Avoid Auditing Pitfalls

Food companies routinely conduct food quality and safety audits to qualify vendors both on an initial and ongoing basis. Over the years, many different audit schemes have been developed, resulting in significant improvements in food quality and safety. Recent high profile recalls, however, such as the one involving the Peanut Corporation of America, raise many questions about the purpose and credibility of third-party audits.

The peanut butter recall highlighted the pitfalls of depending on government regulatory agencies to help audit vendors. Governmental agencies suffer from inadequate resources and are overwhelmed by increased imports and food categories. Consider some of these statistics related to the U.S. Food and Drug Administration (FDA), which regulates about 80% of the food consumed in the United States:

• The FDA has oversight of more than 136,000 registered domestic food facilities (including more than 44,000 U.S. food manufacturers and processors and approximately 113,000 U.S. food warehouses, including storage tanks and grain elevators).
• The FDA or state and local authorities regulate more than 2 million farms, roughly 935,000 restaurants and institutional food service establishments, and 114,000 supermarkets, grocery stores, and other food outlets.
• Approximately 189,000 registered foreign facilities manufacture, process, pack, or hold food consumed by Americans.
• The FDA inspects food processing facilities once every 10 years, on average.
• At the present time, the FDA does virtually no on-site inspection of foreign facilities that export to the U.S. and inspects less than 2% of imported food products at U.S. ports of entry.

Various measures to improve food safety and restore public confidence have been implemented. In November 2007, the FDA issued its Food Protection Plan, and the Interagency Working Group on Import Safety issued its Action Plan for Import Safety: A Roadmap for Continual Improvement. Both plans outlined the possible use of third-party inspections and certification programs to help verify the safety of products from a growing food establishment inventory, both domestic and foreign. The FDA also prepared a guidance document, Voluntary Third-Party Certification Programs for Foods and Feeds (www.fda.gov/RegulatoryInformation/Guidances/ucm125431.htm), which discusses recognition and certification for third-party auditing programs.

In response to the recent high profile food recalls and public outcry, Congress has proposed a number of bills, including the Food Safety Enhancement Act of 2009, which requires each food facility to conduct a hazard analysis, implement preventive controls, and implement a food safety plan.

More specifically, the food safety plan requires the secretary of Health and Human Services to:

• issue science-based performance standards to minimize the hazards from foodborne contaminants;
• establish science-based standards for raw agricultural commodities;
• inspect facilities at a frequency determined pursuant to a risk-based schedule;
• establish a food tracing system;
• assess fees relating to food facility reinspection and food recall; and
• establish a program for accreditation of laboratories that perform analytical testing of food for import or export.

The clear direction being mandated by the federal government is a significant increase in auditing and testing effectiveness using a risk-based approach that puts pressure on both the federal regulatory agencies and the business and private sector to improve food safety and restore public confidence.

Business, Private Sector Responses

To help assure food safety and quality and protect their brands, many companies are not waiting for the government to implement new regulatory actions. They are raising the bar themselves, requiring their food vendors to become certified to newly created international or industry sector-specific standard auditing protocols as a condition of doing business.

In the past, companies might utilize internal quality assurance staff, contract with third-party firms to conduct audits of their supply chain vendors on their behalf, or accept a certificate showing evidence that the vendor had been audited by a third-party firm they recognize. For the individual vendor, especially those with a large customer base, this would typically result in a never-ending stream of customers and third-party auditors conducting on-site audits, looking for basically the same things but possibly using different protocols.