Part 1 in our 5-part series:
Audits are not only an integral part of food manufacturing, transporting, distribution, and warehousing – they are inevitable. As any Quality Manager or Sanitarian can attest, it’s a way of life for food safety. Understanding not only how each audit is classified but the four major kinds can help keep your business ready for having one.
Food Safety audits can be classified in three ways based on the auditor/auditee relationship. Some are designed to verify a company’s proactive plans and practices. Some focus on the supply chain and distribution cycle to ensure that imports or inbounds are inspected and those inspections are validated to mitigate risks. And some oversee the entire Food Safety Plan that a location has in place. There are others, such as customer audits that focus on quality standards, but most fit within one of these three categories. All are designed to make sure your hazard analysis, preventive control program with cGMPs, validation system, evaluation program, and verification with corrective actions are in place to mitigate any risk a process could pose.
In order for a facility to be “always audit ready,” there are 4 levels of audits, based on who is performing the audit. They are all important to ensure the food safety system, including pest prevention, is working well:
Internal Audit: This is a self-assessment, a way to internally verify that the cGMPs and preventive controls are in place, being verified, and remain consistent. It’s also a time to reassure that management buy-in is still supporting Sanitarian and QA Manager responsibilities, including financially. Preventive practices should reflect business objectives, and this audit is performed to measure an organization’s strengths and weaknesses against its own Food Safety Plan. They also ensure external standards adopted by (voluntary) or imposed on (mandatory) the organization are being followed. Conformity gaps found in this audit bring to light where resources may be needed for quality control. This will allow you to institute corrective actions wherever needed before second- or third-party audits occur. Don’t forget to document those findings and corrective actions and incorporate them into the Food Safety Plan. Read more about Internal Audits and how to perform one here.
Second Party Audit: Also known as a proprietary audit or customer audit, this is when a primary organization evaluates the performance of a supplier or contractor. A second-party audit is an external audit performed on a supplier by a customer or by a contracted organization on behalf of a customer. While an Internal Audit’s purpose is to make sure your own Food Safety standards are being followed, a Second Party Audit is there to prove to your customers that you’re following their standards, both in food safety and food quality. Under FSMA, part of these audits include ensuring your Food Safety Plan meets the requirements of the Supplier Verification system of their Food Safety Plan. So, integrating the food safety standards is now more important than it might have been 10 years ago. Failing this audit could lose you customers. If they think your plant’s standards are subpar, they could go elsewhere.
Third Party Audit: Independent auditors from outside the organizations are often hired to conduct audits based on a pre-determined food safety schematic. These audits stress test the Food Safety Plan, often for purposes of certification. A third-party audit occurs when a company has decided they want to create a quality management system (QMS) that conforms to a standard set of requirements, known as a schematic. This begins with a food manufacturing, distribution, or warehousing company hiring an independent auditing company to consult, train, and perform an audit to verify that the company has succeeded in meeting these standards. In some schematics, the auditor, training professional, and consultant must be 3 different independent parties. It can be complicated. Still, these audits are a critical part of doing business. Not only could major non-conformities damage your relationship with your current customers, it could hinder you getting more of them and you won’t get the certification you sought.
Regulatory Audits: All of the previous audits focus on safety and quality for customer-supplier interactions. However, there is another purpose of audits: to ensure compliance with regulatory requirements. Food manufacturing, distribution, and warehousing is one of the most regulated industries in the U.S. Under FSMA, the FDA has more sweeping authority to ensure food safety inside registered food facilities than it ever had before. With some food types (e.g. meat/dairy), the USDA might also conduct inspections. The consequences of these audits and inspections are critical as they can publish warning letters that are public, stop production, pull registrations, or otherwise seriously hinder a business. When Internal Audits, Secondary/Customer Audits, and Third-Party Audits are in place, facilities are much more likely to “always be audit read” and therefore pass Regulatory Audits as well.
The more you know about the regulations and standards in your industry, the more likely that you’ll be audit ready. Being proactive and ensuring your pre-requisite programs such as Sanitation and Pest Prevention are in place is not only good for audits, it’s good for business. Make sure the companies you use as suppliers are also Food-Safety focused as well. Having a non-compliant supplier company puts your operation at risk, and auditing is one way you can ensure your Supplier Verification is protecting your brand. Carefully and accurately kept logbooks are more important than ever, too. Documentation is shot through the entire food safety system in today’s production environment. Not only do your standards and procedures matter, but so do the companies’ you’re trusting to enter your plant. The companies you use to supply materials or offer services should be able to support your Food Safety initiatives. It will show in your audit systems.