Virtually every regulatory agency (e.g., EPA, OSHA, FDA, USDA) and voluntary certification standard (e.g., ISO, GFSI, organic) has compliance requirements that call for companies to fulfill several common compliance activities. KTL has outlined eight compliance functions that can be instrumental in improving a company’s capability to comply. One very important compliance function involves records and document management.

Records provide documentation of what has been done related to compliance—current inventories, plans, management systems, training, inspections, and monitoring required for a given compliance or certification program. Each program typically has recordkeeping, records maintenance, and retention requirements specified by type. Having a good records management system is essential for maintaining the vast number of documents required by regulations and standards, particularly since some, like OSHA have retention cycles for as long as 30 years.

Moving Away from Paper Recordkeeping

Organizing and maintaining the records can create challenges—where to store them, security levels, remote and local accessibility, etc. Supply chain requirements can further add to the cumbersome workload of collecting, reviewing, and sharing documents and information.

Companies have been keeping records and documents in binders and file cabinets for years. And while that system can work, many dynamic tools are available to alleviate some of these challenges and support organizational decision-making. A document management system can help create:

• Process and document standardization
• Central and secure storage, organization, and access to documents and records locally or remotely
• Improved document searchability and accessibility
• Enhanced workflows for approving and completing tasks involving documents
• Easy access to documents for audits and clear audit trail, particularly for remote audits
• Version control and history
• Reduced paperwork
• Higher quality data due to reduced human error
• Improved collaboration
• Improved security of sensitive documents

All of which lead to consistent, efficient, and reliable compliance performance.

Transitioning Your Records

Transitioning from a paper-based recordkeeping system to an electronic document management system can seem overwhelming, particularly given the sheer volume of documents some organizations have. However, following a step-by-step approach—and considering the desired end product from the start—can help ensure that organizations end up with a system that will function well within the business context and provide ongoing compliance efficiency.

Step 1. Assess Current Documents and Processes

The first step is to identify where all your documents reside and how you are currently managing and organizing those documents. Additionally, an assessment of the documents themselves should be conducted to evaluate if they are still current, if they are in line with the processes and procedures they are intended to monitor, and if they are collecting all the required information. 

Where are documents stored? What is electronic vs. paper? Are documents sorted by necessity, date, version, compliance area? What processes are currently in place for creating, managing, and storing documents? Where are the inefficiencies in adequately managing documents and records? If there are multiple systems, are they working together? 

The goal of this step is to get a good handle on the current state of your documents and systems so you can move onto step 2, which will be to define the desired state of your document management system. 

Step 2. Define Document Management System

Before building the system, you must define your ultimate desired end state. In a perfect world, how would the document management system operate? What parts and components would it have? How would things work together? At this point, you must consider the immediate need (i.e., document management) within the context of the overall business need. The idea is to align the document management system with any overall compliance management system (CMS). This requires a genuine understanding of both daily routines and the big picture.  

Bring together key stakeholders to discuss their objectives, review the current state, and evaluate industry best practices. While it is necessary to get senior management buy-in and to understand the business needs, it is equally important to understand the routine activities and tasks of the people who will use the system in a daily basis. The system must be designed with all these users in mind—the end user entering data in the field, management who is reading reports and metrics, system administrator, office staff, etc.  

Step 3. Gather Documents and Populate System

This step can involve significant resources depending on the volume of documents, so taking a phased approach can make it more manageable. It often makes sense to start where you already have processes and document storage systems in place that can be more easily transitioned into a new document management system to encourage user buy-in. Priorities should be set based on ease of implementation, compliance risk, business improvement, and value to the company.

Step 4. Determine Access and Train

The only way to ensure employees will correctly use the document management system is to provide adequate training. Define who needs access to the various parts of the system and what everyone’s roles and responsibilities are. Every employee who will touch the system should receive hands-on training to teach them how to correctly use the system to create efficiencies.

Step 5. Conduct an Annual Internal Audit and Document Review

Audits offer a systematic, objective tool to assess compliance across the workplace and to identify any opportunities for improvement. Audits may be used to capture regulatory compliance status, certification system conformance, adequacy of internal controls, potential risks, and best practices.

An internal audit of the document management system provides a valuable way to communicate performance to decision-makers and key stakeholders. This final step is an important one, because it will help ensure that:

• The organization is getting the most out of its document management system.
• The system and associated processes are operating as intended.
• Data can be used for trending and predictive analytics to better inform business decision-making.
• Ongoing opportunities for improvement in document organization and processes are identified and implemented.
• Efficiencies in business operations and overall compliance management—including remote access and remote auditing—are fully realized.

To ensure a sound Hazard Analysis and Critical Controls Points (HACCP) Plan, companies must confirm the Plan is adequate for controlling food safety hazards through the process of validation and verification.

According to 9 CFR 417.4 a, “Every establishment shall validate the HACCP Plan’s adequacy in controlling the food safety hazards identified during the hazard analysis and shall verify that the Plan is being effectively implemented.” HACCP Principle 6—Establish Verification Procedures—further emphasizes the importance of establishing activities that determine the validity of the HACCP Plan and verify that the system is operating according to the Plan.

