METHODOLOGY FOR CERTIFICATION

Introd uction:

ISO 22000-2005 is an internationally recognized generic food safety management system standard. It defines a set of general food safety requirements that apply to all organizations in the food chain. ISO 22000 2005 was developed by ISO TC 34 (Technical Committee 34). TC 34 is responsible for food products. ISO 22000 2005 (first edition) was formally approved during 2005 by over 75% of the ISO member bodies who participated in the voting process. ISO publishedthis international standard on September 1, 2005.

ISO 22000 lays down the requirements needed to demonstrate the control food safety hazards in order to ensure that food is safe for consumption. The requirements of this ISO 22000 are generic and so ISO 22000 is applicable to all organizations that are involved in the food chain, regardless of size and complexity that want to implement systems that consistently provide safe products.

Organizations that are directly involved that would benefit from ISO 22000 certification include feed producers, farmers, producers of ingredients, food manufacturers, retailers, food services, catering services, organizations providing cleaning and sanitation services, transportation, storage and distribution services. Other organizations that are indirectly involved that may benefit from ISO 22000 certification include suppliers of equipment, cleaning agents, packaging materials, and other food contact materials.

BUSINESS BENEFITS

ISO 22000 is more than a set of standards. It’s a business-building tool. For organizations wishing to extend their reach, provide a more logical and structured approach to food safety management, or gain easier access to global markets, then ISO 22000 delivers. ISO 22000 tackles key issues in the food supply chain, each contributing to an organization’s ongoing business performance in relation to food safety management:

• Clear communication across the entire supply chain• Traceability – identification of an organization’s impact on food safety within the supply chain• Control/reduction of food safety hazards• Management of food safety risks• Legal compliance

• Cost reduction due to a more efficient system• Smooth conversion from existing food safety certifications• Continuous improved business performance in line with the

ISO 22000-2005 Key Elements

ISO 22000 combines generally recognized key elements to ensure food safety along the food chain:

Interactive CommunicationClear communication along the food chain is essential to ensure that all relevant food safety

hazards are identified and adequately controlled at each step. This implies communication of the needs of the

organization to organizations both upstream and downstream in the food chain. Communication with customers and

suppliers, based on the information generated through systematic hazard analysis, will also assist in establishing

customer and supplier requirements in terms of feasibility, need and impact on the end product.

HACCP PrinciplesISO 22000 combines the Codex Alimentarius HACCP (Hazard Analysis and Critical Control Points) principles and

application steps, developed by Codex Alimentarius, with prerequisite programmes. It uses the hazard analysis to

determine the strategy for hazard control.

System ManagementThe most effective food safety systems are designed, operated and updated within the framework of a structured

management system and incorporated into the overall management activities of the organization. This provides

maximum benefit for the organization and interested parties. ISO 22000 is aligned with the requirements of ISO

9001:2000 in order to enhance the compatibility of the two standards and to ease their joint or integrated

implementation.

Prerequisite programmesThe effective production of safe products requires a detailed HACCP plan and the integration of two categories of

Prerequisite programmes: Infrastructure and maintenance programmes Operational prerequisite programmes

Infrastructure and maintenance programmes address basic hygienic requirements and accepted good agricultural,

manufacturing, storage, transport and veterinary practices of a permanent nature. Operational prerequisite

programmes are implemented to control identified food safety hazards in the product or processing environment

Audit Process

The NQA audit process for FSMS audits begins with the on-site assessments of HACCP plans, other related documents, data, records, activity and personnel. Process audit trails are followed by interviews of personnel responsible for the tasks and reviewing associated activity and records of occurrence. The audit trail will follow interactions between HACCP plans and processes as well as the details of the process itself. Following are the stages of the audit process.

Pre-assessment

If a pre-assessment is requested by the organization, it will typically occur prior to the Stage 1 Readiness Assessment. This activity is optional and is not required to achieve certification; however, it provides several benefits including identification of system gaps and familiarity with the auditor and auditing process. The client has full discretion in the scope and duration of the activity, although Euro-Cert will recommend the number of days per a general ‘rule of thumb’ of half the allotted Stage 2 Registration Assessment. The auditor conducting the pre-assessment will typically return to the organization for the assessment. Similar to a ‘true’ audit, the end result of the pre-assessment will be a documented report identifying findings observed during the audit and a closing meeting to discuss the issues.

Registration Audit (Readiness Review) - Stage 1

The Readiness Review is an on-site audit that includes a comprehensive review of documentation, including HACCP plans, PRP’s, OPRP’s and other key management processes to ensure their adherence to the requirements by using information provided on the pre-visit questionnaire. The

Stage 1 review also includes:

Applicable/identified legal requirements and compliance data Production, product and monitoring data

Product/process flows

Site plans and production layout

All applicable audit plans, audit results, corrective actions, including customer county and governmental audits

Selection and qualification of key management personnel, including internal auditors

This sets the stage for the review of implementation at the Stage 2 (Registration Assessment). The organization will receive the results of this analysis in a documented report with any findings listed which will be discussed during a closing meeting. Any finding raised during the Stage 1 review should be corrected prior to the next visit taking place. An unsuccessful Stage 1 visit will require a second visit to take place.

The auditor will generate an audit plan for the Stage 2 audit. The audit plan shall include evaluation of all of the client’s FSMS as well as all regulatory and statutory requirements.

Additional time should be added to the audit plan when excessive personal hygiene/protective equipment changing is required between processes/products/production areas.

Registration Audit - Stage 2

The objective of the Stage 2 audit is to assess the organizations’ adherence to its own policies, objectives and procedures and their conformance to the requirements of their FSMS including specific customer requirements. To accomplish this, the audit will address implementation of all the elements of the standard with the audit team observing, interviewing and reviewing processes, personnel and objective evidence of conformance to the FSMS requirements. Euro-Cert utilizes a process audit approach, interviewing process owners, employees and top management throughout the organization. Review of documentation and records to support the implementation is an expected part of the assessment process. Effectiveness of the system is considered to be how well the system is deployed. This is demonstrated by the measures defined by the organization to meet customer satisfaction and company objectives, as well as conformance to the standard. If non-conformances or opportunities for improvement are identified they will be documented in a report which will be presented to the organization during the closing meeting. The audit team may also provide a recommendation for certification at this closing meeting. If during the Stage 2 audit major non-conformances are found, a Special Visit may be required before certification can be granted.

Audit Findings

Any deviations from procedures or ISO requirements will be identified as audit findings, which will be documented in the audit report in the three categories defined as follows: Critical/major finding could be one or more of the following:

The absence of or total breakdown of a system to meet an ISO22000:2005 requirement. A number of minor non-conformities against one requirement can represent a total breakdown of the system and thus be considered a major non-conformity.

A non-compliance that judgment and experience indicate is likely either to result in the failure of the management system or to materially reduce its ability to assure controlled processes and products.

Critical control limits for CCP’s have been exceeded or controls has been lost, probable or likely shipment of non conforming product or product that does not conform to statutory or regulatory requirements.

Failure to respond to potentially unsafe products, withdraw products or communicate to affected customers.

A minor non-conformity relates to a single observed lapse in a procedure not related to a food safety issue. Non-conformities shall never be worded in such a way as to advise the company of action which should be taken in order to comply with the requirements.

An observation or opportunity for improvement relates to a matter about which the auditor is concerned but which cannot be clearly stated as non-conformity.

Observations also indicate trends which may result in a future non-conformity.

Corrective Action Response

The organization is required to respond to all findings within a duration stated on the audit report following the activity. Typically opportunities for improvement would be addressed as preventative actions by the organization, while non-conformances would be addressed as corrective actions in their own PAR/CAR system. The Corrective Action Plan (CAP) and any associated evidence should be documented and sent to NQA for review. Where critical or major non-compliances have been raised typically on site closure by a member of the original audit team will be required

Certificate Issuance

Following a successful review of the audit team’s report and associated Corrective Action Plan, Euro-Cert will authorize issuance of a certificate that is valid for a period of three years. The organization can expect to receive its certificate within 1-2 weeks of successful CAP submittal.

Surveillance Audits

NQA will conduct Two Annual Surveillance Audits based on an agreed upon schedule, either. The purpose of the Surveillance Audit is to ensure that the QMS continues to conform to both the organizations’ and the ISO22000:2005 requirements. Surveillance audit plans should take into consideration shift working and production schedules, including dedicated weekend/24 hour operation.Each surveillance visit will consider the following and will be carried out no later than one month after planned date:

Customer complaints and organizations response Organizations internal audit and management review results and actions

Progress made toward continuous improvement targets

Effectiveness of the corrective actions and verifications since the last visit

Any change to the system since the last audit

Effectiveness of the FSMS with regards to achieving the certified client’s objectives

Continuing operational control

Use of marks and/or any other reference to certification

Sections 4 and 5, as well as elements 7.3; 7.4; 7.5; 7.6; 7.8; 8.1; 8.2; 8.3; 8.4.2; 8.5.2

Safe Product Realization processes will be sampled to cover all processes within a three year period.

The organization is required to respond to all findings within a duration stated on the audit report following the activity. Typically opportunities for improvement would be addressed as preventative actions by the organization, while non-conformances would be addressed as corrective actions in their own PAR/CAR system. The Corrective Action Plan does need to be sent to Euro-Cert for Surveillances when non-compliances have been identified.

Re-assessment Audits

All accredited registrars are required to perform a re-assessment every three years. The purpose of the re-assessment is to verify the overall continuing effectiveness of the organizations quality management system in its entirety. Additional audit days will typically be added to accomplish this activity. Following successful re-assessment a new certificate will be issued to extend your certification for an additional three years. A full on-site re-certification audit shall be carried out within 3 years of the date of issue of your ISO 22000:2005 certificate. Re-certification may require a new Stage 1 audit for significant changes to management, scope, customer base or other.

Auditors should plan to carry out re-certification audits at least 3 months prior to expiry date of client certificates to prevent laps of certification. A re-assessment check list will be completed to ensure all requirements are covered. When possible, audit team members will be changed at the re-assessment visit.

Procedure

Procedures are pre-fixed QM and are as follows:

QM 001 - Food Safety Quality Management System QM 002 - FSQM Manual Summary

QM 003 - Document Control

QM 004 - Customer, Statutory and Regulatory Conformance

QM 005 - Record Control

QM 006 - Management Commitment

QM 007 - Quality and Food Safety Policy

QM 007 - Quality and Food Safety Objectives

QM 008 - Responsibility, Authority and Communication

QM 009 - Management Review

QM 010 - Resources and Training

QM 011 - Infrastructure and Work Environment

QM 012 - Product Realization and Contract Review

QM 013 - Design and Development

QM 014 - Purchasing, Orders and Verification of Purchased Materials

QM 015 - Prerequisite Programmes

QM 016 - Identification and Traceability

QM 017 - Customer Property

QM 018 - Planning Product Realisation and Contract Review

QM 019 - Hygiene Management

QM 020 - Management of Pest Control

QM 021 - Control of Visitors and Contractors

QM 022 - Management of Cleaning

QM 023 - Despatch and Distribution

QM 024 - Maintenance

QM 025 - Waste Management

QM 026 - Hygiene Policy

QM 027 - Calibration

QM 028 - Hazard Analysis and Critical Control Points System

QM 029 - Verification, Validation and Improvement

QM 030 - Customer Satisfaction

QM 031 - Internal Audit

QM 032 - Monitoring and Measuring QMS, Analysis of Data

QM 033 - Control of Non-Conforming Product

QM 034 - Corrective Action and Preventive Action

QM 035 - Crisis Management

QM 036 - Product Recall

QM 037 - Glass Policy

QM 038 - Ingredients Foreign Body Control Policy

QM 039 - Metal Detection

QM 040 - Nut Handling Procedure

QM 041 - Control of Knives

QM 042 - Control of Brittle Materials

QM 043 - Glass & Brittle Material Breakage Procedure

QM 044 - Types of Allergen

QM 045 - Storage

QM 046 - Allergen Control Procedures

QM 047 - Food Defence System

QM 048 - Control of First Aid Dressings

QM 049 - HACCP Prerequisites

The controlled records of the Food Safety Management System are pre-fixed QMR and are as follows:

QMR 001 - Management Review Minutes QMR 002 - Training Record

QMR 003 - Product Release Record

QMR 004 - Design and Development Records

QMR 005 - Supplier Assessment Record

QMR 006 - Validation Record

QMR 007 - Identification and Traceability Record

QMR 008 - Register of Customer Property

QMR 009 - Calibration Record

QMR 010 - Internal Audit Record

QMR 011 - Records of Non-conforming Product

QMR 012 - Corrective Action Request Form

QMR 013 - Preventative Action Request Form

QMR 014 - Supplier Self Assessment and Approval Form

QMR 015 - Equipment Commissioning Record

QMR 016 - Return to Work Form

QMR 017 - Hygiene Policy Staff Training Record

QMR 018 - Complaint Investigation Form

QMR 019 - Prerequisite Audit Checklist

QMR 020 - Knife Control Record

QMR 021 - Knife Breakage Report

QMR 022 - Goods in Inspection Record

QMR 023 - Equipment cleaning Procedure

QMR 024 - Glass Breakage Record

QMR 025 - Metal Detection Record

QMR 026 - First Aid Dressing Issue Record

The Criteria and Methods required to ensure that the operation and control of these processes are effective are documented in these procedures and records.

These procedures are supported by second tier documents specific to each area including:

Specifications Testing schedules

Risk assessments

Job Descriptions

HACCP Plans

Critical Control Point Monitoring Procedures

Measurement, monitoring and review are carried out by analysis of data in key areas:

Critical Control Point monitoring Analytical testing

Microbiological testing

Complaints analysis

Key Quality performance indicators

Standard Exception Reporting

Results of Inspections

Results of Internal audits

Results of External Audits

The resources required to implement, maintain, and improve the Food Safety Management System and these resources have been provided including:

Skilled Personnel Suitable materials

Suitable equipment

Appropriate Hardware and Software

Infrastructure

Information

Finances

Audit resource

Training resource

Action is taken in response to results in order to correct and prevent deficiencies and to improve the probability of achieving objectives

Legislation, Statutory and Customer Requirements Company Quality Manual Procedures and Policies

Supporting Documents and Records

Summary of Compliance to ISO 22000

ISO 22000 Section ISO 22000 Manual Reference

ISO 22000 Manual Document

4. Food Safety Management System4.1 General Requirements QM001 Quality & Food Safety Management System4.2 Documentation QM002 QMS Manual Summary4.2.2 Document Control QM003 Document Control4.2.2 Document Control QM004 Customer Statuary and Regulatory Conformance4.2.3 Record Control QM005 Record Control

5. Management Responsibility5.1 Management commitment QM006 Management Commitment5.2 Food safety policy QM007 Quality, Food Safety Policy and Objectives5.3 planning of food safety management system

QM001 Quality Management System

5.4 Responsibility and power QM008 Responsibility, Authority & Communication5.5 Food safety team leader5.6 Communication 5.6.1 External Communication5.6.2 Internal Communication5.7 Preparing to emergency situation and reaction to them

QM025QM026QM027

Control of Non-Conforming ProductCrisis ManagementProduct Recall

5.8 Management review Management Commitment

QM009 Management Review

6. Resource Management6.1 Provision of Resources QM010 Resources & Training6.2 Human Resources6.2.2 Competence, Awareness and Training6.3 Infrastructure QM011 Infrastructure & Work Environment

6.4 Work Environment7. Planning, Realization of Safe Products

7.1 General QM012QM020

Planning Product Realization Product ReviewHACCP System

7.2 Prerequisite programs QM011QM015

Infrastructure & Work EnvironmentPRPs

7.3 First phases of hazard analysis realization

QM020 HACCP System

7.4 Hazard analysis QM020 HACCP System7.5 Operational Control

7.5 Establishing The Operational PRPs

QM020

7.5 Establishing The Operational PRPs

PRP001PRP002PRP003PRP004PRP005PRP006PRP007PRP008PRP009PRP010PRP011PRP012PRP013PRP014PRP015PRP016PRP017PRP018PRP019PRP020PRP021

Management of hygiene & House keepingManagement of Pest ControlControl of VisitorsManagement of CleaningDispatchMaintenanceWaste ManagementHygiene PolicyGlass PolicyIngredient Foreign Body Control PolicyMetal detectionNut Handling ProcedureControl of KnivesControl of Brittle MaterialsGlass Breakage ProcedureTypes of AllergensStorageAllergens Control ProcedureFood Defence SystemControl First Aid DressingHACCP PRPs

