KTL Senior Associate April Greene, CSP, CHMM, was recently invited to join the Board of Directors for Keep Northern Illinois Beautiful (KNIB), an affiliate of Keep America Beautiful. KNIB is an environmental resource center that aims to inspire and educate citizens to take action to improve and beautify their community and environment through waste reduction, recycling, and resource conservation.

A resident of Northern Illinois, April brings over 10 years of environmental, health, and safety (EHS), quality, and food safety experience to her KNIB Board position. She has created corporate programs, plans, policies, and procedures to ensure compliance with regulatory and sustainability requirements, as well as a company Zero Landfill Policy by finding creative and innovative solutions for end-of-life material through lifecycle analysis.

As part of the KNIB Board, April is joining a positive force for environmental stewardship and promoting KNIB’s mission to improve the environment through education, public awareness, and community involvement.

Supplier audits play a critical role in protecting food product safety and quality, regulatory compliance, and consumer trust. As food companies continue to expand their networks of co-manufacturers, ingredient suppliers, and packaging partners, the ability to identify and address systemic weaknesses has never been more important.

Turning Risks into Opportunities

KTL conducts second-party supplier audits across the food supply chain to assess compliance with Food and Drug Administration (FDA), U.S. Department of Agriculture (USDA), and Global Food Safety Initiative (GFSI) standard requirements. These audits have revealed a familiar pattern of vulnerabilities that can pose significant risks if left uncorrected or opportunities to strengthen food safety programs if addressed.

The findings below represent some of the most common nonconformances KTL routinely observes when conducting supplier audits across the food industry and recommendations for how to mitigate them.

FDA/USDA Findings

• Insufficient cleaning and quality inspection before area/equipment release. This is generally a result of sanitation procedures not being consistently followed, documented, or effective and/or pre‑operational (pre-op) inspections not being thoroughly performed. This gap increases the risk of cross‑contamination, introduction of foreign material, and microbial hazards. Recommendations:
  • Implement validated cleaning procedures with defined steps, tools, and chemicals.
  • Use ATP swabbing or microbiological verification before releasing equipment.
  • Conduct pre‑op inspections using standardized checklists.
  • Train sanitation teams and supervisors on verification processes and expectations.
• Noncompliance with personnel Good Manufacturing Practices (GMP) requirements. Employees may not be consistently following hygiene requirements, such as handwashing, proper gowning, restricted jewelry, or safe food handling behavior. Recommendations:
  • Provide routine GMP training and refresher sessions.
  • Conduct daily GMP walk‑throughs with related coaching, as needed.
  • Improve signage and visual cues in production areas (e.g., handwashing signs in bathrooms, color coding).
• Inadequate process validation. Process validation helps ensure that critical steps (e.g., cooking, cooling, packaging) consistently deliver the intended food safety outcome. Inadequacies suggest missing scientific data or incomplete validation records. Recommendations:
  • Validate all critical control points (CCPs) using scientific studies or in‑plant data.
  • Document process parameters (e.g., time, temperature, pressure) clearly.
  • Revalidate after equipment changes, formulation changes, or facility modifications.
• Improper handling and storage of materials. Improper material handling (e.g., incorrect temperatures, poor first-in-first-out (FIFO)/first-expired-first out (FEFO) rotation, or exposure to contaminants) can degrade product quality or safety. Recommendations:
  • Enforce FIFO/FEFO inventory practices.
  • Maintain temperature logs for refrigerated/frozen storage.
  • Segregate allergens and chemicals to prevent cross‑contact or contamination.
  • Train warehouse and production teams on handling and storage requirements.

