ISO 22000:2005 Food Safety Management Systems Auditor/Lead Auditor Training Course

ISO 22000:2005 Food Safety
Management Systems Auditor/Lead

Auditor Training Course
Session 1 Objectives
• Describe the course aims, objectives, structure, logistics

• To establish what Students want to gain from the course
and to allow each Student to identify themselves to their
fellow Students
• Understand the role of IRCA (IRCA K4.3.1e)
• Understand the IRCA Food Safety Management Systems
Auditor/Lead Auditor certification scheme criteria and
process (IRCA K4.3.1e)
Copyright © 2007 Business Edge, All Rights Reserved | ISO 22000:2005 Auditor Lead Auditor Course Ireland Revision 4.0
Accelerated Learning Introduction
Unless what is learned is

applied, there is no learning
Active learning beats

Passive learning every time Learning is an act of creation
RULES OF THIS CLASS

-Make mistakes
-Ask lots of questions
-Cheat
-Have fun
What are the order
of the planets from
the sun?
Aims and Objectives
• Describe the fundamental purpose of a Food Safety
Management System (FSMS)
• Explain the purpose, content and interrelationship of:
management system standard ISO 22000:2005 and
guidance document, industry practice; standard operating
procedures; and relevant food safety legislation
• Explain the role of an auditor to plan, conduct, report and
follow up an audit in according with ISO 19011
• Plan, undertake and report an audit of a food safety
management system in accordance with ISO 19011
• Audit the adequacy of an organisation’s Food Safety
Management System
Course Program Day 1
Introduction and Welcome

IRCA and Auditor Registration
Purpose of a Food Safety Management System
HACCP Based Control Systems
ISO 22000:2005 series
The International Register of
Certificated Auditors (IRCA)
• Independent organization within the

Institute of Quality Assurance (IQA)
• IRCA has two principle activities:
– Certification of Auditors
– Certification of Auditor Training
IRCA Food Safety Management
Systems Auditor Certification
Scheme
• The objectives of the Food Safety Scheme;
– To provide confidence to the regulatory

authorities, to the accreditation bodies
and certification bodies, to business and
industry, and indirectly to the public at
large, that auditors certified to this
scheme are competent..
– To benefit the auditor by conferring

registration status
IRCA Food Safety Certification
Categories
• Three certification grades for auditors:
– Food Safety Provisional Auditor

– Food Safety Auditor
– Food Safety Lead Auditor
IRCA Auditor Registration Scheme
Academic Qualification
Formal
Work Experience Auditor Training
Auditing Experience
IRCA Contact Information
Address: IRCA,
PO Box 25120,
12 Grosvenor Crescent,
London SW1X 7ZL
Telephone / Fax: +44 (0)20 7245 6833/

+44 (0)20 7245 6755
E-Mail: fs@irca.org
Website: www.irca.org
• Students become familiar with and understand food/

Food Safety Management System (FSMS) terminology
including key Food Safety concepts
• Students understand the ISO 22000 Process Model and
its relationship with the PDCA cycle
• Students understand food safety risk management and
its significance as a strategic business driver (IRCA
K4.1.1/K4.1.2a)
• Students understand the social and historical aspects of
public health provision (IRCA K4.1.2b)
Key Elements of ISO 22000:2005
ISO 22000:2005 specifies the requirements for a Food
Safety Management System (FSMS) that combines the
following generally recognized key elements:
- Interactive communication
- System management
- prerequisite programmes
- CODEX HACCP principles
It is a specification for any organization in the food

chain
ISO/TC 34, Food Products
ISO 22000:2005 System Management
FMEA
Scope of ISO 22000:2005
Producers of pesticides,
fertilizers, and veterinary
drugs
Crop producers
Food chain for the
production of ingredients
and additives
Feed producers
Regulatory authorities
Transport and storage operators
Primary food producers

Producers of equipment
Producers of cleaning and

Food producers sanitizing agents
Producers of packaging
2nd food processors materials
Service providers
Wholesalers
Food service
operators/caterers
Retailers
Consumers
ISO 22000:2005 and the Food
Chain
ISO 22000:2005 Philosophy
Old Vision New Vision
Do
Process Design
Inspection Check Audit
Plan Improve
Correction
Action
• The primary purpose of a food safety management system is

to achieve a balance between a reactive and a preventative
approach with greater emphasis or statistical weighting on
prevention
• Simply stated, if we can understand what can go

wrong we can prevent it from happening
Definition of Food Safety
• Concept that food will not cause harm to the

consumer when it is prepared and/or eaten according
to its intended use
ISO 22000:2005 3.1
ISO 22000:2005 Process Model
Check
Act Do
Plan
Terms that are often confused
Hazard = agent causing the illness or adverse health affect.
See ISO 22000:2005 3.3
Risk = probability of getting ill be ingesting a certain hazard &
the severity of that illness
Hazard Analysis = Industry task
Risk Analysis = Governmental task
Monitoring – during implementation, verifying that the control
measure functions as intended. See ISO 22000:2005 3.12
Verification – after implementation, verifiable evidence that
the monitoring works and the degree of intended control has
been delivered See ISO 22000:2005 3.16
Validation – prior to implementation, verifiable evidence that
the control measure is capable of delivering the needed
objectives See ISO 22000:2005 3.15
Purpose of a Food Safety
Management System
• Organization provides safe food when it is prepared

and/or eaten according to its intended use
• Demonstrate conformity and compliance
• Evaluate the overall effectiveness/maturity of the
organization’s Food Safety Management System
• Provide a basis for continual improvement
• Demonstrate a food safety culture within the
organization
Food Safety Risk Management
as a Strategic Business Driver
• Secure in the knowledge that the product is safe when
reaching the marketplace
• Legal requirement
• Saves money by targeting resources and reducing the
requirement for end product testing
• Will yield a safer product in less time and at lower cost
which will satisfy customers’ requirements
• Establishes priority for improvement actions
• There is a demand from customers for a recognised
food safety standard
• Assists new product development
• Concept of due diligence
Historical aspects of public
health and food safety provision
• Hunter gatherer to communal life
• First food laws written in 2500 B.C
• Preservation methods – a preventative response
• HACCP predecessors
• HACCP and the space program
• FDA and HACCP
• Regulatory requirement since 1998
Social aspects of public health
and food safety provision
• Food safety management is more important now than ever
before due to:
– Increased number of pathogens on raw foods due to
intensive farming, intensive production and reduced
number of slaughterhouses
– Increase in meals consumed outside the home
– Increase in ready prepared foods
– More foreign holidays
– Increased amounts of exotic imported foods
– Increase in numbers of susceptible people (elderly)
– Reduction in the use of preservatives
Session 3 - Objectives
• Students understand and can describe the CODEX HACCP
based control system (IRCA K4.1.2c,f;K4.2.2a)
• Students understand what is a pre-requisite program and its
importance within a FSMS (IRCA K4.1.2f)
• Students can evaluate the appropriate attribution of risk to
identified hazards and the effectiveness of the organization’s
management of risk through its food safety risk assessment
and control planning (IRCA K4.1.2c,d,e,f; S4.4.2)
• Students determine appropriate operational controls for specific
food safety hazards and evaluate the implementation of
operational risk control, monitoring and measurement (IRCA
S4.4.3)
CODEX - Application of a HACCP
based hazard control system
Five Steps Seven Principles
• Assemble the HACCP team • Carry out Hazard Analysis
• Describe the product and list the control measures
• Identify the intended use • Determine the Critical Control
• Construct a flow diagram Points (CCPs)
• Confirm accuracy of the flow • Establish Critical Limits for
diagram each CCP
• Establish monitoring system
for each CCP
• Establish corrective actions
• Establish verification
procedures
• Establish documentation and
record keeping
Definition of a Control
Measure
(Food Safety) action or activity that can be used to prevent

or eliminate a food safety hazard or reduce it to an
acceptable level
ISO 22000:2005 3.7
Definition of a Pre-Requisite
Program (PRP)
Basic conditions and activities that are

necessary to maintain a hygienic
environment throughout the food chain
suitable for the production, handling, storage and
provision of safe end products and safe food for
human consumption
ISO 22000:2005 3.8
Definition of an Operational
Pre-Requisite Program O-PRP
PRP identified by the hazard analysis as essential in
order to control the likelihood of introducing food safety
hazards to and/or the contamination or proliferation of
food safety hazards in the product(s) and safe food for
consumption
ISO 22000:2005 3.9
HACCP/FSMS Relationship
HACCP based control system v’s
ISO 22000:2005 (FSMS)
• Starting point Flow • Starting point Output/Input
diagram • Controls needed/not needed
• What can go wrong (events) ? • Focus on determining the
• Focus on determining the CCPs control measure combinations
• Limited documentation of • Full documentation of hazard
hazard analysis analysis
• Tends to result in a static • Encourages dynamic control
control system systems
• Semi-quantitative approach • Enables a quantitative
(zero-tolerance/ALARA) approach (FSO/PO approach)
Products or new products
Raw materials, ingredients and

services
Production systems and equipment
Production premises, location of

equipment, surrounding environment
Cleaning and sanitation

programmes
Packaging, storage and distribution

systems
House of Safe Food
Personnel qualification levels and/or

allocation of responsibilities and
House of Safe Food
HACCP based control system
authorizations
Representative Prerequisite Programs
Food Safety Management System
Statutors and regulatory

requirements
Knowledge regarding food safety

hazards and control measures
• Students understand the evolution of Food Safety
Management System Standards and the ISO 22000:2005
series (IRCA K4.2.1; K4.1.1; K4.2.2d)
• Students understand the requirements of ISO 22000:2005
and can apply the requirements consistently in the food
chain of relevant food category businesses (IRCA
K4.2.2b)
Evolution of ISO 22000:2005
Standard Series
• CODEX HACCP principles
• National and voluntarily to International

Management Standards
• ISO 9001:2000 and 15161:2002
• ISO 22000:2005 Standard series
ISO 22000:2005 Standard
Series Objectives
• Complying with CODEX HACCP principles
• Harmonizing voluntarily to international management

standards
• Provides a specification for requirements that can be

assessed and achieve certification, either self declaration
or for first, second and third party verification
• Is aligned with other management systems standards (ISO

9001:2000, ISO 14001:2004)
ISO 22000:2005 Standard Series
ISO 22000:2005 is the first in a family of standards that includes
the following documents:
• ISO/TS 22004, Food safety management systems –

Guidance on the application of ISO 22000:2005, November
2005, provides guidance for ISO 22000.
• ISO/TS 22003, Food safety management systems –
Requirements for bodies providing audit and certification
of food safety management systems, providing harmonized
guidance for the accreditation (approval) of ISO 22000
certification bodies and defining the rules for auditing a
food safety management system - first quarter of 2006.
• ISO 22005, Traceability in the feed and food chain –
General principles and guidance for system design and
development.
• Students understand the International Accreditation Forum
(IAF) interpretations and guidelines for 3rd party Certification
Bodies (Registrars) (IRCA K4.3.1b)
• Students understand the system of accredited certification

including the functions of the Accreditation Bodies and
Certification Bodies (Registrars) (IRCA K4.3.1c; K4.3.5d)
• Students understand the existence of private schemes and

their differences in content and operations, e.g. BRC,
Eurepgap (IRCA K4.3.1d)
International Accreditation
Forum (IAF)
• The International Accreditation Forum, Inc. (IAF) is the world

association of Conformity Assessment Accreditation Bodies
• Its primary function is to develop a single worldwide program

of conformity assessment which reduces risk for business and
its customers by assuring them that accredited certificates
may be relied upon.
IAF Guidance Documents GD Series
• IAF publishes Guidance documents commonly called GD
documents. IAF Guidance documents are not intended to
establish, interpret, subtract from or add to the requirements
of any ISO/IEC Guide but simply to assure consistent
application of those Guides.
• Copies of all published IAF Guidance to the application of

ISO/IEC Guides are available at www.iaf.nu
Infra-structure for Registration
of Management Systems
International
Accreditation Forum
Regional Accreditation
National Accreditation
Board(s)
Quality/
Environmental
Application For Product Approval Personnel Approval
Management NAB AUDIT
Accreditation EN45011 EN45013
Systems
EN45012
Certification Body
Application for Audit & Surveillance

Registration by Certification Body
Industry
Consumers and
Purchasers
Roles Of Accreditation &
Certification Bodies
Accreditation Body Certification Body
• Operate the Accreditation • Provide a service in line with
system for Laboratories, the requirements of the EN
Attestors/Attestation bodies 45000 series/ISO Guide 62 and
and Certification Bodies or shortly ISO 17021:2006
Registrars
• Provide certification in line with
• Provide accreditation in line their accredited scope
with their accreditation field
• Issue a Certificate of
Registration to organisations
who meet the requirement of
the relevant System Standard
Types of Conformity Assessments
• Preliminary Assessment (Mock/Trial)
• Initial Registration assessment (System)
• Surveillance assessment (Partial)
• Follow-up assessment (Partial)
• Re-registration assessment (System)
Private Schemes - BRC
• In 1998 the British Retail Consortium, responding to industry
needs, developed and introduced the BRC Food Technical
Standard to be used to evaluate manufacturers of retailers
own brand food products.
• The Standards are available in Food, Consumer Products,

Packaging and Non GM Food Standards
• Further details on the BRC can be found on their website

http:// www.brc.org.uk
Private Schemes - EurepGap
• EurepGAP started in 1997 as an initiative of retailers
belonging to the Euro-Retailer Produce Working Group
(EUREP). It has subsequently evolved into an equal
partnership of agricultural producers and their retail
customers. Our Mission is to develop widely accepted
standards and procedures for the global certification of Good
Agricultural Practices (GAP).
• EurepGAP has Standards covering fruit and vegetables;

flower and ornamentals; integrated farm assurance;
integrated aqua culture assurance; green coffee etc. The
standards are based on best practices.
• Further details on EurepGAP can be found on this website

http://www.eurep.org
• Students identify and describe the documents and records
required by ISO 22000:2005 including hierarchy and
benefits of a documented FSMS. This includes the
difference between a document and a record (IRCA
K4.2.2c)
• Students know what the key document types looks like

including their contents (IRCAK4.4.2c)
• Students understand the importance of documents of

external origin, how they should be controlled and managed
including the difference between auditable standards and
guidance documents (IRCA K4.2.2c)
• Students understand the different methods of controlling

and managing documents and the implications for Auditors
Objectives of ISO 22000:2005
Standards
• ISO requires (and always has required) a
“Documented food safety management system”,
and not a “system of documents”
• ISO 22000:2005 allows an organisation flexibility

in the way it chooses to document its FSMS. This enables
each individual organisation to develop the minimum
amount of documentation needed in order to
demonstrate the effective development, implementation
and updating of the FSMS, when necessary
Typical FSMS Documentation
Hierarchy
POLICIES
OBJECTIVES
Hazard Analysis/
Control Measure
Combinations
PROCESSES
SUPPORTING
DOCUMENTATION
Benefits of a documented
FSMS
• Demonstrate conformity + compliance

• Due Diligence
• Communication
• Training & Development
• Marketing
• Auditing
• Students understand the framework of relevant regional,
national and local legislation, codes of practice etc., and the
interaction between the food organization and the relevant
authorities (IRCA K4.2.4)
• Students have the skills to determine the legislative and

regulatory items appropriate to specific food chain activities
and the appropriate activities for an organization to maintain
compliance with legislative and regulatory requirements
(IRCA S4.4.1)
• Students have the skills to evaluate the capability of an

organization to maintain compliance with legislative
requirements (IRCA S4.4.4)
Origins of Food Safety Legislation
• Global food safety/health issues

• Increasing scientific understanding
• Increased consumer debate on food safety issues
• Drivers for economic change
• Consumer pressure groups
• Government policies on freedom of information
Food Safety Problems
• Major incidents involving impact on human health
• Labeling
• Use of Harmful substances
• Hygiene Standards
• Enforcement controls
Issues for Industry
• Consumer concerns
• Consumer information/Rapid Alerts
• Prohibition of certain substances
• Labelling
• Food safety enforcement controls
• Food safety legislation
“The Response”
• International
– Establishment of the Food Safety Agency (FDA, EFSA)
– Closer integration with International Bodies, e.g. United
Nations’ Codex Alimentarius, World Trade Organisation
etc.
• National
– Establishment of National Food Safety Agencies
– Sector Quality Schemes
• Local
– Service contracts
– Switch from reliance on inspection alone to audit and
inspection
Business Response
• Stronger emphasis on quality
• Adoption of HACCP based control systems
• Support Quality Schemes

– Bord Bia (Ireland)
Types of Legislation
• Regulations
– same law throughout Community
• Directives
– sets out aims to be achieved for countries to enact local
laws
• Decisions
– as regulations but addressed to specific individuals,
companies or states
• Recommendations
– not binding, but may influence policy
European Union Food Safety Policy
Objectives
• Food must be safe, wholesome and healthy
• Protect human health
• Promote international action to tackle regional or global

problems
European Union Food Safety Policy
Principles
• Aim for a high level of protection
• Shared responsibility
• Precautionary principle, where appropriate
• Subsidiary principle
Topics of Legislation
• Food Law, European Food Safety Authority
• Hygiene
• Residues
• BSE
• GM Food
• Hormones
• Supplements
• Contaminants
• Additives
• Labelling
• Flavourings
ISO 22000:2005 Requirements
• General Requirements, reference 4.1
• Documents Control, reference 4.2.2
• Management Commitment, reference 5.1b, 5.2b
• External Communication, reference 5.6.1c
• Internal Communication, reference 5.6.2h
• Competence, Awareness and training, reference 6.2.2a
• Prerequisite programmes (PRPs) reference 7.2.2/7.2.3
• Product characteristics, reference 7.3.3
• Process steps and control measures, reference 7.3.5.2
• Hazard analysis, reference 7.4.2.3
• Product withdrawals, reference 7.10.4a,b
• Students have a common definition of employee

competence and are able to distinguish between
training and competence (IRCA K4.4.2b)
• Students understand the critical elements of
employee competence including the relationship with
organization capability and performance (IRCA
K4.4.2b)
• Students have a methodology for assessing the
effectiveness of an organization’s employee
competence system and it’s contribution to business
performance (IRCA K4.4.2b)
ISO 22000:2005 Human Resource
Requirements
• People are competent rather than qualified
• Organizations must provide training or other actions to

satisfy competency needs and the training or actions
must be evaluated for effectiveness
• Personnel in the organization must be aware of the

relevance and importance of their activities and how
they contribute to the achievement of the quality
objectives
• Training records need to include education, skills and

experience
ISO 9000:2005 Definition of
Competency
• ISO 9000:2005 defines competency as “the demonstrated
ability to apply knowledge and skills” – what a person
needs to be doing to demonstrate he or she is competent
• Competencies needs to be defined for hourly and
management staff
• Competencies may be established for a specific position,
family of positions or cluster of jobs
• There are essentially two types of competencies, namely
soft (visible leadership, good listening skills) and hard
(planning, scheduling, controlling work or processes)
• Minimum competencies for managers and supervisors,
whereas for hourly personnel the focus is typically on the
hard skills
• Students understand the scope, principles, terms and
requirements of ISO 19011:2002
• Students will understand the key auditing terms and
principles of auditing
• Students will understand what is expected of an audit
management program and show to assess the
effectiveness of an organization’s internal audit
program
• Students will understand the life cycle of an audit and
key activities (IRCA K4.3.2a)
• Students will understand the competencies required by
Auditors including the relevance of ISO 17024:2003
Introduction and Scope of
ISO 19011:2002
• Both the ISO 9000 and ISO 14000 series of standards emphasise
the importance of audits as a management tool for monitoring
and verifying the effective implementation of an
organization's policy for quality and/or environmental
management
• This International Standard provides guidance on conducting

internal or external QMS and/or EMS audits,
audits as well as on
the management of audit programmes
• It is discretionary whether or not QMS and/or EMS audits are

conducted separately or together
• This International Standard can be applied to other

management system standards
Key Terms
• Audit,
Audit a systematic, • Audit findings,
findings results of the
independent and documented evaluation of the collected audit
process for obtaining audit evidence against audit criteria.
evidence and evaluating it • Audit conclusion,
conclusion outcome of
objectively to determine the an audit, provided by the audit
extent to which audit criteria team after consideration of the
are fulfilled. audit objectives and all audit
• Audit criteria,
criteria set of policies, findings
procedures or requirements • Auditor,
Auditor person with the
• Audit evidence,
evidence records, competence to conduct an audit
statements of fact or other • Audit Programme,
Programme set of one
information, relevant to the or more audits planned for a
audit criteria and verifiable. specific time frame and directed
towards a specific purpose
• Audit Plan,
Plan description of the
activities and arrangements for
an audit
Principles of Auditing
• Ethical conduct – the foundation of professionalism
• Fair presentation – the obligation to report truthfully
and accurately
• Due professional care – application of diligence and
judgment in auditing
• Independence – the basis for the impartiality and
objectivity of the audit conclusions
approach the rational method for
• Evidence-based approach–
reaching reliable and reproducible audit conclusions in a
systematic audit process
Auditor Competency
Auditor Competence
Quality Generic
Environmental /
Quality Specific knowledge and Food Safety
knowledge and skills skills (7.3.1
and 7.3.2) Environmental /Food safety
(7.3.3)
Specific knowledge and skills
(7.3.4)
• Students understand the process approach including its
significance when auditing management systems (IRCA
K4.2.2a)
• Students know how to assess the capability of a process

and its relationship with a Food Business Organization
(FBO) objectives (IRCA K4.2.2a)
• Students understand the process methodology for

assessing top management in a (FBO) (IRCA K4.3.4c and
S4.5.3b)
• Students can identify potential emergency situations and

can evaluate the planning and capability of an organization
to respond to emergency situations (IRCA S4.4.4)
Understanding the Process
Approach
• ISO 9000:2005 defines a Process as:
– “set of interrelated or interacting activities which transforms
inputs into outputs”
• Processes in an organisation are generally planned and carried
out under controlled conditions to add value
• Data should be gathered to establish process capability and
analyse process performance including input and output
characteristics
The P-D-C-A Cycle
ACT PLAN
How to improve What to do ?
next time
How to do it?
CHECK DO
Did things happen Do what was
according to plan? planned
Approach to Audit Planning
• Verify the organization’s role in the food chain including
scope of registration sought
• Understand the organisation’s food safety goals and

objectives including alignment with the food safety policy
• Understand and verify the Food Safety Management

System framework
• Develop the Audit Plan based on the process steps within

the organization’s food chain/scope of registration sought
• Develop process based Checklist(s)
Understanding the system
approach to management
• Individual processes rarely occur in isolation, namely
outputs from one process typically form part of inputs into
subsequent processes
• Simply stated, a food safety management system comprises
a number of interrelated processes
• Inputs and outputs of these processes can often be related
to both internal and external customers
• Customer feedback of a process output is an important
input to the continual improvement of an organization’s
FSMS
High-Level Process Map
S I P O C
Model
S C
U U
P S
P T
L Inputs Process Outputs O
I M
E E
R R
S S
SIPOC Example
Suppliers Inputs Process Outputs Customers
Statutory &
Various
Regulatory
HACCP Plan FSMS team
Codex Codex Guidelines
Hazard
Customer Product Analysis
Customer Requirements O-PRP Plan Auditors
Scientific Source Scientific Data
Process Steps
Validation of
Hazard Hazard
Preliminary Data Control Measure
Identification Evaluation
Combinations
Emergency Preparedness and
Response
• Identifying potential emergency and accidents
• Emergency and accident response procedure
• Emergency and accident response command and
control structure
• Competence, awareness, and training
• Emergency preparedness and response plan
• Periodic review and testing, where practical
• Students understand basic audit terminology
• Student understand the audit terms, pre-registration,
initial registration, surveillance and re-registration and
the difference between them from an audit perspective
(IRCA K3.3.6e)
• Students understand the purpose of 1st, 2nd, and 3rd
party audits (IRCA K3.3.2a)
• Students understand the qualities and responsibilities of
auditors and the management responsibilities of the
Lead Auditor in managing the audit and the audit team
(IRCA K3.3.3)
• Students understand the need for effective
communication with the Auditee throughout the audit
process (IRCA K3.3.3c; K3.3.5b)
Key Terms
• Audit,
Audit a systematic, • Audit conclusion,
conclusion outcome of
independent and documented an audit, provided by the audit
process for obtaining audit team after consideration of the
evidence and evaluating it audit objectives and all audit
objectively to determine the findings
extent to which audit criteria • Audit client,
client organisation or
are fulfilled. person requesting an audit
• Audit criteria,
criteria set of policies, • Auditee,
ee organisation being
procedures or requirements audited
• Audit evidence,
evidence records, • Auditor,
Auditor person with the
statements of fact or other competence to conduct an audit
information, relevant to the • Audit team,
team one or more
audit criteria and verifiable. auditors conducting an audit,
• Audit findings,
findings results of the supported if needed by technical
evaluation of the collected experts
audit evidence against audit • Audit Plan,
Plan description of the
criteria. activities and arrangements for
an audit
Audit Types & Roles
Internal External
Audit of one’s
1st Party own
organisation
Audit of a
2nd Party Supplier by a
Customer
Audit by an
3rd Party
independent
Body
Systems vs. Conformance /
Effectiveness
ISO Standard FSMS Documentation
Operational Practices
Main Purpose of 1st Party Audits
• To determine if the Food Safety Management System

conforms to the agreed audit criteria
• To ensure the Food Safety Management System has
been effectively implemented and maintained
• To review the efficiency and effectiveness of its
processes
• To identify opportunities for improvement
Main Purpose of 2nd Party Audits
• To evaluate the degree of conformity to customer

product criteria
• To evaluate the effectiveness of the supplier’s Food
Safety Management System
Main purpose of 3rd Party audits
• To provide objective evidence of conformity with the

criteria/requirements of ISO 22000:2005
• To provide objective evidence of the degree of
effectiveness of the Food Safety Management
System
Personal Qualities of an Auditor
• Precise • Integrity
• Reasonable • Organised
• Objective • Not afraid of reporting the
• Fair facts
• Energetic • Astute and analytical
• Sensitive • Listener
• Supportive • Sensitive to local customs
PROFESSIONAL’S
IRCA Code of Conduct
• To act in a trustworthy and unbiased manner

• To disclose any potential conflict of interest
• Not to accept any inducement, gift, commission, discount
or any other profit
• To keep the audit findings confidential
• Not to act any any way prejudicial to the reputation or
interest of the audit organisation or credibility of IRCA
• Co-operate fully in any formal enquiry procedure
Communication during the Audit
• The audit team should confer periodically to
– Exchange information
– Assess audit progress
– Reassign work between audit team members as needed
– Discuss concerns about any issues outside the scope of
the audit
• The Lead Auditor should communicate to the auditee/audit

client any
– Significant risks identified during the audit process

– Concerns about any issues outside the audit scope
– Evidence which indicates audit objectives are unattainable
Auditor Responsibilities
• Understand the purpose, scope and criteria of the audit

• Ensure adequate planning is carried out prior to the audit
• Conduct the audit in a professional manner
• Establish and maintain good relations with employees
• Produce a factual and balanced audit report, in a timely
manner
• Comply with audit organization’s audit rules and guidelines
Lead Auditor Duties and
Responsibilities
• Form a competent and capable audit team
• Be the main focal point of contact with the client organisation

(auditee)
• Conduct any preliminary visits
• Lead and manage the audit team
• Report the audit findings
• Co-ordinate any follow-up activities
Sub-Team Leader Responsibilities
• Support the Lead Auditor
• Co-ordinate and manage the Sub-team
• Communicate to other team(s)
• Assemble evidence
• Report (verbally or in written form) when

requested
• Be available for follow-up reviews
Trainee Auditor Duties and
Responsibilities
• Conduct the audit under the supervision of a
Competent Auditor/Lead Auditor
• Provide feedback to audit organization on learning
experience
• Establish and maintain good relations with
employees
• Comply with audit organization’s audit rules and
guidelines
Technical Expert Duties and
Responsibilities
• Take notes
• Establish and maintain good relations with

employees

guidelines
Translator Duties and
Responsibilities
guidelines

• Take notes
• Establish and maintain good relations with Audit

team and employees
Observer Duties and
Responsibilities
• Not to influence or interfere with the audit

activity - focus on the audit process
• Maintain confidentiality
• Provide feedback to own organisation on learning
experience
Guide Duties and Responsibilities
Assist the Auditors during the audit process by:
• Conducting the Auditors from area to area
• Introducing area manager(s) + employee(s)
• Occasionally providing clarification, when requested
• Obtaining additional support documentation, if requested
• Ensure rules concerning site safety and security

procedures are known and respected by audit team
members
Consultant Duties and
Responsibilities
• Not to influence or interfere with the audit activity,

findings or audit conclusion
• Provide feedback/input to the client on audit findings

and/or audit performance
• Due professional care
Auditee Responsibilities
• Create the ‘right environment’ for the audit to take place
• Ensure employee(s) are aware of the audit
• Support the audit process by providing facilities and

support services, when requested
• Support the agreed audit plan
• Provide access to people, processes, products, areas, and

data and records
• Ensure the audit team receive open co-operation

throughout the audit
• Students know the activities and task to be completed during the
planning phase of the audit life cycle (IRCA K3.3.4a, c; S3.4.1)
• Students know how to approach an organization which does not
have a formal documented FSMS based on ISO 9001:2000 (IRCA
K3.3.4f)
• Students have the skill to conduct a document review, determine its
conformity and whether there is adequate arrangements to justify
proceeding with the on-site audit (IRCA K3.3.4b; S3.4.2a)
• Students have the skill to develop an audit plan based on the scope
of registration sought and the food chain process steps of the
organization (IRCA K3.3.4 S3.4.2d)
• Students have the knowledge and skill to develop and technically
assess a process based checklist (IRCA K3.3.4e, f; S3.4.2e)
Main activities during the
Planning Phase
Initiating the Audit Preparing for the Audit
• Agreeing the audit • Forming a competent

objectives, scope and audit team/audit team
criteria assignments
• Communicating with • Developing an audit

the Auditee/Audit plan
Client
• Creating process
• Determining the based checklists
feasibility of the audit
• Holding an audit team
briefing, if required
Establishing Initial Contact with
the Auditee
• Establish communication channels with Auditee
Representative/FSMS Team Leader
• Confirm the authority to conduct the audit
• Request access to relevant documents, including records
• Provide information on proposed timing and audit team
composition
• Establish what, if any applicable site safety rules and
PPE
• Make arrangements for the audit
• Agree attendance of Trainee Auditors, Observers and
the need for Guides
Determining the Feasibility of
the Audit
• Verifying and validating the data provided by the

Auditee
• Conducting a preliminary document review
• Conducting a preliminary audit visit
Audit Team Selection
• Audit objectives, scope, criteria and estimated duration
of the audit
• Statutory, regulatory, contractual and accreditation/
certification requirements
• Overall competence of the audit team to needed to
achieve the objectives of the audit including audit team
assignments
• Independence from the activities to be audited including
conflict of interest
• Ability of the audit team to interact with the auditee and
work together
• Availability
What is an Audit Plan?
• Description of the activities and arrangements for an

audit
ISO19011:2002
Factors to be considered when
developing an Audit Plan
• The audit objectives, scope and criteria including the role
of the organization in the food chain
• The product categories, processes and locations/shifts

where the on-site audit activities are to be carried out
• The expected duration and time for the on-site activities

including safety/security requirements
• Persons to be interviewed
• Competency of auditors
• Audit team performance monitoring
Audit Team Briefing
• Introduce team members
• Present a briefing statement about the auditee
• Assign roles and responsibilities
• Distribute relevant audit working documentation
• Ensure specialist team members / technical expert are
clear on the area(s) they need to focus on
• Discuss any queries with the audit plan
• Reconfirm commitment, availability and independence
and impartially of the audit team
What is a Checklist?
• A structured list of points to evaluate
• Identifies and communicates the scope of an audit
• An Auditor’s tool to gather evidence and provide an audit

trail
• Guides the course and controls the pace of an audit
Benefits of a Checklist
• Helps an Auditor understand the food safety hazards,

processes and control measures associated with the
food chain process/activity assigned by the Lead
Auditor/Audit Plan including its significance for the
auditor
• A record agreed audit criteria was checked and audit
objectives fulfilled
• Helps an Auditor manage time in line with the audit
plan and covers agreed audit criteria
• Assists future audit preparation
Key points when developing a
Process-Based Checklist
• Audit objectives and criteria

• Audit sample/time available
• Format of checklist
• Food categories
• Associated risks/hazards and control
measures associated with the food
categories
• Risk assessment techniques in place
Types of Checklists
Standard Customised
• Ready formatted • Constructed as and when

• Facilitates consistency needed
across different area(s) • Usually specific to a
• Uniform questions particular audit
• Can be inflexible • Assists preparation by
• Not suited to all types of Auditee
audit • Demonstrates professional
approach by Audit team
• Students understand the reasons for an Opening

Meeting (IRCA K3.3.5b; S3.4.3a)
• Students know the typical agenda for an Opening

Meeting (IRCA K3.3.5b)
• Students have the skill to be able to run an Opening

Reasons for an Opening Meeting
• Cover the main points of the audit plan

• Courtesy to talk to the Auditee managers and employees
• Create the ‘right’ atmosphere
• Audit process can be explained
• Confirm communication channels
• Expectations can be set
• Questions can be answered
A Typical Opening Meeting Agenda
• Introductions, if applicable
• Confirmation of the objectives, scope and criteria of the
audit
• Confidentiality Statement/Sample
• Confirmation of audit plan
• Outline the audit process and approach
• Explain the reporting method
• Confirmation of availability and roles of guides
• Provide any clarifications which may be required
How to Manage the Opening
Meeting
• Be prepared
• Control the meeting
• Keep it short and stick to the point
• Be professional
• Keep a record of people who attend
What information can be gathered
at an Opening Meeting
• Who the Guides are
• Confirmation employees are aware of the audit
• What the layout of the site/facility is
• Confirmation of support services available
• Confirmation of relevant work safety, emergency and

security procedures for the audit team
• What management’s commitment is
• What the real power structure is
• Students know the activities and tasks to be completed

investigative phase of the audit life cycle
• Students understand the term audit evidence, the
requirement for audit evidence and the primary
methods for obtaining audit evidence (IRCA K3.3.5e)
• Students understand the benefits and limitations of
sampling (IRCA K3.3.5d)
• Students understand and demonstrate the
communication skills required to obtain audit evidence
(IRCA S3.4.3)
• Students know how to manage difficult situations while
obtaining audit evidence (IRCA S3.4.3)
Main activities during the
Performance Phase
• Opening Meeting
• Gathering Evidence
• Writing Audit Finding Reports
• Collating and generating the Final Audit
Report
• Preparing for the Closing Meeting
• Closing Meeting
What is Evidence?
Qualitative or quantitative information, records, or

statements of fact pertaining to:
a. the quality, safety, and environment of the product or

service
b. to the existence and implementation of a
food safety management system requirement
which is based on observation, measurement or test and

which can be independently verified
Procedure for Gathering Evidence
Question/Analyze
Observe/Analyze Check
General Points on Questioning
Techniques
• Use appropriate types of question
• Adopt a logical approach
• Follow a natural sequence
• Actively listen to what is being said
• Use silence appropriately
• Seek clarification, where necessary
• Verify responses, where necessary
Typical Questions
• Information Verification
• How • Show me
• What
• When
• Where
• Who
• Why
Types of Questions
• Open
• Closed
• Hypothetical
• Obvious
• Answered
Observation
• People
• Product and service
• Processes
• Information systems
Taking Notes
• Employee names and job titles
• Product identification
• Quotes and statements
• Rough sketches
• Surroundings
• Issues which may impact other

functions/Audit team members
Mental Notes
• Workload
• Employee behaviour
• Management approach
• Organisation
• Knowledge of business and applicable standards
• Reactions
Reaching Audit Conclusions
Sources of information
Collecting by
appropriate sampling
and verifying
Audit Evidence
Evaluating against audit

criteria
Audit Findings
Reviewing
Audit conclusions
Sampling
• Sample frame/Sample
• Representative
• Random
• Reduced time and costs
Role of the Technical Expert
• Listen
• Watch
• Audit
• Provide expertise
• Take notes
Importance of Audit Team
Performance
• Keep to the original audit plan
• Auditor/Lead auditor checks progress

regularly
• Manage delays
Communication Skills
• Verbal
• Body language
• Style and tone of speech
• Facial
• Range of literacy
Handling Difficult Situations
• Time Wasting • Undermining
• Discrimination • Deception
• Hostility
• Obstruction
• Avoidance
• Usurping Control
• Finger Pointing
• Flattery
• Students understand what a non-conformity audit finding
is and the typical content of a non-conformity and are able
to describe and apply the risk classification system used
(IRCA K3.3.6a,b)
• Students are able to write both a non-conformity (NCR)
and Opportunity for Improvement (OI) audit finding
(S3.3.4a,d)
• Students understand the contents of an audit report and
are able to write one (IRCA S3.4.4b,e)
• Students understand who gets a copy of the audit report,
when, and the retention period
What is a Nonconformity?
• The absence of, or the failure to implement and maintain, one or

more food safety management system requirements, or a
situation which would, on the basis of available objective
evidence, raise significant doubt as to the safety of the
product the organization is supplying
• A nonconformity exists where there is evidence of a failure to
comply with a requirement of a:
Statutory and regulatory requirement

Product or Service Specification
Customer requirement
Process and procedure
Food Safety Management System requirement
Typical Root Causes of
Nonconformities
• Organisation structure
• Management System Standard
• Education and training
• Resources
• Adherence to defined processes and

procedures
• Management leadership and support
• Information
• Legal & Regulatory Requirements
NCR Definitions
• A Major nonconformity is where there is a total break-down or
absence of objective evidence to satisfy one or more food
safety management system requirements, or a situation which
would, on the basis of available objective evidence, raise
significant doubt as to the safety of what the organization is
supplying.
• A Minor nonconformity is where there is a defined and
documented system which generally satisfies one of more food
safety management system requirements, or a situation which
would, on the basis of available objective evidence, raise
concern as to the potential safety of what the organization is
supplying, e.g. the system and/or one or more processes have
not reached an acceptable maturity level.
• An observation/Opportunity for Improvement is a remark by
an Auditor which warrants clarification or investigation so as to
improve the overall effectiveness and/or efficiency of the
organization's Food Safety Management System.
An Audit Report is
• A summary or record of the outcome of an audit, in line

with the agreed audit objectives, scope and criteria
Contents of an Audit Report
• Audit objectives, scope and criteria
• Statement of the confidential nature of contents
• Audit conclusions
• Strengths and Weaknesses
• Number of nonconformities (including classification) and
observations, if any
• Nonconformity/Observation Reports
• Recommendations (risk assessment audit findings), if any
• Obstacles encountered
• Follow-up activities
• Audit Plan
• Audit Checklists (Appendix)
• Identification of the Lead Auditor and team members
• Identification and contact details of Auditee
• Opening/Closing Meeting Minutes
Audit Reporting Principles
• Never loose sight of the basic aim of an audit, namely
to get management commitment to act on the findings
• It should be fair and balanced
• Never point the finger!
• Keep it simple and concise
• Keep the audit outcome confidential
• Publish in a timely manner
Audit Report Approval
• The Auditor/Lead Auditor should sign and date the

final audit report signifying the audit objectives have
been met and the fact the report is accurate and
complete
• The Top Executive and/or Food Safety Team Leader

should sign and date the report to signify agreement
with and commitment to act on the findings
Audit Report Distribution, Timing &
Retention
• Distribution should be limited to the Food Safety Team

Leader and the audit organisation
• Ideally it should be available for the Closing Meeting. If

not, it should be available within an agreed timescale
• It should be retained in accordance with Audit organization

policy and/or regulatory requirements
• Students understand the activities to be covered during a
final team meeting including its importance
• Student can describe the process for collating the findings
of the audit team
• Students know how to manage situations where the
organization’s QMS is deemed not to conform and to
correctly assess the maturity of the organization’s QMS
and risk to the integrity of the registration and supplier
approval (IRCA S3.4.4e, f)
• Students understand the ISO policy on recommendations
and offers of advice
• Students understand the importance of audit follow-up;
the terms correction, corrective action and CAPA process
including responsibilities including the objective evidence
required to demonstrate effective implementation of
CAPA (IRCA K3.3.6c, d; S3.4.4g)
Activities to be covered during the
Final Team Meeting
• Review the audit findings against the audit objectives
• Agree the audit conclusions (recommendation)

recommendation
• Decide your strategy for presenting the findings
• Ensure any nonconformity and/or observation reports

are signed in advance of the closing meeting
• Anticipate possible areas of disagreement
• Decide the follow-up strategy (recommendation)
Process for Collating the Audit
Findings
• Collate all the information

• List the strengths
• Evaluate and distil
• List the weaknesses (Nonconformities)
• Evaluate and distil
• List any observations
• List any obstacles encountered, if any
• Decide the overall conclusion (recommendation)
recommendation
• Decide the follow-up strategy (recommendation)
Lead Auditor’s Facilitation Role
• Lead and maintain control
• Create a positive team climate
• Use the synergy of the audit team
• Remain objective
• Distil and analyse the audit team’s finding’s
In summary, “Keep it simple, add value where practical”
If the Auditee does not conform
• Be mindful of the level of your authority
• Maintain control
• Double check the findings are based upon sound
evidence
• Do not waiver from the intended message
• Ensure the Auditee does not see it as purely a
negative message
• Check the tone and choice of language used
Offers of Advice – Are they a
good idea?
• Promotes a spirit of “were here to help”

• There is no obligation on the part of the Auditee
organisation to implement offers of advice
• There are risks associated with giving advice
Risks associated with Offers
of Advice
• Ownership
• Possible confusion in roles
• Legal and financial
Therefore, never give advice in an external audit.
There is greater scope to give advice in an internal

audit, however the risks albeit small still exist
Contributions during the Closing
Meeting
• The Lead Auditor should always lead and manage the

presentation and deliver the audit report executive
summary
• The Lead Auditor may request individual auditors to

clarify individual nonconformities, if required
• The Lead Auditor should assign an audit team member

to take minutes of the meeting and record attendance
Audit Follow-up, why is it
important ?
• Corrective action takes place in a timely manner
• Corrective action is effective and suitable
• The real benefits of the audit can be realised
• The effectiveness of the audit programme can be

measured
• Students understand the reasons for a Closing Meeting

(IRCA K3.3.5b)
• Students know the typical agenda for a Closing
• Students have the skill to manage a Closing Meeting
and evaluate proposal for corrective action (IRCA
K3.3.5b; S3.4.4b,e,f,g)
• Students understand the audit records to be
maintained during the life cycle of an audit
• Students understand the methods for improving audit
performance including the importance of improving
audit performance
Purpose of a Closing Meeting
• To verbally present the audit team’s findings and

conclusions in such a manner that they are
understood and acknowledged by the auditee, and to
agree, if appropriate, on the time period for the
auditee to present a corrective action plan
Who attends the Closing
Meeting?
• Audit Team Auditee
• Lead Auditor • Top Executive/Manager

• Auditor(s) • Food Safety Team Leader
• Observer(s), if used • Functional Representative(s)
• Guide(s) (Optional)
• Employees (Optional)
A Typical Closing Meeting Agenda
• Re-statement of audit objectives, scope, and criteria

• Representative sample statement/confidentiality
• Audit conclusion - executive summary
• Audit findings – detail
• Follow-up activities
• Obtaining ownership and commitment
• Reporting
• Questions
Hidden Agenda
• Preparation
• Objectivity
• Control
• Constructive attitude
• Professional, businesslike and polite at all

times
• Avoid traps
• Timing
Evaluating CAPA Proposals?
• The Lead Auditor or assigned Auditor technically

assesses the proposed corrective and preventative
action and root cause analysis data
• Ideally the Auditor/Lead Auditor who raised the audit

finding should verify and validate closure of any
nonconformities raised
• CAPA proposals should be received and reviewed

within 10 calendar days or sooner and verified +
validated and closed out within 12 weeks, unless a
variation is granted
Methods for Closing Out Corrective
Actions
• Documentation review
• Re-audit
- Partial
- Full
Audit Objective
• To obtain commitment to act on findings so that the

‘real’ benefits of an audit can be realised.
• The ultimate Auditor is the consumer!

ISO 22000:2005 Food Safety Management Systems Auditor/Lead Auditor Training Course

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

ISO 22000:2005 Food Safety Management Systems Auditor/Lead Auditor Training Course

Загружено:

Авторское право:

Доступные форматы

ISO 22000:2005 Food Safety

Management Systems Auditor/Lead

• Describe the course aims, objectives, structure, logistics

Unless what is learned is

Active learning beats

RULES OF THIS CLASS

Introduction and Welcome

• Independent organization within the

• IRCA has two principle activities:

– To provide confidence to the regulatory

– To benefit the auditor by conferring

– Food Safety Provisional Auditor

Telephone / Fax: +44 (0)20 7245 6833/

• Students become familiar with and understand food/

It is a specification for any organization in the food

Transport and storage operators

Primary food producers

Producers of cleaning and

• The primary purpose of a food safety management system is

• Simply stated, if we can understand what can go

• Concept that food will not cause harm to the

ISO 22000:2005 3.1

• Organization provides safe food when it is prepared

(Food Safety) action or activity that can be used to prevent

ISO 22000:2005 3.7

Basic conditions and activities that are

ISO 22000:2005 3.8

Raw materials, ingredients and

Production systems and equipment

Production premises, location of

Cleaning and sanitation

Packaging, storage and distribution

Personnel qualification levels and/or

HACCP based control system

Statutors and regulatory

Knowledge regarding food safety

• CODEX HACCP principles

• National and voluntarily to International

• ISO 9001:2000 and 15161:2002

• ISO 22000:2005 Standard series

• Harmonizing voluntarily to international management

• Provides a specification for requirements that can be

• Is aligned with other management systems standards (ISO

• ISO/TS 22004, Food safety management systems –

• Students understand the system of accredited certification

• Students understand the existence of private schemes and

• The International Accreditation Forum, Inc. (IAF) is the world

• Its primary function is to develop a single worldwide program

• Copies of all published IAF Guidance to the application of

Application for Audit & Surveillance

• Preliminary Assessment (Mock/Trial)

• Initial Registration assessment (System)

• Surveillance assessment (Partial)

• Follow-up assessment (Partial)

• Re-registration assessment (System)

• The Standards are available in Food, Consumer Products,

• Further details on the BRC can be found on their website

• EurepGAP has Standards covering fruit and vegetables;

• Further details on EurepGAP can be found on this website

• Students know what the key document types looks like

• Students understand the importance of documents of

• Students understand the different methods of controlling

• ISO 22000:2005 allows an organisation flexibility