A SURVEY OF THE GLOBAL STANDARDS FOR FOOD PACKAGING VALIDATED BY GFSI (GLOBAL FOOD SAFETY INITIATIVE)
THE FORGOTTEN REQUIREMENTS
Mr. Gaetano Dagostino – Audit Leader(Paper at the conference "INTERNATIONAL CONFERENCE FOOD CONTACT COMPLIANCE"
BAVENO 24-25-26 SETTEMBRE 2019)
Index of this paper
- From…. draught to…. flooding
2- WHO is GFSI? and what does it mean VALIDATED?
3 – THE Global Standards for food packaging presently recognized by GFSI
A synopsis of most significant differences between BRCGS vs FSSC
4 - The forgotten requirements
INTRODUCTION – From…. draught to…. flooding
A little bit of history....
The first Global Standard for manufacturing sites’ certification was issued by ISO (International Organization for Standardization) in 1987 with the series of ISO 9000 Standards.
Until 1987, only Standards related to PRODUCTS were available, establishing the QUALITY (i.e. the set of performance characteristics) of industrial products and their relevant testing methods, both issued by National or International Bodies such as ASTM – UL – DIN- AFNOR- BS- UNI - etc.
For the first time ISO 9001 Standards were defining and establishing not only the QUALITY (which means the performance characteristics) of the … product but also of the Quality of the COMPANIES producing these products.
In the following years, other Standards have been issued and proposed to Companies as Certification Standards, such as ISO 14000 – ISO 22000 – ISO 17025 -OSHAS18001 – ISO 50001 – ISO 27001 – ISO 13485 – ISO 22317 – ISO 28000 – ISO 39001, SMETA various pillars, SA 8000, etc... etc.
According to the latest ISO survey (2017), a total of 1.058.504 Companies were certified ISO 9001 in the world, but, for the first time, the number of ISO 9001 certificated Companies showed a decrease of 4%, as compared to 2016.
As of today, too many Certification Standards have been developed and are proposed to Companies for Certification by third party Certification Bodies and therefore we have gone from a ...draught situation (before 1987) to a…. flooding of Standards.
Many Companies, both small and big, are getting confused with the sheer quantity of standards on the market and which one(s) better match their Organization, considering the drain to people, time and financial resources of the Certification process.
It is not so uncommon nowadays that a small Company is certified against ISO 9001 – ISO 14001 – OHSAS 18001- SMETA various pillars, ISO 50001!
If the Company is food related, then also a BRC or FSSC Certification is held!
- - ISO 9001 vs GLOBAL STANDARDS FOR FOOD PACKAGING
ISO 9001 Standards have been very innovative in 80’s, since they replaced the old Quality Control philosophy with the new and modern culture of Quality Assurance.
Quality Control eliminates the non-conforming products.
Quality Assurance not only eliminates the non-conforming products, but also the causes of non-conformities through the newly introduced concepts of root cause analysis and corrective actions.
Quality is not just made by production operators, but also by Managers responsible of the various processes of the Company, in primis the General Manager.
ISO 9001 remains a general Quality Management Standard, applicable to any type of organization, focused on Quality Management System and based, in its 2015 revision, on continuous improvement throughout:
- process approach
- performance indicators of process efficiency
- definition of external and internal parties’ expectations
- quantified objectives aiming to satisfy the expectations of external and internal parties
- risks management approach (risk being defined as “uncertainty” of achieving the objectives)
- management of opportunities
While still maintaining its validity for the manufacturing Industry in general, it has lost its appeal for the food related Industry.
As it pertains to Food Companies, this Standard is too general and not specific enough for the food and food packaging. For example, there is no mention of hazard and risk analysis, Consumers’ safety, food defense, food fraud, PRP’s programs etc…
In addition to that, many Companies are objecting to the general concept of the so called “interested parties” and their “expectations”, sponsored by ISO 9001. They oppose the more industrial and less academic concept of “shareholders” to the concept of “stakeholders”.