GFSI Findings

• Noncompliance with visitor requirements. Visitors may not be following necessary GMP or biosecurity protocols (e.g., sign‑in, health questionnaires, protective clothing) or the facility may not be properly enforcing procedures, increasing the risk of foreign contamination. Recommendations:
  • Establish a formal Visitor Policy with mandatory orientation.
  • Provide required personal protective equipment (PPE) to visitors and escort them throughout the facility.
  • Maintain accurate visitor logs and health screening records.
• Poor facility maintenance and cleaning. Maintenance deficiencies (e.g., damaged floors, standing water, or buildup in hard‑to‑clean areas) can create harborage points for pests or pathogens. Recommendations:
  • Create a Preventive Maintenance (PM) Program with documented schedules.
  • Address structural issues promptly (e.g., cracked tiles, peeling paint).
  • Perform routine deep cleaning of facility infrastructure.
• Lack of verification of corrective actions taken. This indicates that corrective actions are being implemented; however, no follow‑up verification is occurring to ensure the issue is effectively resolved. This can lead to recurring nonconformances.Recommendations:
  • Require verification (i.e., inspection, testing, documentation) after every corrective action.
  • Track corrective actions to closure and monitor for recurrence trends.
  • Use root cause analysis tools (e.g., 5‑Why, Fishbone) to address systemic issues.
• Poor environmental monitoring. The Environmental Monitoring Program (EMP) may be missing, outdated, or insufficient. Weak EMPs fail to detect pathogens like Listeria or Salmonella in time to prevent contamination. Recommendations:
  • Design a robust EMP with Zone 1–4 sampling.
  • Perform routine microbiological testing and trend analysis.
  • Investigate any positive results with immediate containment and vector sampling.
• Lack of pest control mitigation when issues arise. Pest activity is being detected, but corrective measures are not timely or effective in mitigating pest concerns. This can jeopardize both food safety and regulatory compliance. Recommendations:
  • Partner with a licensed pest control operator (PCO) to conduct routine inspections.
  • Implement corrective action steps immediately after any pest activity; track corrective actions to closure.
  • Seal facility gaps, maintain landscaping, and eliminate pest attractants (e.g., standing water, waste).
  • Trend pest control data to identify patterns.

Leveraging Internal Audits

While many of the findings listed above are common, they are also highly preventable if organizations know what to look for. Supplier audits remain one of the most powerful tools for uncovering these weaknesses before they escalate into safety or compliance failures that present significant risk. Beyond compliance, leveraging audit results can help organizations make decisions and require supplier improvements that strengthen brand reputation, reduce operational risk, and create a culture where food safety is embedded in every decision and behavior.

Effectively managing supplier data, documents and records, and performance across a large supplier network requires consistent processes and data management practices to effectively verify food safety compliance and mitigate associated risks. Integrating standardized tools and information management solutions can significantly improve supplier program efficiency and streamline supplier management.

Supplier Management System

KTL’s Supplier Management System comprises custom tools built using Microsoft 365 and the Power Platform to streamline how an organization approves and manages suppliers, help control costs and reduce risk, and support compliance with internal requirements and regulations (e.g., Food Safety Modernization Act (FSMA) Foreign Supplier Verification Program (FSVP) Rule).

The Supplier Management System comprises the following:

• Centralized Supplier Inventory: Maintains a centralized list of all suppliers the organization works with. This includes key details such as contact information, supplied products or services, certifications, supplier-specific requirements, compliance status, performance history, and facility‑specific requirements.
• Supplier Risk Assessment: Evaluates potential and existing suppliers by identifying and analyzing factors that could introduce risk into the supply chain. It examines elements such as compliance status, performance history, documentation quality, and contract adherence. The tool captures any identified risks and helps ensure they are documented, monitored, and addressed as part of an ongoing Supplier Management Program.
• Supplier Documents and Records Management: Provides secure and centralized storage and organization of supplier documents and records. When enabled, suppliers can upload their own documents in a secure folder, reducing internal resource requirements. This tool allows for improved document searchability and accessibility, a clear audit trail, and reduced paperwork.
• Supplier Approval Workflow: Supports a structured, standardized process for both the initial approval and ongoing re-evaluation of suppliers to ensure continued compliance with organizational, regulatory, and performance requirements. This feature uses a standard checklist to review certifications, licenses, risk indicators, and performance history to consistently evaluate suppliers. Through a repeatable process, organizations can reassess supplier performance over time, confirm ongoing compliance, and identify emerging risks or gaps that may require corrective action or follow-up.

Together, these features provide a comprehensive approach to supplier management that improves visibility, consistency, and accountability regarding supplier performance. Implementing a robust Supplier Management System like this can significantly help organizations strengthen supplier relationships, reduce operational and compliance risk, and maintain confidence in their supply chain, particularly when paired with regular supplier audits.

Connecting Supplier Audits

As food companies continue to expand their networks of co-manufacturers, ingredient suppliers, and packaging partners, the ability to identify and address systemic weaknesses has never been more important. Onsite supplier audits are a critical component of an effective Supplier Program, providing direct visibility into supplier operations; verifying compliance with organizational, regulatory, and contractual requirements; and protecting food product safety and quality.

KTL’s Microsoft 365-based Audit Tool provides a consistent, data-driven means to conduct, document, and manage onsite supplier audits. The tool allows auditors to capture and verify audit evidence (i.e., compliance status, operational practices), standardizes audit protocol and criteria, and tracks audit progress from initiation through completion. It also monitors identified corrective and preventive actions (CAPAs) for each supplier, allowing organizations to quickly assess resolution status and trends.

Centralizing audit data and insights as part of the overall Supplier Program helps inform decision-making regarding suppliers, strengthen supplier performance, maintain ongoing compliance, and drive continuous improvement.

Learn More at the Food Safety Summit

Join KTL at the 2026 Food Safety Summit in the Tech Tent on May 14 at 10:30 a.m. to learn more about the various tools that can improve Supplier Program efficiency and streamline supplier management, including:

• The value of onsite second-party supplier audits.
• Common supplier audit findings and how to address them.
• How supplier auditing tools streamline audit management.
• Ways to centralize and analyze supplier audit data.
• How data-driven tools improve supplier risk prioritization and program efficiency.

Join KTL at one of the premier events in the food industry–the 2026 Food Safety Summit. The Summit offers a unique opportunity for attendees to learn real-world solutions from leaders in food safety and stay informed on the latest food safety trends, innovations, emerging challenges, and more.

• When: May 11-14, 2026
• Where: Donald Stephens Convention Center, Rosemont, Illinois
• Who: Retailers, food processors, distributors, food manufacturers, growers, food service, testing laboratories, importing/exporting, law firms, and other food safety professionals
• Find KTL: Stop by our booth (#501) in the exhibit hall or attend our Tech Tent presentation (details below)!

Tech Tent Presentation

Be sure to update your agenda to attend KTL’s Tech Tent presentation on Thursday, May 14 at 10:45 am CT:

Supplier Audits: Strategies and Tools for Better Results

A wider reaching and more complex global supply chain exposes our food to increased risks. Supplier audits are essential for identifying and mitigating those risks. Managing audit data, corrective actions, and supplier performance across a large supplier network requires standardized processes and data management tools to effectively verify food safety compliance.

This presentation will highlight strategies for strengthening supplier programs, reducing risks, and improving performance using supplier audits and centralized data management systems.

Attendees will learn:

• How data-driven tools improve supplier risk prioritization and program efficiency.
• The value of onsite second-party supplier audits.
• Common supplier audit findings and how to address them.
• How supplier auditing tools streamline audit management.
• Ways to centralize and analyze supplier audit data.

ISO 14001 is the international standard for Environmental Management Systems (EMS). It serves as a management tool for voluntary use by organizations to help improve environmental performance and minimize environmental risks following a plan-do-check-act (PDCA) approach. ISO 14001 was first published in 1996 by the International Standard for Organization. It has since been updated with revised versions in 2004 and 2015. The recent ISO 14001:2026 revision—published in April 2026—marks the first major update to the ISO 14001 standard since 2015.

Impetus for Change

The global sustainability landscape has shifted significantly since ISO 14001:2015 was published, prompting the 2026 updates. Organizations face more stringent regulatory requirements; greater supply chain scrutiny; and heightened demand for environmental, social, and governance (ESG) transparency and accountability. The ISO 14001:2026 updates refine, strengthen, and modernize EMS requirements to align the standard with growing environmental and sustainability pressures and increasing stakeholder expectations.

In addition, ISO 14001:2026 implements the Harmonized Structure (Annex SL) to align with other ISO management system standards. This standard structure allows for easier integration between management systems and improved efficiencies due to familiar terminology and sections. The standard also now includes at what point in the PDCA cycle each clause lands. While this isn’t new for ISO, it is new for ISO 14001:2026.

Major Clause‑Level Changes

The ISO 14001:2026 revision incorporates changes to enhance climate awareness, lifecycle responsibility, supplier oversight, and leadership accountability. The table below outlines the major clause-level changes in the revised standard.

