.2 ) , i nclud i ng i n formation on the
fol lowi ng , as appropri ate:
a) pro duc t na me or s i m i la r identi fic ation;
b) comp o s ition;
c) biolo gic a l, chem ic a l a nd phys ic a l ch arac teri s tics relevant for fo o d s a fe ty;
d) i ntende d s hel f l i fe and s torage cond ition s;
e) p ackagi ng;
f) lab el l i ng rel ati ng to fo o d s a fe ty and/or i n s truc tion s for hand l i ng , prep aration and i ntende d u s e;
g) me tho d(s) o f d i s tribution a nd del iver y.
8.5.1.4 Intended use

T he i ntende d u s e, i nclud i ng re a s onab ly e xp e c te d h and l i ng o f the end pro duc t and any u ni ntende d u s e
but re as onably exp e c te d m i s ha nd l i ng a nd m i s u s e o f the end pro duc t, sh a l l b e con s idere d a nd s ha l l b e
ma i ntai ne d a s do c u mente d i n formation to the e xtent ne e de d to conduc t the ha z a rd ana lys i s (s e e 8.5.2).
Where appropri ate, group s o f con s u mers/u s ers s ha l l b e identi fie d for e ach pro duc t.
Group s o f con s u mers/u s ers known to b e e s p e ci a l ly vu l nerable to s p e ci fic fo o d s a fe ty ha z ard s s ha l l b e
identi fie d .

ISO 22000:2018(E)
8.5.1.5 Flow diagrams and description of processes
8 . 5 . 1 . 5 . 1 P r e p a ra ti o n o f
th e fl o w d i a g ra m s
T he fo o d s a fe ty te am sh a l l e s tabl i s h, mai nta i n and up date flow d iagra m s a s do c u mente d i n formation
for the pro duc ts or pro duc t c ate gorie s and the pro ce s s e s covere d b y the FS M S .
F low d i agram s provide a graph ic repre s entation o f the pro ce s s . F low d i agram s s ha l l b e u s e d when
conduc ti ng the ha z ard ana lys i s as a b a s i s for eva luati ng the p o s s ible o cc urrence, i ncre as e, de c re a s e or
i ntro duc tion o f fo o d s a fe ty ha z ard s .
F low d i agra m s sh a l l b e cle a r, acc u rate and s u fficiently de ta i le d to the ex tent ne e de d to conduc t the
ha z ard ana lys i s . F low d iagram s sh a l l , a s appropri ate, i nclude the fol lowi ng:
a) the s e quence and i nterac tion o f the s tep s i n the op eration;
b) a ny outs ource d pro ce s s e s;
c) where raw materi a l s , i ngre d ients , pro ce s s i ng aid s , p ackagi ng materia l s , uti l itie s a nd i nterme d i ate
pro duc ts enter the flow;
d) where reworki ng a nd re c ycl i ng ta ke pl ace;
e) where end pro duc ts , i nterme d i ate pro duc ts , b y-pro duc ts and wa s te a re rele a s e d or remove d .
8 . 5 . 1 . 5 . 2 O n - s i te c o n fi r m a ti o n o f fl o w d i a g ra m s
T he fo o d s a fe ty te am s ha l l con fi rm on- s ite the acc u rac y o f the flow d i agram s , up date the flow d i agram s
where appropri ate and re tai n as do c u mente d i n formation .
8.5.1.5.3 Description of processes and process environment

T he fo o d s a fe ty te am sh a l l de s crib e, to the e xtent ne e de d to conduc t the ha z a rd ana lys i s:
a) the layout o f prem i s e s , i nclud i ng fo o d a nd non- fo o d h and l i ng are as;
b) pro ce s s i ng e qu ipment a nd contac t materi a l s , pro ce s s i ng aid s and flow o f materia l s;
c) e xi s ti ng PRPs , pro ce s s p ara me ters , control me a s ure s (i f any) and/or the s tric tne s s with wh ich they
a re appl ie d , or pro ce dure s th at c an i n fluence fo o d s a fe ty;
d) e xterna l re qu i rements (e . g. from s tatutor y a nd re gu lator y authoritie s or c u s tomers) that c a n
i mp ac t the choice and the s tric tne s s o f the control me a s ure s .
T he variation s re s u lti ng from e xp e c te d s e a s ona l cha nge s or s h i ft p attern s sha l l be i nclude d as
appropri ate .
T he de s crip tion s sha l l b e up date d a s appropri ate and mai ntai ne d a s do c umente d i n formation .
8.5.2 Hazard analysis
8.5.2.1 General
T he fo o d s a fe ty te am sh a l l conduc t a ha z ard a na lys i s , b as e d on the prel i m i nar y i n formation, to
de term i ne the ha z ard s that ne e d to b e control le d . T he de gre e o f control s ha l l en s u re fo o d s a fe ty and,
where appropri ate, a combi nation o f control me as u re s sha l l b e u s e d .

ISO 22000:2018(E)
8 . 5 . 2 . 2 H a z a rd i d e n ti fi c a ti o n a n d d e te r m i n a ti o n o f
a c c e p ta b l e l e ve l s
8.5.2.2.1 The organization shall identi fy and document all food safety hazards that are reasonably
expected to occur in relation to the type o f product, type o f process and process environment.
The identification shall be based on:
a) the preliminary in formation and data collected in accordance with 8.5.1 ;
b) experience;
c) internal and external in formation including, to the extent possible, epidemiological, scientific and
other historical data;
d) in formation from the food chain on food sa fety hazards related to the sa fety o f the end products,
intermediate products and the food at the time o f consumption;
e) statutory, regulatory and customer requirements.
NOTE 1 Experience can include in formation from sta ff and external experts who are familiar with the product
and/or processes in other facilities.
NOTE 2 Statutory and regulatory requirements can include food sa fety objectives (FSOs). The Codex
Alimentarius Commission defines FSOs as “The maximum frequency and/or concentration o f a hazard in a food
at the time o f consumption that provides or contributes to the appropriate level o f protection (ALOP)”.
Hazards should be considered in su fficient detail to enable hazard assessment and the selection o f
appropriate control measures.
8.5.2.2.2 The organization shall identi fy step(s) (e.g. receiving raw materials, processing, distribution
and delivery) at which each food safety hazard can be present, be introduced, increase or persist.
When identi fying hazards, the organization shall consider:
a) the stages preceding and following in the food chain;
b) all steps in the flow diagram;
c) the process equipment, utilities/services, process environment and persons.
8.5.2.2.3 The organization shall determine the acceptable level in the end product o f each food safety
hazard identified, whenever possible.
When determining acceptable levels, the organization shall:
a) ensure that applicable statutory, regulatory and customer requirements are identified;
b) consider the intended use o f end products;
c) consider any other relevant in formation.
The organization shall maintain documented in formation concerning the determination o f acceptable
levels and the justification for the acceptable levels.
8.5.2.3 Hazard assessment
The organization shall conduct, for each identified food sa fety hazard, a hazard assessment to determine
whether its prevention or reduction to an acceptable level is essential.
The organization shall evaluate each food sa fety hazard with regard to:
a) the likelihood o f its occurrence in the end product prior to application o f control measures;

