ISO 22000:2018 TRANSITION GAP GUIDE - NQA
ISO 22000:2018TRANSITION GAP GUIDE50,000CERTIFICATESGLOBALLYTRANSPARENT90
INTRODUCTIONThis document provides an overview of the key changes between the 2005and 2018 version of ISO 22000 – there are several new requirements inaddition to changes to key definitions. You will need to prepare for thesechanges and adapt your food safety management system to meet the newrequirements within the transition timeline.ISO 22000:2018 TIMELINEISO 22000:2018 was published on 19th June 2018 and is the replacement for ISO 22000:2005.For organizations currently using ISO 22000:2005 there will be a three-year period to transitionto ISO 22000:2018.ProposalstageCommitteestage (CD)Approvalstage (FDIS)Training for allNQA staffNovember2014December2016February2018March - April 2019PreparatorystageEnquirystage (DIS)PublicationISO 22000:2018November2015July 2017June 2018NQA no longerprovides quotes forISO 22000:2005Last day toschedule anytransition auditsFrom May 2020October 31 2021FSMS Certifiedclients encouragedto scheduletransition auditand complete GAPanalysisNo further auditsfor ISO 22000:2005permitted.ISO 22000:2018audits are scheduledTransition period endsDecember 31 2021January 1 2021From Jan 2020STRUCTURE OF ISO 22000:2018WE ARE HERE TO HELPThe structure of ISO 22000:2018 follows theAnnex SL high level structure being appliedto all new and revised ISO managementsystem standards:We are committed to translating the languageof the new standard, to help users interpretnew concepts and manage system changesmore easily.1.2.3.4.5.6.7.8.9.10.ScopeNormative ReferencesTerms and DefinitionsContext of the ormance EvaluationImprovementKeep updated with the changes se get in touch if you have anyquestions – call 0800 522 2424.
GAP ANALYSIS AND GUIDANCEISO 22001:2018CLAUSESISO 22001:2005CLAUSESGUIDANCE4 Context of the Organization4.1 Understanding theorganization and itscontextNew requirement!This new concept relates to the factors and conditions affectingorganizational operation e.g. regulation, governance andinterested parties. What drives the culture and requirements ofyour organization? Be prepared to discuss with your assessor,how the context of the organization influences the ability toachieve the intended outcomes of your food safety managementsystem4.2 Understanding theneeds and expectationsof interested partiesNew requirement!Consider who the interested parties might be and what theirrelevant interests might be, e.g. workers, customers, regulators,competitors and external providers. Consider the risks andopportunities that are generated for the context. Be prepared todiscuss stakeholder interests with your assessor.4.3 Determining the scopeof the environmentalmanagement systemPartially coveredby 4.1When determining this scope, the organization shall consider:a) the external and internal issues referred to in 4.1;b) the requirements referred to in 4.2.Therefore the Scope can only be defined when 4.1 - 4.2 havebeen considered.Do not forget the Scope shall specify the products and services,processes and production sites that are addressed by the FSMSand shall include the activities, processes, products or servicesthat can have an influence on the food safety of the end products.4.4 Food SafetyManagement SystemPartially coveredby 4.1Largely unchanged, only highlight that 2018 version do not longerrequire a documented FSMS, how to manage the system it is nowyour decision.5.1 Leadership andcommitmentPartially covered by5.1, 7.4.3Top management of the organization are now required todemonstrate leadership and commitment to the FSMS in anumber of specified ways: ensuring integration of the FSMSrequirements into the organization’s business processes, supportpersons that contribute to the effectiveness of the FSMS, etc.5.2 Food safety policyPartially coveredby 5.2The policy must be now also appropriate to the context, addressalso internal and external communications and need to ensurecompetencies related to food safety, provide a framework forsetting and reviewing objectives, include commitment to continualimprovement among other previously required requisites. Thepolicy shall be also documented and available to relevantinterested parties.5.3 O rganizational roles,responsibilities andauthoritiesPartially coveredby 5.4, 5.5, 7.3.2Apart from communicating responsibilities and authorities, topmanagement shall ensure they are also understood within theorganization. New responsibilities and authorities for ensuringthat the FSMS conforms to the requirements of the standard andreporting on the performance of the FSMS to top management areto be assigned.5 Leadership
