The controversy continues over the value of third party audits in food safety at the fresh produce level, as pointed out by Professor Doug Powell at Kansas State University in his BITES blog.
The lingering question remains, “how can we improve this system”?
Third party audits are best implemented when there are regulatory controls over the audited operations, thus underpinning them.
In their absence, third party audits are flawed by a lack of standard government requirements such as the preapproval of equipment, structures, layout and design, waste disposal methods and potable water sources.
Third party food safety audits are currently conducted as part of a firm’s overall quality assurance program. The audits are simultaneously environmental risk assessments, regulatory compliance assessments, evaluations of production processes and analyses of management controls.
Food safety auditors, auditing companies, standard setting and certification bodies, and all players in the produce supply chain share a common interest. These partners should work together through a logical and cooperative approach guided by the best available science, to protect public health, and in so doing, their own interests.
Suggestions for improving the third party food safety auditing processes include:
Changing the roles of the Audit Company, Buyer, and Customer:
Currently, buyers (retailers, middlemen, brokers, marketing groups) require that suppliers schedule and pay for an audit with an auditor or auditing company. Since the auditee makes such arrangements, they are the customers of the audit firm. The auditor is beholden to the “customer” to establish the time and location of the audit in advance. The auditee also negotiates the price, and can even request a particular auditor, although the final decision as to which auditor to assign in generally left to the auditing firm.
If roles are reversed, and the “buyer” becomes the “customer”, then the buyer would schedule the audit, and the buyer would pay for the auditing firm for the audit. The buyer would then receive the audit report directly and have control over its dissemination. Most importantly, this process would allow for an unannounced audit to occur. Auditing firms know that scores of announced audits are often much lower that announced ones, suggesting observational bias that this method might filter out.
The Buyer, as the Customer, would become the driving force behind audits, their timing, stringency, frequency and interpretation.
Fee arrangements and the practical aspects of doing business may pose hurdles to this approach, but the resulting value to buyers may make this method attractive enough to induce changes in the current business models.
Roles of government and auditing firm:
The Food Safety Modernization Act (FSMA) currently addresses the need for auditor competency when working in post-harvest operations under federal jurisdiction and as part of FDA’s “Foreign Supplier Verification Program”. Auditing companies should require that auditors become fully familiar with existing FDA produce safety guidance and the new requirements of the FSMA, especially the requirements for a hazard analysis and science-based controls.
The FDA should begin an effort to meet with buyers and auditing company executives to discuss partnerships, and establish liaison with them to coordinate their activities around meeting the goals of the FSMA.
The FDA should protect auditors under whistle blower protection provisions and require that the Buyers (as the drivers of the model) provide to them all third party documents related to food safety within 10 days. The third party risk assessment findings should drive the need for FDA to conduct its own rapid response risk assessment within 30 days, if and when necessary to protect public health.
Auditing companies should report “automatic failures” resulting from adulteration to FDA within 24 hours.
Transparent communications should happen between the FDA, auditing firms and buyers. FDA should make known its own compliance records in a timely fashion. Third parties should not audit any facility operating under FDA sanctions until such firms are in substantial compliance.
When third party audit criteria are less stringent than federal rules, their value as a risk assessment tool is negated. Risk assessments, especially newly adopted ones such as Global GAP- should be scrutinized. Currently, the failure to have toilets available to field workers in Global GAP would not trigger an automatic failure, this standard also allows hand gel to replace hand washing, such unsanitary practices are not acceptable under the FSMA.
Reassessments by buyers and auditing firms
A buyer should be required to perform a reassessment either through a third party auditing firm or through its own (2nd party) audit, in any operation where corrective actions must be verified.
The following should trigger a reassessment audit;
- A Critical Control Point failure in a Hazard Analysis Critical Control Point (HACCP) based system.
- An automatic failure of the audit.
- Laboratory or others test indicating a microbial, chemical or physical hazard exists in a facility, product or process.
- Significant noncompliance with FDA rules (when published).
- Significant repeated failures of the food safety management system.
Expanded role of microanalysis
Because auditors have access to a supplier’s micro-testing results, they can base risk assessments on the findings. Expanded micro-testing will allow auditors to make better judgments concerning the microbiological quality of products, equipment, and water used in a wide variety of processes and environments.
The government and science community, including researchers, academicians, and practitioners should work together to enable a more accurate microbial risk assessment.
The future of third party audits
In the short-term, there is no viable substitute for third party risk assessments in fresh produce operations. Buyers are not prepared to audit the many suppliers they have by themsleves, and government bodies are not adequately funded to begin the process of regulating the full multitude of suppliers, domestic and international.
In the long-term, an effective FDA would reduce the need for constant oversight by third parties, but this does not appear to be a certainty given the political and economic picture as it appears today.
Self-audits (internal audits or 1st party audits) are much underutilized. Supplier “self-reporting” directly to buyers could provide data so that audit frequencies could be adjusted using a risk-based approach.
The best alternatives to improve produce safety through third party audits may include:
- · Buyer financing and coordination of the audit
- Unannounced audits
- · FDA involvement in the third party audit process including determining auditor competency, training and oversight
- Risk based frequencies for audits based on self-reporting
- · Transparency of all audit and inspection findings by all concerned
- · Validated physical, chemical and microbial standards
- · Expanded use of 1st and 2nd party audits