7. Planning and Realization of Safe Products (ISO 22000)7.6 Occurring of HACCP plan QM020 HACCP System7.7 Updating of beginning knowledge and documents determined in PRP and HACCP

QM020 HACCP System

7.8 Verification plan QM021 Verification, Validation & Improvement7.9 Monitoring system QM016 Definition & Traceability7.10.1 Corrections QM025 Control of Non Conforming Product

QM0267.10.2 Corrective Actions Corrective & Preventive Action7.10.3 Handling of Potentially unsafe Product

QM025 Control of Non Conforming Product

7.10.4 Withdrawals QM025QM027QM028

Control of Non Conforming ProductCrisis ManagementProduct recall

8. Validation, verification and improvement of FSMS8.1 General QM020 HACCP System

8.2 Validation of control measure combinations

QM021QM027

Validation, verification and improvementCalibration

8.3 Control of monitoring and measuring

QM019 Calibration

8.4 Food safety management system verification

QM021 Validation, verification and improvement

8.4.1 Internal Audits QM023 Internal Audits8.4.2 Evaluation of individual verification results

QM021 Validation

8.4.3 Analysis of results of verification activities

QM021 Validation

8.5 Improvement QM021 Validation8.5.1 Continual Improvement QM021 Validation8.5.2 FSQMS updating QM021 Validation

Certification Process

Our Certification Process comprises six distinct phases during which work will be started by creating awareness of Food Safety Management system amongst the senior management, supervisors and lead technicians so that they understand this system very well. Key Steps in our Certification Process are:

1. The first step in your progress towards building your Food Safety Management System is to understand what the ISO 22000 requires and how it will affect your organization.

2. The 2nd Step is to compare your current system to the requirements. In order to be able to plan your project, you will need to know exactly what needs to be done in your organization to meet the requirements of the standard. Identify what requirements you already meet, and list the ones that need to be addressed.

3. The 3rd Step is to plan your project, once you have your list of requirements that you need to address, you can start planning your project. Using teams to implement the FSMS is a very efficient and effective approach. It brings in employees from all parts of the

organization to participate in the development and implementation, assuring the effectiveness of the final system as well as employee ownership of the system.

4. The 4th Step is to design and develop the documentation system, with the team approach to implementation, there is a team assigned for each of the processes that must be documented. For example, a team assigned to work on the document control system and procedure will work together to make any changes to the current system to bring it into compliance. Then they will document the procedure as well as any necessary work instructions or forms. The team uses information from the Gap Analysis to determine what must be done to bring the process into compliance. They may also use a prewritten procedure to assist them. This will provide them with a foundation to work from as well as an example of a process that complies with the ISO 22000 requirements. They will tailor the procedure to reflect your processes.

5. The 5th Step is to Train your Employees, In order to complete the implementation of the system, employees must be trained, both for any new processes that have been implemented and on the requirements of the standard.

6. The 6th Step is to have your Registration Audit; firstly we will arrange a preliminary audit and conduct an on-site document and readiness review. We will leave a copy of our report with any findings/deficiencies with you. In case the preliminary audit findings are satisfactory; we will arrange a mutually convenient date for the on-site audit. Then we conduct an on-site audit once it is agreed that you are ready to move forward. We produce a report on the findings plus recommendations. Unsuccessful audits may require a re-audit. The Certificate of Registration is issued, once all gaps/observations (if any) from the on-site audit have been addressed. Surveillance visits are performed at least once in six months for the next three years (the validity period of ISO 22000 certification being 3 years subject to regular satisfactory surveillance audit , depending on the size of your company.

REQUIRED DOCUMENTS

Certification process requires the certification request to the Certification Body.At the Audit all the below are checked:

License of the Company and the accompanying documents Other permits required Organizational Structure / Chart Food Safety Policy Operational Prerequisite Programs Prerequisite Programs Critical Control Points

Objectives Procedures and Policies Instructions for External Documents (eg Legislation) Files

TIME ISSUE AND VALIDITY OF CERTIFICATEIf the Audit of assessment of Food Safety Management System is successful and there is a positive recommendation by the inspection team, then the Certificate is been issued in a short time. The certificate is valid for three years and this period is supported by two annual surveillance audits.