In the food chain industry, retailers, brand owners, Customers, final Consumers have been looking beyond ISO 9001, towards more specific Standards:
- more targeted to product Safety, product Legality and product Quality,
- more rigorous to be certified,
- tougher to be implemented,
- more challenging to be certified by Certification Bodies,
- requiring a more robust hazard and risk analysis.
- - Who is GFSI? and what does it mean VALIDATED?
In 2000, when GFSI was formed, food safety was top of mind with retailers, manufacturers and consumers due to several high-profile recalls, quarantines, and the associated negative publicity.
The CEOs of the major retailers and manufacturers agreed that consumer trust needed to be strengthened and maintained, while making the supply chain safer, through the harmonization of food safety standards and driving cost efficiency.
The GFSI has developed a scheme to benchmark the existing food (and food packaging) safety standards against established criteria. Only schemes fulfilling these criteria are recognized by GFSI. Benchmarking and validation criteria are described in the Guidance Document and are firmly based on the food safety principles laid down by the
- Codex Alimentarius Commission (Codex),
- National Advisory Committee on Microbiological Criteria for Foods (NACMCF),
- relevant ISO standards,
- International Codes of Practice.
The main terms of reference for Benchmarking and Validation of a Global Standards are:
- Evidence of the legal entity that owns and manages the scheme
- The technical competence of key stakeholders who developed and maintain the scheme
- Procedures to prevent or manage conflicts of interest
- A food safety management standard based on the principles of ISO/IEC Guide 65 or ISO/IEC 17021 with a clearly defined scope of activity
- Procedures for managing Certification Bodies that operate within the scope of the scheme
- Evidence of procedures to register and manage food safety auditors
- Documented arrangements with Accreditation Bodies to oversee the licensed Certification Bodies
- Defined requirements for audit management, including audit frequency, audit duration, audit reporting, management of certification, and data management
- Evidence of how scheme owners communicate with GFSI
More detailed information on GFSI benchmarking/validation criteria can be found in the GFSI document:
A CULTURE OF FOOD SAFETY- A POSITION PAPER FROM THE GLOBAL FOOD SAFETY INITIATIVE (GFSI)- V1.0-4/11/2018
- - Which Global Standards for food packaging are presently recognized by GFSI?
1 - BRC-IOP Global Standard for Packaging and Packaging Materials – v6 (Version 6 – called BRGS Packaging Materials - has been issued on August 1st,2019 – will be mandatory as of February 1st 2020)
2 - FSSC 22000 v4 - Packaging
3 - IFS PAC-secure
4 - SQF Food Safety Code for Manufacture of Food Packaging
ISO 22000 is not included anymore among the GFSI validated Standards.
Generally speaking, all GFSI benchmarked Standards for Packaging Materials are aiming to eliminate or to reduce the risks level for the final Consumers’ health through the application of HACCP method.
They are based on:
- Management Commitment,
- Continuous improvement,
- Legal compliance,
- Hazard and risk analysis,
- Consistent control over the identified hazards either through CCP or PRP’s,
- Identification and management of CCP’s (Critical Control points) and CP’s (Control Points),
- Process and product control,
- Personnel competence and training,
- Promptness in adapting the system to changes in raw materials, in process, in Customers’ requirements or legal regulations.
- BRGS Packaging Materials (I will refer to v6 mainly)
BRCGS (formerly BRC IOP) is a private Standard developed in 2002 by BRC- British Retail Consortium (which was acquired in 2016 by the Group LCG Limited) in cooperation with IOP- Institute of Packaging).
LGC Group, formerly the Laboratory of the Government Chemist, is an international life sciences measurement and testing company, which also provides the role and duties of the UK Government Chemist, a statutory role and adviser to the government.
This Standard has a threefold objective:
- product Quality
- product Safety
- product Legality
- product authenticity (chain of Custody)
In other words, risks for the main performance characteristics of the product are rated equally to health’s risks for final Consumer.
Consequently, the risk analysis concepts are applied also to the loss of Quality characteristics, which are called “defects”.
This is of a great advantage for the Customers who are much more “protected” by the Standard. It states that the loss of main characteristics of the product is considered of the same importance as the traditional risks for the Consumer.