ISO 22000:2018(E)
b) the s everity o f its advers e he a lth e ffe c ts i n rel ation to the i ntende d u s e (s e e 8 . 5 .1 .4 ).
T he organ i z ation sh a l l identi fy a ny s ign i fic ant fo o d s a fe ty ha z ard s .
T he me tho dolo g y u s e d s ha l l b e de s c rib e d, and the re s u lt o f the ha z ard as s es s ment sh a l l b e mai ntai ne d
as do c u mente d i n formation .
8.5.2.4 Selection and categorization of control measure(s)
8.5.2.4.1 B as ed on the hazard as s es s ment, the o rganizatio n s hall s elect an ap p ro p riate co ntro l
meas ure o r co mb inatio n o f co ntro l meas ures that will b e cap ab le o f p reventing o r reducing the identified
s ignificant fo o d s a fety hazards to defined accep tab le levels .
T he organ i z ation sh a l l c ategori z e the s ele c te d identi fie d control me as u re(s) to b e ma nage d a s OPRP(s)
(see 3 . 3 0) or at C C Ps (s e e 3 .11 ).
T he categori z ation sha l l b e c arrie d out u s i ng a s ys tematic appro ach . For e ach o f the control me as u re s
s ele c te d , there sha l l b e an a s s e s s ment o f the fol lowi ng:
a) the l i kel i ho o d o f fa i lu re o f its func tion i ng;
b) the s everity o f the con s e quence i n the c as e o f fai lu re o f its fu nc tioni ng; th i s a s s e s s ment sh a l l
include:
1) the e ffe c t on identi fie d s ign i fic ant fo o d s a fe ty ha z ard s;
2) the lo c ation i n relation to o ther control me a s u re(s) ;
3) whe ther it i s s p e c i fica l ly e s tabl i she d and appl ie d to re duce the h a z ard s to an accep tab le level;
4) whe ther it i s a s i ngle me as u re or i s p a r t o f combi nation o f control me a s ure(s) .
8.5.2.4.2 I n additio n, fo r each co ntro l meas ure, the sys tematic ap p ro ach s hall include an as s es s ment o f
the feas ib ility o f:
a) e s tabl i s h i ng me as u rable c ritic a l l i m its and/or me as u rable/ob s er vable ac tion c riteria;
b) mon itori ng to de te c t a ny fai lure to remai n with i n c ritic a l l i m it and/or me as u rable/ob s er vable
ac tion c riteria;
c) applyi ng ti mely corre c tion s i n c a s e o f fai lu re .
T he de ci s ion-ma ki ng pro ce s s and re s u lts o f the s ele c tion a nd c ategori z ation o f the control me as u re s
sh a l l b e mai ntai ne d a s do c umente d i n formation .
E x terna l re qui rements (e . g. s tatutor y, regu lator y and c u s tomer re qu i rements) that c a n i mp ac t the
choice and the s tric tne s s o f the control me as u re s sh a l l a l s o b e mai nta i ne d a s do c umente d i n formation .
8.5.3 Validation of control measure(s) and combinations of control measures

T he fo o d s a fe ty te am s ha l l va l idate that the s ele c te d control me as u re s are c ap able o f ach ievi ng
the i ntende d control o f the s ign i fic ant fo o d s a fe ty ha z ard(s) . T h i s va l idation sh a l l b e done prior to
i mplementation o f control me a s ure(s) a nd combi nation s o f control me as u re s to b e i nclude d i n the
ha z ard control pla n (s e e 8 . 5 . 4) and a fter any ch ange therei n (s e e 7.4. 2 , 7.4. 3 , 10.2 a nd 10 . 3 ).
When the re s u lt o f va l idation shows th at the control me a s u re s (s) i s (are) no t c ap able o f ach ievi ng
the i ntende d control, the fo o d s a fe ty te a m s ha l l mo d i fy and re - a s s e s s the control me a s u re(s) a nd/or
combi nation(s) o f control me a s ure(s) .

ISO 22000:2018(E)
The food sa fety team shall maintain the validation methodology and evidence o f capability o f the
control measure(s) to achieve the intended control as documented in formation.
NOTE Modification can include changes in control measure(s) (i.e. process parameters, rigour and/or their
combination) and/or change(s) in the manu facturing technologies for raw materials, end product characteristics,
methods o f distribution and intended use o f the end products.
8.5.4 Hazard control plan (HACCP/OPRP plan)
8.5.4.1 General
The organization shall establish, implement and maintain a hazard control plan. The hazard control
plan shall be maintained as documented in formation and shall include the following in formation for
each control measure at each CCP or OPRP:
a) ood sa fety hazard(s) to be controlled at the CCP or by the OPRP;
f
b) critical limit(s) at CCP or action criteria for OPRP;

c) monitoring procedure(s);
d) correction(s) to be made i f critical limits or action criteria are not met;
e) responsibilities and authorities;
f) records of monitoring.
8.5.4.2 Determination of critical limits and action criteria
Critical limits at CCPs and action criteria for OPRPs shall be specified. The rationale for their
determination shall be maintained as documented in formation.
Critical limits at CCPs shall be measurable. Con formance with critical limits shall ensure that the
acceptable level is not exceeded.
Action criteria for OPRPs shall be measurable or observable. Con formance with action criteria shall
contribute to the assurance that the acceptable level is not exceeded.
8.5.4.3 Monitoring systems at CCPs and for OPRPs
At each CCP, a monitoring system shall be established for each control measure or combination o f
control measure(s) to detect any failure to remain within the critical limits. The system shall include all
scheduled measurements relative to the critical limit(s).
For each OPRP, a monitoring system shall be established for the control measure or combination o f
control measure(s) to detect failure to meet the action criterion.
The monitoring system, at each CCP and for each OPRP, shall consist o f documented in formation,
including:
a) measurements or observations that provide results within an adequate time frame;
b) monitoring methods or devices used;
c) applicable calibration methods or, for OPRPs, equivalent methods for verification o f reliable
measurements or observations (see 8.7);
d) monitoring frequency;
e) monitoring results;
f ) responsibility and authority related to monitoring;

ISO 22000:2018(E)
g) responsibility and authority related to evaluation o f monitoring results.

