Requirements for Conducting a Supplier Audit
Hello Everyone,
My boss wants to use two suppliers who are not GFSI certified later this year.....They do not care to become certified any time soon. I know I would have to conduct a supplier audit to ensure they meet our requirements.
I was a third-party auditor before this position so I have some experience auditing other facilities. Can anyone advise me on what is required to ensure our procedure/audit is SQF approved? I would greatly appreciate a supplier audit checklist or another resource I can use.
Thanks!
What do you produce? What are they supplying?
They are supplying root vegetables.
We minimally process them and then send them out to distributors for further processing.
In my opinion it would depend on your processes accommodating the level of food safety and quality of the product coming in and what you do to ensure you provide the necessary steps to ensure a safe product leaves your facility. For instance, if a supplier sends you root vegetables that have a high level of soil still attached and it poses say an e coli risk, if your first step is a cleaning and sanitizing process, the level of contaminant coming in is almost irrelevant since your process addresses it. I realize this is an over simplification, but if you perform a risk assessment and all of the identified risks are eliminated or reduced to an acceptable level through your processes, the risk level of dirty veg's coming in would be considered low. Therefore, you could accept a supplier that is not GFSI certified with the reason that your processes reduce or eliminate any food safety risks coming from your supplier. Nothing says you have to only use certified suppliers (unless it's internal), just approved suppliers and the criteria for determining if they are approved is up to you, you set that level. All that being said, the movement is and has been for that last 8 - 10 years toward GFSI certification throughout the food supply chain. Some (especially smaller) companies are going to be swallowed up by other (sometimes even smaller) companies that have the certification because their customers are demanding it. It's OK to put pressure on your suppliers to move toward certification, it being to their benefit in the long run but if they don't it's not the end of the world (yet) :lol2:
Hi Mark, you may benefit form attending our supplier auditor training taking place this Friday.
Find out more here:
https://www.ifsqn.co...s?show=upcoming
Regards,
Simon
When I have done audits in the past I would look at their management commitment, facility conditions, HACCP, GMP's, Cleaning and Sanitation, Employee training, traceability and recall, pest control, and food defense. You need a good supplier approval process in place. I use a decision tree. If they do not have GFSI or ISO certification (depending on what they supply to us) I have a check list that they have to meet. Can they supply proof of recall program, food defense plan, allergen control plan, letter of guarantee, and COC/COA. Then I look and see if they have had any FDA warning letters in the past 2 years. Then make my decision. If I am not satisfied then I would do a 3rd party audit of their facility. It's all in your approval process. Make an approval process that meets your companies needs and that is going to ensure you get and supply safe quality food.
HI Mark - either you or an independent auditor can conduct a standard 3rd party audit.
Considering that the suppliers are NOT contract manufacturers they are not required to be GFSI certified.
Hi Mark,
I deduce that you work for a Company which is either already SQF certified or intends to be such.
As implied by previous post there seems to be some confusion in this thread.
I'm not a SQF user but the answer to yr OP seems to be included within clause 2.4.4 and detailed in clause 2.4.4.8.
The requirements of 2.4.4.8 are further detailed in a large body of text in the SQF Guidance which I suggest you might usefully consult. For example, regarding yr raw material supplier (see" B" below) -
An approved supplier program is a set of procedures implemented by the supplier [= (as I interpret) receiver/manufacturer = A] to assure the safety of incoming goods and services. It may be based on the safety risk presented by the raw material, or based on historical performance or prior history of the supplier [= (as I interpret) raw material supplier = B]
What do I have to do?
The supplier [A] must be able to provide documented evidence that incoming materials have either been inspected or that they come from an approved supplier [B] . The methods for selecting, evaluating, approving and monitoring an approved supplier [B] must be documented. This will be risk-based and may be as simple as a good supply history, sourcing from certified suppliers [B] (e.g., SQF certified suppliers) or personally auditing/inspecting the material supplier’s[B] operations, depending on risk, supplier [B] knowledge and past history. The same principles for approved suppliers [B] extend to the sites internal [suppliers B2?] or suppliers [B3] that are under the same corporate ownership, even if they are under the same food safety management system (i.e., egg producers that feed into an egg processing site or roasted nut operation feeding into a nut butter site).
The supplier [A] must require their material suppliers [B] to verify they are complying with specifications for the products supplied. The methods of analyses must conform to recognized industry standards (refer to 2.5.6). The job functions responsible within the supplier [A] business for material inspections and supplier [B] approval must be included in the job descriptions outlined in 2.1.3.2.