In addition to the major clause changes outlined above, the updated standard:

• Encourages the use of digital tools and data analytics to improve environmental performance and evidence‑based decision‑making.
• Introduces clearer, more accessible wording, as well as improved examples and explanations in Annex A.
• Embeds stronger expectations for integrity, transparency, and environmental governance at the leadership level.­

Transition Timeline: How to Prepare

Organizations will have a three‑year transition period to switch to the new standard. Taking the time to adapt and integrate the new provisions into their operations now will help ensure certification when the transition period is over:

• Get informed! Start reading up on ISO 14001:2026 to get familiar with how the new standard is structured and how the clause changes impact your organization.
• Conduct a gap assessment to identify gaps in your existing EMS that will need to be addressed to meet new requirements. If you don’t have an existing EMS, review the requirements and determine what pieces you may already have in place to pursue certification.
• Develop an implementation plan that integrates leadership accountability, new change management processes, expanded documentation expectations, and more rigorous climate and biodiversity integration. There is a three-year transition period. Plan according to this timeline.
• Provide training. It is vital to ensure that workers and management are engaged in the EMS and that they are competent in any new skills/responsibilities that may be required.
• Put your plan into action. Update/develop your EMS to meet the ISO 14001:2026 requirements and provide verification of its effectiveness to help ensure certification when the three-year transition period is over.

Building a compliance management system doesn’t have to be complicated or expensive, especially when most companies already have the software they need at their fingertips. With the right strategy and expertise, Microsoft (MS) 365 and the Power Platform can be configured into a dynamic compliance management system that collects and centralizes data, streamlines processes, and strengthens compliance performance.

Here are KTL’s top 10 tips to guide the development of a robust compliance management system that scales with your organization’s needs:

1. Understand the software you have. If you use Outlook, Word, Excel, or SharePoint, that means your organization is already operating on MS 365. These tools already provide a strong foundation for building a compliance management system. The Power Platform (e.g., Power Apps, Power Automate, Power BI) further extends MS 365 with tools to create custom applications, workflows, and dashboards.
2. Leverage existing licenses to control costs. Off-the-shelf compliance management systems can be expensive. Developing compliance tools inside your existing MS 365 tenant minimizes costs by using infrastructure and licenses you already own. This also increases user adoption, because the platform is familiar.
3. Start with a clear plan. Structured planning helps capture current processes, identify gaps, and define priorities for development.Set priorities based on compliance risk, desired business improvements, ease of implementation, and overall value.
4. Understand your regulatory requirements. Before building any system components, invest time in understanding all relevant regulations and standards. This ensures the platform aligns with actual needs rather than assumptions, reducing rework later in the process.
5. Clearly define roles and responsibilities. A strong compliance management system depends on clear ownership. Define who is responsible for data inputs, reviews, decision making, and maintenance. Leveraging cross-functional teams helps ensure visibility and operational alignment across the organization.
6. Design with scalability in mind. Small wins can encourage early adoption (e.g., creating a SharePoint document library or converting a paper checklist into a digital form using Power Apps). Plan your system so it can grow over time. Design should allow for efficient scale-up.
7. Incorporate existing processes and tools. Evaluate your current systems, tools, and workflows. Incorporating what already works helps reduce redundancy, minimize training needs, and encourage adoption of the new system. Consider where new or existing data sources can be integrated for a more complete compliance picture.
8. Move at a pace that fits your resources. Develop the system in phases aligned with your budget, staffing, and operational priorities. Incremental development allows teams to learn, adapt, and refine processes without overwhelming them.
9. Integrate AI to enhance efficiency and insight. Modern AI tools, like MS Copilot, can help streamline compliance tasks by automatically summarizing documents, extracting key information, identifying trends, and assisting with data entry.
10. Leverage trends and continuous improvement. Use the data your system generates to drive ongoing operational and compliance improvements. Trends and analytics reveal opportunities, highlight recurring issues, and support more informed decision-making, which ultimately strengthens your compliance program over time.

MS 365 is more than email and file storage. It is a powerful, adaptable platform that can be used to manage compliance obligations, from document control and data entry to inspections, workflows, compliance task management, and reporting. By leveraging the tools your organization already has, you can create cost-effective, customized compliance solutions that improve performance, streamline processes, and foster long-term compliance.

On January 1, 2026, the Environmental Protection Agency’s (EPA) Subsection (h) regulations mandated automatic leak detection systems (ALDS) for commercial and industrial refrigeration equipment with charges > 1,500 lbs. Compliance deadlines are January 1, 2026 for new equipment and January 1, 2027 for existing equipment. 