At each CCP, the monitoring method and frequency shall be capable o f timely detection o f any failure to
remain within critical limits, to allow timely isolation and evaluation o f the product (see 8.9.4).
For each OPRP, the monitoring method and frequency shall be proportionate to the likelihood o f failure
and the severity o f consequences.
When monitoring an OPRP is based on subjective data from observations (e.g. visual inspection), the
method shall be supported by instructions or specifications.
8.5.4.4 Actions when critical limits or action criteria are not met
The organization shall speci fy corrections (see 8.9.2) and corrective actions (see 8.9.3) to be taken
when critical limits or action criterion are not met and shall ensure that:
a) the potentially unsa fe products are not released (see 8.9.4);
b) the cause o f noncon formity is identified;
c) the parameter(s) controlled at the CCP or by the OPRP is (are) returned within the critical limits or
action criteria;
d) recurrence is prevented.
The organization shall make corrections in accordance with 8.9.2 and corrective actions in accordance
with 8.9.3 .
8.5.4.5 Implementation of the hazard control plan
The organization shall implement and maintain the hazard control plan, and retain evidence o f the
implementation as documented in formation.
8.6 Updating the information specifying the PRPs and the hazard control plan
Following the establishment o f the hazard control plan, the organization shall update the following
in formation, i f necessary:
a) characteristics o f raw materials, ingredients and product-contact materials;
b) characteristics o f end products;
c) intended use;
d) flow diagrams and descriptions o f processes and process environment.
The organization shall ensure that the hazard control plan and/or the PRP(s) are up to date.
8.7 Control of monitoring and measuring

The organization shall provide evidence that the specified monitoring and measuring methods and
equipment in use are adequate for the monitoring and measuring activities related to the PRP(s) and
the hazard control plan.
The monitoring and measuring equipment used shall be:
a) calibrated or verified at specified intervals prior to use;
b) adjusted or re-adjusted as necessary;
c) identified to enable the calibration status to be determined;

ISO 2 2 000: 2 01 8(E)
d) s a feguarde d from adj u s tments th at wou ld i nva l idate the me a s u rement re s u lts;
e) pro te c te d from d amage and de terioration .
T he re s u lts o f c a l ibration a nd veri fic ation s ha l l b e re tai ne d a s do c u mente d i n formation . T he c a l ibration
o f a l l the e qu ipment sh a l l b e trace able to i nternationa l or nationa l me as u rement s tandard s; where
no s tandard s e xi s t, the b as i s used for c a l ibration or veri fic ation s ha l l b e re ta i ne d as do c umente d
i n formation .
T he organ i z ation sh a l l as s e s s the va l id ity o f the previou s me as u rement re s u lts when the e qu ipment or
pro ce s s envi ron ment i s fou nd no t to con form to re qu i rements . T he organ i z ation sh a l l ta ke appropriate
ac tion i n relation to the e quipment or pro ce s s envi ron ment a nd a ny pro duc t a ffe c te d b y the non-
con forma nce .
T he a s s e s s ment a nd re s u lti ng ac tion s ha l l b e ma i nta i ne d a s do c u mente d i n formation .
S o ftwa re u s e d i n mon itori ng and me a s u ri ng with i n the F S M S s ha l l b e va l idate d b y the organ i z ation,
s o ftwa re s uppl ier or th i rd p a r ty prior to u s e . D o c u mente d i n formation on va l idation ac ti vitie s sh a l l b e
ma i ntai ne d by the organ i z ation and the s o ftwa re s ha l l b e up date d i n a ti mely man ner.
Whenever there a re change s , i nclud i ng s o ftware con figuration/mo d i fic ation s to com merc ia l o ff-the -
shel f s o ftware, they sh a l l b e authori z e d , do c u mente d and va l idate d b e fore i mplementation .
NO TE C om merc i a l o ff- the - s hel f s o ftwa re in genera l use with i n its de s igne d app l ic atio n ra nge can be
con s idere d to b e s u ffic ientl y va l id ate d .
8 . 8 Ve r i fi c a ti o n re l a te d to P RP s a n d th e h a z a r d c o n tro l p l a n
8 . 8 . 1 Ve r i fi c a ti o n
T he organ i z ation s ha l l e s tabl i s h, i mplement a nd mai nta i n veri fic ation ac tivitie s . T he veri fic ation
plan n i ng sh a l l defi ne pu rp o s e, me tho d s , fre quenc ie s a nd re s p on s ibi l itie s for the veri fication ac ti vitie s .
T he veri fic ation ac tivitie s sh a l l con fi rm that:
a) the PRP(s) are i mplemente d and e ffe c tive;
b) the ha z ard control plan i s i mplemente d and e ffe c tive;
c) ha z a rd level s are with i n identi fie d accep table level s;
d) i nput to the ha z ard ana lys i s i s up date d;
e) o ther ac tion s de term i ne d by the organ i z ation a re i mplemente d a nd e ffe c tive .
T he orga ni z ation sha l l en s u re that veri fic ation ac tivitie s are no t c arrie d out b y the p ers on re s p on s ible
for mon itori ng the s ame ac tivitie s .
Veri fic ation re s u lts sh a l l b e re ta i ne d a s do c u mente d i n formation and s ha l l b e com mu n ic ate d .
Where veri fic ation i s b a s e d on te s ti ng o f end pro duc t s ample s or d i re c t pro ce s s s ample s a nd where
s uch te s t s ample s s how noncon form ity with the accep table level o f the fo o d s a fe ty ha z a rd (s e e 8.5.2.2 ),
the organ i z ation s ha l l h and le the a ffe c te d lo t(s) o f pro duc t a s p o tenti a l ly u n s a fe (s e e 8 .9.4. 3 ) and apply
corre c tive ac tion s i n accordance with 8 .9. 3 .

8 . 8 . 2 A n a l ys i s o f
re s u l ts o f
ve r i fi c a ti o n a c ti vi ti e s
T he fo o d s a fe ty te am sh a l l conduc t an ana lys i s o f the re s u lts o f veri fic ation th at s ha l l b e u s e d as a n
i nput to the p er formance eva luation o f the F S M S (s e e 9.1 . 2 ).

ISO 22000:2018(E)
8.9 Control of product and process nonconformities
8.9.1 General
T he organ i z ation s ha l l en s u re that data derive d from the mon itori ng o f OPRPs a nd at C C Ps are eva luate d
b y de s ignate d p ers on s who are comp e tent and have the authority to i n itiate corre c tion s and corre c tive
ac tion s .
8.9.2 Corrections
8.9.2.1 The o rganizatio n s hall ens ure that when critical limits at C C P(s ) and/o r actio n criteria fo r
O PRPs are no t met, the p ro ducts a ffected are identified and co ntro lled with regard to their us e and
releas e.
T he organ i z ation sh a l l e s tabl i s h, ma i ntai n and up date do c u mente d i n formation th at i nclude s:
a) a me tho d o f identi fic ation, a s s e s s ment a nd corre c tion for a ffe c te d pro duc ts to en s u re thei r prop er
h and l i ng;
b) a rrangements for review o f the corre c tion s c arrie d out.
8.9.2.2 When critical limits at C C Ps are no t met, a ffected p ro ducts s hall b e identified and handled as
p o tentially uns a fe p ro ducts (s ee 8 . 9 . 4 ).

8.9.2.3 Where actio n criteria fo r an O PRP are no t met, the fo llo wing s hall b e carried o ut:
a) de term i nation o f the con s e quence s o f that fa i lu re with re s p e c t to fo o d s a fe ty;
b) de term i nation o f the c au s e(s) o f fai lure;
c) identi fic ation o f the a ffe c te d pro duc ts and ha nd l i ng i n accorda nce with 8 .9.4 .
T he organ i z ation sh a l l re tai n re s u lts o f the eva luation a s do c umente d i n formation .
8.9.2.4 D o cumented in fo rmatio n s hall b e retained to des crib e co rrectio ns made o n no nco n fo rming
p ro ducts and p ro ces s es , including:
a) the natu re o f the noncon form ity;
b) the c au s e(s) o f the fai lure;
c) the con s e quence s as a re s u lt o f the noncon form ity.
8.9.3 Corrective actions

T he ne e d for corre c tive ac tion s sh a l l b e eva luate d when c ritic a l l i m its at C C P(s) and/or ac tion c riteri a
for OPRPs are no t me t.
T he organ i z ation sh a l l e s tabl i s h and ma i nta i n do c u mente d i n formation that s p e ci fie s appropri ate
ac tion s to identi fy and el i m i nate the c au s e o f de te c te d noncon form itie s , to prevent re c u rrence, and to
re tu rn the pro ce s s to control a fter a noncon form ity i s identi fie d .
T he s e ac tion s sha l l i nclude:
a) reviewi ng noncon form itie s identi fie d b y c u s tomer a nd/or con s u mer compla i nts and/or regu lator y
i n s p e c tion rep or ts;
b) reviewi ng trend s i n mon itori ng re s u lts that c a n i nd ic ate lo s s o f control;
c) de term i n i ng the c au s e(s) o f noncon form itie s;

ISO 22000:2018(E)
d) de term i ni ng and i mplementi ng ac tion s to en s u re that noncon form itie s do no t re c ur;
e) do c u menti ng the re s u lts o f corre c tive ac tion s ta ken;
f) veri fyi ng corre c tive ac tion s ta ken to en s u re th at they are e ffe c tive .
T he organ i z ation s ha l l re tai n do c u mente d i n formation on a l l corre c tive ac tion s .
8.9.4 Handling of potentially unsafe products
8.9.4.1 General
T he organ i z ation s ha l l ta ke ac tion(s) to prevent p o tenti a l ly un s a fe pro duc ts from enteri ng the fo o d
chai n, u n le s s it c a n demon s trate that:
a) the fo o d s a fe ty h a z ard(s) o f concern i s (are) re duce d to the defi ne d accep table level s;
b) the fo o d s a fe ty ha z ard(s) o f concern wi l l b e re duce d to identi fie d accep table level s prior to enteri ng
the fo o d cha i n; or
c) the pro duc t s ti l l me e ts the defi ne d accep table level(s) o f the fo o d s a fe ty ha z ard(s) o f concern de s pite
the noncon form ity.
T he organ i z ation sh a l l re ta i n pro duc ts that h ave b e en identi fie d as p o tentia l ly u n s a fe u nder its control
unti l the pro duc ts have b e en eva luate d a nd the d i s p o s ition ha s b e en de term i ne d .
I f pro duc ts that have le ft the control o f the organ i z ation a re s ub s e quently de term i ne d to b e un s a fe, the
organ i z ation sh a l l no ti fy relevant i ntere s te d p ar tie s and i niti ate a withd rawa l/re c a l l (s e e 8 .9. 5 ).
T he control s and relate d re s p on s e s from releva nt i ntere s te d p a r tie s a nd authori z ation for de a l i ng with
p o tentia l ly u n s a fe pro duc ts sh a l l b e re ta i ne d a s do c u mente d i n formation .
8.9.4.2 Evaluation for release

E ach lo t o f pro duc ts a ffe c te d b y the noncon form ity sh a l l b e eva luate d .
P ro duc ts a ffe c te d b y fai lure to remai n with i n critic a l l i m its at C C Ps sh a l l no t b e rele a s e d, but s ha l l b e
hand le d i n accordance with 8 .9.4. 3 .

P ro duc ts a ffe c te d b y fai lu re to me e t ac tion c riterion for O PRPs sha l l on ly b e rele as e d a s s a fe when any
o f the fol lowi ng cond ition s apply:
a) evidence o ther than the mon itori ng s ys tem demon s trate s that the control me a s ure s have b e en
e ffe c tive;
b) evidence shows that the combi ne d e ffe c t o f the control me as u re s for that p a r tic u l ar pro duc t
con form s to the p er forma nce i ntende d (i . e . identi fie d accep tab le level s) ;
c) the re s u lts o f s a mpl i ng , ana lys i s and/or o ther veri fication ac tivitie s demon s trate that the a ffe c te d
pro duc ts con form to the identi fie d accep table level s for the fo o d s a fe ty ha z ard(s) concerne d .
Re s u lts o f eva luation for rele a s e o f pro duc ts sh a l l b e re ta i ne d a s do c u mente d i n formation .
8.9.4.3 Disposition of nonconforming products

P ro duc ts th at are no t accep table for rele as e s ha l l b e:
a) repro ce s s e d or fu r ther pro ce s s e d with i n or outs ide the organ i z ation to en s u re th at the fo o d s a fe ty
ha z ard i s re duce d to accep table level s; or
b) re d i re c te d for o ther u s e a s long a s fo o d s a fe ty i n the fo o d chai n i s no t a ffe c te d; or