Based on these requirements, verification and validation seem quite similar. In practice, however, verification and validation are distinct functions that are both critical for compliance with U.S. Department of Agriculture (USDA) and Food and Drug Administration (FDA) regulations. In short, verification is focused on the implementation of the plan, while validation is focused on its accuracy. You cannot validate a process until you verify the process is consistently following the plan and operating as intended. 

Validation: Proof the Plan Is Effective

Validation demonstrates and documents that the HACCP system works to address significant hazards​. It provides proof that the Plan is effective. The purpose of validation is to demonstrate that the HACCP system, as designed, will adequately control identified hazards to produce a safe, unadulterated product. Following completion of the hazard analysis and development of the HACCP Plan, establishments enter the 90-day period of initial validation, where the validity of the HACCP system is checked. Is the Plan working to achieve its intended goal?

Validation involves gathering data over time to confirm something is operating as intended. It relies heavily on using scientific data from journals; in-plant observations, measurements, and evaluations; and expert advice. According to the National Advisory Committee on Microbiological Criteria for Foods (NACMCF), “Validation is the element of verification that focuses on collecting and evaluating scientific and technical information to determine if the HACCP Plan, when properly implemented, will effectively control the identified hazards.”

For example, validation of Critical Control Points (CCPs) may involve reviewing trends over the year, customer complaints, equipment issues, etc. to determine whether the process is working. To validate a temperature selected for heating food to remove harmful bacteria, a facility may cite scientific journals and studies.

Both USDA and FDA require validation of the food safety system to document scientific support for CCP or process preventive control critical limits. USDA further requires internal validation of the CCPs and critical operational parameters used in key prerequisite programs (PRPs). It is important companies use scientific evidence (e.g., microbiological test results, validation studies) to the extent possible to demonstrate hazards are effectively controlled.

Verification: Proof the Plan Is Followed as Written

Verification establishes the accuracy or truth of something—in other words, proof that the HACCP Plan is being followed as written. ​It answers the question, “Are we actually doing what we say we are going to do?” For example, if the Plan says that a food will be heated to a certain temperature to kill harmful bacteria, verification will test that the food actually reaches that temperature.

The purpose of verification is to confirm that the HACCP system is continually functioning as intended. Following the 90-day period of initial validation, monitoring and verification activities are performed to ensure the HACCP system continues to be implemented properly. These activities should be scheduled as needed (i.e., daily, weekly, monthly, quarterly, annually) and conducted by designated, trained employees.​

Regular audits of the HACCP Plan further ensure that it is being followed correctly. This is particularly important if any aspect of the company’s procedure, process, or ingredients has changed or a new product has been added to production.

HACCP Principle 6 outlines four elements for verification:

1. CCP Verification
2. Overall Food Safety System Verification
3. Food Safety System Validation
4. Regulatory Verification

In addition, both USDA and FDA require verification of the overall food safety system. USDA requires reassessments to be performed annually to verify the HACCP Plan. FDA requires reanalysis to be performed at least every three years to verify the Food Safety Plan.

There are some common verification activities to ensure food manufacturing facilities meet these requirements:

• Document review, including HACCP Plan and related policies, plans, Good Manufacturing Practices (GMPs), standard operating procedures (SOPs), equipment and product specifications, processing rates, inspection records, supplier information, etc.
• Facility walk-through to review operations and observe specific processes and equipment, as needed
• Evaluation of current Food Safety Management System (FSMS) elements
• Food Safety Plan review
• Review of PRPs (e.g., sanitation, allergen controls, traceability)
• Environmental monitoring and product testing
• Confirmation that the CCPs and other preventive controls are implemented and effective
• Direct observations of CCP monitoring activities
• Calibration of equipment

Validation and verification are important components of any food safety system. They provide proof that the HACCP Plan is not only effective, but also being followed and working as intended. Validation and verification ensure the Plan is a living, breathing document that is used daily to ensure the food safety system complies with both USDA and FDA regulations and, more importantly, works to prevents foodborne illness. 

The Safe Quality Food (SQF) Program is a rigorous food safety and quality program. Recognized by the Global Food Safety Initiative (GFSI), the SQF codes are designed to meet industry, customer, and regulatory requirements for all sectors of the food supply chain. SQF certification showcases certified sites’ commitment to a culture of food safety and operational excellence in food safety management.

In May 2021, SQF will be releasing Edition 9 (SQF V9) to align the code with the latest GFSI benchmarking criteria, updated regulatory requirements, and scientific changes. According to the SQF Institute, SQF V9 is designed to help certified sites meet and exceed all industry, customer, and regulatory requirements so they can remain competitive across sectors. V9 is scheduled for implementation with audits beginning May 24, 2021.

