|
This term refers
to the level of a food safety hazard. An acceptable
safety hazard level is the level that end products
must not exceed. Organizations must consider customer,
statutory, and regulatory requirements when acceptable
safety hazard levels are specified.
They must also use control measures, critical limits, and
action
criteria to ensure that these levels aren’t exceeded.
|
|
Action
criteria are measurable or observable specifications
that are
defined in order to determine whether or not operational
prerequisite programmes (OPRPs) are in control and still
operating as intended.
|
|
The term animal
food refers to both single and multiple products
that are fed to non-food-producing animals (such as pets)
and can
be raw, processed, or semi-processed.
|
|
An audit is an evidence gathering process.
Evidence is used to evaluate
how well audit criteria are being met. Audits must be
objective, impartial,
and independent, and the audit process must be both
systematic and
documented. Audits can be either internal or external.
Internal audits are referred to as first-party audits
while external audits
can be either second or third party. They can also be
combined audits
(when two or more management of different disciplines are
audited
together at the same time).
Audit evidence includes records, factual statements,
and other verifiable
information that is related to the audit criteria being
used. Audit criteria may
be thought of as a reference point and include policies,
requirements, and
other forms of documented information. They are compared
against audit
evidence to determine how well they are being met. Audit
evidence is
used to determine how well policies are being implemented
and
how well requirements are being followed.
For more information about auditing, see our ISO 19011
Auditing Guide at https://www.praxiom.com/19011.htm
|
|
Competence means being able to apply
knowledge and skill to
achieve intended results. Being competent means
having the
knowledge and skill that you need and knowing how to apply
it. Being competent means that you’re qualified to do the
job.
|
|
To conform means to meet a requirement. Since
there are many
kinds of requirements, conformity can take many forms. You
can
conform (or comply) with mandatory requirements like laws
and
regulations or with voluntary requirements such as
contracts,
agreements, codes, and standards.
In the context of food safety management systems, you
can conform
(or comply) with (or to) the ISO 22000 requirements (or
obligations) and
to any additional food safety management requirements (or
obligations)
that your organization establishes for itself.
|
|
A contaminant is a polluting or poisonous
substance that makes
something impure and contamination
refers to the occurrence of a
contaminant in a product or processing environment or the
introduction
of a contaminant into a product or processing environment.
|
|
An organization’s context is its business
environment. It includes
all of the internal and external factors and conditions that
affect its
products and services, have an influence on its FSMS, and
are
relevant to its purpose and strategic direction.
An organization’s external context includes
all of the needs and
expectations of interested
parties, as well as its social, cultural,
legal, technological, regulatory, and competitive environment.
An organization’s internal context includes
its values, culture,
knowledge, and performance.
|
|
In the context of this FSMS standard, continual
improvement is a
set of recurring activities that organizations use to
enhance their safety performance. Continual improvements can
be achieved by carrying out audits, self-assessments, and
management reviews. They can also be
realized by collecting data, analyzing information, setting
objectives,
and taking corrective actions.
|
|
Control measures are actions or activities
that are used to manage
significant food safety hazards. Control measures must be
capable of
preventing or eliminating hazards or reducing them to
acceptable levels.
|
|
A correction
is any action that is taken to eliminate a nonconformity.
In the context of ISO 22000, a correction is any
action that is taken to deal specifically with potentially unsafe
products (nonconforming products).
Corrections
may include the following types of actions: reprocessing
or further processing of potentially unsafe products,
assigning them
to a different use, or simply destroying them.
|
|
Corrective actions are steps that
are taken to eliminate the causes of
existing nonconformities in order to prevent recurrence. The
corrective
action process tries to make sure that existing
nonconformities and
incidents don’t happen again.
|
|
A critical control point (CCP) is the point
(or step) at which a control
measure must be applied. It is a point that is critical or
essential to safety.
It is the point where a control measure can be used to
prevent or eliminate
a food safety hazard or to reduce it to an acceptable level.
|
|
A critical limit is a criterion or boundary
that is used to distinguish
between what is acceptable (safe) and what is unacceptable
(unsafe).
A critical limit is a value of a parameter or variable.
Critical limits or
values are used to ensure that a process produces safe
products.
