Transcription
ISO 22000:2018FOOD SAFETY MANAGEMENT SYSTEM IMPLEMENTATION GUIDE50,000CERTIFICATESGLOBALLYTRANSPARENT90
ISO 22000:2018IMPLEMENTATION GUIDE2ISO 22000:2018 IMPLEMENTATION GUIDE
ContentsIntroduction to the standardP04Benefits of implementationP05Structural Changes on ISO 22000: Annex SLP06PDCA cycleP07Process based thinking / auditP08Risk based thinking / auditsP09The 10 Clauses of ISO 22000:2018P10SECTION 1: ScopeP10SECTION 2: Normative referencesP11SECTION 3: Terms and definitionsP12SECTION 4: Context of the organizationP14SECTION 5: LeadershipP16SECTION 6: PlanningP18SECTION 7: SupportP20SECTION 8: OperationP24SECTION 9: Performance evaluationP26SECTION 10: ImprovementP28Get the most from your management systemsP30Next steps once implementedP32Useful linksP36ISO 22000:2018 IMPLEMENTATION GUIDE3
INTRODUCTIONTO THE STANDARDISO 22000 is the food safety management system that can be easily applicable to anyorganization in the food chain. ISO 22000 was initially developed on September 1st 2005 bythe ISO/TC 34/SC 17 as the first truly international FSMS standard.The ISO 22000 familyIn addition to ISO 22000 redaction, other standards werecreated, such as ISO 22004 “Guidance on the application ofISO 22000”, ISO 22005 “Traceability in the Feed and FoodChain” and also technical specifications by sector, theseinclude farming, food manufacturing, catering, packaging, andfeed and animal food production.Currently, according to ISO Survey data, there areapproximately 33,000 organizations worldwide that areISO 22000 certified.Revision stepsThe revision of ISO 22000:2005 commenced in September2014. All participants, the technical committee and nationalmirror committees, agreed on the need to revise the standardwith the purpose of addressing emergent food safetychallenges.After a long period of discussions, in June 2018ISO 22000:2018 was published. One of the main motivationsfor its revision was the alignment of the strategic direction of anorganization with its food safety management.Additionally, the adoption of the Annex SL structure allows aneasy integration with other international standards such asISO 9001, ISO 14001 and ISO 45001, making a smooth roadfor auditors and auditees.4ISO 22000:2018 IMPLEMENTATION GUIDEA brief history of ISO 22000ISO 22000 was initially published in 2005 as aresponse to: a number of successive food crises, such as themad cow disease or adulteration of wines withethylene glycol and its derivatives, to name a fewthat occurred in the preceding years. the globalisation of food supply chains creatinguncertainty with regard to the origin of food products the need from the food industry to demonstratethat systems were established and operating inaccordance to applicable laws and the requirementsspecified by the Codex Alimentarius, and a need to facilitate the harmonization of internationalfood safety regulations
BENEFITS OFIMPLEMENTATIONISO 22000 helps organizations minimize food risks and improve performance as it relates tofood safety.It does so by providing a framework they can use to develop an FSMS, a systematic approach to addressing food safetyissues. Compliance with ISO 22000 provides benefits such as:IMPROVED HEALTH AND SAFETYMinimizing food risks leads to better health andsafety outcomes for customers, other users,employees and others who may come intocontact with food.ENHANCEDTRANSPARENCYISO 22000 helps organizations improve thetraceability of their products and achieve greatertransparency regarding operations.IMPROVED CUSTOMERSATISFACTIONIMPROVED RESPONSETO RISKSHaving an FSMS helps you reliably deliverproducts that meet customer expectations.Having an FSMS in place can help organizationsrespond more quickly and efficiently to issuesthat may compromise food safety, helping themstop potential contamination before it occurs.HELP MEETING REGULATORYREQUIREMENTSCompliance with regulatory requirements isrequired to achieve certification to ISO 22000.Having an FSMS in place can help companiesmeet these requirements and understand howthey impact the organization and its customers.HELP MEETING OTHER STANDARDSAND GUIDELINESREDUCED INVESTIGATIONTIMEIf contamination does occur, an FSMS helpsorganizations reduce the time it takes toinvestigate any food safety breaches, solving theproblem faster.ISO 22000 links to various other internationalstandards and guidelines and can helporganizations meet the requirements of thesesystems as well.The standard itself also offers several advantages over other SED BUSINESSOPPORTUNITIESThe structure of ISO 22000 is similarto that of other international standards.It is designed to integrate seamlesslywith other management systems fromISO, such as ISO 9001, ISO 45001and ISO 14001.ISO 22000 is a well-known,internationally recognized standard.Certification to it improves anorganization’s reputability withcustomers, suppliers, investors,regulatory groups and otherparties worldwide.Certification to an internationalstandard such as ISO 22000opens doors for a business. Someorganizations require certificationbefore they will supply or otherwisework with a company.ISO 22000:2018 IMPLEMENTATION GUIDE5
