How to approve suppliers without a GFSI recognized certificate?
Hello,
We are a company specialised in the manufacturing of thermoformed and injection moulded packaging. Our raw materials for thermoforming are bought directly from the manufacturer and most of them have a GFSi recognised certificate. The raw materials for injection moulding are bought via brokers. The identity of the manufacturers is well known and so far no problem, however none of the manufacturers has a GFSi recognised certificate.
Several attempts by me and our management were done to get the supplier questionnaire completed, to obtain a copy of the audit report and to get a traceability test done but so far no results. What else can be done ? Adapt the scope to exclude them is not an option; adapt the risk category is difficult to explain to a BRC auditor: The materials are intended to come into contact with food. .
Has anyone experienced the same; how can we solve this? Changing supplier is not possible as we already collaborate with several manufacturers and they all react more or less in the same way.
Thanks
Nicole
Hi Nicole,
I'm not closely familiar with BRC packaging standard but I suspect that the conclusion will be analogous to that discussed here previously for food (latter standard has similar text to packaging but is possibly more restrictive), ie, will need new "suppliers".
I assume you have studied the BRC interpretation guidelines (IG) already which seemed to me to offer no further alternatives except that 2 examples shown seemed to imply an allowance for audits/certificates other than GFSI, namely (in the IG example) iso9000. Such an option also exists for food although I don't comprehend the (safety) viability of iso9000 (BRC packaging users here will no doubt be able to clarify/correct my lack of understanding),
So maybe you can get an alternative audit/certificate ?
I anticipate yr dilemma has occurred/been discussed here previously within the BRC Packaging Forum.
I've noticed that the smaller companies don't have issues and accept it that we go and audit them. The raw materials for injection are bought via brokers. The manufacturing companies are hugh multinationals and the amount that we buy is too small to be able to put some pression on them. Each of them is ISO certified but they won't even share their audit reports .They consider it confidential!
Hi NVEK,
This topic comes up quite a bit. Take a look at this link https://www.ifsqn.co...rsdistributors/
There is also a link in that topic to another similar one.
"The manufacturing companies are hugh multinationals and the amount that we buy is too small to be able to put some pression on them. Each of them is ISO certified but they won't even share their audit reports .They consider it confidential!"
Being a cog in one of the evil empires you described there, one thing I would suggest is to take a look at the questionnaire you are sending. I assume your end goal is to evaluate the efficacy of your supplier's food safety systems. If that's the case, perhaps create a minimalist version of your questionnaire or one specifically for the supplier who is giving you push-back. By no means am I suggesting you cut corners, just re-evaluate what is necessary to achieve your end goals.
I've noticed that the smaller companies don't have issues and accept it that we go and audit them. The raw materials for injection are bought via brokers. The manufacturing companies are hugh multinationals and the amount that we buy is too small to be able to put some pression on them. Each of them is ISO certified but they won't even share their audit reports .They consider it confidential!
wow, did I miss where you said that in your posting - about ISO?
Anyway, ask the brokers to get a copy of ISO certificate only (and not the whole audit) - that's all you need.
I've noticed that the smaller companies don't have issues and accept it that we go and audit them. The raw materials for injection are bought via brokers. The manufacturing companies are hugh multinationals and the amount that we buy is too small to be able to put some pression on them. Each of them is ISO certified but they won't even share their audit reports .They consider it confidential!
wow, did I miss where you said that in your posting - about ISO?
Anyway, ask the brokers to get a copy of ISO certificate only (and not the whole audit) - that's all you need.
^^^(red) Based on the comments in OP, I assume you mean iso9001. I cannot see how this could comply with para. 3.7.2 via a Certificate with or w/o an audit report, eg -
3.7.2 The approval procedure shall be based on risk and include either one or a combination of:
• a valid certification to the applicable Global Standard or GFSI-benchmarked standard.
The scope of the certification shall include the raw materials purchased, and the site shall validate any BRCGS certificates using the BRCGS Directory.
• supplier audits, with a scope to include product safety, traceability, HARA review and good manufacturing practices, undertaken by an experienced and demonstrably competent product safety auditor. Where the supplier audit is completed by a second or third party, the company shall be able to:
— demonstrate the competency of the auditor
— confirm that the scope of the audit includes product safety, traceability, HARA review and good manufacturing practices
— obtain and review a copy of the full audit report
or
• where a valid risk-based justification is provided, a satisfactorily completed supplier questionnaire may be used for initial approval. The questionnaire shall have a scope that includes product safety, traceability, HARA review and good manufacturing practices, and it shall have been reviewed and verified by a demonstrably competent person.
(also see my comment in Post 2)
That's interesting. I have seen two BRC Auditors accept that.
That's interesting. I have seen two BRC Auditors accept that.
Hi SQFC,
I just remembered that iso22000 is, of course, not GFSI-recognized so the "ISO" in Post 4 could be iso22000 which could probably meet the criteria in 2nd option of Post 7 providing that a copy of audit report was obtained, etc.
The chances of a polymer manufacturer being certified to a GFSI Standard are negligible. There are too many other sectors that they supply which are more profitable to them so they are just not interested.
You purchase through brokers and you should have greater influence on the broker than manufacturer, (although this can still be fairly small.)
Push the broker for the information, they buy more from the manufacturer than you do and have greater influence.
The traceability can be verified through the broker as in the examples in the Interpretation Guidelines.
It is hard and I have found that you have to really be clear with the broker to get what you want.
The chances of a polymer manufacturer being certified to a GFSI Standard are negligible. There are too many other sectors that they supply which are more profitable to them so they are just not interested.
You purchase through brokers and you should have greater influence on the broker than manufacturer, (although this can still be fairly small.)
Push the broker for the information, they buy more from the manufacturer than you do and have greater influence.
The traceability can be verified through the broker as in the examples in the Interpretation Guidelines.
It is hard and I have found that you have to really be clear with the broker to get what you want.
Hi Foodworker,
^^^^(red) - Does yr opinion equally apply to iso9001 and/or iso22000 ? (See Post 4)
Also, can you explain how, as per the Packaging I.Guidelines example, a certification to iso9000 would contain the haccp component required for approved supplier ? (see Post ,2)
Hi Foodworker,
^^^^(red) - Does yr opinion equally apply to iso9001 and/or iso22000 ? (See Post 4)
In my POV, no, ISO9001 is more generic and we can likely expect them to get it.
Also, can you explain how, as per the Packaging I.Guidelines example, a certification to iso9000 would contain the haccp component required for approved supplier ? (see Post ,2)
I've come to audit few suppliers, it's not cost efficiency for them to apply a full GSFI-certified GMP. Instead, we look at their current GMP (or ISO9001 system) and compare with our own FS risk addressing (pest control, contamination,...) to see what extent they comply. And I've found that they recognise and control certain hazards (e.g. metal contamination by staples in making carton boxes) without knowing about HACCP, ofc some items are missing (safety of process water). My recap:
- GFSI = big plus for supplier approval, somehow ISO22000 is an legitimate equivalent in such an expectation.
- ISO9001 = moderate confidence of a certified systematic GMP, their practices might already reduce (coincidentally) certain FS risks.
Btw, IMO, the example in IG should include risk assessment by us + ISO9001 cert but the margin may be too narrow to contain.
We have a minimum requirement of HACCP and GMP certification for direct food contact packaging manufacturers. We do not accept ISO 9001 as it really doesn't cover off risk to the extent the HACCP programs do. ISO 22200 is an accepted quality certification as it requires HACCP. If they have no 3rd party certification then your acceptance of them as a supplier will be based on your own requirements and assessment of risk of that supplier. We require that all materials have the appropriate food contact compliance and meet the relevant countries packaging requirements. Where the packaging is direct food contact with or without a 3rd party certification, we will audit the vendor, no exceptions. We treat direct food contact packaging manufacturers like they are food manufacturers and they are risk assessed accordingly.
Hi liberator,
This is a point of view of food packaging manufacturers. Their materials are mostly in cruder forms that food ingredients, sometimes very close to raw minerals. The suppliers of those may stay out of the domain of food safety concern. We, a packaging producer, have difficulty to explain to customers (food makers) that the boundary of haccp ends at us.
As a manufacturer of direct food contact packaging (polythene bags.) this is my biggest worry for our forthcoming audit. The smaller suppliers are happy to complete traceability exercises, try asking a big multinational polymer supplier, the best I have is a statement that their ISO 9001 system is sufficient to prove traceability. Not a chance of an audit report. To be fair, when I request Batch specific info it is always forthcoming straight away so this is true but actually fulfilling the requirements of clause 3.7.2 & 3.7.5 I have no chance. I just have to hope that I get an auditor who can see that we are managing our suppliers and Raw materials, to the best of our abilities. If we get a black and white auditor then no hope we will get a CAR.
Have you ever considered using a risk assessment based on the manufacturing process of the raw material, providing an effective kill step, and asking for specific processing information to support / complete the RA. If they have closed systems, which in my experience with plastic processing / pelletizing operations is the case. The process may be sterile enough to allow acceptance by the assessment and the process to make the raw material. Heat, rinse, cooling baths, no touch handling processes, sterile plastic bag / liners etc manufactured on high temp machinery may provide enough safeguards to consider the incoming raw materials safe for use as food packaging. Coming from a plastics background and currently a packaging manufacturing position, with enough solid factual and relevant information, you could support your acceptance of the raw materials.
Hi All,
BRC Packaging Issue 6
I believe you can use an ISO9001 certificate instead of GFSI to approve suppliers. It's in section 3.7.2 Interpretation Guidelines Example at the end of the section.
QUOTE:
"EXAMPLE
"the raw material supplier is certificated to a GFSI-benchmarked standard. Assessment