When critical limits are violated or exceeded,
products are deemed to be
potentially unsafe. Critical limits are established at
critical control points
(CCPs). They are used to determine whether or not a CCP is
still under
control. Whenever critical limits are violated or exceeded,
CCPs are
out of control and the associated products are considered to
be
potentially unsafe.
|
|
The term documented
information refers to information that
must be controlled and maintained
and its supporting medium.
Documented information can be in any format and on any
medium
and can come from any source.
Documented information includes information
about the management
system and related processes. It also includes all the
information that
organizations need to operate and all the information that
they use
to document the results that they achieve (aka records).
|
|
Effectiveness refers to the degree to which
a planned effect is achieved.
Planned activities are effective if these activities are
actually carried out
and planned results are effective if these results are
actually achieved.
|
|
An end product is a finished product. It
requires no further processing
or transformation. However, an end product for one
organization could
be an ingredient or raw material for another (customer)
organization.
|
|
The term feed refers to both single and
multiple products that are fed to
food-producing animals and can be raw, processed, or
semi-processed.
|
|
A flow diagram is a schematic representation
of a series of steps.
It shows how steps are sequentially arranged and specifies
how they
interact. Flow diagrams usually consist of boxes and ovals
(steps)
connected with lines or arrows.
|
|
The term food refers to raw, processed, or
semi-processed substances
and ingredients that are intended for consumption by humans
and animals.
It also includes any substance or ingredient that is used in
the manufacture,
preparation, or treatment of food. It does not, however,
include cosmetics
or tobacco; nor does it include substances and ingredients
that are
used only as drugs.
|
|
The food chain consists of the entire
sequence of stages and operations
involved in the creation and consumption of food products.
This includes
every step from initial production to final consumption. It
includes the
production, processing, distribution, storage, and handling
of all
food and food ingredients.
The food chain also includes organizations
that do not directly handle food.
These include organizations that produce feed for animals
that produce food
and organizations that produce feed for animals that will be
used as food. It
also includes organizations that produce materials that will
eventually
come into contact with food or food ingredients.
|
|
Food contact materials are objects that come
into contact with food,
such as bottles, cans, cartons, knives, forks, cups, and
plates.
|
|
Food defense refers to the protection of food
products and ingredients
from intentional contamination or adulteration by
biological, chemical,
physical, or radiological agents.
|
|
Food fraud is the intentional
misrepresentation or adulteration
of food products or ingredients for economic gain.
|
|
The basic food safety concept is this: food
will not cause adverse health
effects so long as intended use guidelines are followed when
it is prepared or
eaten. Conversely, food is potentially harmful whenever it
has been exposed
to hazardous agents and intended use guidelines have not
been followed.
|
|
A food safety hazard is an agent or condition
that could potentially
cause an adverse human health effect. Agents can be either
biological,
chemical, or physical, and can be either in or on food.
Plus, the condition
of the food itself could be hazardous. Food safety hazards
can also be
found in or on animal feed and feed ingredients. Since these
may be
transferred to food through the consumption of animal
products,
they can also cause adverse human health effects.
Organizations that do not directly handle food and
feed may also
compromise food safety. These include producers of packaging
materials,
cleaning agents, and other products that come into contact
with food or feed.
If such products have been exposed to hazardous agents and
they come into
contact with food or feed, adverse human health effects can
occur.
|
|
A food safety hazard analysis is done in
order to determine which hazards
need to be controlled, how much control is needed, and which
combination
of control measures should be used in order to make sure
that food is safe.
In the context of ISO 22000, a food safety hazard analysis
is carried out
in the following way:
1. Identify your organization’s
food safety hazards.
2. Pinpoint where each hazard may be
introduced.
3. Specify acceptable hazard levels for
each hazard.
4. Assess each hazard and decide how to
control it.
5. Select control measures to control your
hazards.
6. Use OPRPs and CCPs to manage your
hazards.
|
|
A food
safety management system (FSMS)
is one part of a larger
management system and is a set of interrelated or
interacting elements
that organizations use to meet their food safety
compliance obligations,
to address their food safety hazards, and to manage their
food safety risks
and opportunities. These elements include programs,
procedures, practices, plans, rules, roles,
responsibilities, relationships, contracts, agreements,
documents, records, methods, techniques, technologies, and
resources.
NOTE: In spite of the fact that it is all about establishing
a food safety
management system, ISO 22000 does not formally define this
concept.
As a result, we’ve given it a try.
|
|
An interested party
is any person, group, or organization who can affect,
be affected by, or believe that they are affected by a
decision or activity. In
the context of this ISO 22000 standard, an interested party
is anyone who
can affect, be affected by, or believe that they are
affected by the food
safety performance of an organization.
|
|
A lot (or batch) is a defined quantity of a
specific product that is produced,
processed, or packaged under essentially the same basic
conditions.
|
|
The purpose of a management review is to
evaluate the overall performance
of an organization's food safety management system (FSMS)
and to identify
improvement opportunities. Management reviews are carried
out by the
organization's top managers and are done regularly.
|
|
A management system is a set of
interrelated or interacting elements
that organizations use to formulate policies and objectives
and to
establish the processes that
are needed to ensure that policies
are
followed and objectives are achieved. These
elements include
structures, programs, procedures, practices,
plans, rules, roles,
responsibilities, relationships, contracts, agreements, documents,
records, methods, tools, techniques, technologies, and
resources.
There are many types of management systems.
Some of these include
quality management systems,
environmental management
systems,
financial management systems,
information security management
systems, business
continuity management
systems, emergency
management systems, disaster management systems, food safety
management systems, and health and safety management
systems.
The scope or focus of a management system
could be restricted to
a specific function or section of an organization or it
could include
the entire organization. It could even include a function
that cuts
across several organizations.
|
|
Measurement is a process that is used to
determine
a value. In most cases this value will be a quantity.
|
|
To monitor means to determine the status of
an activity, process,
or system at different stages or at different times. In
order to determine
status, you need to supervise and to continually check and
critically
observe the activity, process, or system that is being
monitored.
|
|
Nonconformity is a nonfulfillment or failure
to meet a requirement.
A requirement is a need, expectation, or obligation. It can
be stated
or implied by an organization or interested parties.
|
|
An objective is a result you intend to
achieve. Objectives can be
strategic, tactical, or operational and can apply to an
organization
as a whole or to a system, process, project, product, or
service.
Objectives may also be referred to as targets, aims, goals,
or intended outcomes.
|
|
Operational prerequisite programs (OPRPs) are
control measures or
combinations of control measures that are used to control
significant
food safety hazards.
OPRPs, observations, measurements, and action
criteria are used to
prevent food safety hazards or to reduce the
likelihood that products
will be exposed to such hazards, that they will be
contaminated, and that hazards will proliferate. They are
also used to reduce the likelihood that the processing
environment will be exposed to significant hazards,
that it will
be contaminated, and that such hazards will proliferate in
that environment.
|
|
An organization can be a single person or a
group that achieves its
objectives by using its own
functions, responsibilities, authorities,
and relationships. It can be a company, corporation,
enterprise, firm,
partnership, charity, association,
or institution and can be
either
incorporated or unincorporated
and be either privately or
publicly
owned. It can also be an operating unit that is part of a
larger entity.
|
|
When an organization makes an arrangement
with an outside
organization to perform part of a function or process,
it is referred
to as outsourcing. To outsource means to
ask an external organization
to perform part of a function or process normally done
inhouse. While
an outsourced organization is beyond the scope of your FSMS,
the
outsourced process or function itself falls within your
scope.
|
|
According to ISO, the term performance
refers to a measurable result.
It refers to the measurable results
that activities, processes, products,
services, systems and organizations are able to achieve.
Whenever they
perform well it means
that acceptable results are being achieved and
whenever they perform poorly, unacceptable results
are achieved.
|
|
A policy is a general commitment, direction, or intention and is
formally stated by top management. A quality policy
statement should
express top management's commitment to the implementation
and
improvement of its quality management system and should
allow
managers to set quality objectives.
|
|
Prerequisite programs (PRPs) are the
conditions that must be established
throughout the food chain and the
activities and practices that must be
performed in order to ensure that food products are safe.
PRPs must be
suitable and be capable of producing safe end products and
providing
food that is safe for human consumption.
In order to select the most suitable PRPs,
organizations must consider
their type of organization and their own unique
circumstances, as well
as the capabilities of their suppliers and service
providers. They must
also consider customer needs and expectations; they must
consider
statutory and regulatory requirements; they must consider
good
practices in their segment of the food chain; and they must
consider all relevant standards and guidelines.
|
|
A procedure is a way of carrying out a
process or an activity.
