CCP vs oPRP in FSSC
Hi all,
We underwent a surveillance audit today for FSSC and was given a recommendation from the auditor to look again whether sieves/filters are oPRPs and not CCPs. We use sieves as a final control step and have deduced from a risk assessment/HACCP Codex tree why these were CCPs yet he insists that these are oPRPs.
His rationale behind it is that these have no critical limits (like time or temperature) but only set limits. He believes the function of oPRPs and CCPs are the same (i.e. you still have to action if there is an issue), however it is the limits and terminology issue are what differs from each other.
What are your thoughts on this? Would like your comments!
Many thanks,
Acef2104
Hi all,
We underwent a surveillance audit today for FSSC and was given a recommendation from the auditor to look again whether sieves/filters are oPRPs and not CCPs. We use sieves as a final control step and have deduced from a risk assessment/HACCP Codex tree why these were CCPs yet he insists that these are oPRPs.
His rationale behind it is that these have no critical limits (like time or temperature) but only set limits. He believes the function of oPRPs and CCPs are the same (i.e. you still have to action if there is an issue), however it is the limits and terminology issue are what differs from each other.
What are your thoughts on this? Would like your comments!
Many thanks,
Acef2104
Hi ace,
I assume the product is food
Clause 10.4 of iso22002-1 suggests that the use of a sieve can be regarded as a PRP. This would appear the easiest way to resolve your disagreement.
If you still wish to retain sieve stage as a CCP, some context might assist, eg
product
process
hazard to be controlled by sieve, eg metal ?
acceptable level of hazard being controlled ?
procedure used to differentiate CCP/oprp, eg Procert tree?
critical limit(s) currently used for the sieve CCP ?.
IMEX the typical CCP critical limit for sieve/foreign materials is "Integrity". IIRC, iso22000 does not mandate that CLs must be numeric.
Nonetheless, a sieve stage typically does not allow continouous monitoring. This will exclude a CCP option for some decision trees, ie >>> oprp.
Back in the day when I worked in a bakery:
Sieve was initially a CP. But the staff were very naughty and always damaging them.
Due to how severely damaged they were and how often they were being replaced we implemented the following:
- Changed on HACCP plans from a CP to a CCP
- Documented staff training
- Ongoing monitoring of staff
- Daily monitoring of sieve
- Ongoing one on one conversations with staff
- Staff performance review for those that refused to change
- Due to it being a CCP, we had to implement a form to verify critical limits were being met (no damage)
- Further staff training/monitoring/performance mgt and daily GMP audits of the new form being completed correctly and staff were being diligent and responsible
- Changed the type of sieves being used to ensure they worked with staff. We moved from small ones (too small and being banged against bowl, hence the damages) to a custom-made large one (too heavy therefore not being used), to building a tray holder that held the large one in place and task conducted by two people (quicker, less should strain)
- We also: ensured suppliers of all flours delivered their Certificates of Analysis with the raw material. Therefore: sifting was only required for certain flours, not the bulk of flour used
One year later, during the following external audit, the following were observed:
- The number of damaged sieves were significantly reduced
- Staff FINALLY understood the importance of having a working non-damaged sieve
- Less physical contaminate issues relating to non-sifting
- We were able to downgrade the CCP back to a CP, but left monitoring on the GMP audit
Hi Acef2104
If you have completed your hazard analysis / CCP decision tree - stick with that. It is not the auditors role to tell you what you should have as a CCP and what not to have. Their role is to assess your compliance against the assessment criteria. As long as you can justify, through hazard analysis, your decision to include or not include, that is where your focus should be.
If you have the sieve as your last point of control I would see the critical limit being "product must pass through operational sieve". You can then define what 'operational' means eg. intact, no holes, not damaged.
Just my 2 cents worth.
Cheers
Amanda
I am aware this topic is a year old, but it still remains a problem. The revised ISO22000 professes to clarify the difference between OPRP and CCP. After studying the revised Standard it is still not clear to me. Auditors recently have queried the use of an alternative decision tree to codex. In answer to this, I drew up the following justification.
Both decision trees in Codex, and ISO22000 are not prescriptive but provided as guidance. Codex does not make provision for OPRP’s.