Additionally, a new threshold for refrigerant management is effective January 1, 2026. Systems containing ≥15 lbs. of hydrofluorocarbon (HFC) refrigerant or substitutes with global warming potential (GWP) > 53 must comply with: 

• Leak rate calculations and monitoring.
• 30-day repair timelines when leaks exceed thresholds. 
• Chronic leak reporting to the EPA.
• 3-year recordkeeping requirements. 
• Reclaimed refrigerant tracking and documentation. 

Producers, importers, and exporters of Class I (chlorofluorocarbons – CFCs) and Class II (hydrochlorofluorocarbons – HCFC) ozone-depleting substances must submit reporting forms to EPA through the Central Data Exchange (CDX). The first submittal is due March 31, 2026 for calendar year 2025. 

The Environmental Protection Agency’s (EPA) Multi-Sector General Permit (MSGP) is a cornerstone of Clean Water Act (CWA) implementation for industrial facilities. The MSGP regulates stormwater discharges associated with approximately 29 industrial sectors, setting specific requirements to protect water quality.

EPA must reissue a new MSGP every five years. The current 2021 permit recently expired on February 28, 2026. And while the 2026 MSGP has not been finalized or approved, the proposed updates focus on expanded monitoring, more stringent corrective action requirements, per- and polyfluoroalkyl substances (PFAS) tracking, and climate-resilient design expectations.

Regulatory Framework Behind the MSGP

Industrial stormwater permitting stems from the 1987 amendments to the CWA, which directed EPA to require National Pollutant Discharge Elimination System (NPDES) permits for stormwater discharges associated with industrial activity and that those discharges meet Water Quality Standards (WQS) under Section 402(p). In 1990, EPA subsequently defined the scope of “industrial activity” in 40 CFR 122.26(b)(14) and identified 11 categories of facilities.

The first MSGP was finalized in 1995, authorizing stormwater discharges for eligible operators in 29 sectors and establishing specific requirements to protect water quality. The permit applies to roughly 2,000 facilities nationwide in a wide range of industries. The MSGP does not cover construction stormwater (except at mines), discharges from non‑industrial portions of facilities, wastewater discharges, or non‑point source discharges.

To obtain MSGP coverage, operators in applicable industries must:

• Meet eligibility requirements (e.g., National Historic Preservation Act and Endangered Species Act requirements).
• Develop or update a Stormwater Pollution Prevention Plan (SWPPP).
• Submit a Notice of Intent (NOI).
• Comply with state or tribal water‑quality‑based requirements.
• Conduct inspections and monitoring, implement control measures, and complete corrective actions when necessary.

Key Proposed Changes

EPA’s proposed 2026 MSGP introduces several substantial updates aimed at improving water quality protection, strengthening accountability, and incorporating emerging environmental concerns.

1. Additional Implementation Measures (AIMs). AIMs are mandatory, tiered, and increasingly stringent responses triggered when industrial strormwater discharges exceed benchmarked thresholds. EPA is proposing more rigorous and time‑bound reporting for AIM‑triggering events (i.e., benchmark exceedances), shifting AIM from annual summary reporting to real‑time accountability. Under the new MSGP:
   • Operators must submit an AIM Triggering Event Report within 14 days, describing planned corrective actions and anticipated completion dates.
   • A follow‑up report is required within 14 days of completing corrective actions.
   • Facilities triggering AIM Level 1 must conduct and document an inspection within seven days to identify pollutant sources, submit findings electronically, and update their SWPPP.
2. AIM Natural Background Exception. EPA is further proposing to require operators to submit analytical results from uncontaminated stormwater to support claims that benchmark exceedances are due solely to natural background levels. EPA approval would be required before the exception is granted.
3. Benchmark Monitoring: New Schedule. The 2026 MSGP would replace the “Years 1 and 4” monitoring schedule with quarterly monitoring for the first three years. After twelve samples, operators may discontinue monitoring for a parameter if the annual average remains below benchmark thresholds. This approach will increase data resolution and reduce the risk of missing intermittent exceedances.
4. Benchmark Requirements: New Sectors. Also related to benchmarking, EPA is proposing to shift 11 subsectors that showed frequent exceedances based on 2021 MSGP data from indicator‑only monitoring to benchmark monitoring and AIM applicability. These subsectors include glass and stone products, meat and dairy, oil and gas extraction, plastics, landfills, transportation equipment, recycling, steam electric generation, non‑classified facilities, land transportation, and shipbuilding.
5. Impaired Waters Monitoring Expansion. EPA is proposing significantly more stringent monitoring requirements for impaired waters, marking a major shift toward proactive protection of impaired waterbodies.
   • All discharges to impaired waters—with or without an established Total Maximum Daily Load (TMDL)—would require quarterly monitoring for the entire permit term.
   • If pollutants of concern are detected, operators must take AIM Level 1 actions and implement all reasonable steps to prevent further discharge.
6. Resilient Stormwater Control Design. EPA is proposing to require operators to consider future climate conditions (e.g., extreme precipitation, flooding, and storm surge) when designing or upgrading stormwater controls, reflecting increasing climate‑related risks to industrial infrastructure.
7. PFAS Indicator Monitoring. For the first time, EPA is proposing to require quarterly “report‑only” monitoring for 40 PFAS compounds (as listed in EPA Method 1633) for numerous sectors, supporting growing national concern over PFAS contamination.
8. Clarified Water Quality‑Based Effluent Limits. EPA is proposing to specify water‑quality‑based effluent limitations, clarifying that discharges must not cause visible solids, scum, sheen, foam, discoloration, or odor. These clarifications reinforce longstanding CWA requirements while improving enforceability.

