How to Perform a Supplier Audit According to ISO/FSSC 22000

Food safety and quality are critical for any organization involved in food production or supply. One of the most effective methods to ensure compliance with safety standards is by conducting a supplier audit. ISO 22000 and the FSSC 22000 standards provide frameworks for food safety management systems, and a supplier audit based on these standards can help organizations verify that their suppliers are meeting the necessary requirements.

Overview of ISO/FSSC 22000

ISO 22000

ISO 22000 is an international standard for food safety management systems (FSMS). It integrates the principles of Hazard Analysis and Critical Control Points (HACCP) and places emphasis on risk management in the food supply chain.

FSSC 22000

The Food Safety System Certification (FSSC) 22000 is a globally recognized certification scheme that builds on ISO 22000. It also includes additional requirements specific to the food industry, such as Pre-Requisite Programs (PRPs) and food fraud mitigation measures.

Both standards require organizations to ensure their suppliers adhere to food safety standards, which is where supplier audits come in.

Why Perform a Supplier Audit?

Supplier audits help organizations:

• Ensure the safety and quality of materials sourced for production.
• Verify that suppliers follow good manufacturing practices (GMP) and food safety management systems (FSMS).
• Assess the risk associated with suppliers and mitigate potential food safety hazards.
• Strengthen relationships by setting clear expectations and fostering communication about compliance.

Click Here to Download Readymade ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000, HACCP, Food Safety & Integrated Management Systems (IMS) Templates.

Steps to Perform a Supplier Audit According to ISO/FSSC 22000

1. Planning the Audit

a) Define the Scope and Objectives

Start by defining the scope of the audit. This may include a review of the supplier's food safety management system, production processes, and quality control measures. The objective is to assess compliance with ISO/FSSC 22000 standards.

b) Select Audit Criteria

The audit criteria should be based on ISO 22000 or FSSC 22000 requirements. These standards provide specific guidelines on PRPs, HACCP principles, and risk management. Ensure the audit also covers regulatory and customer-specific requirements.

c) Risk-Based Approach

Prioritize suppliers based on their risk level. A supplier providing high-risk materials (e.g., raw meat or dairy) may require more frequent and detailed audits than a supplier providing low-risk materials (e.g., packaging).

d) Prepare an Audit Plan

An audit plan should detail:

• The audit objectives.
• The audit scope (areas to be covered).
• The audit criteria (standards and regulations).
• The audit team (qualified auditors familiar with ISO/FSSC 22000).
• The audit timeline and schedule.

2. Pre-Audit Preparation

a) Communicate with the Supplier

Inform the supplier in advance about the audit and provide details on what will be covered. Share the audit plan and any documents they should prepare, such as their FSMS documentation, PRP procedures, and food safety policies.

b) Review Supplier Documentation

Before the audit, review any documentation provided by the supplier. This includes their certification records, previous audit results, food safety plans (HACCP), and risk assessments. Understanding their current system will guide the audit focus areas.

Click Here to Download Readymade ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000, HACCP, Food Safety & Integrated Management Systems (IMS) Templates.

3. Conducting the Audit

a) Opening Meeting

Begin with an opening meeting to explain the purpose of the audit and confirm the scope, criteria, and schedule. Ensure that both the auditor and supplier agree on the process.

b) On-Site Inspection

During the on-site visit, focus on key areas that affect food safety and compliance with ISO/FSSC 22000:

• Facility Conditions: Assess the condition of the supplier’s premises, including sanitation, equipment maintenance, pest control, and hygiene practices.
• Food Safety Management System: Review the supplier's FSMS, including PRPs, HACCP, and how they manage risks. Ensure they follow documented procedures and that staff is adequately trained in food safety protocols.
• Traceability: Confirm the supplier's ability to trace products and raw materials throughout the supply chain. This is critical for effective recall procedures if a food safety issue arises.
• Process Controls: Assess their process controls for preventing contamination, monitoring critical control points (CCPs), and ensuring quality consistency.
• Supplier’s Compliance: Evaluate compliance with relevant legislation and industry best practices.

c) Interviews

Conduct interviews with personnel to assess their knowledge of food safety principles, GMPs, and the supplier’s FSMS.

d) Documentation Review

Examine records such as:

• FSMS manuals.
• HACCP plans.
• PRP procedures.
• Training records.
• Internal audit reports.
• Calibration and maintenance records.

e) Observations

Make detailed observations on the supplier’s adherence to ISO/FSSC 22000 requirements. Identify any non-conformities, potential risks, or areas for improvement.