ISO 22000:2018(E)
c) de s troye d and/or d i s p o s e d a s wa s te .
D o c umente d i n formation on the d i s p o s ition o f noncon form i ng pro duc ts , i nclud i ng the identi fic ation o f
the p ers on(s) with approvi ng authority s ha l l b e re tai ne d .
8.9.5 Withdrawal/recall
T he organ i z ation s ha l l b e ab le to en s u re the ti mely withd rawa l/re c a l l o f lo ts o f end pro duc ts th at have
b e en identi fie d a s p o tentia l ly un s a fe, b y app oi nti ng comp e tent p ers on(s) havi ng the authority to i niti ate
and c arr y out the withd rawa l/re c a l l .
T he organ i z ation sh a l l e s tabl i s h a nd mai ntai n do c u mente d i n formation for:
a) no ti fyi ng relevant i ntere s te d p ar tie s (e . g. s tatutor y a nd re gu l ator y authoritie s , c u s tomers and/or
con s umers) ;
b) h and l i ng withd rawn/re c a l le d pro duc ts a s wel l as pro duc ts s ti l l i n s to ck;
c) p er form i ng the s e quence o f ac tion s to b e ta ken .
Withd rawn/re c a l le d pro duc ts a nd end pro duc ts s ti l l i n s to ck s ha l l b e s e c u re d or held under the control
o f the organ i z ation u nti l they are manage d i n accord ance with 8 .9.4. 3 .
T he c au s e, e xtent and re s u lt o f a withd rawa l/re c a l l s ha l l b e re ta i ne d a s do c umente d i n formation a nd
rep or te d to the top management as i nput for the management review (s e e 9. 3 ).

T he organ i z ation s ha l l veri fy the i mplementation and e ffe c tivene s s o f withd rawa l s/re c a l l s th rough the
u s e o f appropriate te ch n ique s (e . g. mo ck withd rawa l/re c a l l or prac tice withd rawa l/re c a l l) and re ta i n
do c u mente d i n formation .
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General
T he organ i z ation sh a l l de term i ne:
a) wh at ne e d s to b e monitore d and me a s u re d;
b) the me tho d s for monitori ng , me as u rement, a na lys i s a nd eva luation, a s appl ic able, to en s u re va l id
re s u lts;
c) when the mon itori ng and me a s uri ng sh a l l b e p er forme d;
d) when the re s u lts from mon itori ng a nd me a s urement s ha l l b e a na lys e d a nd eva luate d;
e) who s ha l l ana lys e and eva luate the re s u lts from mon itori ng and me as u rement.
T he organ i z ation sh a l l re tai n appropriate do c u mente d i n formation a s evidence o f the re s u lts .
T he organ i z ation sh a l l eva luate the p er forma nce and the e ffe c tivene s s o f the F S M S .
9.1.2 Analysis and evaluation

T he organ i z ation s ha l l ana lys e and eva luate appropri ate data a nd i n formation ari s i ng from mon itori ng
and me a s u rement, i nclud i ng the re s u lts o f veri fic ation ac tivitie s relate d to PRPs a nd the ha z a rd control
plan (s e e 8.8 a nd 8 . 5 .4) , the i nterna l aud its (s e e 9. 2 ) and ex terna l aud its .

ISO 22000:2018(E)
T he a na lys i s s ha l l b e ca rrie d out:
a) to con fi rm th at the overa l l p er forma nce o f the s ys tem me e ts the pl an ne d arrangements a nd the
F S M S re qu i rements e s tabl i she d b y the organ i z ation;
b) to identi fy the ne e d for up dati ng or i mprovi ng the F S M S;
c) to identi fy trend s wh ich i nd ic ate a h igher i nc idence o f p o tenti a l ly u n s a fe pro duc ts or pro ce s s
fa i lu re s;
d) to e s tabl i s h i n formation for plan n i ng o f the i nterna l aud it pro gram me rel ate d to the s tatus and
i mp or tance o f a re a s to b e aud ite d;
e) to provide evidence that corre c tion s and corre c tive ac tion s are e ffe c tive .
T he re s u lts o f the a na lys i s and the re s u lti ng ac tivitie s s ha l l b e re ta i ne d a s do c u mente d i n formation .
T he re s u lts s ha l l b e rep or te d to top management and u s e d a s i nput to the management review (s e e 9. 3 )

and the up dati ng o f the F S M S (s e e 10 . 3 ).
NO TE M e tho d s to a n a l ys e data c a n i nclude s tati s tic a l te ch n ique s .
9.2 Internal audit
9.2.1 The o rganizatio n s hall co nduct internal audits at p lanned intervals to p rovide in fo rmatio n o n
whether the FS M S :
a) con form s to:
1) the organ i z ation’s own re qu i rements for its F S M S;
2) the re qu i rements o f th i s do c ument;
b) i s e ffe c tively i mplemente d and mai nta i ne d .
9.2.2 The o rganizatio n s hall:
a) pla n, e s tabl i s h, i mplement a nd ma i ntai n (an) aud it pro gram me(s) , i nclud i ng the fre quenc y, me tho d s ,
re s p on s ibi l itie s , plan n i ng re qu i rements and rep or ti ng , wh ich sh a l l ta ke i nto con s ideration the
i mp or tance o f the pro ce s s e s concerne d, change s in the FS M S , and the re s u lts o f mon itori ng ,
me as u rement and previou s aud its;
b) defi ne the aud it criteri a a nd s cop e for e ach aud it;
c) s ele c t comp e tent aud itors a nd conduc t aud its to en s u re obj e c tivity and the i mp ar tia l ity o f the aud it
pro ce s s;
d) en s u re th at the re s u lts o f the aud its a re rep or te d to the fo o d s a fe ty te am a nd relevant management;
e) re tai n do c u mente d i n formation a s evidence o f the i mplementation o f the aud it pro gra m me and the
aud it re s u lts;
f) ma ke the ne ce s s ar y corre c tion and ta ke the ne ce s s ar y corre c tive ac tion with i n the agre e d ti me
frame;
g) de term i ne i f the F S M S me e ts the i ntent o f the fo o d s a fe ty p ol ic y (s e e 5.2 ) and obj e c tive s o f the F S M S
(see 6.2).
Fol low-up ac tivitie s b y the orga n i z ation s ha l l i nclude the veri fication o f the ac tion s ta ken and the
rep or ti ng o f the veri fic ation re s u lts .
NO TE I S O 19 0 1 1 pro vide s g u idel i ne s fo r aud iti n g m a n agement s ys tem s .