BRCGS is a self-standing Standard, because it covers both product Quality and consumer’s health risks. FSSC Standard, as we will see, only covers risks for Consumer’ health and needs to be supported by a Quality Management system.
Version 6, issued on August 1st,2019, which will be mandatory as of February 1st, 2020, has introduced following changes:
- - in the requirements:
• A new section that puts in place a microbiological environmental monitoring programme based on risk;
• A new section on product authenticity claims and chain of custody
• New clauses for Product safety and quality culture- sites will be audited against these requirements from 1st February 2021
• Introduction of a new module for control of the release of pellet, flake and powder plastic packaging materials into the environment
The requirements of the Standard are specified in 6 Sections, as follows:
- Section 1 - Senior Management commitment -The resources required for demonstration of commitment of the Company senior Management to achieving the requirements of the Standard
- Section 2 - A hazard analysis and risk assessment system - This provides a focus on the significant product and process safety hazards that require specific control to assure the safety of individual packaging materials, products or lines.
- Section 3 - A product safety and quality management system – This section is considered as the set of Quality Prerequisites.
●Sections 4-5-6 - Prerequisite programmes -The basic environmental and operational conditions in a packaging business that are necessary for the production of safe and hygienic packaging materials. They control the generic hazards and cover good manufacturing and good hygienic practices. (Section 4 -Site standards; Section 5- Product and process control; Section 6 - Personnel)
b)- in the protocol:
• One set of requirements for hygiene based on risk (no more difference between high risk products and low risks product)
• A move to one voluntary unannounced audit programme with the removal of the split unannounced option
.Packaging categories: 8 categories
1- Glass manufacturing
2- Papermaking
3-Metal forming
4- Rigid plastics
5- Flexible plastics
6-Other manufacturing (wood, ceramics, cork...)
7- Print processes
8-Chemical products
Additional certification modules
Additional certification modules, typical of BRCGS, are available for sites willing to demonstrate compliance with specific sets of requirements in order to meet specific market or customer requirements.
The additional modules can be included in the certification process and in the Certificate: details will be given with each module.
If certification is achieved, additional certification title of modules will be added in the Certificate. It is expected that this flexibility will enable sites to cover with a third-party Certification some more specific customer expectations and reduce the number of Certifications and site audits
As of today, following certification modules are proposed by BRCGS:
- ENVIRONMENTAL CERTIFICATION MODULE
- TRADED GOODS CERTIFICATION MODULE
- The AuditOne™ Initiative, which is driven by the Foundation for Strategic Sourcing (F4SS) and seeks to develop a single set of quality standard and audit processes that establish a uniform, harmonized standard for the Industry.
- - FSSC 22000 v4.1 – Packaging
FSSC 22000 is applicable to all organizations that manufacture primary and secondary food and feed packaging and/or intermediate components, such as:
- Flexible and rigid plastics, such as foils, blisters, crates, sachets
- Paper, such as cartons, boxes, sacks
- Metal, such as cans, bottles, boxes
- Glass, such as jars, bottles…
- Shipping and transport containers, such as big bags, drums, tanks
- ISO 22000 in its entire content. As of today, both versions (2005 and 2018) are living. ISO 22000-2018, alone, will be mandatory as of 21 June 2021)
- ISO/TS 22002-4 (Packaging)- This part was previously known PAS 223 and specifies in detail the prerequisites. Prerequisites are numbered from 1 to 15. To be noted that among the prerequisites, design and development is no more mentioned (it is still mentioned by BRGS)
- FSSC Additional requirements: Management of services- Product labelling - Food defense – Food fraud prevention – Use of ISO 22000 logo – Management of allergens -Environmental monitoring
In the following synopsis a more detailed comparison is reported among the two most popular Standards in Europe: BRCGS and FSSC
FSSC 22000 v5 – Packaging – New version – May 2019
In May 2019, FSSC 22000 has published Version 5 of its Scheme. All available Scheme documents can be downloaded for free from the FSSC 22000 web site.
This new version will become mandatory as of January 1st, 2020.
All new audits, starting January 1st,2020, have to be carried out mandatorily against new version.
