Baking & Snack: How did facilities change their food safety procedures after the massive peanut butter recall even though the offending facility had been inspected and given an excellent rating by its auditors?
Richard Stier: The PCA’s Salmonella outbreak and recall was an embarrassment to the food industry as a whole. What made this incident so terrible was that PCA, its clients and its stakeholders — such as laboratories, audit firms and suppliers — should have had a better understanding of the products, processes and potential risks. Problems with Salmonella and peanut butter were not new.
For an overview of the outbreak and some of the issues that the incident brought to light, the article written by Michael Moss and Andrew Martin in The New York Times on March 5, 2009, is a must-read. One statement in the piece attributed to Mansour Samadpour, PhD, the principal at IEH Laboratories, is really food for thought. Dr. Samadpour said, “The contributions of third-party audits to food safety is the same as the contribution of mail-order diploma mills to education.”
This statement is rather harsh, but it does imply that all audits and auditors are not created equal. How effective a third-party audit will be and whether it will “find the skeletons in the closet” depends upon the auditor and the audit format being used. The individual who conducted the audit of the PCA facility in Blakely, Ga., was an acknowledged expert in fresh produce, but apparently had no idea that Salmonella posed a potential risk in peanut butter. This is underscored by an email from the auditor that read, “I never thought that these bacteria would survive in the peanut butter-type environment? What the heck is going on?”
What this incident seems to have done is to galvanize buyers into demanding a different kind of audit, and that has been either the audit schemes that the Global Food Safety Initiative (GFSI) has approved or the incorporation of the ISO 22000 principles into their food safety management program. The six schemes currently approved under GFSI are the British Retail Consortium (BRC), Safe Quality Food (SQF), International Food Standard (IFS), Dutch HACCP, Food Safety System Certification (FSSC) 22000 and Synergy 22000. In spite of Dr. Samadpour’s very negative evaluation of third-party audits, a number of people in the other camp believe that the adoption of these audits have enhanced food quality and safety, and reduced recalls.
Of course, the question regarding qualified auditors still remains. A good auditor is not simply someone who has attended a course and passed a test. The best auditors have extensive experience with different products, processes and plants, and they understand not only what can create problems but the means for preventing them.
It will be very interesting to see how FSMA provisions that address certified auditors will shake out in the long run.
How have these companies re-examined their plants to find areas that need extra swabbing and other food safety procedures?
Whether companies have made a greater commitment to pathogen monitoring in food processing facilities remains to be seen. For processors of ready-to-eat (RTE) products such as deli meats and fresh-cut produce, these programs remain an integral part of doing business.
What is happening is that food processors are taking a closer look at issues related to sanitary design of equipment and the physical plant, air handling facilities and traffic patterns throughout the plant. In this case, traffic patterns mean how people, vehicles, ingredients, finished goods and packaging move through the plant and how they are stored.
When the space program adopted HACCP more than 50 years ago, the developers acknowledged that microbiological testing was simply not adequate to ensure the production of safe foods. In 1985, a National Academy of Sciences report reiterated that HACCP was the best means of ensuring food safety. The report stated, “Testing of finished products was not an effective means of protecting the consumer and assuring the foods were free of microorganisms of public health significance.” The bottom line is that safety must be built into the process; it cannot be tested into the product.
Processors that develop and implement environmental sampling programs need to take care in setting up the programs. Sadly, companies still do environmental sampling simply to meet the demands of a customer or to meet an audit requirement. With such programs, one size does not fit all. The plan needs to be designed to gather specific information for that facility so that decisions can be made on whether the programs in place are effective. An environmental monitoring program should be much more than simply “gathering data.”
How has the number of audits increased since the peanut scandal? How have these audits changed in what they are asking from their suppliers?
The number of audits may have actually decreased given the emphasis of the GFSI audit schemes and the International Organization for Standardization’s ISO 22000. In the past, one of the complaints many processors had with regard to third-party audits was that there were simply “too many of them.”
I have personally spoken to several quality managers who have told me that they were averaging one to two audits per month. Each customer would want to do their own audit, plus there were others who required third-party audits, which were not always the same one. In fact, some processors maintain multiple sets of quality manuals designed to meet audit firms’ different requirements.
This situation underscores one problem with many audit schemes: proscriptive protocols. Ideally, audits should be designed to make sure that processors have the necessary elements in their quality, safety and sanitation programs, and that they are effective. They should not define how the elements that make up these programs should be set up.
The ISO 22000 standard, "Food Safety Management Systems — Requirements for Any Organization in the Food Chain," was finalized in September 2005. This standard and the GFSI-approved schemes impose a greater discipline on managing food safety. As few as 10 years ago, audits were the bailiwick of the quality manager. This person worked with the auditor throughout the audit and was the source of all information.
ISO 22000 and GFSI schemes almost mandate that companies manage food safety as a team. There is simply too much for one person to do. The basic elements of these programs include management support; development of documented procedures; training persons on said procedures; monitoring and recordkeeping to ensure procedures are being followed; verification activities to ensure the system is working, including internal audits; and management reviews from which programs are derived to ensure that the system is improving.