STRUCTURAL CHANGESON ISO 22000: ANNEX SLThe ISO 22000, as other recently revised international standards such as ISO 9001 andISO 14001, has adopted the Annex SL structure during its 2018 revision.The Annex SL was initially approved in 2012. This sectionof the ISO/IEC Directive describes the common structure ofall ISO management systems standards in which the new orupdated standards must be focused on when developing therelevant requirements.Prior to the adoption of Annex SL there were many differencesbetween the clause structure, requirements, terms anddefinitions used across the various management systemHigh level structureAnnex SL consists of 10 core clauses:1.2.3.4.5.6.7.8.9.10.ScopeNormative referencesTerms and definitionsContext of the ormance evaluationImprovementOf these clauses, the common terms and coredefinitions cannot be changed. Requirements maynot be removed or altered, however discipline-specificrequirements and recommendations may be added.All management systems require a consideration of thecontext of the organization (more on this in section 4);a set of objectives relevant to the discipline, in this casefood safety, and aligned with the strategic direction ofthe organization; a documented policy to support themanagement system and its aims; internal audits andmanagement review. Where multiple managementsystems are in place, many of these elements can becombined to address more than one standard.6ISO 22000:2018 IMPLEMENTATION GUIDEstandards. This made it difficult for organizations to integratethe implementation and management of multiple standards;Environment, Quality, Health and Safety and Food safety beingamong the most common.This structure tries therefore to eliminate confusions,duplications and conflicts from the different interpretations ofmanagement system standards.Additionally, ISO 22000:2018 hasalso introduced a specific introductionand 3.3.2.0.3.3.3.IntroductionGeneralFSMS PrinciplesProcess ApproachGeneralPlan-Do-Check-Act CycleRisk-based thinkingGeneralOrganizational risk managementHazard Analysis- Operational processes0.3.3.4. Relationship with othermanagement system standardsAnnex A Cross references between theCODEX HACCP and this documentAnnex B Cross references between thisdocument and ISO 22000:2005
PDCA CYCLEThe recently updated ISO 22000 requires that in addition to the organizational Plan-DoCheck-Act (PDCA) cycle, also known by the Deming Cycle wheel or Shewhart cycle, andfollowing the high level structure, another PDCA cycle must coexist covering the operationalprocesses within the food safety system.Organizational planning and controlPLAN (FSMS)DO (FSMS)CHECK (FSMS)ACT (FSMS)4. Context of the organization5. Leadership6. Planning7. Support8. Operation9. Performanceevaluation10. Improvement(Including control of externally providedprocesses, products or services)Operational planning and controlPRPsTraceability systemHazardanalysisEmergency preparedness& responseValidationof controlmeasuresHazardcontrol plan(HACCP/OPRP plan)VerificationplanningPlan (Food safety)Implementation of the PLAN(food safety)Verification activitiesUpdating of preliminaryinformation and documentsspecifying the PRPs and thehazard control planAct (Food safety)Analysis of results ofverification activitiesCheck (Food safety)Control of monitoringand measuringControl of product andprocess nonconformitiesDo (Food safety)The 2018 version adds the general management principles to the previously isolated food safetyprinciples of a FSMS, Principles of a Food Safety Management System:2005:2018: Interactive Communication System management Prerequisite programmes Hazard Analysis and Critical Control Points(HACCP) principlesRetains the principles listed under ‘2005’ whilst addingthe common ISO management system principles Customer focus Leadership Engagement of people Process approach Improvement Evidence-based decision making Relationship managementISO 22000:2018 IMPLEMENTATION GUIDE7