ISO 22001:2018CLAUSESISO 22001:2005CLAUSESGUIDANCE6 Planning6.1 Actions to address risksand opportunitiesNew requirement!Consideration needs to be given to its identified internal and externalissues (4.1), the needs and expectations of its interested parties(4.2) during planning and determined scope of the FSMS (4.3). Anew concept of “risks and opportunities” is introduced. Planningnow requires the identification of the risks (defined as the effectof uncertainty) and opportunities related to the performance andeffectiveness of the FSMS. Risks and opportunities identified insection 4 become inputs to a comprehensive planning approach.6.2 Objectives of the FSMSand planning to achievethemPartially coveredby 5.3Objectives must be consistent with the food safety policy, follow theSMART criteria, and consider customer, statutory and regulatoryrequirements. There should be detail of who is responsible, agreedtimings and measures in place to establish progress, resourcesavailable and whether proposed achievements have been met.Established objectives will be documented information.6.3 Planning of changesPartially coveredby 5.3When determining the need for changes to the FSMS, theorganization must be also taken into consideration the purposeof changes, resources and responsibilities apart from ensuring itsintegrity.7.1.1 GeneralPartially coveredby 6.1The organization shall also consider the capability of and anyconstraints on existing internal resources and resources requiredfrom external sources.7.1.2 PeoplePartially coveredby 6.2Where external experts where used in the development,implementation, operation or assessment of the FSMS, theorganization must ensure they retained documented informationsuch as an agreement or contract that defines their relevantcompetency, responsibility and authority.7.1.3 InfrastructurePartially coveredby 6.3Largely unchanged7.1.4 Work EnvironmentPartially coveredby 6.4Largely unchanged, note added highlighting examples of whatfactors need to be considered within environment7.1.5 Externally developedelements of the FSMSPartially coveredby 1New information regarding externally developed elements of theFSMS to be considered when used7.1.6 Control of externallyprovided processes,products or servicesPartially coveredby 4.1New information regarding control of externally provided processes,products or services7.2 CompetencePartially coveredby 6.2, 7.3.2External providers are now also considered when determiningcompetence of persons doing work under the organization’s controlthat may affect the FSMS. The term “competent” replaces “trained”.The organization shall retained documented information as evidenceof competence.7.3 AwarenessPartially coveredby 6.2.2Now personnel must also be aware of the food safety policy,objectives of the FSMS relevant to their tasks, and the benefits ofimproved food safety performance.7.4 Communication5.6, 6.2.2Some terms have been replaced to make them more clear (suppliersby external providers and qualifications by competencies)7.5 Documented InformationPartially coveredby 4.2, 5.6.1The organization’s FSMS must include also documented informationand food safety requirements required by statutory, regulatoryauthorities and customers.7 Support
ISO 22001:2018CLAUSESISO 22001:2005CLAUSESGUIDANCE8 Operation8.1 Operational Planningand ControlNew requirement!Specific reference is now made to the planning of operations, aswell as their control and update. Controls for processes shouldnow be implemented to ensure the realisation of safe products aswell as the implementation of defined actions to address risk andopportunities. There are requirements for the control of plannedchanges and the review of unintended changes. It is now specifiedthat outsourced processes are to be controlled.8.2 PrerequisiteProgrammes (PRPs)Partially coveredby 7.2Statutory and regulatory requirements shall be taken intoconsideration when selecting PRPs. Likewise, when establishingthe PRPs, the organization must consider also supplier approval,labelling and control of incoming materials, storage, dispatch anddistribution.8.3 TraceabilityPartially coveredby 7.9Further details regarding what to be considered when establishingand implementing the traceability exercise. Documented informationmust be retained for a defined period, as a minimum, the shelf-life ofthe product. Its effectiveness shall be also tested.8.4 E mergencypreparedness andresponsePartially coveredby 5.7Documented information is now required to be established andmaintained in case of potential emergency situations and incidents.Steps to handle emergencies are now specified.8.5.1 P reliminary steps toenable hazard analysisPartially coveredby 7.3, 7.2.4Source of products is now required to be specified in thedocumented information concerning raw materials, ingredientsand packaging specifications. Documented information regardingcharacteristics of ends products must include method of distributionand delivery. “Description of processes steps and control measures”has been replaced by “description of processes and processenvironment” detailing also additional requirements. Processingaids, packaging and utilities are also to be added to the flowdiagram/s.8.5.2 Hazard analysisPartially covered by7.3.5.2, 7.4, 7.6.2The identification of hazards shall also be based on internalinformation and customer requirements. The systematic approachfor assessing each control measure, must also consider the viabilityof establishing measurable critical limits and applying timelycorrections in case of failure. Additionally, external requirements thatcan impact the choice and strictness of control measures shall bedocumented.8.5.3 Validation of controlmeasure(s) andcombination(s) ofcontrol measure(s)Partially coveredby 8.2The decision making process and categorization of controlmeasures as well as their validation must be maintained asdocumented information. It is also mentioned that this validationmust be conducted before the implementation of the Hazard controlplan.8.5.4 Hazard Control PlanPartially coveredby 7.5, 7.6A Hazard Control Plan includes OPRP plan and monitoring systemsfor OPRPs as well as a HACCP Plan and monitoring system forCCPs. The organization shall implement, maintain and retainedevidence of the hazard control plan as documented information.When critical limits or action criteria are not met the organizationshall ensure, among others, that the potentially unsafe products arenot released.8.6 U pdating the informationspecifying the PRPs andthe hazard control planPartially coveredby 7.7Once the Hazard Control Plan is established, the information tobe updated, if necessary, is listed (process steps and controlmeasures now replaced by descriptions of processes and processenvironment).8.7 C ontrol of monitoringand measuringPartially coveredby 8.3Included also that software used in monitoring and measuring needsvalidation prior to use.Operation section continues on next page
ISO 22001:2018CLAUSESISO 22001:2005CLAUSESGUIDANCE8 Operation (continued)8.8 Verification related toPRPs and the hazardcontrol planPartially coveredby 7.8, 8.4.2, 8.4.3Verification activities shall confirm that PRPs and hazard controlplan implemented and effective. The organization must ensurethat verification activities are not carried out by the same personresponsible for monitoring the activity or the control measures.8.9 Control of product andprocess nonconformitiesPartially coveredby 7.10Version 2018 specifies clearly the steps to be followed when actioncriteria for an OPRP is not met. When reviewing nonconformitiesidentified by consumer complaints and/or regulatory, theorganization must ensure there are corrective actions in place.When doing the evaluation for release, conditions apply to all thoseproducts that do not comply with the established action criterionfor OPRP. Products that are not accepted for release could be alsoreprocessed, destroyed and/or disposed as waste or redirected forother use as long as food safety in the food chain is not affected. Allresults of evaluation for release and disposition of nonconformingproducts shall be retained as documented information.9 Performance Evaluation9.1 Monitoring,measurement, analysisand evaluationPartially coveredby 8.4.2, 8.4.3New clause including mandatory documented information andevaluation of performance and effectiveness with regard tomonitoring, measurement, analysis and evaluation methods.9.2 Internal auditPartially coveredby 8.4.1More aspects to consider in the audit programme such as changesin the FSMS, the results of monitoring, measurement and previousaudits. The results of the audits must be reported to the food safetyteam and relevant management. All information must be retained asdocumented to show evidence of the implementation of the auditprogramme and audit results. The organization shall determine if theFSMS meets the intent of the food safety policy and objectives set.9.3 Management ReviewPartially coveredby 5.2, 5.8Several inputs