Significant Changes

The SQF V9 changes are broken down into two categories of changes:

Structural Changes

• Development of Custom Codes for certain industry-specific sectors (livestock, animal feed, petfood, aquaculture, dietary supplements)
• Streamlined technical elements to reduce redundancy in the following sections:
  • Site location and operation
  • Food safety culture
  • Chemical storage
  • Personal hygiene
  • Specifications
  • Training

Technical Changes

• GFSI benchmarking requirement updates, including changes to:
  • Food safety culture requirements
  • Internal laboratory requirements
  • HACCP plan requirements for storage and distribution
  • Remote activities requirements
• SQF stakeholder feedback updates, including changes to:
  • Co-manufacturers’ requirements
  • Ambient air testing requirement
  • Audit scoring

New or updated concepts that present some of the greatest changes under SQF V9 include the following:

• Food Safety Culture Requirements: Senior leadership is required to lead and support a food safety culture within the site.
• Additional Training Requirements: Training requirements are now defined for sampling and test methods, environmental monitoring, allergen management, food defense, and food fraud for all relevant staff.
• Labeling Requirements: Updates to Product Identification Section now emphasize labeling requirements and checks during operations and require the implementation of procedures to ensure label use is reconciled.
• Substitute SQF Practitioner: All sites are now required to have a designated substitute SQF Practitioner with HACCP training and competencies in maintaining the food safety plan and knowledge of the SQF Food Safety Code.

Planning for Change

For companies that are SQF-certified, now is the ideal time to assess current SQF program elements, identify improvements that are internally desirable and required by the new standard, and implement those updates that will make the SQF program more useful to the business. This can be done through a series of phases to ensure adoption throughout the organization.

Phase 1: SQF Assessment

An assessment should begin by reviewing the following:

• Existing SQF programs, processes, and procedures
• Existing document management systems
• Employee training tools and programs

This documentation review and program assessment will help to identify elements of the existing SQF program that are acceptable, those that show opportunities for improvement, and those that may be missing, including those needed for development and implementation to meet the requirements of SQF V9.

Phase 2: SQF Program Updates

The assessment will inform a plan for updating the SQF certification program, including major activities, key milestones, and expected outcomes. Development/update activities included on the plan may include the following:

• Updating current SQF programs, processes, and procedures with missing V9 requirements
• Developing new SQF programs, processes, and procedures for additional V9 requirements
• Updating training programs with any new and additional requirements
• Revising document register to align with SQF V9 numbering changes
• Updating records and forms with any new and additional requirements
• Updating Food Safety Policy to include new food safety culture requirements

When implementing program updates, leveraging existing management system and certification program elements and utilizing proven approaches can greatly streamline the process.

Phase 3: Training

To ensure staff are prepared to implement and sustain the updated SQF V9 program, training is important. This includes training for affected staff on applicable requirements; specific plans, procedures, and GMPs developed to achieve compliance; and the certification roadmap to prepare for future audits.

Following this plan now will help companies ensure they maintain their SQF certification when audits begin under SQF V9 in May 2021–and that certification matters when it comes to meeting customer and regulatory requirements, protecting the company brand, and keeping consumers safe.

The food system is rapidly evolving—from new foods, to new formulations, to new production and delivery methods. As a whole, the industry is pushing into untapped areas, facing supply chain challenges, and responding to unique market demands, including those that have quickly emerged as a result of the COVID-19 pandemic (e.g., e-commerce, new delivery models, virtual inspections).

To keep pace with all this change, the Food & Drug Administration (FDA) announced the New Era of Smarter Food Safety in April 2019. On July 13, 2020 (delayed from Spring 2020 due to COVID-19-related issues), the Administration subsequently published the New Era of Smarter Food Safety Blueprint. This blueprint outlines the approach FDA will take create a New Era of Smarter Food Safety that evolves along with food technologies and systems—and the impacts these changes will have on the food industry and consumers alike.

New Era: What to Expect

According to FDA, “The New Era of Smarter Food Safety represents a new approach to food safety, leveraging technology and other tools to create a safer and more digital, traceable food system.” That being said, the Administration further notes that “smarter food safety is about more than just technology. It’s also about simpler, more effective, and modern approaches and processes. It’s about leadership, creativity, and culture.”

Correspondingly, the New Era is built on four core elements to support FDA’s ultimate goal of reducing foodborne illness:

• Tech-Enabled Traceability
• Smarter Tools and Approaches for Prevention and Outbreak Response
• New Business Models and Retail Modernization
• Food Safety Culture

Importantly, the New Era does not replace or negate the progress of the Food Safety Modernization Act (FSMA). Rather it builds on FSMA’s science and risk-based protections and uses them as the foundation for integrating more data, better analytics, and technological advancements going forward. FSMA’s full implementation remains a priority for the FDA. In FDA’s words, the New Era is “people-led, FSMA-based, and technology-enabled”.

Building the Blueprint

The New Era of Smarter Food Safety Blueprint is the roadmap FDA will follow to build its New Era and further food safety modernization under the FSMA rules. The blueprint includes goals to:

• Enhance traceability
• Improve predictive analytics
• Respond more rapidly to outbreaks
• Address new business models
• Reduce contamination of food
• Foster the development of stronger food safety cultures

Each of these goals is addressed by the core elements and the following actions, as outlined in the blueprint, which will be implemented over the next decade:

Core Element 1: Tech-enabled Traceability. Food traceability is the ability to track any food through all stages of the supply chain—production, processing, distribution—to ensure food safety and operational efficiency. The objective of Tech-enabled Traceability is to use technology to create traceability advancements, including implementing rapid tracebacks, identifying specific sources, and helping to quickly remove products from the marketplace when necessary. Beyond technology, part of this effort involves harmonizing efforts to follow food from farm to table by creating similar data standards across government and industry. As public health agencies increasingly rely on electronic data in outbreak investigations, quality and compatibility must be addressed to more quickly and accurately trace the origin of contaminated food. Blueprint actions include:

• Developing foundational components
• Encouraging and incentivizing industry adoption of new technologies
• Leveraging the digital transformation

Core Element 2: Smarter Tools and Approaches for Prevention and Outbreak Response. One of the most powerful resources available to create this New Era is data. However, that power lies in collecting better quality data, conducting more meaningful analysis, and transforming data into more strategic, prevention-oriented actions. The blueprint seeks to strengthen procedures and protocols for conducting root cause analyses to identify how a food became contaminated and then for using predictive analytics to prevent future outbreaks. As under FSMA, the focus is on the preventive nature of modern food safety approaches. Blueprint actions include:

• Invigorating root cause analysis
• Strengthening predictive analytics capabilities
• Developing domestic mutual reliance
• Developing inspection, training, and compliance tools
• Improving outbreak response
• Implementing recall modernization

Core Element 3: New Business Models and Retail Food Modernization. How food is getting from farm to table is continually evolving. The recent pandemic is a prime example, as it has brought huge growth in distribution channels, including e-commerce and food delivery, carryout, and pickup. The FDA and industry must be prepared for new business models that continue to emerge with marketplace demands and consumer needs. The address this, blueprint actions include:

• Ensuring safety of food produced or delivered using new business models
• Modernizing traditional retail food safety approaches

Core Element 4: Food Safety Culture. According to the Safe Food Alliance, “Food safety culture refers to the specific culture of a facility: the attitudes, beliefs, practices, and values that determine what is happening when no one is watching. A strong culture of food safety helps a facility both to prevent and catch deviations in their processes that impact the safety, quality, and legality of their products.” Improvements in food safety, foodborne illness, and outbreaks depend largely on food safety culture, even more than technology. A strong food safety culture has always been a prerequisite to effective food safety management and that will continue in the New Era. Blueprint actions include:

• Promoting food safety culture throughout the food system
• Further promoting food safety culture throughout the Agency
• Developing and promoting a Smarter Food Safety consumer education campaign

Incorporating into Operations

As FDA has recognized, there is a real need for more “real-time, data-driven, nimble approaches to help ensure a strong and resilient food system”. The New Era of Smarter Food Safety Blueprint is FDA’s way to get there. It will be up to players in the food industry to take the core elements of the blueprint and begin to incorporate them into operations. As FDA rolls out this initiative, organizations should consider doing the following:

• Implement an information management system to help coordinate, organize, control, analyze, and visualize the information necessary to remain in compliance and operate efficiently.
• Conduct third-party assessments to provide an outside perspective of food safety systems and compliance/certification.
• Explore technological advancements that allow for further digitization and promote more timely and accurate collection and management of important data.
• Conduct root cause analysis, as needed, to identify underlying issues and ensure similar problems do not occur in the future.
• Build a strong food safety culture that focuses on changing from a reactionary to a preventive mindset that promotes safety and quality.

Regulatory, customer, and industry standards require that Food Safety Management Systems (FSMS) and programs must be current at all times. They also require that any changes be verified and validated. Third-party assessments provide a means of confirming compliance specific to key programs, particularly when many certification audits are being postponed or limited in scope due to COVID concerns.

Focused Activity, Desired Results

As a focused activity, third-party assessments support food safety compliance and certification and respond directly to a company’s needs:

• Third-party assessments provide more direct coverage to evaluate specific program effectiveness and allow for a more focused understanding of existing strengths and improvement areas.
• Enlisting a qualified outside firm further provides an unbiased assessment, offers an opportunity to work with local resources, and allows for a more flexible timeframe.
• The assessment typically results in a report developed by a qualified source focused on closing corrective actions.
• It minimizes the overall disruption in business compared to a full certification-level audit.

Major Program Assessments

While third-party assessments are not uncommon in the food industry, they are generally not interwoven with industry certification audits. That being said, an FSMS is comprised of major programs or sections that are prime subjects for third-party assessment, including the following.

A Hazard Analysis and Risk-Based Preventive Controls (HARPC) third-party assessment is based on a customized workplan, as well as the updated HARPC/Preventive Controls for Human or Animal Food rule. Aligning the assessment with internal audit programs supports verification by providing direct recommendations for corrections and improvements. This approach provides the following benefits:

• Assessment can be completed and delivered more directly with the Food Safety Team.
• Recommendations from findings can be more directly implemented and issues can be closed.
• Results can be verified and validated internally, providing a record of corrections to be implemented, meeting regulatory requirements, and demonstrating alignment with the internal audit program.
• The assessment provides a means to confirm timing of program updates and to determine the next scheduled assessment.

Current Good Manufacturing Practices (cGMP) compliance extends to FDA Section 117 requirements, which must be maintained under FSMA as part of the Food Safety Plan. A gap assessment of existing cGMPs confirms programs are complete and current, provides verification of updates, and validates programs are documented. Independent verification can be scheduled on a more flexible timeframe using qualified resources based on preference. Focused assessments of cGMPs provide a fresh look at programs, improvement recommendations, and direct corrective actions that are in line with the company’s internal audit processes.

Building and equipment assessments support site commissioning requirements for food and handling. Typically, building elements are not a major focus; however, assessing building and equipment is imperative, as it provides for opportunities to correct risks not always identified by the audit:

• Drills down to maintenance practices and provides a clear focus on preventive maintenance.
• Provides a perspective on physical plant processes that allows for planned improvements and hygienic design implementations.
• Ensures the integrity of physical food plant and site asset conditions.

Supplier program assessment provides a stronger level review of the organization’s suppliers. This assessment provides an opportunity to update supplier criteria and ratings and bring a pragmatic perspective for change based on qualified vs. underperforming suppliers. A clear benefit of the assessment is the ability to highlight established supplier performance in a more detailed way than is typically included in an audit to generate possible improvements.

Training should be an established food program and cGMP from the initial implementation of an FSMS. In the past, training was looked at as more casual than formal. As requirements have progressed, training has become more challenging. A focused assessment determines effectiveness and consistency of training by:

• Drilling down to job level
• Identifying alternatives to make training more effective
• Incorporating a broader level of industry observations
• Providing for planned training processes and program improvements
• Addressing culture and language barriers

Recently, KTL Principal Bill Bremer and Thomas Paraboschi, DNV GL’s Supply Chain and Digital Assurance Services Manager, joined International Food Safety & Quality Network (IFSQN) for a Food Safety Friday Webinar to discuss the benefits of increasing safety and quality through non-certification assessments. Join the replay of their conversation and learn more about this topic.

There is no question about it—organizations across nearly every industry are relying more heavily on information technology (IT) to carry out daily tasks, connect staff, and manage operations. Technology can also play a vital role in managing compliance requirements.

For example, we recently shared a case study demonstrating how leveraging a simple Microsoft SharePoint®-based Compliance Management System (CMS) has provided Southeast Missouri State University (SEMO) with access to the data, documents, systems, and processes required to help employees effectively manage compliance requirements—even when working remotely.

Tips to Design a Successful CMS

A CMS is used to coordinate, organize, control, analyze, and visualize information to help organizations remain in compliance and operate efficiently. When building a CMS, it is important to follow a process to design a system that provides the functionality to meet current requirements and the flexibility to anticipate future needs.

The following eight tips can help ensure you end up with the right CMS and efficiency tools to support your organization for the long term:

1. Inventory your existing systems – Identify how you are currently managing your compliance needs/requirements. What’s working well? What isn’t working? Do the systems work together? Do they all operate independently? This inventory should evaluate the following:
   • Current systems and tools
   • Status and functionality of existing processes
   • Data sources and ability to pull information from various sources
   • Organizational complexity
   • Compliance status
   • Existing management systems
     
2. Determine your business drivers – Are you looking to save time? Create efficiencies? Provide access to enable employees to work from home? Reduce the number of resources required? Have better access to real-time information? Answer to senior management? Respond to regulatory requirements? These drivers will also drive the decisions you make when it comes to module development, dashboard design, reporting, and more.
   
3. Understand the daily routine of the individuals using the system – Systems and modules should be built according to existing daily routines, when possible, and then implemented and rolled out in a way that encourages adoption. Having a solid understanding of routine tasks and activities will ensure the system is built in a way that works for the individuals using it—and for the way they will be accessing it.
   
4. Understand your compliance requirements – Do you have permitting requirements? Does your staff need training? How do you maintain your records? Are there regular (e.g., annual, semi-annual) plans and/or reports you need to submit? Do you have routine inspections and monitoring? All these things can and should be built into a CMS so they can be managed more efficiently.
   
5. Get the right parties involved – There are many people that touch a CMS at various points in the process. The system must be designed with all these users in mind: the end user entering data in the field, management who is reading reports and metrics, system administrator, office staff, etc. A truly user-friendly system will be something that meets the needs of all parties. If employees are frustrated by lack of understanding, if the system isn’t intuitive enough, if it is hard to put data in or get metrics out, the system will hold little value.
   
6. Make your wish list – While you may start your project one module at a time, it is important to define your ultimate desired end state. In a perfect world, how would the CMS operate? What parts and components would it have? How would things work together? What type of interfaces would users have? You may build piece by piece, but you must develop with the end in mind.
   