What’s Next

The EPA did not issue the new permit before the 2021 MSGP expired on February 28, 2026; therefore, until the new 2026 permit is finalized, the 2021 MSGP remains administratively continued for existing facilities. 

As proposed, the 2026 MSGP includes some of the most significant updates to industrial stormwater permitting in a decade, incorporating expanded monitoring, more stringent corrective action requirements, PFAS tracking, and climate‑resilient design expectations.

For industrial operators in impacted industry sectors, the changes will require earlier planning, more frequent sampling, and closer attention to stormwater control performance. Facilities should begin reviewing their SWPPPs, historical monitoring data, and potential PFAS sources to prepare for the transition once the final 2026 MSGP is issued.

Food Safety System Certification (FSSC) 22000 is a robust Global Food Safety Initiative (GFSI)-recognized food safety certification scheme based on ISO 22000 that is applicable across the food chain (i.e., food/feed manufacturing, packaging production, transport, and storage). FSSC 22000 comprises three elements:

• ISO 22000 International Standard (2018) – Specifies requirements for a food safety management system (FSMS) in alignment with the ISO Harmonized Structure.
• Sector-Specific Technical Specifications (TS) (2025) – Requires organizations to establish Prerequisite Programs (PRPs) for specific sectors:
  • ISO/TS 22002-1: Food Manufacturing
  • ISO/TS 22002-2: Catering
  • ISO/TS 22002-3: Farming
  • ISO 220002-4: Food Packaging
  • ISO/TS 22002-5: Transport and Storage
  • ISO/TS 220002-6: Feed and Animal Food Production
  • ISO/TS 220002-100: Common/General Requirements 
• FSSC 22000 Scheme Additional Requirements (2024) – Provides comprehensive additional requirements that build on ISO 22000 and sector-specific PRPs.

In early May 2026, Foundation FSSC anticipates publishing Version 7 (V7) of the FSSC 22000 Scheme Additional Requirements. Certified organizations will have a 12-month transition period to allow for effective implementation of the new version once it is published. Until V7 is released, FSSC 22000 V6 remains valid and will continue to reference the existing ISO/TS 22002-X series.

Key Updates

The updates to FSSC 22000 V7 are intended to better align the scheme with global requirements, improve clarity, and make food safety management more practical. Anticipated key changes include the following:

1. Integrate with Updated ISO/TS 22002-x:2025 Series. FSSC 22000 V7 will incorporate the newly updated ISO/TS 22002-x:2025 series to ensure the FSSC scheme aligns with the most current global expectations for PRP implementation across food chain sectors. This includes a focus on taking a science-based approach to sanitation, hygiene, contamination prevention, and risk management.
2. Align with GFSI Benchmarking Requirements. Aligning FSSC 22000 V7 with the latest GFSI benchmarking criteria will help to ensure FSSC certifications remain relevant and accepted across the global supply chain.
3. Support United Nations Sustainable Development Goals (SDGs). FSSC 22000 V7’s strengthened requirements related to SDGs reflect growing industry-wide expectations related to sustainability, environmental responsibility, and social impacts. The scheme’s enhanced guidance is intended to help support organizations in their efforts to contribute to SDGs through responsible sourcing, reduced environmental impacts, and improved social responsibility.
4. Create Clearer Food Chain Categories. FSSC V7 will implement a more defined and transparent structure for categorizing activities within the food chain to help organizations better understand which requirements apply to them, allow for more targeted implementation of food safety controls, and promote better compliance.
5. Promote Continuous Improvement. Planned editorial updates will improve clarity and usability for certified organizations to make the FSMS more practical and easier to implement.

Planning for Change

For companies that are currently certified FSSC 22000 V6, now is the ideal time to assess current FSSC 22000 program elements, identify improvements that are internally desirable and required by the new standard, and implement those updates that will make the FSSC 22000 program more useful to the business and compliant with V7. This can be done through a series of phases to ensure adoption throughout the organization.

Phase 1: FSSC 22000 Assessment

An assessment should begin by reviewing the following:

• Existing FSSC 22000 programs, processes, procedures, forms, and records.
• Existing document management systems and document registers.
• Employee training tools and programs.

This documentation review and program assessment will help to identify elements of the existing FSSC 22000 program that are acceptable, those that show opportunities for improvement, and those that may be missing, including those needed for development and implementation to meet the requirements of FSSC 22000 V7.

Phase 2: FSSC 22000 Program Updates

The assessment will inform a plan for updating the FSSC 22000 certification program, including major activities, key milestones, and expected outcomes. Development/update activities included on the plan may include the following:

• Developing new or updating current FSSC 22000 programs, processes, and procedures with V7 requirements, including new procedures and PRPs to align with the ISO/TS 22002-x:2025 series.
• Updating training programs with any new and additional requirements.
• Revising document register to align with FSSC 22000 V7 numbering changes.
• Updating records and forms with any new and additional requirements.

When implementing program updates, leveraging existing management system and certification program elements and utilizing proven approaches can greatly streamline the process.

Phase 3: Training

To ensure staff are prepared to implement and sustain the updated FSSC 22000 V7 program, training is important. This includes training for affected staff on applicable requirements; specific plans, procedures, and PRPs developed to achieve compliance; and the certification roadmap to prepare for future audits.

Following this plan now will help companies ensure they maintain their FSSC 22000 certification when audits begin under FSSC 22000 V7 to demonstrate their commitment to meeting customer and regulatory requirements, protecting the company brand, and keeping consumers safe.

A wider reaching global supply chain exposes the products we consume—and those companies within the supply chain—to increased risk. A robust Supplier Management Program that leverages software, standardized tools, and data management practices can help organizations to more effectively audit, monitor, and manage supplier performance and program implementation and help ensure high-quality, safe, and consistent products.

We recently sat down with KTL’s Power Platform Team to talk about how organizations can leverage Microsoft 365 and the Power Platform to effectively manage supplier data and performance to improve overall operations. 

Q: What does a Supplier Management System do? What capabilities does it have?

Supplier management is about keeping vendors and suppliers organized and ensuring they meet organizational (i.e., internal), regulatory, and applicable third-party certification expectations. Supplier management may include supplier selection and approval, qualification review, contract negotiation, periodic evaluations, and documentation and records management.

KTL’s Supplier Management System is a custom tool built using Microsoft 365 and the Power Platform that streamlines how an organization approves and manages suppliers, helps control costs and reduce risk, and supports compliance with internal requirements and regulations (e.g., Food Safety Modernization Act (FSMA) Foreign Supplier Verification Program (FSVP) Rule).

KTL’s Supplier Management Systems:

• Provide a checklist to ensure all vendors and suppliers meet required criteria (e.g., certifications, licenses, performance history).
• Manage vendor and supplier-specific requirements.
• Store and organize supplier documents and records; suppliers can upload their own documents in a secure folder (if external user access is allowed).
• Enable facilities to conduct and manage supplier evaluations.
• Provide verification procedures that close out evaluations and generate PDF reports.
• Send email notifications of supplier-related compliance deadlines.

Q: What is KTL’s approach for designing and implementing a Supplier Management System? How do you work with clients?

We design every Supplier Management System with ease of use, compliance risk, and operational impact in mind, while being mindful of the organization’s pace and budget tolerance. We understand that every company works a little differently; as such, it is important that any Supplier Management System we design reflects how the organization operates in practice. Our goal is to create a system that fits the organization, fosters user adoption once implemented, and avoids the rigidity of one‑size‑fits‑all software.

KTL’s approach to building a Supplier Management System generally follows three main phases:

• Planning: Our first step is to get a complete understanding of how the organization currently manages suppliers. We meet with key stakeholders to understand what’s working, what’s not, and what’s required to develop a robust Supplier Management System that meets organizational and compliance needs. Our team evaluates existing systems (if developed) and related processes, documents, and tools to identify gaps, understand needs, and establish priorities. Based on our initial assessment and evaluation, we work with the client to create a clear, customized roadmap for a Supplier Management System that will work within the context of the organization.
• Development, Review, and Rework: Based on the priorities identified in the planning stage, our team establishes development milestones and timelines. We then begin building the system in stages, reviewing each milestone with the client as it is completed. This helps to ensure the Supplier Management System meets defined requirements, functions as desired, effectively supports supplier processes, and delivers organizational value every step along the way (e.g., improved efficiency, reduced risks, and enhanced compliance).
• Turnover and Continued Support: Once KTL completes the development phase, we work closely with the client to coordinate the launch date and provide training to staff who will be using the system regularly to ensure they are comfortable with its functionality. We can also provide advanced user training to create internal “power users”, if desired. Importantly, our team remains available post-launch to provide ongoing support and to implement adjustments based on real‑world use. We are always available to expand the scope of development based on changing organizational needs to ensure the Supplier Management System remains a valuable tool.

Q: What are some of the most common integration challenges associated with a Supplier Management System and how do you address them?

For many companies, the biggest challenge is simply recognizing they need to develop, upgrade, or integrate a more robust Supplier Management System to meet organizational needs. Once that initial decision is made and development begins, there are several common integration challenges we encounter in the development process:

• For many companies, the biggest challenge is simply recognizing they need to develop, upgrade, or integrate a more robust Supplier Management System to meet organizational needs. Once that initial decision is made and development begins, there are several common integration challenges we encounter in the development process:
• Fragmented Inputs: The most common issue involves working with existing systems, data, and processes that are messy and don’t always align across the organization. This might include different teams in the same company using different, custom-built tools—none of which communicate with each other. These fragmented inputs create challenges figuring out how to combine various data sources and generate consolidated reports.  KTL’s data management professionals help evaluate these systems and processes to ensure they can be streamlined and integrated into a Supplier Management System.
• Document and Evidence Management: Supplier Management Systems need to document, maintain, and store evidence of compliance. We find that many organizations do not have a common system for this documentation; rather, this evidence tends to “live” in different repositories without consistent version control or standards. Identifying the various repositories, determining the correct/most current versions of documents, and bringing everything together into a central repository can be challenging depending on past management practices. We support this process by helping organizations assess documentation gaps and establish structured document control frameworks within the Supplier Management System.
• Compliance and Standards Mapping: Many organizations use their Supplier Management System as part of overall compliance programs to manage regulatory (e.g., Environmental Protection Agency (EPA), Food and Drug Administration (FDA), Occupational Safety and Health Administration (OSHA)) and/or third‑party certification (e.g., International Standards Organization (ISO), Global Food Safety Initiative (GFSI)) requirements. Translating these requirements into usable data fields, workflows, and reports can be complex—and can carry significant compliance consequences if done incorrectly. The challenge becomes even greater when the system must accommodate multiple regulations or standards at once. KTL’s environmental, health, and safety (EHS); food safety; and quality professionals provide technical insights to help ensure our Supplier Management Systems effectively meet compliance and certification requirements.

Q: How do you integrate the Supplier Management System with a company’s overall management system (e.g., food safety, quality, EHS)?

One of the things that differentiates KTL as an information technology (IT) solutions provider is that we aren’t a software vendor. Rather, we are a team of consultants who use our expertise in compliance management systems to build powerful, compliance‑ready solutions using Microsoft 365 and the Power Platform. We blend deep EHS, quality, and food safety experience with practical IT know‑how to build systems that function according to our clients’ operations and regulatory/certification requirements using the software most organizations already have (i.e., Microsoft 365).

Because of our team’s broader expertise, we’re able to effectively integrate Supplier Management Systems directly into organizational food safety, quality, and EHS programs. Supplier qualification, onboarding, audits, corrective actions, and reevaluations all flow seamlessly into existing management systems. Compliance and certification requirements are incorporated into every step in the supplier management process—from initial risk scoring through ongoing monitoring. The result is a Supplier Management System that is a natural extension of the overall management system, with connected workflows, shared data, increased consistency, reduced duplication of effort, and strengthened compliance across the organization.