Procedures may or may not be formally documented.
|
|
A process is a set of activities that are
interrelated or that interact
with one another. Processes
use resources to transform inputs
into outputs. Processes are interconnected because the
output
from one process often becomes the input for another
process.
While processes usually transform inputs
into outputs, this
is not always the case. Sometimes inputs become outputs
without transformation.
Organizational processes
should be planned and carried
out under controlled conditions. An effective process is one
that realizes planned activities and achieves planned
results.
|
|
A product is a tangible or intangible output
that is the result of a process. Products can be either
tangible or intangible (a service can be a product).
|
|
A requirement is a need, expectation, or
obligation. It can be stated or
implied by an organization, its customers,
or other interested parties.
A specified requirement is one that has been stated (in a
document for
example), whereas an implied requirement is a need,
expectation, or
obligation that is common practice or customary.
There are many types of requirements. Some of these
include customer
requirements, safety requirements,
safety management requirements,
management requirements, product requirements, service
requirements,
contractual requirements, statutory requirements, and
regulatory
requirements.
|
|
ISO 22000 2018 (3.39) defines risk as the “effect
of uncertainty”. This
rather enigmatic definition is a shorted variation of the
equally enigmatic
version found in the ISO 31000 risk management standard
which defines
risk as the “effect of uncertainty on objectives”.
ISO 31000 goes on to say
that an effect is a positive or negative deviation from what
is expected.
This definition recognizes that all of us operate in
an uncertain world.
There’s always the chance that things will not go according
to plan.
Every step has an element of risk that needs to be managed
and
every outcome is uncertain.
While the official definition thinks of risk as
the “effect of uncertainty”,
a note to this ISO 22000 definition actually seems to reject
it. It says that
“Food safety risk is a function of the probability of an
adverse health effect
and the severity of that effect, consequential to (a)
hazard(s) in food”. This
more traditional definition starts with a “hazard in food”
and then asks:
what is the probability that this hazard will cause an
adverse health
effect and how severe would this effect be?
While ISO 31000 defines risk in a new and unusual
way, the two definitions
are largely compatible. Both definitions talk about the same
phenomena but
from two different perspectives. ISO 31000 provides a
conceptual definition
of risk while the more traditional ISO 22000 formulation
operationalizes this
general definition: it explains how to quantify risk. It
argues that the amount
or level of risk can be calculated by combining probability
and severity.
For more on risk management, please see: https://www.praxiom.com/31000.htm
|
|
Risk assessment is a process that is made up
of three separate
processes: risk identification, risk analysis, and risk
evaluation. Risk
identification is a process that is used to find,
recognize, and describe
the risks that could affect the achievement of objectives. Risk
analysis
is a process that is used to understand the nature, sources,
and causes
of the risks that you have identified and to estimate the
level of risk. It
is also used to study impacts and consequences and to
examine the
controls that exist. Risk evaluation is a process
that is used to
compare risk analysis results with risk criteria in order to
determine whether or not a specified level of risk is
acceptable or tolerable.
|
|
Risk criteria are terms of reference and are
used to evaluate the
significance or importance of your organization’s risks.
They are
used to determine whether a specified level of risk is
acceptable
or tolerable. Risk criteria should reflect your
organization’s values,
policies, and objectives, should be based on its external
and internal
context, should consider the views of stakeholders, and
should be
derived from standards, laws, policies, and other
requirements.
|
|
A food safety hazard is an agent or condition
that could potentially
cause an adverse health effect. A food safety hazard is
considered
to be significant when a hazard assessment has
concluded that
control measures need to be applied.
|
|
The term top management normally refers to
the people at
the top of an organization. It refers to the people who
provide
resources and delegate authority and who coordinate, direct,
and control organizations.
However, if the scope of a management system covers
only part
of an organization, then the term top management
refers, instead,
to the people who direct and control that part of the
organization.
|
|
Traceability is the ability to identify and
trace the history, movement,
location, and application of objects. A traceability
system records and
follows the trail as objects come from their source and on
through to
production, processing, and final distribution.
|
|
An update is an immediate or planned activity.
Its purpose is
to ensure that the most recent information is being applied.
|
|
Validation is a process that is used to
ensure that food safety control
measures are capable of controlling significant food safety
hazards.
The validation process uses evidence to determine
whether
control measures are actually effective.
|
|
Verfiication
is a process that uses objective evidence to confirm
that
specified requirements have been met.
|