A document called “OVERVIEW OF MAIN CHANGES VERSION 5” has been published and is available on free downloading on the FSSC22000 web site, including the whole new version
Following are the most significant changes:
- The lay-out of the Scheme has changed.
Former annexes II, III and V to part V have been integrated resulting in the following contents:
- Part 1: Scheme overview
- Part 2: Requirements for Organizations to be Audited
- Part 3: Requirements for the Certification Process
- Part 4: Requirements for Certification Bodies
- Part 5: Requirements for Accreditation Bodies
- Part 6: Requirements for Training Organizations
- Appendix 1: Definitions
- Appendix 2: References
- Replacement of ISO 22000:2005 by ISO 22000:2018
- - Management of services: shortened because this is now part of ISO
- - Management of laboratory services remains as an additional FSSC 22000 requirement.
- Management of natural resources removed
- Multi-site certification (new requirement)
- Unannounced audits -The certified organization can voluntary choose to replace all surveillance audits by unannounced annual surveillance audits. Recertification audits may be conducted unannounced at the request of the certified organization
- NEW REQUIREMENTS FOR TRAINING ORGANIZATIONS
- REMOTE AUDITS PROTOCOL
- New requirement for Transport and Delivery (category F and I)
Minor changes have been introduced in the protocol: management of NC – Portal data and documentation, witnessing audits, auditor’s, audit duration calculation, approval/qualification and monitoring etc.
Two Guidance Documents have been issued for FSSC 22000- Quality scheme:
Guidance Food Defense
Guidance Food Fraud Mitigation
As outlined before, this Standard is not focused explicitly on Quality (as BRCGS). That’s why the FSSC itself recommends that a Quality Standard has to be added which can be, in toto, the ISO 9001:2015.
The scheme FSSC 22000+Quality can be audited in a combined audit by same auditor.
In the following synopsis a more detailed comparison is reported among the two most popular Standards in Europe: BRCGS and FSSC
A synopsis of most significant differences between BRCGS vs FSSC
| Subject | BRCGS | FSSC 22000 |
| Quality requirements | Quality and food safety | Food safety |
| Self-standing | Needs to be supported by a Quality Management system | |
| Type of audit | Unannounced OPTIONAL – Sign + added to the grade, e.g. A+ |
One every 3 years mandatory |
| Certification grading | Yes ! A-AA-B-C-D Depending on type and number of non-conformities |
No grading |
| Fundamental requirements | Yes ! 9 fundamental requirements | No fundamental requirement identified |
| Certification process | No stage 1 - Company can easily go direct to on site certification audit | Stage 1 on site Stage 2 o site |
| Packaging categories | 1- Glass manufacturing 2- Papermaking 3-Metal forming 4- Rigid plastics 5- Flexible plastics 6-Other manufacturing (wood, ceramics, cork.) 7- Print processes 8-Chemical products |
|
| Certificate validity | Certificate valid for 1 year Grade C-Recertification within 6 months |
Certificate valid for 3 years |
| Certification mark | Not allowed to be displayed on the product | Not allowed to be displayed on the product |
| Traded goods Certification | Yes ! Additional modulus | No |
| Additional certification modules | Yes ! For instance: environmental – Traded goods | No |
| Non conformities grading | Critical Major Minor |
Critical Major Minor |
| Audit non conformities closure | Within 28 days (42 for first certification) including corrective action implementation | 3 months |
| Available languages of the Standard | English – German – French – Chinese – Italian - Spanish | English – Japanese – Portuguese - Spanish |
3 - IFS PAC-secure Version 1.1 December 2017
The IFS PAC-secure Standard is the result of the joint effort of IFS, the Packaging Association of Canada (currently PAC Packaging Consortium), and the technical working group consisting of leading food and packaging companies in North America. This IFS Standard was created to assess the quality and safety of packaging materials and the compliance with customer requirements, but also as a tool to support businesses to meet new requirements on quality, transparency and efficiency, resulting from globalization, and to improve product integrity along the entire supply chain.