ISO 22000:2018(E)
9.3 Management review
9.3.1 General
Top management s ha l l review the organ i z ation’s F S M S , at plan ne d i nter va l s , to en s u re its conti nu i ng
s uitabi l ity, ade quac y and e ffe c tivene s s .
9.3.2 Management review input

T he ma nagement review s ha l l con s ider:
a) the s tatu s o f ac tion s from previou s ma nagement reviews;
b) change s i n ex terna l a nd i nterna l i s s ue s that are relevant to the F S M S , i nclud i ng cha nge s i n the
organ i z ation a nd its conte xt (s e e 4.1) ;
c) i n formation on the p er forma nce and the e ffe c tivene s s o f the F S M S , i nclud i ng trend s i n:
1) re s u lt(s) o f s ys tem up dati ng ac tivitie s (s e e 4.4 a nd 10 . 3 ) ;
2) mon itori ng a nd me as u rement re s u lts;
3) a na lys i s o f the re s u lts o f veri fic ation ac tivitie s rel ate d to PRPs a nd the h a z a rd control p la n
(see 8.8.2 );
4) noncon form itie s and corre c tive ac tion s;
5) aud it re s u lts (i nterna l a nd ex terna l) ;
6) i n s p e c tion s (e . g. regu lator y, c u s tomer) ;
7) the p er forma nce o f e xterna l providers;
8) the review o f ri s ks and opp or tu n itie s and o f the e ffe c tivene s s o f ac tion s ta ken to add re s s them
(see 6.1 );
9) the ex tent to wh ich obj e c tive s o f the F S M S have b e en me t;
d) the ade quac y o f re s ou rce s;
e) a ny emergenc y s ituation, i ncident (s e e 8 . 4. 2 ) or withd rawa l/re c a l l (s e e 8 .9. 5 ) th at o cc u rre d;
f) relevant i n formation ob tai ne d th rough e xterna l (s e e 7. 4. 2 ) and i nterna l (s e e 7.4. 3 ) com mu n ic ation,
i nclud i ng re que s ts a nd complai nts from i nteres te d p ar tie s;
g) opp or tu n itie s for conti nua l i mprovement.
T he data s ha l l b e pre s ente d i n a man ner that enable s top management to relate the i n formation to
s tate d obj e c tive s o f the F S M S .
9.3.3 Management review output

T he outputs o f the management review sh a l l i nclude:
a) de c i s ion s a nd ac tion s relate d to conti nua l i mprovement opp or tu n itie s;
b) a ny ne e d for up date s and cha nge s to the F S M S , i nclud i ng re s ou rce ne e d s a nd revi s ion o f the fo o d
s a fe ty p ol ic y and obj e c tive s o f the F S M S .
T he orga ni z ation s ha l l re tai n do c u mente d i n formation as evidence o f the re s u lts o f ma nagement
reviews.

ISO 22000:2018(E)
10 Improvement
10.1 Nonconformity and corrective action
10.1.1 When a no nco n fo rmity o ccurs , the o rganizatio n s hall:
a) re ac t to the noncon form ity and, as appl ic able:
1) ta ke ac tion to control a nd corre c t it;
2) de a l with the con s e quence s;
b) eva luate the ne e d for ac tion to el i m i nate the c au s e(s) o f the noncon form ity, i n order th at it do e s no t
re c u r or o cc u r el s ewhere, by:
1) reviewi ng the noncon form ity;
2) de term i n i ng the c au s e s o f the noncon form ity;
3) de term i n i ng i f s i m i la r noncon form itie s exi s t, or cou ld p o tentia l ly o cc u r;
c) i mplement any ac tion ne e de d;
d) review the e ffe c tivene s s o f a ny corre c tive ac tion ta ken;
e) ma ke cha nge s to the F S M S , i f ne ce s s ar y.
C orre c tive ac tion s s ha l l b e appropriate to the e ffe c ts o f the noncon form itie s encountere d .
10.1.2 The o rganizatio n s hall retain do cumented in fo rmatio n as evidence o f:
a) the natu re o f the noncon form itie s and any s ub s e quent ac tion s ta ken;
b) the re s u lts o f any corre c tive ac tion .
10.2 Continual improvement

T he organ i z ation s ha l l conti nua l ly i mprove the s u itabi l ity, ade quac y a nd e ffe c tivene s s o f the F S M S .
Top management shal l ens ure that the organi z ation continual ly i mproves the e ffec tivenes s o f the FS M S
through the us e o f communication (s ee 7.4) , management review (s e e 9. 3 ) , i nternal aud it (s e e 9. 2 ) , analys i s
o f res u lts o f veri fication ac tivities (s e e 8.8.2 ) , va lidation o f control me as ure(s) and combi nation(s) o f
control meas ure(s) (s e e 8 . 5 . 3 ) , correc tive ac tions (s e e 8 .9. 3 ) and FS M S up dati ng (s e e 10 . 3 ).

10.3 Update of the food safety management system
Top ma nagement sh a l l en s u re that the FS M S i s conti nua l ly up date d . To ach ieve th i s , the fo o d s a fe ty te a m
sha l l eva luate the FS M S at pl an ne d i nter va l s . T he te am s ha l l con s ider whe ther it i s ne ce s s ar y to review
the ha z a rd ana lys i s (s e e 8.5.2 ) , the e s tabl i s he d h a z ard control plan (s e e 8 . 5 .4) a nd the e s tabl i she d PRPs
(see 8.2 ) . T he up dati ng ac ti vitie s s ha l l b e b as e d on:
a) i nput from com mu n ic ation, ex terna l as wel l a s i nterna l (s e e 7.4) ;
b) i nput from o ther i n formation concern i ng the s uitabi l ity, ade quac y and e ffe c tivene s s o f the F S M S;
c) output from the ana lys i s o f re s u lts o f veri fic ation ac tivitie s (s e e 9.1 . 2 ) ;
d) output from ma nagement review (s e e 9. 3 ).

Sys tem up dati ng ac tivitie s s ha l l b e re tai ne d as do c u mente d i n formation and rep or te d as i nput to the
ma nagement review (s e e 9. 3 ).
ISO 22000:2018(E)
Annex A
(informative)
Cross references between the CODEX HACCP and this document
Table A.1 — Cross references between the CODEX HACCP principles and application steps
and clauses of this document
CODEX HACCP
CODEX HACCP application steps a This document
Principles
Assemble HACCP team Step 1 5.3 Food sa fety team
Describe product Step 2 8.5.1.2 Characteristics o f raw materials,
ingredients and product-contact
materials
8.5.1.3 Characteristics o f end products
Identi fy intended use Step 3 8.5.1.4 Intended use
Construct flow diagram Step 4 8.5.1.5 Flow diagrams and descriptions
On-site confirmation o f Step 5 of processes
flow diagram
Principle 1 List all potential hazards Step 6 8.5.2 Hazard analysis
Conduct a hazard analysis Conduct a hazard analysis 8.5.3 Validation o f control measure(s)
Consider control measures and combinations o f control
measure(s)
Principle 2 Determine CCPs Step 7 8.5.4 Hazard control plan
Determine the critical
control points (CCPs)
Principle 3 Establish critical limits Step 8 8.5.4 Hazard control plan
for each CCP
Establish critical limit(s)
Principle 4 Establish a monitoring Step 9 8.5.4.3 Monitoring systems at CCPs and
Establish a system to system for each CCP for OPRPs
monitor control o f the CCP

Principle 5 Establish corrective Step 10 8.5.4 Hazard control plan
Establish the corrective actions 8.9.2 Corrections
action to be taken when 8.9.3 Corrective actions
monitoring indicates that a
particular CCP is not under
control
Principle 6 Establish verification Step 11 8.7 Control o f monitoring and
Establish procedures for procedures measuring
verification to confirm that 8.8 Verification related to PRPs and
the HACCP system is the hazard control plan
working e ffectively 9.2 Internal audit
Principle 7 Establish documentation Step 12 7.5 Documented in formation
Establish documentation and record keeping
concerning all procedures
and records appropriate to
these principles and their
application
a CODEX publications are available via Re ference [12 ].

ISO 22000:2018(E)
Annex B
(informative)
Cross references between this document and ISO 22000:2005
Table B.1 — Main structure

This document ISO 22000:2005
4 Context of the organization New heading
4.1 Understanding the organization and its context New
4.2 Understanding the needs and expectations o f interested parties New
4.3 Determining the scope o f the food sa fety management system 4.1 (and new)
4.4. Food sa fety management system 4.1
5 Leadership New heading
5.1 Leadership and commitment 5.1, 7.4.3 (and new)
5.2 Policy 5.2 (and new)
5.3 Organizational roles, responsibilities and authorities 5.4, 5.5, 7.3.2 (and new)
6 Planning New heading
6.1 Actions to address risks and opportunities New
6.2 Objectives of the food safety management system and planning to achieve them 5.3 (and new)
6.3 Planning o f changes 5.3 (and new)
7 Support New heading
7.1 Resources 1, 4.1, 6.2, 6.3, 6.4 (and new)
7.2 Competence 6.2, 7.3.2 (and new)
7.3 Awareness 6.2.2
7.4 Communication 5.6, 6.2.2
7.5 Documented in formation 4.2, 5.6.1
8 Operation New heading
8.1 Operational planning and control New
8.2 Prerequisite programmes (PRPs) 7.2
8.3 Traceability system 7.9 (and new)
8.4 Emergency preparedness and response 5.7 (and new)
8.5 Hazard control 7.3, 7.4, 7.5, 7.6, 8.2 (and new)
8.6 Updating the in formation speci fying the PRPs and the hazard control plan 7.7
8.7 Control o f monitoring and measuring 8.3
8.8 Verification related to PRPs and the hazard control plan 7.8, 8.4.2
8.9 Control o f product and process noncon formities 7.10
9 Performance evaluation New heading
9.1 Monitoring, measurement, analysis and evaluation New heading
9.1.1 General New
9.1.2 Analysis and evaluation 8.4.2, 8.4.3
9.2 Internal audit 8.4.1
9.3 Management review 5.8 (and new)
9.3.1 General 5.2, 5.8.1

ISO 22000:2018(E)
Table B.1 (continued)

9.3.2 Management review input 5.8.2 (and new)
9.3.3 Management review output 5.8.1, 5.8.3
10 Improvement New heading
10.1 Noncon formity and corrective action New
10.2 Continual improvement 8.1, 8.5.1
10.3 Update o f the food sa fety management system 8.5.2
Table B.2 — Clause 7: Support
7 Support New heading
7.1 . Resources 6
7.1.1 General 6.1
7.1.2 People 6.2, 6.2.2 (and new)
7.1.3 In frastructure 6.3
7.1.4 Work environment 6.4
7.1.5 Externally developed elements o f the food sa fety management system 1 (and new)
7.1.6 Control o f externally provided processes, products or services 4.1 (and new)
7.2 Competence 6.2.1, 6.2.2, 7.3.2
7.3 Awareness 6.2.2
7.4 Communication 5.6
7.4.1 General 6.2.2 (and new)
7.4.2 External communication 5.6.1
7.4.3 Internal communication 5.6.2
7.5 Documented in formation 4.2
7.5.1 General 4.2.1, 5.6.1
7.5.2 Creating and updating 4.2.2
7.5.3 Control o f documented in formation 4.2.2, 4.2.3 (and new)
Table B.3 — Clause 8: Operation

8 Operation New heading
8.1 Operational planning and control 7.1 (and new)
8.2 Prerequisite programmes (PRPs) 7.2
8.3 Traceability system 7.9 (and new)
8.4 Emergency preparedness and response 5.7
8.4.1 General 5.7
8.4.2 Handling o f emergencies and incidents New
8.5 Hazard control New heading
8.5.1 Preliminary steps to enable hazard analysis 7.3
8.5.1.1 General 7.3.1
8.5.1.2 Characteristics o f raw materials, ingredients and product contact 7.3.3.1
materials
8.5.1.3 Characteristics o f end products 7.3.3.2
8.5.1.4 Intended use 7.3.4

ISO 22000:2018(E)
Table B.3 (continued)

