ISO 22000 2018 vs ISO 22000 2005

Both old and new food safety management standards cover essentially
the same topics. However, there are important differences. Some of these
are discussed below.

Structure of standard

Perhaps the biggest difference between the old and the new standard is the
structure. ISO 22000 2005 had five main sections (4 to 8) and ISO 22000 2018
now has seven (4 to 10). This is because the new edition uses the Annex SL*
template. According to ISO, all future management system standards (MSSs)
will use this new layout and share the same basic requirements. As a result,
all new MSSs will have the same basic look and feel.

A common structure is possible because basic concepts such as management,
customers, requirements, policy, procedure, planning, performance, objective,
control, monitoring, measurement, auditing, decision making, corrective action,
and nonconformity are common to all management
system standards. While
this makes it easier for organizations to implement multiple standards because
they all share the same basic requirements, it may cause some disruption
in the short run as organizations get used to the new structure.

*Annex SL defines the framework of a generic management system standard
(MSS). In addition to ISO 22000, the following MSSs either have been or will
be updated using this new ISO framework: ISO 9001, ISO 13485, ISO 14001,
ISO 22301, ISO 27001, ISO 45001, ISO 50001, AS9100, and IATF 16949.

Context of the organization

Unlike the old ISO standard, the new one expects you to understand your
organization's context before you establish its FSMS. When ISO 22000 2018
asks you to understand your organization's context it wants you to consider
the external and internal issues that are relevant to its purpose and strategic
direction and to think about the influence these issues could have on its
FSMS and the results it intends to achieve.

This means that you need to understand your organization's external
environment, its culture, its values, its performance, and its interested parties
before you develop its FSMS. Why? Because your FSMS will need to be able
to manage all of these influences.

And once you understand all of this, you're expected to use this insight to
help you define the scope of your FSMS and the challenges it must deal with. While this will help ensure that
organizations develop unique food safety
management systems that address their own unique needs and requirements,
doing all of this could be quite a challenge for some organizations.

Documented information

The new ISO 22000 2018 standard has also eliminated the long standing
distinction between documents and records. Now they are both referred to
as documented information. Why ISO chose to abandon two common sense
concepts and replace them with one that is needlessly awkward and esoteric
is not entirely clear.

According to ISO's definition, the term documented information refers to
information that must be controlled and maintained and the medium on which
it is contained
. So, whenever ISO 22000 uses the term documented information
it implicitly expects you to control and maintain that information.

While ISO 22000 2018 expects you to maintain documented information,
it no longer explicitly expects you to write procedures or prepare a food
safety manual. While you may continue to use procedures and manuals
if you wish, they're no longer required.

Risk-based thinking

According to ISO, risk-based thinking has always been implicit in management
system standards. According to this perspective,
ISO 22000 has always been
about anticipating and preventing mistakes, which is what risk-based thinking
is all about.

That's why we train people, why we plan our work, why we assign roles and
responsibilities, why we validate and verify results, why we audit and review
activities, and why we monitor, measure, and control processes. We do these
things because we want to prevent mistakes. We do them because we're trying
to manage risk. So, if we think of risk-based thinking in this way, it's reasonable
to say that risk-based thinking has always been an inherent part of ISO 22000.
Before it was implicit; now it's explicit.

So, what kind of thinking is risk-based thinking and how is it applied? What does the new standard expect organizations to do? The new standard expects
organizations to identify and address the risks that could influence their ability
to provide safe products and services and to satisfy customers. It also expects
them to identify and address the opportunities that could enhance their ability
to provide safe products and services and to satisfy customers.

The new ISO 22000 standard also expects organizations to identify the risks
and opportunities that could influence the performance of
their food safety
systems or disrupt their operation and then it expects them to
define actions to address these risks and opportunities. It then further expects
them to figure out how they're going to make these actions part of their FSMS
processes and how they're going to implement, control, evaluate, and review
the effectiveness of these actions and these processes.

While risk-based thinking is now an essential part of the new standard, it does
not actually expect you to implement a formal risk management program, nor
does it expect you to document your risk-based approach. If you choose to
implement a formal risk management program, please see the ISO 31000
risk management guide at:

Emergencies and incidents

While the old ISO 22000 standard had only a single sentence on emergency
preparedness and response (5.7), the new standard has added a new section
on the handling of emergencies and
incidents (8.4.2). The new section 8.4.2
expects you to consider its emergency response requirements, to prepare for
and respond to food safety incidents and emergencies, and to mitigate their
impact. It also expects you to periodically test your emergency response
procedures and to review the associated documents and records.

New definitions

While the old ISO 22000 standard had only 17 definitions, the new one now
has 45. While most of the new
definitions relate to management systems in
general, some of them relate to food safety management systems in particular.

New management system definitions were added for the following terms:
competence, continual improvement, documented information, effectiveness,
interested party (stakeholders), management system, measurement, nonconformity, objective, outsource, organization, performance, policy,
process, product, requirement, risk, top management, and traceability.
new food safety definitions were added for the following terms: acceptable
level, action criteria, animal food, contamination, feed, food,
and lot.

Most of the new management system definitions were added because ISO
decided to use a new format (Annex SL) for all management system standards.
A complete set of definitions can be found at ISO 22000 2018 Definitions.


Introduction to ISO 22000 2018

Food Safety Management Principles

Plain English Food Safety Management Definitions

Overview of ISO 22000 2018 Food Safety Management Standard

Structure of the ISO 22000 2018 Food Safety Management Standard

ISO 22000 2018 Food Safety Standard Translated into Plain English

ISO 22000 2005 Food Safety Standard Translated into Plain English

Plain English Food Safety Management Gap Analysis Process

ISO 22000 2018 Food Safety Management Audit Tool

Plain English Food Safety Management Checklist

Home Page

Our Library

A to Z Index

Our Customers

How to Order

Our Products

Our Prices

Our Guarantee

Praxiom Research Group Limited        780-461-4514

Updated on August 20, 2019. First published on June 30, 2015.

Legal Restrictions on the Use of this Page
Thank you for visiting this web page. You are welcome to view our material as often as
you wish, free of charge. And as long as you keep intact all copyright notices, you are also
welcome to print or make one copy of this page for your own personal, noncommercial,
home use. But, you are not legally authorized to print or produce additional copies or to
copy and paste any of our material onto another web site or to republish it in any way.

Copyright 2015 - 2019 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited