The Evolution of HACCP

The ICMSF book included the concepts of CCP1 and CCP2. CCP1 is a point at which control can be applied to prevent or eliminate a food safety hazard or to reduce the hazard to an acceptable level. CCP1 evolved into what is currently known as CCP. CCP2 is a point at which a hazard can be minimized but not controlled. The concept of CCP2 also changed over the years, and most CCP2s were eliminated through the prerequisite programs (PRPs). Any remaining CCP2s were designated control points (CP).

The publication also identified the initial concepts of the PRPs. Systems that were critical to a successful HACCP program included hygienic design of the plant and equipment, cleaning and sanitizing, health and hygiene of personnel, and training.

Initially, PRPs were good manufacturing practice programs. The concept then evolved; PRPs were used to form the underlying system for a successful HACCP program. A list of PRPs was classified as essential for HACCP programs as of 1998 (see “Essential Prerequisite Programs as of 1998,” left).

1990s

The 1990s were an exciting time for HACCP. In 1993, the Codex Alimentarius Commission issued its first HACCP standard, which provided the first international definition for HACCP. In the same year, NACMCF revised its guidance standard, thus codifying the currently used five preliminary steps and seven principles of HACCP.

The five preliminary steps were a critical addition to HACCP. The first step required that HACCP be developed by a cross-functional team. Preliminary steps two through five enabled the team to develop a detailed understanding of the customer, product, and process used to manufacture the product. This information would provide critical input into the hazard analysis process. Many HACCP auditors report that most working flow diagrams are weak and contain insufficient detail regarding areas where hazards can occur in the manufacturing process. Information that can be included in the flow diagrams includes flow of materials, byproducts, rework, waste, and personnel.

In 1997, both Codex and NACMCF revised their standards. As part of the revision process, NACMCF harmonized the U.S. definition of HACCP with the Codex definition. PRPs were identified as necessary for the successful implementation and maintenance of the HACCP process.

The acceptance of HACCP changed third party audit systems internationally. In the United States, the “sanitation audit” was expanded to include PRPs and HACCP. In Europe, private food safety audit schemes were developed. These schemes included the preliminary steps and principles of HACCP, along with PRPs and elements from the 1994 version of ISO (International Organization for Standardization ) 9001, a standard that described the requirements of an FSMS.

The Millennium

By 2000, there were many private and national food safety standards. Although the standards were similar, significant differences among them led to problems in third-party certifications. As a result, Danish Standards petitioned ISO to develop a standard that would define the requirements for an FSMS.

Because HACCP is an evolving system, ISO 22000 describes the state-of-the-art practices of HACCP and food safety. ISO 22000 has made major contributions to FSMS programs. ISO 22000 is designed for any organization in the food chain, including producers, suppliers, manufacturers, distributors, retailers, and food service organizations.

The structure of ISO 22000 is based on the 2000 version of ISO 9001, which differs significantly from the 1994 version. ISO 9001:2000 was developed with a systems approach, which linked all of the elements of an FSMS. In addition, like ISO 9001:2000, ISO 22000:2005 reduced the amount of required documentation.

In 2007, an ISO joint working group made up of ISO Technical Committee 34 (food products) and the ISO’s Committee on Conformity Assessment developed ISO/TS 22003. This technical specification lays out the rules for auditing and certifying organizations to ISO 22000. As part of these requirements, auditors must be knowledgeable in both the food-processing sector they are auditing and in managing system audits. ISO 22003:2007 also contains requirements for both the certification and accreditation bodies. These requirements are designed to give customers information and confidence about the way suppliers earn certification.