8.5.1.5 Flow diagrams and description o f processes 7.3.5.1
8.5.1.5.1 Preparation o f flow diagrams 7.3.5.1
8.5.1.5.2 On-site confirmation o f flow diagrams 7.3.5.1
8.5.1.5.3 Description o f processes and process environment 7.2.4, 7.3.5.2 (and new)
8.5.2 Hazard analysis 7.4
8.5.2.1 General 7.4.1
8.5.2.2 Hazard identification and determination o f acceptable levels 7.4.2
8.5.2.3 Hazard assessment 7.4.3, 7.6.2 (and new)
8.5.2.4 Selection and categorization o f control measure(s) 7.3.5.2, 7.4.4 (and new)
8.5.3 Validation o f control measure(s) and combination(s) of control measure(s) 8.2
8.5.4 Hazard control plan (HACCP/OPRP plan) New heading
8.5.4.1 General 7.5, 7.6.1
8.5.4.2 Determination o f critical limits and action criteria 7.6.3 (and new)
8.5.4.3 Monitoring systems at CCPs and for OPRPs 7.6.3, 7.6.4 (and new)
8.5.4.4 Actions when critical limits or action criteria are not met 7.6.5
8.5.4.5 Implementation o f the hazard control plan New
8.6 Updating the in formation speci fying the PRPs and the hazard control plan 7.7
8.7 Control o f monitoring and measuring 8.3
8.8 Verification related to PRPs and the hazard control plan New heading
8.8.1 Verification 7.8, 8.4.2
8.8.2 Analysis o f results of verification activities 8.4.3
8.9 Control o f product and process noncon formities 7.10
8.9.1 General 7.10.1, 7.10.2
8.9.2 Corrections 7.10.1
8.9.3 Corrective actions 7.10.2
8.9.4 Handling o f potentially unsa fe products 7.10.3
8.9.4.1 General 7.10.3.1
8.9.4.2 Evaluation for release 7.10.3.2
8.9.4.3 Disposition of nonconforming products 7.10.3.3
8.9.5 Withdrawal/recall 7.10.4

ISO 22000:2018(E)
Bibliography
[1] ISO 9000:2015, Quality management systems — Fundamentals and vocabulary

[2] ISO 9001:2015, Quality management systems — Requirements
[3] ISO 19011, Guidelines for auditing management systems
[4] ISO/TS 22002 (all parts), Prerequisite programmes on food safety
[5] ISO/TS 22003, Food safety management systems — Requirements for bodies providing audit and
certification o f food sa fety management systems
[6] ISO 22005, Traceability in the feed and food chain — General principles and basic requirements for
system design and implementation
[7] ISO Guide 73:2009, Risk management — Vocabulary

[8] CAC/GL 60-2006, Principles for Traceability / Product Tracing as a Tool Within a Food Inspection
and Certification System
[9] CAC/GL 81-2013, Guidance for governments on prioritizing hazards in feed

[10] CAC/RCP 1-1969, General Principles of Food Hygiene
[11] Joint FAO/WHO Food Standards Programme. Codex Alimentarius Commission: Procedural
Manual. Twenty-fi fth edition, 2016
[12] Codex Alimentarius. Available from: http: //www. fao . org/fao -who - codexalimentarius/en/

ISO 2 2 000: 2 01 8(E)
ICS 67.020; 03.100.70

Price based on 3 7 pages
© ISO 2018 – All rights reserved

2 5472403383010722278

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2 5472403383010722278

Uploaded by

Copyright:

Available Formats

INTERNATIONAL ISO

Food safety management systems —

COPYRIGHT PROTECTED DOCUMENT

ii © ISO 2018 – All rights reserved

© ISO 2018 – All rights reserved iii

8.7 Control o f monitoring and measuring ............................................................................................................................. 25

iv © ISO 2018 – All rights reserved

© ISO 2018 – All rights reserved v

vi © ISO 2018 – All rights reserved

© ISO 2018 – All rights reserved vii

Figure 1 — Illustration of the Plan-Do-Check-Act cycle at the two levels

0.3.3 Risk-based thinking

viii © ISO 2018 – All rights reserved

© ISO 2018 – All rights reserved ix

Food safety management systems — Requirements for any

3 Terms and definitions

© ISO 2018 – All rights reserved 1

Note 1 to entry: See also significant food sa fety hazard (3.40 ).

2 © ISO 2018 – All rights reserved

© ISO 2018 – All rights reserved 3

— animal food is intended to be fed to non- food-producing animals, such as pets.

4 © ISO 2018 – All rights reserved

© ISO 2018 – All rights reserved 5

6 © ISO 2018 – All rights reserved

© ISO 2018 – All rights reserved 7

control measures 3.8 ( )

8 © ISO 2018 – All rights reserved

4 Context of the organization

4.1 Understanding the organization and its context

T he o r ga n i z atio n shall ide nti fy, re v i e w a nd up d ate i n fo r m ati o n r e l ate d to the s e e x te r n a l a nd

NO TE 1 I s s ue s c a n i nclude p o s itive a nd ne gative fac to rs o r cond itio n s fo r con s ideratio n .

NO TE 2 Unders ta nd i ng the conte x t c a n b e fac i l itate d b y co n s ider i ng e x ter n a l a nd i nter n a l i s s ue s , i nclud i n g ,

orga n i z ation , whe ther i nter n ation a l , n atio n a l , re gion a l o r lo c a l .

4.2 Understanding the needs and expectations of interested parties

a) the i ntere s te d p a r tie s that are relevant to the F S M S;

b) the releva nt re qu i rements o f the i ntere s te d p ar tie s o f the F S M S .

4.3 Determining the scope of the food safety management system

i n fluence on the fo o d s a fe ty o f its end pro duc ts .

When de term i n i ng th i s s cop e, the organ i z ation sh a l l con s ider:

a) the e xterna l and i nterna l i s s ue s re ferre d to i n 4.1 ;

b) the re qui rements re ferre d to i n 4. 2 .

© ISO 2018 – All rights reserved 9

4.4 Food safety management system

5.1 Leadership and commitment

comp atible with the s trategic d i re c tion o f the orga n i z ation;

c) en s u ri ng that the re s ou rce s ne e de d for the FS M S are ava i lable;

re qui rements relate d to fo o d s a fe ty;

f) d i re c ti ng a nd s upp or ti ng p ers on s to contribute to the e ffe c tivene s s o f the FS M S;

g) promo ti ng conti nua l i mprovement;

are as o f re s p on s ibi l ity.

NO TE Re ference to “ b u s i ne s s ” i n th i s do c u ment c a n b e i nter pre te d bro ad l y to me a n tho s e ac tivitie s th at a re

core to the pu r p o s e s o f the o rga n i z atio n’s e xi s tence .

5.2.1 Establishing the food safety policy

a) i s appropri ate to the pu rp o s e a nd contex t o f the organ i z ation;

d) add re s s e s i nterna l a nd ex terna l com mun ication;

e) i nclude s a com m itment to conti nua l i mprovement o f the F S M S;

f) add re s s e s the ne e d to en s ure comp e tencie s relate d to fo o d s a fe ty.

5.2.2 Communicating the food safety policy

a) b e ava i l able and mai nta i ne d a s do c u mente d i n formation;

10 © ISO 2018 – All rights reserved

c) be available to relevant interested parties, as appropriate.

5.3 Organizational roles, responsibilities and authorities

5.3.2 The food safety team leader shall be responsible for: