A survey of the Global Standards for food Packaging validated by GFSI (Global Food Safety Initiative)- The forgotten requirements

12/10/2019

A survey of the Global Standards for food Packaging validated by GFSI (Global Food Safety Initiative)
The forgotten requirements

               Mr. Gaetano Dagostino – Audit Leader

(Speach at the conference "INTERNATIONAL CONFERENCE FOOD CONTACT COMPLIANCE"

                  BAVENO-ITALY 24-25-26 September 2019)


Index of this paper
  • From…. draught to…. flooding
1- ISO 9001 vs GLOBAL STANDARDS FOR FOOD PACKAGING
2- WHO is GFSI? and what does it mean VALIDATED?
3 – THE Global Standards for food packaging presently recognized by GFSI
      A synopsis of most significant differences between BRCGS vs FSSC
4 - The forgotten requirements
 
 
INTRODUCTION – From…. draught to…. flooding
A little bit of history....
The first Global Standard for manufacturing sites’ certification was issued by ISO (International Organization for Standardization) in 1987 with the series of ISO 9000 Standards.
Until 1987, only Standards related to PRODUCTS were available, establishing the QUALITY (i.e. the set of performance characteristics) of industrial products and their relevant testing methods, both issued by National or International Bodies such as ASTM – UL – DIN- AFNOR- BS- UNI - etc.
For the first time ISO  9001 Standards were defining and establishing not only the QUALITY (which means the performance characteristics) of the … product but also of the Quality of the COMPANIES producing these products.
In the following years, other Standards have been issued and proposed to Companies as Certification Standards, such as ISO 14000 – ISO 22000 – ISO 17025 -OSHAS18001 – ISO 50001 – ISO 27001 – ISO 13485 – ISO 22317 – ISO 28000 – ISO 39001, SMETA various pillars, SA 8000, etc... etc.
According to the latest ISO survey (2017), a total of 1.058.504 Companies were certified ISO 9001 in the world, but, for the first time, the number of ISO 9001 certificated Companies showed a decrease of 4%, as compared to 2016.
As of today, too many Certification Standards have been developed and are proposed to Companies for Certification by third party Certification Bodies and therefore we have gone from a ...draught situation (before 1987) to a…. flooding of Standards.
Many Companies, both small and big, are getting confused with the sheer quantity of standards on the market and which one(s) better match their Organization, considering the drain to people, time and financial resources of the Certification process.
It is not so uncommon nowadays that a small Company is certified against ISO 9001 – ISO 14001 – OHSAS 18001- SMETA various pillars, ISO 50001!
 If the Company is food related, then also a BRC or FSSC Certification is held!
 
  1. - ISO 9001 vs GLOBAL STANDARDS FOR FOOD PACKAGING
As outlined before, the most common and adopted Certification Standard around the world is nowadays the ISO 9001. Undoubtfully, this Standard, issued in 1987, has contributed to promote, define and spread all around the world, the modern criteria for an efficient and effective Quality Management System, as required in a context of a general globalization.  
ISO 9001 Standards have been very innovative in 80’s, since they replaced the old Quality Control philosophy with the new and modern culture of Quality Assurance.
Quality Control eliminates the non-conforming products.
Quality Assurance not only eliminates the non-conforming products, but also the causes of non-conformities through the newly introduced concepts of root cause analysis and corrective actions.
Quality is not just made by production operators, but also by Managers responsible of the various processes of the Company, in primis the General Manager.
ISO 9001 remains a general Quality Management Standard, applicable to any type of organization, focused on Quality Management System and based, in its 2015 revision, on continuous improvement throughout:
  • process approach
  • performance indicators of process efficiency
  • definition of external and internal parties’ expectations
  • quantified objectives aiming to satisfy the expectations of external and internal parties
  • risks management approach (risk being defined as “uncertainty” of achieving the objectives)
  • management of opportunities
After more than thirty years of life, ISO 9001 has reached the typical “plateau” of a “mature product”.
While still maintaining its validity for the manufacturing Industry in general, it has lost its appeal for the food related Industry.
 As it pertains to Food Companies, this Standard is too general and not specific enough for the food and food packaging. For example, there is no mention of hazard and risk analysis, Consumers’ safety, food defense, food fraud, PRP’s programs etc…
 In addition to that, many Companies are objecting to the general concept of the so called “interested parties” and their “expectations”, sponsored by ISO 9001. They oppose the more industrial and less academic concept of “shareholders” to the concept of “stakeholders”.
In the food chain industry, retailers, brand owners, Customers, final Consumers have been looking beyond ISO 9001, towards more specific Standards:
  •  more targeted to product Safety, product Legality and product Quality,
  • more rigorous to be certified,
  • tougher to be implemented,
  • more challenging to be certified by Certification Bodies,
  • requiring a more robust hazard and risk analysis.
       GFSI, a non-profit foundation, managed by the Consumer Goods Forum has filled this gap, introducing the concept of “validated” Standards, where validation means ” the most effective in producing tangible, positive effects on the Organization and on the products
  1. - Who is GFSI? and what does it mean VALIDATED?
GFSI - The Global Food Safety Initiative is the key strategic pillar of the Consumer Goods Forum. The Consumer Goods Forum is an independent consumer goods network of over 650 members.
In 2000, when GFSI was formed, food safety was top of mind with retailers, manufacturers and consumers due to several high-profile recalls, quarantines, and the associated negative publicity.
The CEOs of the major retailers and manufacturers agreed that consumer trust needed to be strengthened and maintained, while making the supply chain safer, through the harmonization of food safety standards and driving cost efficiency.
The GFSI has developed a scheme to benchmark the existing food (and food packaging) safety standards against established criteria. Only schemes fulfilling these criteria are recognized by GFSI. Benchmarking and validation criteria are described in the Guidance Document and are firmly based on the food safety principles laid down by the
  •  Codex Alimentarius Commission (Codex),
  • National Advisory Committee on Microbiological Criteria for Foods (NACMCF),
  • relevant ISO standards,
  • International Codes of Practice.
 The GFSI Guidance Document provides a template against which food safety management schemes can be benchmarked and recognized as science-based, contemporary, and rigorous.
The main terms of reference for Benchmarking and Validation of a Global Standards are:
  •  Evidence of the legal entity that owns and manages the scheme
  • The technical competence of key stakeholders who developed and maintain the scheme
  • Procedures to prevent or manage conflicts of interest
  • A food safety management standard based on the principles of ISO/IEC Guide 65 or ISO/IEC 17021 with a clearly defined scope of activity
  • Procedures for managing Certification Bodies that operate within the scope of the scheme
  • Evidence of procedures to register and manage food safety auditors
  • Documented arrangements with Accreditation Bodies to oversee the licensed Certification Bodies
  • Defined requirements for audit management, including audit frequency, audit duration, audit reporting, management of certification, and data management
  • Evidence of how scheme owners communicate with GFSI
food safety management system, Good Practice (GAP, GMP) and HACCP requirement in a number of industry scopes.
More detailed information on GFSI benchmarking/validation criteria can be found in the GFSI document:
A CULTURE OF FOOD SAFETY- A POSITION PAPER FROM THE GLOBAL FOOD SAFETY INITIATIVE (GFSI)- V1.0-4/11/2018
 
  1. - Which Global Standards for food packaging are presently recognized by GFSI?
Following are the Global Standards for food packaging validated by GFSI:
1 - BRC-IOP Global Standard for Packaging and Packaging Materials – v6 (Version 6 – called BRGS Packaging Materials - has been issued on August 1st,2019 – will be mandatory as of February 1st 2020)
2 - FSSC 22000 v4 - Packaging
3 - IFS PAC-secure
4 - SQF Food Safety Code for Manufacture of Food Packaging
ISO 22000 is not included anymore among the GFSI validated Standards.
 
Generally speaking, all GFSI benchmarked Standards for Packaging Materials are aiming to eliminate or to reduce the risks level for the final Consumers’ health through the application of HACCP method.
 They are based on:
  • Management Commitment,
  • Continuous improvement,
  • Legal compliance,
  • Hazard and risk analysis,
  •  Consistent control over the identified hazards either through CCP or PRP’s,
  • Identification and management of CCP’s (Critical Control points) and CP’s (Control Points),
  • Process and product control,
  •  Personnel competence and training,
  • Promptness in adapting the system to changes in raw materials, in process, in Customers’ requirements or legal regulations.
In this presentation I will cover with more details only BRCGS Packaging and FSSC Packaging, because they are the most popular in Europe and I will give only some general information about the IFS PAC- secure and SQF for Packaging.
  1. BRGS Packaging Materials (I will refer to v6 mainly)
 
BRCGS (formerly BRC IOP) is a private Standard developed in 2002 by BRC- British Retail Consortium (which was acquired in 2016 by the Group LCG Limited) in cooperation with IOP- Institute of Packaging).
LGC Group, formerly the Laboratory of the Government Chemist, is an international life sciences measurement and testing company, which also provides the role and duties of the UK Government Chemist, a statutory role and adviser to the government.
  This Standard has a threefold objective:
  • product Quality
  • product Safety
  • product Legality
  • product authenticity (chain of Custody)
The main peculiarity of this Standard is that hazard and risk analysis is focused not only on identifying and eliminating the risks for the final consumer, but also the risks for the Quality of the product.
In other words, risks for the main performance characteristics of the product are rated equally to health’s risks for final Consumer.
Consequently, the risk analysis concepts are applied also to the loss of Quality characteristics, which are called “defects”.
This is of a great advantage for the Customers who are much more “protected” by the Standard. It states that the loss of main characteristics of the product is considered of the same importance as the traditional risks for the Consumer.
BRCGS is a self-standing Standard, because it covers both product Quality and consumer’s health risks. FSSC Standard, as we will see, only covers risks for Consumer’ health and needs to be supported by a Quality Management system.
 
Version 6, issued on August 1st,2019, which will be mandatory as of February 1st, 2020, has introduced following changes:
 
  1. -  in the requirements:
• A new fundamental clause on corrective and preventive action
• A new section that puts in place a microbiological environmental monitoring programme based on risk;
• A new section on product authenticity claims and chain of custody
• New clauses for Product safety and quality culture- sites will be audited against these requirements from 1st February 2021
• Introduction of a new module for control of the release of pellet, flake and powder plastic packaging materials into the environment
The requirements of the Standard are specified in 6 Sections, as follows:
  • Section 1 - Senior Management commitment -The resources required for demonstration of commitment of the Company senior Management to achieving the requirements of the Standard
  • Section 2 - A hazard analysis and risk assessment system - This provides a focus on the significant product and process safety hazards that require specific control to assure the safety of individual packaging materials, products or lines.
 
  • Section 3 - A product safety and quality management system – This section is considered as the set of Quality Prerequisites.
 
 ‚óŹSections 4-5-6 - Prerequisite programmes -The basic environmental and operational conditions in a packaging business that are necessary for the production of safe and hygienic packaging materials. They control the  generic hazards and  cover good manufacturing and good hygienic practices. (Section 4 -Site standards; Section 5- Product and process control; Section 6 - Personnel)
b)- in the protocol:
One set of requirements for hygiene based on risk (no more difference between high risk products and low risks product)
     • A move to one voluntary unannounced audit programme with the removal of      the split unannounced option
 
.Packaging categories: 8 categories
1- Glass manufacturing
2- Papermaking
3-Metal forming
4- Rigid plastics
5- Flexible plastics
6-Other manufacturing (wood, ceramics, cork...)
7- Print processes
8-Chemical products
Additional certification modules
Additional certification modules, typical of BRCGS, are available for sites willing to demonstrate compliance with specific sets of requirements in order to meet specific market or customer requirements.
The additional modules can be included in the certification process and in the Certificate: details will be given with each module.
If certification is achieved, additional certification title of modules will be added in the Certificate. It is expected that this flexibility will enable sites to cover with a third-party Certification some more specific customer expectations and reduce the number of Certifications and site audits
As of today, following certification modules are proposed by BRCGS:
  • ENVIRONMENTAL CERTIFICATION MODULE
  • TRADED GOODS CERTIFICATION MODULE
  • The AuditOne™ Initiative, which is driven by the Foundation for Strategic Sourcing (F4SS) and seeks to develop a single set of quality standard and audit processes that establish a uniform, harmonized standard for the Industry.
The Foundation for Strategic Sourcing is an organization focused on high impact collaboration and innovation in the Consumer-Packaged Goods industry.
  1. - FSSC 22000 v4.1 – Packaging
The FSSC 22000 Scheme is managed by Foundation FSSC 22000 and governed by an independent Board of Stakeholders which consists of representatives from several sectors in the food industry. To ensure transparency and involvement of the industry, an Advisory Committee is meant to make recommendations regarding a number of topics, including technical aspects. The Advisory Committee reports to the Board of Stakeholder
 FSSC 22000 is applicable to all organizations that manufacture primary and secondary food and feed packaging and/or intermediate components, such as:
  • Flexible and rigid plastics, such as foils, blisters, crates, sachets
  • Paper, such as cartons, boxes, sacks
  • Metal, such as cans, bottles, boxes
  • Glass, such as jars, bottles…
  • Shipping and transport containers, such as big bags, drums, tanks
This Standard, in its version 4.1, is composed of the following parts:
  • ISO 22000 in its entire content. As of today, both versions (2005 and 2018) are living.  ISO 22000-2018, alone, will be mandatory as of 21 June 2021)                                                                                                                            
  • ISO/TS 22002-4 (Packaging)- This part was previously known PAS 223 and specifies in detail the prerequisites. Prerequisites are numbered from 1 to 15. To be noted that among the prerequisites, design and development is no more mentioned (it is still mentioned by BRGS)
  • FSSC Additional requirements: Management of services- Product labelling - Food defense – Food fraud prevention – Use of ISO 22000 logo – Management of allergens -Environmental monitoring
As outlined before, this Standard is not focused explicitly on Quality (as BRCGS). That’s why the FSSC itself recommends that a Quality Standard has to be added which can be, in toto, the ISO 9001:2015.
In the following synopsis a more detailed comparison is reported among the two most popular Standards in Europe: BRCGS and FSSC
 
FSSC 22000 v5 – Packaging – New version – May 2019
In May 2019, FSSC 22000 has published Version 5 of its Scheme. All available Scheme documents can be downloaded for free from the FSSC 22000 web site.
This new version will become mandatory as of January 1st, 2020.
All new audits, starting January 1st,2020, have to be carried out mandatorily against new version.
 A document called “OVERVIEW OF MAIN CHANGES VERSION 5” has been published and is available on free downloading on the FSSC22000 web site, including the whole new version
Following are the most significant changes:
 
  1. The lay-out of the Scheme has changed.
All scheme requirements are combined into one document.
Former annexes II, III and V to part V have been integrated resulting in the following contents:
  •   Part 1: Scheme overview
  •   Part 2: Requirements for Organizations to be Audited
  •   Part 3: Requirements for the Certification Process
  •   Part 4: Requirements for Certification Bodies
  •   Part 5: Requirements for Accreditation Bodies
  •   Part 6: Requirements for Training Organizations
  •   Appendix 1: Definitions
  •   Appendix 2: References
  1. Replacement of ISO 22000:2005 by ISO 22000:2018
  1. - Management of services: shortened because this is now part of ISO  
  2.  
  3. -  Management of laboratory services remains as an additional FSSC 22000 requirement.
  4. Management of natural resources removed
  5. Multi-site certification (new requirement)
  6. Unannounced audits -The certified organization can voluntary choose to replace all surveillance audits by unannounced annual surveillance audits. Recertification audits may be conducted unannounced at the request of the certified organization
  7. NEW REQUIREMENTS FOR TRAINING ORGANIZATIONS
  8.  REMOTE AUDITS PROTOCOL
  9. New requirement for Transport and Delivery (category F and I)
(Packaging category is identified as “I” in FSSC Standard)
 
Minor changes have been introduced in the protocol: management of NC – Portal data and documentation, witnessing audits, auditor’s, audit duration calculation, approval/qualification and monitoring etc.
Two Guidance Documents have been issued for FSSC 22000- Quality scheme:
                    Guidance Food Defense
                    Guidance Food Fraud Mitigation
 
 
As outlined before, this Standard is not focused explicitly on Quality (as BRCGS). That’s why the FSSC itself recommends that a Quality Standard has to be added which can be, in toto, the ISO 9001:2015.
The scheme FSSC 22000+Quality can be audited in a combined audit by same auditor.
In the following synopsis a more detailed comparison is reported among the two most popular Standards in Europe: BRCGS and FSSC
 

A synopsis of most significant differences between BRCGS vs FSSC
 
Subject              BRCGS       FSSC 22000
Quality requirements Quality and food safety Food safety
  Self-standing Needs to be supported by a Quality Management system
Type of audit Unannounced OPTIONAL –
 Sign + added to the grade, e.g. A+
One every 3 years mandatory
Certification grading Yes ! A-AA-B-C-D
Depending on type and number of non-conformities
No grading
Fundamental requirements Yes !  9 fundamental requirements No fundamental requirement identified
Certification process No stage 1 - Company can easily go direct to on site certification audit Stage 1 on site
Stage 2 o site
Packaging categories 1- Glass manufacturing
2- Papermaking
3-Metal forming
4- Rigid plastics
5- Flexible plastics
6-Other manufacturing (wood, ceramics, cork.)
7- Print processes
8-Chemical products
 
  1. Flexible and rigid plastics, such as foils, blisters, crates, sachets
  2. Paper, such as cartons, boxes, sacks
  3. Metal, such as cans, bottles, boxes
  4. Glass, such as jars, bottles
  5. Shipping and transport containers, such as big bags, drums, tanks
Certificate validity Certificate valid for 1 year
Grade C-Recertification within 6 months
Certificate valid for 3 years
Certification mark Not allowed to be displayed on the product Not allowed to be displayed on the product
Traded goods Certification Yes ! Additional modulus No
Additional certification modules Yes ! For instance: environmental – Traded goods No
Non conformities grading Critical
Major
Minor
Critical
Major
Minor
Audit non conformities closure Within 28 days (42 for first certification) including corrective action implementation 3 months
Available languages of the Standard English – German – French – Chinese – Italian - Spanish English – Japanese – Portuguese - Spanish
 
 
 
 
 
 
3 - IFS PAC-secure Version 1.1 December 2017
The IFS PAC-secure Standard is the result of the joint effort of IFS, the Packaging Association of Canada (currently PAC Packaging Consortium), and the technical working group consisting of leading food and packaging companies in North America. This IFS Standard was created to assess the quality and safety of packaging materials and the compliance with customer requirements, but also as a tool to support businesses to meet new requirements on quality, transparency and efficiency, resulting from globalization, and to improve product integrity along the entire supply chain.
IFS PAC-secure was developed for manufacturers of the following materials:
  • Flexible packaging
  • Rigid plastic
  • Paper
  • Metal
  • Glass
  • Other natural materials
Requirements are grouped in 6 sections as follows:
  1. Senior Management Responsibility
  2. Quality and Packaging Materials safety
  3. Resource Management
  4. Planning and product process
  5. Measurements, analysis and improvements
  6. Product defense plan and external inspection
4 - SQF Food Safety Code for Manufacture of Food Packaging
The SQF Code is a site-specific, process and product certification standard with an emphasis on the systematic application of CODEX Alimentarius Commission HACCP principles and guidelines for control of food safety and food quality hazards.
First developed in Australia in 1994, the SQF program has been owned and managed by the Food Marketing Institute (FMI) since 2003, and was first recognized in 2004 by the Global Food Safety Initiative (GFSI) as a standard that meets its benchmark requirements.
Following are the requirements:
2.1     Management Commitment
2.2      Document Control and Records
2.3      Specification and Product Development
2.4      Food Safety System for Manufacture of Food Packaging
2.5      SQF System Verification
2.6      Product Identification, Trace, Withdrawal and Recall
2.7      Food Defense and Food Fraud
2.9      Training
2.8     Allergen Management
Module 13: Food Safety Fundamentals – Good Manufacturing Practices for Production of Food Packaging (GFSI Scope M
 4 - The forgotten requirements
I call forgotten requirements those requirements of the Standards which are quite often…forgotten by the …interested parties: either by Companies, or by ...Certification Bodies, sometimes by…Inspectors themselves, or even by…Customers.
a) - Product legality issues
A common requirement of the standards is to ensure the product legality.
Legal requirements yes!  But of which country?
BRCGS explicitly requires that Company Management has to set up a system in order to ensure conformity to the legal requirements not only in the country in which products are produced, but also, when known, in the countries where products will be sold and utilized.
 In most cases, not only the small but also the big Groups operating all around the world…. forget this important requirement. They forget that nowadays in many countries like USA, Russia, Ukraine,  China, Russian Republics, Mercosul countries, the public authorities carry out audits to the packaging Companies and take packaging samples for migration controls according to their own legislation and their own limits and for substances listed in their own laws…which are different from EC ones.
In todays global context of protection of national products, the consequence of a packaging not meeting the local laws could be that Manufacturer is put in a black list and forbidden to export its product in their nation
  1. - Companies part of a Group
BRCGS at clause 3.1.1 (new version) states that:” Where the site is part of a company governed by a head office, the interaction between the site’s system and that of other sites and the head office should be documented. All policies and procedures necessary for the operation of the site being assessed must be available on site”.
This clause is the one most forgotten by big Groups operating in multiple sites around the world. It is quite normal that in a big Group some activities, like raw materials Suppliers’ approval, product development, the issue of product Specification and Declaration of Conformity, the external lab testing on product, is shared or completely carried out by the central Headquarters centralized functions.
But, in such a case, the Standard requires that the interaction must be documented and all policies and procedures necessary for the operation of the site being assessed must be available on the site.
It is furthermore required that the activities shared with, or completely performed  by central functions be carried out in conformance to the BRCGS requirements !
  c)- Company products Specifications to be communicated to relevant parties
Clause 3.4.2 of BRCGS states:
        The company shall seek formal agreement of specifications with relevant parties where required by the customer. Where specifications are not formally agreed, then the company shall be able to demonstrate that it has taken steps to put an agreement in place
 
Product Specification is considered nowadays the technical contract between the Manufacturer and the Customer. Consequently, as per every type of contract, it requires the formal acceptance of both parties.
It is mainly in the interest of the Manufacturer to get a formal approval of the Specification by his Customers in order to make it evident which ones are the performance characteristics of the product, their acceptance limits and testing methods, mainly in case of complaints or dispute.
The BRCGS Standard requires that, even when the Customer is reluctant to formally accept the product Specification, the Company shall do its best in trying to get the approval (and this is called “due diligence”)
  1. - Hazard and risk system to be managed by a team  (not by only one person)
In many cases it is evident that the system is managed by only one person, e.g.: QA Manager or Team Leader. Standards require that the system be managed by a steering committee, called Team, and that key functions Managers be members active part of it.  A typical challenging question I ask during the audit is: “give me at least one evidence that other Managers have participated in writing the HARA or in managing the product safety issues or in system troubleshooting or problem solving or in complaints root analysis or in revision of HARA”
  1. – Company warehouses located at an established distance, typically 50 km, have to be included in the audit process and results included in the audit report
  2. Exclusions (of products manufactured within the site) to be communicated to the Certification Bodies
  3. Lack of definition of competence criteria of Company Consultants or external auditors contracted for internal audits, although Standards do require that Consultants or experts be competent.
  4. ADDITIONAL MODULES – Companies have not duly exploited this audit feature proposed by BRCGS with the purpose of decreasing the number of Certifications held and the third-party audits. Therefore, additional modules can be worked out by Companies to replace, for instance,
                                - Customers’ check lists (and reduce or eliminate 
                                  relevant audits by them)
                                - official certification, e.g.: the environmental additional
                                    module can replace, at a much lower cost the ISO
                                   14001 certifications