Since the release of ISO 22000:2005 the food supply chain has become global, and serious food safety incidents have left consumers questioning who they can trust to ensure that what they eat will not harm them.
Globalisation of the food chain has resulted in new food safety risks and hazards, and different regulatory requirements to that of the food’s country of origin. This necessitated the International Organization for Standardization’s revision and modification of ISO 22000 so as to bring it up to date with today’s food safety requirements.
If your organisation is applying ISO 22000:2005, many of the requirements in ISO 22000:2018 will be familiar. However, there are numerous changes to the Standard that you must prepare for in order to transition and comply with the new Standard.
Major changes to ISO 22000:2018
ISO 22000:2018 adopts the high-level structure common to all ISO Standards. The new structure assists with the inclusion of the Food Safety Management System (FSMS) with other management system disciplines, such as ISO 9001:2015. The High-level structure affects the system scope, top management involvement, documentation of the system, application of the risk-based approach to organisational needs, and creates a clear focus on the process approach through the Plan-Do-Check-Act (PDCA) cycles.
Context and scope
Upstream and downstream issues affecting customers and consumers, and suppliers of products and services need to be considered. The scope of the FSMS may need to include issues such as food fraud, food terrorism and legal issues, which would affect the management of food safety risk for the management system and the product/process operations.
Top management must demonstrate leadership and commitment to food safety, and set the policy and business objectives. Management needs to oversee the system planning, communication, resource provision and ongoing improvement by reviewing the system’s suitability, adequacy and effectiveness.
Managing risk is crucial to the food business. Hazards, usually diseases, can jeopardise an entire food chain even when the hazard is present in a single step in the process. Risk management in the food safety system is no longer limited to the use of hazard analysis and critical control point (HACCP) principles at the operational level. Food safety risks such as food terrorism must be identified at the management system level and this has implications for business planning, management objectives and identifying improvement opportunities and the allocation of resources.
Requirements relating to basic system elements are clarified and strengthened. Resource planning is required along with tighter controls over external contributors to system development. Competence of internal and external personnel is more fully explained, and a system for greater control of suppliers of goods and services must be established.
The revised Standard includes two Plan-Do-Check-Act (PDCA) cycles. The initial cycle applies to the management system, while the second PDCA cycle addresses operations, and covers the principles of HACCP defined by the Codex Alimentarius, the Food Standards Programme which sets food safety guidelines for governments. The introduction of two PDCA cycles really helps to bring ISO 22000:2018 up-to-date with market needs.
Evaluation and improvement
Requirements for evaluation of the performance of the FSMS by monitoring, measurement, auditing and review are retained, with emphasis on the use of a more integrated, systematic approach to performing these activities across the whole system. Evaluation outcomes are aimed at the prevention of failure in the food safety management system to improve the effectiveness of the system.
External stakeholders in the FSMS include customers, vendors, regulatory authorities, certification organisations, emergency responders and personnel affected by the performance of the organisation relating to food safety.
External system auditors will be among those most affected by the revision. Third party auditors will need transition training to cover the two main changes to the revised Standard, which include, the adoption of the ISO high-level structure and the technical changes in the requirements.
ISO 22000:2018 will affect the global food industry, and if this results in greater protection from food safety hazards for the global public, the new Standard will have achieved its objective. Organisations certified to ISO 22000:2005 have until June 2021 to transition to the new Standard.
For more information or guidance on which ISO standard(s) and services would best suit the needs of your organisation, please email Risk ZA at email@example.com or contact us on 0861 Risk ZA / +27 (0) 31 569 5900.