ISO 22000 has been developed as an auditable standard. However, individual organizations are free to choose the necessary methods and approaches to fulfil the requirements of the Standard. Clause 7.4.4 states: “The methodology and parameters used for this categorization (Categorization of Control Measures as OPRP’s or CCPs) shall be described in documents, and the results of the assessment shall be recorded.”
ISO22004 (which is a guideline for ISO22000) states:
“Categorization of control measures: The organization may focus on having as many of the control measures as possible managed by operational PRPs and only a few managed by the HACCP plan, or the opposite. It should be noted that, in certain cases, no CCP can be identified, for example because monitoring results cannot be provided within an adequate time frame. Based on the hazard assessment of 7.4.3, an appropriate combination of control measures shall be selected which is capable of preventing, eliminating or reducing these food safety hazards to defined acceptable levels.”
It is for the reason highlighted, that an additional question has been added to the decision tree relating to “time-frame”.
To support the above, this topic was identified and discussed during the meetings of the expert panel of ISO/TC 34/SC 17 during the revision of ISO TS 22004. The experts made a consensual decision about it. The decision tree is not a requirement of ISO 22000, and the experts do not recognize the need to have a decision tree for categorizing PRP, OPRP, and CCP. It is just one tool that may be used to categorize PRPs, OPRPs, and CCPs.
I am of the opinion that where continuous monitoring is not possible,- metal detectors, sieves, magnets – are OPRP’s.
I am aware this topic is a year old, but it still remains a problem. The revised ISO22000 professes to clarify the difference between OPRP and CCP. After studying the revised Standard it is still not clear to me. Auditors recently have queried the use of an alternative decision tree to codex. In answer to this, I drew up the following justification.
Both decision trees in Codex, and ISO22000 are not prescriptive but provided as guidance. Codex does not make provision for OPRP’s.
ISO 22000 has been developed as an auditable standard. However, individual organizations are free to choose the necessary methods and approaches to fulfil the requirements of the Standard. Clause 7.4.4 states: “The methodology and parameters used for this categorization (Categorization of Control Measures as OPRP’s or CCPs) shall be described in documents, and the results of the assessment shall be recorded.”
ISO22004 (which is a guideline for ISO22000) states:
“Categorization of control measures: The organization may focus on having as many of the control measures as possible managed by operational PRPs and only a few managed by the HACCP plan, or the opposite. It should be noted that, in certain cases, no CCP can be identified, for example because monitoring results cannot be provided within an adequate time frame. Based on the hazard assessment of 7.4.3, an appropriate combination of control measures shall be selected which is capable of preventing, eliminating or reducing these food safety hazards to defined acceptable levels.”
It is for the reason highlighted, that an additional question has been added to the decision tree relating to “time-frame”.
To support the above, this topic was identified and discussed during the meetings of the expert panel of ISO/TC 34/SC 17 during the revision of ISO TS 22004. The experts made a consensual decision about it. The decision tree is not a requirement of ISO 22000, and the experts do not recognize the need to have a decision tree for categorizing PRP, OPRP, and CCP. It is just one tool that may be used to categorize PRPs, OPRPs, and CCPs.
I am of the opinion that where continuous monitoring is not possible,- metal detectors, sieves, magnets – are OPRP’s.
Hi Trevor,
Thks yr comments.
Indeed the OPRP/PRP/CCP topic has generated continuous discussion for 13 years as to what it means.
The reality is that since ISO22000 is deliberately generic a multitude of interpretations concerning OPRP (and how to distinguish it) exist which will IMO be equally acceptable to auditors providing that -
(a) no specific non-compliance with the 22000 standard (particularly clause 7.4) and/or 22004 standard is evident.
(b) the methodology is "logical".
(c) a reference to a published example of the utilised methodology (or similar) is providable.
(d) the CCP/OPRP results for the given situation are not significantly different to those usually encountered by the auditor.
Within (a-d), I suggest to seek the simplest available method which "works" for the relevant Product/Process and requires a minimum of effort with respect to validation.
Hello all,
Both CCP and oPRP are done to "eliminate or reduce the hazard to acceptable level.
oPRP- an action
Critical Limit- no
CCP- is a step
Critical Limit - yes
Last step to eliminate or reduce the hazard to acceptable level.
After making hazard analysis, you utilize a decision tree that is easy for your team to grasp. Whatever the outcome, that is. Auditor will always give their "opinionated comment" and it varies from one auditor to another depending on their training, knowledge and the certifying body they belong.
regards,
redfox