CERTIFICATION

PROCESS
-
GENERAL
REQUIREMENTS
Elsabe Matthee
Technical Manager

2021
TODAY’S TOPICS

01. Accreditation Requirements

02. 3-Year Certification Cycle

03. Audit Types

04. Audit Delivery Methods

05. Certificate
PURPOSE

To provide Licensed Partners with a general overview of the accreditation and certification cycle
requirements.

TARGET AUDIENCE:
FSSC Scheme Managers

PRE-READING:
ISO/IEC 17021-1
ISO/TS 22003
FSSC 22000 Part 3
FSSC 22000 Annex 4
FSSC 22000 Annex 9
FSSC Full Remote Audit Addendum
LEARNING OBJECTIVES

• Gain a general understanding of the different accreditation

documents and how it applies to the Scheme.

• Understand the 3-year certification cycle.

• Be able to apply the Scheme requirements to the different Audit

types and resulting certificate.
 01. ACCREDITATION REQUIREMENTS

5
ACCREDITATION REQUIREMENTS

• CBs shall be accredited to ISO/IEC 17021-1: 2015 as well as ISO/TS 22003: 2013.
• The requirements in ISO/IEC 17021-1 applies with specific additional requirements
related to FSMS reflected in ISO/TS 22003: 2013.
• ISO/TS 22003: 2013 especially important in terms of audit duration calculation,
food chain categories (linked to auditor qualification, scope of audit) and specific
objectives.
• IAF Mandatory documents: MD1, 2, 4, 5, 11; also, Informative documents ID 3, 12
• The Accreditation Body shall:
a) Be a current member of the International Accreditation Forum (IAF), and
b) Be a signatory of the IAF Multilateral Recognition Arrangement (MLA) for
FSMS and for QMS in the case of FSSC-Quality.
 02. THE 3-YEAR CERTIFICATION CYCLE

7
3-YEAR CERTIFICATION CYCLE

• FSSC 22000 is a Food Safety Management System Certification that is linked

to a 3-year cycle.
• It results in a certificate with a maximum validity of 3 years.
• Subject to annual surveillance audits – within the calendar year.
• Specific timeline requirements relating to the:
➢ Initial audit,
➢ First surveillance audit, and
➢ Recertification audit.
• Because FSSC 22000 is a GFSI recognized scheme, the annual surveillance
audits are also full audits against the FSSC 22000 requirements.
3-YEAR CERTIFICATION CYCLE
CERTIFICATION PROCESS CYCLE

Important aspects to consider:

• Ability of CB to deliver the work – scope and auditors

• Personnel competency
• Timelines for delivery
 03. AUDIT TYPES

11
 AUDIT TYPES

Audit types linked to the

Other audit types
3-year cycle

• Scope extensions
• Initial audit
• Follow-up audits
• Surveillance audit
• Special audits
• Recertification audit
• Unannounced audits
INITIAL AUDIT

• Stage 1 audit = readiness audit

• Stage 2 = implementation audit

• Maximum timeframe between Stage 1 and Stage 2 = 6 months.

Where timeline exceeded the Stage 1 shall be repeated.

• Stage 1 Audit objectives – refer ISO/TS 22003: 2013 – 9.2.3.1.2.

SURVEILLANCE AUDIT

• First surveillance audit following an initial audit – maximum 12

months from date of certification decision of initial audit. Where
the timeframe is exceeded, results in suspension.

• Subsequent surveillances: at least annually and within the

calendar year or results in suspension.
RECERTIFICATION AUDIT

• Purpose: confirm continued conformity and effectiveness of the FSMS

as a whole and continued applicability for scope of certification.
• Review of previous cycle to determine if additional Stage 1 audit is
needed.
• Schedule with enough time to complete certification activities prior to
expiry of certificate.
• Where CB is unable to complete activities prior to the expiry date,
organization will be without certification. If restored within 6 months,
then keep original certification cycle.
• If certification has expired – at least Stage 2 required, start new cycle.
OTHER AUDIT TYPES
SPECIAL AUDITS – ISO/IEC 17021-1: 9.6.4

Audits at certified organizations that are performed on top of/in addition to the annual surveillance/re-
certification audits.

Never as a replacement of the annual surveillance/recertification audits

• Scope extensions

• Short notice audits

SCOPE EXTENSIONS

• Scope may be extended as part of the annual audit – audit duration might need to be adjusted (#HACCP,
FTE) – upload in portal as part of annual audit pack

• Scope extended at different time than annual audit: additional audit to extend the scope, upload in
portal as special audit.

• Update certificate.
OTHER AUDIT TYPES
SHORT NOTICE AUDIT – ISO/IEC 17021-1: 9.6.4.2
A short notice audit is where a CB must conduct audits at short notice to investigate complaints, or in
response to changes.

FOLLOW-UP AUDIT

• An additional audit to a regular audit for which an extra visit is required when the audit could not be
completed in the planned time and/or the audit plan could not be realized completely.

• As a follow-up is part of a regular audit, it shall be completed within a short time-frame from the main
audit.

• A follow-up audit also includes the on-site close out of nonconformities.

UNANNOUNCED AUDIT
• At least one surveillance audit is undertaken unannounced after the initial certification audit and within
each three (3) year period thereafter.
• The certified organization can voluntarily choose to replace all surveillance audits by unannounced
annual surveillance audits. Recertification audits may be conducted unannounced at the request of the
certified organization.
• The initial certification audit (stage 1 and stage 2) cannot be performed unannounced.
 04. AUDIT DELIVERY METHODS

18
AUDIT DELIVERY METHODS

DIFFERENT AUDIT DELIVERY METHODS:

a) Full on-site audit
• Standard method
• Audits takes place at the premises of the organization
b) ICT Audit Approach
• Requirements in Annex 9 + IAF MD4 ICT shall be
• 2-part audit: remote + on-site component appropriate to
ensure robust
• To be completed within 30 calendar days
audit
• Specific requirements in case of serious event
c) Full Remote Audit
• Only applicable in case of serious event and site cannot be accessed
• Not GFSI approved currently
• Coincide with production
 05. CERTIFICATE

20
THE CERTIFICATE

The certificate is linked to the 3-year cycle.

General principles:
• The initial certification decision date is the starting point
of the certificate and remains unchanged if the certified
organization is linked to the CB,
• The valid until date is calculated from the initial
certification decision date + 3 years – 1 day,
• Subsequent cycles link back to the original certification
cycle,
• Annex 4: Certificate templates. Correspond with the
information in the Portal and public register and be
uploaded within maximum 2 months of last day of
audit.
THANK
YOU

@FSSC22000 info@fssc22000.com

FSSC22000 +31 (0)183 64 50 28