IFS PAC-secure was developed for manufacturers of the following materials:
- Flexible packaging
- Rigid plastic
- Paper
- Metal
- Glass
- Other natural materials
- Senior Management Responsibility
- Quality and Packaging Materials safety
- Resource Management
- Planning and product process
- Measurements, analysis and improvements
- Product defense plan and external inspection
The SQF Code is a site-specific, process and product certification standard with an emphasis on the systematic application of CODEX Alimentarius Commission HACCP principles and guidelines for control of food safety and food quality hazards.
First developed in Australia in 1994, the SQF program has been owned and managed by the Food Marketing Institute (FMI) since 2003, and was first recognized in 2004 by the Global Food Safety Initiative (GFSI) as a standard that meets its benchmark requirements.
Following are the requirements:
2.1 Management Commitment
2.2 Document Control and Records
2.3 Specification and Product Development
2.4 Food Safety System for Manufacture of Food Packaging
2.5 SQF System Verification
2.6 Product Identification, Trace, Withdrawal and Recall
2.7 Food Defense and Food Fraud
2.9 Training
2.8 Allergen Management
Module 13: Food Safety Fundamentals – Good Manufacturing Practices for Production of Food Packaging (GFSI Scope M
4 - The forgotten requirements
I call forgotten requirements those requirements of the Standards which are quite often…forgotten by the …interested parties: either by Companies, or by ...Certification Bodies, sometimes by…Inspectors themselves, or even by…Customers.
a) - Product legality issues
A common requirement of the standards is to ensure the product legality.
Legal requirements yes! But of which country?
BRCGS explicitly requires that Company Management has to set up a system in order to ensure conformity to the legal requirements not only in the country in which products are produced, but also, when known, in the countries where products will be sold and utilized.
In most cases, not only the small but also the big Groups operating all around the world…. forget this important requirement. They forget that nowadays in many countries like USA, Russia, Ukraine, China, Russian Republics, Mercosul countries, the public authorities carry out audits to the packaging Companies and take packaging samples for migration controls according to their own legislation and their own limits and for substances listed in their own laws…which are different from EC ones.
In todays global context of protection of national products, the consequence of a packaging not meeting the local laws could be that Manufacturer is put in a black list and forbidden to export its product in their nation
- - Companies part of a Group
This clause is the one most forgotten by big Groups operating in multiple sites around the world. It is quite normal that in a big Group some activities, like raw materials Suppliers’ approval, product development, the issue of product Specification and Declaration of Conformity, the external lab testing on product, is shared or completely carried out by the central Headquarters centralized functions.
But, in such a case, the Standard requires that the interaction must be documented and all policies and procedures necessary for the operation of the site being assessed must be available on the site.
It is furthermore required that the activities shared with, or completely performed by central functions be carried out in conformance to the BRCGS requirements !
c)- Company products Specifications to be communicated to relevant parties
Clause 3.4.2 of BRCGS states: The company shall seek formal agreement of specifications with relevant parties where required by the customer. Where specifications are not formally agreed, then the company shall be able to demonstrate that it has taken steps to put an agreement in place Product Specification is considered nowadays the technical contract between the Manufacturer and the Customer. Consequently, as per every type of contract, it requires the formal acceptance of both parties.
It is mainly in the interest of the Manufacturer to get a formal approval of the Specification by his Customers in order to make it evident which ones are the performance characteristics of the product, their acceptance limits and testing methods, mainly in case of complaints or dispute.
The BRCGS Standard requires that, even when the Customer is reluctant to formally accept the product Specification, the Company shall do its best in trying to get the approval (and this is called “due diligence”)
- - Hazard and risk system to be managed by a team (not by only one person)
- – Company warehouses located at an established distance, typically 50 km, have to be included in the audit process and results included in the audit report
- Exclusions (of products manufactured within the site) to be communicated to the Certification Bodies
- Lack of definition of competence criteria of Company Consultants or external auditors contracted for internal audits, although Standards do require that Consultants or experts be competent.
- ADDITIONAL MODULES – Companies have not duly exploited this audit feature proposed by BRCGS with the purpose of decreasing the number of Certifications held and the third-party audits. Therefore, additional modules can be worked out by Companies to replace, for instance,
relevant audits by them)
- official certification, e.g.: the environmental additional
module can replace, at a much lower cost the ISO
14001 certifications