7. Set your priorities, budget, and pace – What is the most important item on your list? Do you want to develop modules one at a time or as a fully functional system? It often makes sense to start where you already have processes in place that can be more easily transitioned into a new system to encourage user buy-in. Priorities should be set based on ease of implementation, compliance risk, business improvement, and value to your company.
   
8. Select the right consultant – For a CMS, it is valuable to have a consultant who doesn’t just understand technology but also understands your operational needs, regulatory obligations, and compliance issues. More than likely, off-the-shelf software will not be a silver bullet compliance solution. A consultant who can understand the bigger picture of where you want to go and will collaborate to design the right CMS and efficiency tools will bring the most value to your organization.

These tips can help ensure any organization designs and develops the right CMS—one that works within the organization’s operating environment—to reduce compliance risk, create efficiencies, provide operational flexibility, and generate business improvement and value.

During the life of a food or food material plant, periods may exist where interruptions in normal operations occur. Whether the plant is partially shut down, idled, or completely shut down, it is essential that the physical plant, equipment, and processes be adequately maintained to eventually resume operations.

In order to restart, companies must ask:

• What practices must be followed to ensure proper condition for food and food contact materials manufacturing?
• How should recommissioning proceed?
• To what level should assessments be conducted to ensure proper operating conditions that protect against any potential contamination or risks?

Avoiding Catastrophic Consequences

Historically, re-startup after extended shutdown, maintenance, or upgrades with idle periods and/or equipment not being maintained for an extended period can cause significant and sometimes catastrophic issues. While some of these issues may not occur during a market-level shutdown, attention to recommissioning the site and plant needs to follow the same high level of inspection, review, and corrections, even from a non-critical event. That being said, particular attention must be given if shutdown follows an emergency response (e.g., an incident where bodily fluid is released; a building issue like fire, flood, storm; major catastrophic damage).

Vulnerability Assessments

Plants must verify their capacity to restart according to all regulatory and compliance requirements. Each area or zone of the site/plant must be maintained or brought back up to the proper standards. A large part of this involves identifying vulnerabilities at actionable process steps within a facility, including sanitation, employee requirements, equipment, and operations. For each point, step, or procedure in the facility’s process, elements must be evaluated for Hazard Analysis and Critical Control Points (HACCP) compliance, including rates, operations to hygiene, and critical time/temperature (e.g., will line speeds impact cooking and kill steps?).

Consider severity and scale of any potential impacts/vulnerabilities on health, including such areas as the volume of product or the number of servings to the number of exposures that could occur from contaminated condensates. Consider broader issues like how fast the food moves through the distribution system and possible number of illnesses and deaths. These broader factors should be used to determine significance, severity, and likelihood and to then update controls for hygiene, sanitation, and disinfection.

Enhanced Inspections

It may also be prudent to conduct enhanced inspections and maintenance for unexpected issues associated with limited operations or shutdown periods. It is important to ensure the following:

• Condition of premises and site meet requirements of business licenses.
• External building conditions, including all mechanicals, roofs, exterior walls, drainage, and pest control are functioning according to design and food safety systems.
• Internal building envelope (non-exposed food), utilities, and general controls (e.g., air filtration/conditioning, waste, lighting, pest control, security, intentional adulteration controls) are inspected, maintained, and operating at approved levels.
• Food processing and storage, including temperature controls, cooler operations, and sanitation have been tested and verified.
• Food Safety Management System (FSMS) is established and maintains all changes via Management of Change (MOC) procedures, verification, and records.

Best Practices

Based on the data gathered through vulnerability assessments and enhanced inspections, companies can determine what changes need to be implemented prior to safely resuming operations. Best practices to integrate into operations may include the following:

• Modify maintenance and inspections, as appropriate, but do not disrupt preventive maintenance programs.
• Include test or performance validation runs of all utilities and equipment on a scheduled basis and with time to ensure proper operations.
• Train facility personnel working in all operations to conduct test runs, monitor results, approve, and complete reporting.
• Establish updated procedures for all personnel, contractors, drivers, and approved visitors prior to site/plant entry.
• Establish and implement any new personnel, health, and PPE requirements and work rules (e.g., work area separation, quarantine periods, doctor release notes, closed campus, social distancing).
• Upgrade new controls to meet OSHA bloodborne pathogen, PPE, and respiratory programs.
• Modify employee areas to encourage proper hygiene (e.g., handwashing, hand sanitation, PPE, and waste management).
• Determine new, EPA-approved sanitizers and disinfectants, and use appropriate sanitizers in all areas, including shared surfaces like touchscreen covers and their general location.
• Increase environmental monitoring of all possible sources, including coolers/fans/ducts.
• Base operating conditions on enhanced operational inspections: pre-, during, and post-.

Monitoring and Communicating

Final steps must be taken to ensure the proper implementation of updated programs, plans, and strategies during modified operations or shutdown. Monitoring the updated strategies, actions, and conditions must happen through management team review and all levels of organizational responsibility. In addition, facilities must maintain records for changed operations, corrective actions, and verification activities.