Click Here to Download Readymade ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000, HACCP, Food Safety & Integrated Management Systems (IMS) Templates.

4. Audit Reporting

a) Non-Conformance Identification

Any deviations from the ISO/FSSC 22000 requirements should be documented as non-conformances. Classify them by severity (e.g., major or minor) based on their potential impact on food safety.

b) Corrective Action Requests

For each non-conformance, request corrective actions from the supplier. Specify deadlines for resolution and follow-up audits if necessary.

c) Closing Meeting

Hold a closing meeting to discuss the audit findings with the supplier. Provide feedback on their strengths and areas for improvement, and agree on the corrective actions required.

d) Final Audit Report

Prepare a comprehensive audit report summarizing:

• The audit objectives, scope, and criteria.
• Key findings, including non-conformances.
• Recommendations for corrective actions.
• Timeline for corrective actions and any follow-up audits. The report should be shared with both the supplier and relevant departments within your organization (e.g., procurement and quality assurance teams).

5. Post-Audit Follow-Up

a) Monitor Corrective Actions

Ensure that the supplier addresses non-conformances within the agreed timeframe. Review evidence of corrective actions, such as updated procedures or training records.

b) Re-Auditing and Continuous Monitoring

Depending on the risk level and performance, you may need to conduct follow-up audits. Maintain ongoing communication with the supplier and monitor their performance through key metrics (e.g., defect rates, customer complaints, or regulatory non-compliance).

Click Here to Download Readymade ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000, HACCP, Food Safety & Integrated Management Systems (IMS) Templates.

Best Practices for Supplier Audits

• Use a Standardized Checklist: Create a checklist based on ISO/FSSC 22000 requirements to ensure consistency across audits.
• Train Auditors: Auditors should be well-versed in ISO/FSSC 22000 and have experience in food safety management systems.
• Collaborate with Suppliers: Approach the audit as a collaborative effort rather than a punitive measure. Offer support and guidance to help suppliers improve their food safety management systems.
• Leverage Technology: Use audit management software to streamline the process, manage documentation, and track corrective actions more effectively.

Conclusion

Supplier audits based on ISO/FSSC 22000 are an essential part of ensuring food safety throughout the supply chain. By following a systematic approach that includes planning, on-site inspections, reporting, and follow-up, organizations can mitigate risks and ensure that their suppliers adhere to food safety standards. A successful supplier audit fosters trust, enhances product quality, and ensures compliance with international food safety standards.

Click HERE to download or any of the following documents:

• ISO/IEC 17025 Laboratory Management System Implementation Kit
  

• HACCP Implementation Kit
  

• ISO 9001 Quality Management Systems (QMS) Implementation

• ISO 22000 Food Safety Management Systems (FSMS) Implementation

• Food Safety Systems Certification (FSSC) 22000 v5 Implementation

• ISO 14001 Environmental Management Systems (EMS) Implementation

• ISO 45001 Occupational Health & Safety Management Systems (OH&SMS) Implementation

• ISO 50001 Energy Management Systems (EnMS) Implementation

• Integrated Management Systems (IMS) Implementation

• Production, Quality Control / Equipment Maintenance Kit

• Lean Six Sigma

• Lean Management/Manufacturing

• Six Sigma Kit

• Supplier Quality and Compliance Management (SQCM) Kit 

• Risk Management

• Industrial Health, Safety & Environmental Management (HSE) Kit

• Process Manuals

Click Here to Download Readymade ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000 HACCP & Integrated Management Systems (IMS) Templates.