PROCESS BASEDTHINKING/AUDITA process is the transformation of inputs to outputs, which takes place as a series ofsteps or activities which result in the planned objective(s). Often the output of one processbecomes an input to another subsequent process. Very few processes operate in isolationfrom any other.“Process: set of interrelated orinteracting activities which transformsinputs to outputs”ISO 22000:2018 Terms and DefinitionsEven an audit has a process approach. It begins withidentifying the scope and criteria, establishes a clear courseof action to achieve the outcome and has a defined output(the audit report). Using the process approach to auditing alsoensures the correct time and skills are allocated to the audit.This makes it an effective evaluation of the performance of theFSMS.This also applies where processes, or parts of processes, areoutsourced. Understanding exactly how this affects or couldaffect the outcome and communicating this clearly to thebusiness partner (providing the outsourced product or service)ensures clarity and accountability in the process.The final process step is to review the outcome of the auditand ensure the information obtained is put to good use. Aformal Management Review is the opportunity to reflect onthe performance of the FSMS and to make decisions on howand where to improve. The Management Review process iscovered in more depth in Section 9 – performance evaluation.“Understanding and managing interrelated processes as asystem contributes to the organization’s effectiveness andefficiency in achieving its intended results.” 8ISO 22000:2018 IMPLEMENTATION GUIDE
RISK BASEDTHINKING/AUDITSAudits are a systematic, evidence-based, process approach to evaluation of your FoodSafety Management System. They are undertaken internally and externally to verify theeffectiveness of the FSMS. Audits are a brilliant example of how risk-based thinking isadopted within food safety management.1st party audits– internal auditsInternal audits are a great opportunity for learning withinyour organization. They provide time to focus on a particularprocess or department in order to truly assess its performance.The purpose of an internal audit is to ensure adherence topolicies, procedures and processes as determined by you, theorganization, and to confirm compliance with the requirementsof ISO 22000.Audit planningDevising an audit schedule can sound like a complicatedexercise. Depending on the scale and complexity of youroperations, you may schedule internal audits anywhere fromevery month to once a year. There’s more detail on this insection 9 – performance evaluation.CERTIFICATION ASSURES: regular assessment to continually monitorand improve processes credibility that the system can achieve itsintended outcomes reduced risk and uncertainty and increasemarket opportunities consistency in the outputs designed tomeet stakeholder expectationsRisk-based thinkingThe best way to consider frequency of audits is to look at therisks involved in the process or business area to be audited.Any process which is high risk, either because it has a highpotential to go wrong or because the consequences wouldbe severe if it did go wrong, then you will want to audit thatprocess more frequently than a low risk process. How youassess risk is entirely up to you. ISO 22000 doesn’t dictateany particular method of risk assessment or risk management,apart from addressing this concept on the already mentionedtwo levels, organizational and operational levels. However, thestandard requires you to describe and retain as documentedinformation the methodology used when conducting a riskassessment.ISO 22000:2018 IMPLEMENTATION GUIDE9
THE 10 CLAUSESOF ISO 22000:2018ISO 22000 is made of up 10 sections known as Clauses. As with most other ISOmanagement system standards, the requirements of ISO 22000 that need to be satisfied arespecified in Clauses 4.0 – 10.0.Unlike most other ISO management system standards, anorganization must comply with all of these requirements; thismeans they cannot declare one or more clauses as being notapplicable to them. In ISO 22000, in addition to Clauses 4.010.0 there is a further set of requirements detailed mostly inClause 8, which include the HACCP principles as per CodexAlimentarius. This is considered the core of the system as wellas the operational level of the FSMS.The following parts of this guide provide an overviewexplanation of the purpose of each clause, highlight the typeof evidence an auditor would expect to see to confirm thatyou comply, and give tips on effective ways to comply with therequirements.SECTION 1:SCOPEA Food Safety Management Systemis primarily intended to ensure foodis safe for
ISO 22000 is the food safety management system that can be easily applicable to any organization in the food chain. ISO 22000 was initially developed on September 1st 2005 by the ISO/TC 34/SC 17 as the first truly international FSMS standard. A brief history of ISO 22000 ISO 22000 was initially published in 2005 as a response to: a number of successive food crises, such as the mad cow .