And before the plant can open, any updated site programs must be communicated, and personnel must receive appropriate training to ensure safe food and positive worker welfare.

A wider reaching global supply chain exposes our food—and those companies within the food supply chain—to increased risk. As a result, food companies are operating in an increasingly complex world with changing regulations and requirements that require careful monitoring and review. Like many industries, the global pandemic not only complicates many facets of operations, it has also impacted many regulatory and certification requirements.

The following websites provide excellent resources for companies within the food industry to stay on top of the latest regulatory and certification changes. Our advice? Bookmark these sites, sign up for automated emails, and take advantage of the resources available to companies to help navigate the ongoing changes.

U.S. Department of Agriculture (USDA): Food Safety and Inspection Service (FSIS)

This USDA FSIS Regulations, Directives & Notices site gives users access to the Code of Federal Regulations (CFR)), Federal Register (FR), FSIS Directives, and FSIS Notices. Users can sign up with an email address to receive the latest news from USDA and FSIS. These email updates include recall alerts and FSIS directives and notices. This allows users to be “in the know” instantly and to keep ahead of changing regulations. 

The “AskUSDA” and “AskFSIS” features, located on the USDA FSIS homepage, further allow users to look up common questions or submit any question to USDA or FSIS for answers. These features offer a quick turnaround, with responses provided by specialized USDA/FSIS employees.

• AskFSIS: Find answers or ask questions on inspection-related polices, programs, systems, and procedures.
• AskUSDA: Find answers or ask questions about safe food handling at home or food safety in general.

The USDA’s dedicated COVID-19 site breaks down information by topic area, including food supply chain, to answer frequently asked questions about COVID-19.  

U.S. Food and Drug Administration (FDA)

The FDA’s Food Safety Modernization Act (FSMA) impacts every aspect of the U.S. food system, from farmers to manufacturers to importers. Keeping up with changes to the FSMA rules is vital. Users can sign up for automatic emails from the Center for Food Safety and Applied Nutrition (CFSAN) to receive updates, including regulatory changes and recalls. Users can select settings for what product(s) they would like to receive notifications. 

Users can also research and submit questions related to FSMA to the Technical Assistance Network (TAN). Inquiries are answered by FDA Information Specialists or Subject Matter Experts, based on the complexity of the question. Responses are usually timely, based on the complexity of the question. 

In addition, FDA has a dedicated COVID-19 site. To see the latest COVID-19 information from FDA related to the food industry, select “Food & Beverages” from the drop-down “Topic” menu.

Electronic Code of Federal Regulations (e-CFR)

The e-CRF is a currently updated version of the Code of Federal Regulations (CFR). It allows users to look up all sections of the CFR. CFR is the codification of the general and permanent rules published in the Federal Register by the departments and agencies of the Federal Government produced by the Office of the Federal Register (OFR) and the Government Publishing Office (GPO). 

Regulations.gov

Regulations.gov provides an online resource for users to find, review, and submit comments on federal rules that are open for comment and published in the Federal Register.

Global Food Safety Initiative (GFSI)

The GFSI News & Resources section directs users to articles, publications, videos, and news releases on topics related to GFSI and certification.

Beyond that, as GFSI states on their website, “the pandemic has fundamentally affected the management and assurance of food safety in all retailers and manufacturers, globally. We recognise the COVID-19 outbreak continues to create audit restrictions, which has an impact on the certification status of certain sites.” As such, GFSI has created a COVID-19 site to keep companies abreast of certification requirements in light of changing needs and demands. Users can also enroll to receive the GFSI newsletter to stay updated on the latest updates from GFSI.

For resources related to each of the GFSI-benchmarked standards, users can visit the following sites:

• BRCGS
• FSSC22000
• IFS
• SQF

Managing Requirements

There are many great resources available to stay current on the latest regulatory changes and requirements. However, just knowing the requirements is not enough—companies need to be able to manage them to ensure compliance.

Technology-enabled business solutions can help simplify this task. Compliance efficiency tools and document management systems allow companies to:

• Maintain standards, programs, and regulatory requirements in one place
• Outline a plan for meeting each requirement
• Create alignment and consistency between different standards and requirements
• Update requirements as regulations—or company operations—change
• Provide a compliance calendar and tracking to manage and monitor compliance activities

Technology solutions can be instrumental in establishing or improving a company’s capability to efficiently and effectively manage compliance and business processes.  

Over the past several months, many companies have had to prioritize business activities given restrictions on travel and social distancing guidelines. Despite these restrictions, however, certain compliance activities are still required, including training.

Training is a key component for maintaining ongoing compliance—whether with regulatory requirements, supply chain mandates, or internal policies. While some training can be postponed, putting training on the backburner can have its consequences, ranging from unprepared employees, to noncompliance, to preventable injuries or worse.

Much like with audits, there are alternatives to meeting training requirements and ensuring employees are well-instructed and prepared to do their jobs, even with current government and/or company restrictions. Online and virtual training are not necessarily new options, but their popularity is most certainly on the rise. In-person, online, and virtual training can all provide quality options if you understand your training needs and understand what type of training works best in different scenarios.