The approved supplier [A] program must include providers [D] of contract services such as transport, pest control, maintenance, labor hire, etc. The program will identify methods to ensure service providers and their staff adhere to the specifications outlined in 2.3.3.
The supplier [A] must maintain a list of approved suppliers [B], including contract service providers [D]. All providers of goods and services must be included on the register. The approved supplier program shall be reviewed at least annually (refer to 2.1.3.3) or more frequently, based on supplier performance.
The receipt of raw materials from non-approved suppliers [C] is acceptable, but only in an emergency situation, and provided the materials are inspected before use. Records of the use of non-approved suppliers [C] and their inspections shall be maintained.The site [A] shall also include, as part of their food defence plan (refer to 2.7.1.1), a means to secure incoming materials to prevent intentional adulteration and contamination
As part of the food fraud plan (refer to 2.7.2.1 and 2.7.2.2) the site [A] shall include within the vulnerability assessment and mitigation plan the potential risks for economic adulteration that may impact food safety for all incoming materials. Vulnerabilities may include ingredient substitution, mislabelling, dilution or counterfeiting. It is important to include minor ingredients such as spices, additives, and processing aids. These materials are often overlooked but many have a high rate of fraud.
2.4.4 Auditing Guidance
During the desk audit, the auditor shall review the documented approved supplier program. However, compliance to this element will mainly be reviewed during the site audits. The approved supplier [ B] will be audited by interview, observation and review of records. Evidence may include: Review of the documented approved supplier program to ensure all materials and services that may impact on product safety are included;
The risk rating applied to suppliers [B] is identified and controls implemented;
There is a register of approved suppliers [B];
All materials or services in-use are included on the supplier [B] register or listed as a non-approved supplier [C];
Approval methods test for compliance with agreed specifications (refer to 2.3.2, 2.3.3);
The program specifies actions to be taken when non-compliance is identified;
Documented test/inspection methods and corrective actions have been followed;
Relevant staff are aware of their responsibilities and duties with regard to inspection and receiving of incoming goods;
The approved supplier program is modified based on supplier [B] performance;
Thank you all so much for your feedback!! I may have to update our supplier approval program.
We are SQF Certified; in the supplier approval program (in short), we have them fill out a questionnaire, provide a certificate and then we check our criteria to ensure that they check off X amount of boxes to be considered approved. We have 3 suppliers that are not GFSI certified BUT have other food safety systems in place so we did not have any issue accepting them.
I guess this stumped me because these suppliers that my boss would like to start using do not have a formal food safety program in place (no certification) otherwise they would be accepted. I assume they do not have sufficient records, as they are a small family run business of farmers and do not feel food safety systems are necessary. My boss even hinted to them that they should consider looking into some type of food safety system. I do not see them taking this advice anytime soon.
I am considering what Hoosiersmoker said with focusing more on the level of risk. Our products are low risk, arrive pre-washed. I guess I am just hesitant that an auditor will not accept the fact that they were not audited by us or a third-party on our behalf. Thank you PennyQCManager for the criteria that you follow it is helpful to know what to focus on should we proceed to audit.
Mark
Thank you all so much for your feedback!! I may have to update our supplier approval program.
We are SQF Certified; in the supplier approval program (in short), we have them fill out a questionnaire, provide a certificate and then we check our criteria to ensure that they check off X amount of boxes to be considered approved. We have 3 suppliers that are not GFSI certified BUT have other food safety systems in place so we did not have any issue accepting them.
I guess this stumped me because these suppliers that my boss would like to start using do not have a formal food safety program in place (no certification) otherwise they would be accepted. I assume they do not have sufficient records, as they are a small family run business of farmers and do not feel food safety systems are necessary. My boss even hinted to them that they should consider looking into some type of food safety system. I do not see them taking this advice anytime soon.
I am considering what Hoosiersmoker said with focusing more on the level of risk. Our products are low risk, arrive pre-washed. I guess I am just hesitant that an auditor will not accept the fact that they were not audited by us or a third-party on our behalf. Thank you PennyQCManager for the criteria that you follow it is helpful to know what to focus on should we proceed to audit.
Mark
Note the opening comment -
It may be based on the safety risk presented by the raw material, or based on historical performance or prior history of the supplier [= (as I interpret) raw material supplier = B]
This is often the situation IMEX where raw material comes more or less directly from "natural" sources, eg the land, the sea. It is what it is. Nonetheless, this immediately places monitoring/testing responsibility onto the receiver.
GAP systems offer one "prerequisite" option.