Face-to-Face

As we have experienced, sometimes there is no substitute for doing things face-to-face. For certain types of training, in-person is clearly the best alternative for a number of reasons:

• It is designed for people who need to genuinely know the material inside and out and for those who would benefit from a more tailored, interactive learning experience.
• With in-person training, learners are able to ask specific questions and get them answered immediately.
• In-person training provides a focused, immersive learning experience, where attendees can have interaction, discussion, and live input.
• Trainers get to know attendees and can adjust training (e.g., material, learning speed, examples) to the group’s learning style.
• In-person training allows attendees to develop relationships with the trainer and other attendees, which can prove beneficial on future projects.

As many organizations have discovered, particularly lately, while in-person training may offer a great alternative, it is not always possible. Beyond travel and social distancing restrictions, in-person training can also be cost-prohibitive. In addition, scheduling of in-person training can present more challenges, as timing is based on the instructor and is not flexible.

Best suited for: Multi-day classes where demonstration of competency is needed, and participants are building skills they will use frequently; introductory classes where participants need to understand new material.

The Online Option

At the other end of the spectrum, we have online training (not to be confused with virtual, which is discussed below). Online training involves an online module that allows participants to watch and/or listen to a pre-recorded class. Generally speaking, online training works best when individuals already know the material (e.g., refresher training) and is most appropriate when the attendee does not have to be an expert in the subject matter (i.e., awareness level vs. functional expertise).

In addition, online training is generally cheaper since it is not customized and does not require travel or an onsite trainer. It can also be faster and more flexible, as attendees can work at their own pace and have the ability to pick their own schedule.

While there are certain benefits to online training, it is not suitable for all types of training. Because online training does not involve a live instructor, attendees are generally unable to ask questions effectively and there is little opportunity for follow-up input on areas covered. This is no opportunity for hands-on learning and interaction. For example, something like 24-hour HAZWOPER training would be difficult to do as an online course, as a hands-on component is valuable in helping participants demonstrate competency, as required. Finally, because of a potentially diverse audience, online training tends to be generic and not tailored to the specific needs.

Best suited for: Courses where participants have had many, many years of experience and just need refreshers, such as HAZWOPER 8-hour, DOT General Awareness, or RCRA refresher training.

Taking It Virtual

Finally, virtual training provides a bridge between online and in-person training. Like online training, virtual training is done via technology (e.g., Zoom, WebEx); however, it takes place live with instructors engaged in the training as it is occurring. Virtual has many of the same advantages as in-person training since it is being done live. Learners can get more in-depth training and benefit from live interaction, questions, and discussion to help develop specialized expertise. Virtual training works best when travel is limited but students still need to have real-time input from the instructor.

That being said, virtual training cannot completely replace in-person training. With screens, it may be difficult for the trainer to read the crowd and accurately interpret learning needs. Hands-on opportunities become more limited—though not impossible—and require cooperation, coordination, and open-mindedness from all attendees. Finally, technology and logistics are critical for this type of training. A computer with good internet access is critical. If internet connections are slow or sound quality is poor, training can quickly become ineffective.

Best suited for: Refresher training (as with online options), more detailed training that can be customized to the specifics of the class (i.e., site-specific, industry-specific), or training for those with less experience who may need to ask questions.

Consider Learning Styles

People learn very differently. Some people are aural learners and can hear material and develop understanding. Others are visual learners so just reading material on a screen “sticks.” Others are tactile learners and need to participate in physical interaction to understand content. It is important to keep this in mind when choosing the best platform, as well:

• With in-person classes, all learner types can be addressed. 
• With online classes, typically only visual learners retain the information unless there is audible training coordinated with the material. 
• With virtual learning and coordination with the site prior to the training program, all three learner types can be addressed. 

While some training can be rescheduled with minimal impacts to the business, many training requirements cannot. Companies need to know their workers are retaining the information, particularly given OSHA requirements that employees must demonstrate understanding and competency. To ensure that training not only “checks the box” but is also effective, it is important to evaluate not just the training, but the delivery options. In-person, online, and virtual all have their strengths based on the training needs and individual learning styles.

The second annual World Food Safety Day (WFSD) returns on June 7, 2020 under the theme “Food safety, everyone’s business.”

WFSD was originally declared by the United Nations on June 7, 2019, to draw global attention and inspire action to help prevent, detect and manage foodborne risks, contributing to food security, human health, economic prosperity, agriculture, market access, tourism and sustainable development. 

This year’s celebration focuses on food safety being a shared responsibility—from farm to table—including governments, to producers, to consumers.

A wider reaching global supply chain exposes our food and those companies within the food supply chain to increased risk. KTL is committed to supporting companies in our increasingly complex world with effectively operating across the food supply chain, while managing food safety and quality risks.  

Both the U.S. Food and Drug Administration (FDA) and World Health Organization (WHO) offer a number of resources for companies and individuals to participate in World Food Safety Day and help reduce food safety risks.