now also to be discussed during the managementreview meeting (monitoring and measurement results,nonconformities and corrective actions, the adequacy of resources,performance of external providers, etc.).10.1 Nonconformity andcorrective actionNew requirement!The standard provides all steps to be followed by the organizationwhen a nonconformity occurs.10.2 Updating the foodsafety managementsystemPartially coveredby 8.1, 8.5.1The importance of improving suitability, adequacy andeffectiveness of the FSMS is now highlighted as this was notspecified in much detail in 2005 version.10.3 Continual improvementPartially coveredby 8.5.2Largely unchanged10 ImprovementAUDITINGThe standard is written for the benefit of organizations, not auditors. Auditors will need tounderstand and recognize the extent and type of evidence that would be acceptable toconfirm to the 2018 requirements.ISO 22000:2018 auditors will be engaging in dialogue with business leaders, seekingunderstanding and explanations from them about policy, strategy and food safety objectives,and ensuring these are compatible. The audit experience from the client perspective is likelyto be different because of this, but the end result would be more value being able to beadded to the organization as a whole from the audit process.
KEY CONCEPTSContext of the OrganizationHazard Control PlanThis is a new requirement to identify the internaland external factors and conditions that affect anorganization. Examples of internal issues could includean organization’s culture and capabilities, whilst externalissues could include the variety of external providers,changes in consumption patterns and the technologyadvances to name but a few.The term of action criteria has been introduced to alsoclarify what OPRPs are meant for. The Hazard control planmust consider both OPRP and HACCP Plan.The organization also needs to identify the interestedparties to the FSMS and any requirements they have.Tip: T he context will influence the type andcomplexity of management system needed.Tip: R eview thoroughly your systememphasizing and documenting the howand why for the categorization of controlmeasures managed as OPRPs or CPPs,make a final summary with different plansfor each and ensure all established controlswere previously validated.CompetenceLeadershipThere is an explicit requirement for top management todemonstrate leadership and commitment relating to thesystem. This is an enhanced requirement relating to topmanagement.Tip: T op management will need to takeaccountability for the effectiveness of theFSMS, provide support and resourcesas necessary and promote continualimprovement.Trained has been explicitly replaced by competentpersonnel in a way to emphasize the importance ofconsidering also aspects such as experience, skills,knowledge, understanding of the task given among othersapart from training and/or qualifications alone.Tip: Ensure job descriptions, procedures forprocesses and continuous training areclearly defined and established so you havethe right person in the right position.Performance EvaluationRisk and OpportunitiesThis is a new concept introduced in the ‘planning’ sectionof the standard. It requires the organization to identify therisks and opportunities that may affect the performance andeffectiveness of the FSMS, and take action to address them.Tip: “Risk and opportunities” can be thoughtof as potential adverse deviations from theexpected (threats) or potential beneficialdeviations from the expected (opportunities).There is a new emphasis on the need for evaluationin addition to the current requirements for monitoring,measurement and analysis.Tip: Evaluation is the interpretation of resultsand analysis. This is not new to managersbut is made explicit in the standard for thefirst time. Processes may be well definedand effective, but do they yield optimumresults? This may be a new challenge forinternal audits.CONCLUSIONISO 22000:2018 incorporates more business management terminology and concepts and willensure that the operational system will be integrated into the organization’s overall businessprocesses rather than being separate entities.The changes will require effort from organizations to implement, however the overall result will be amore effective food safety management system capable of improving the intended results.
www.nqa.com
Jun 19, 2018 · ISO 22000:2018 TIMELINE ISO 22000:2018 was published on 19th June 2018 and is the replacement for ISO 22000:2005. For organizations currently using ISO 22000:2005 there will be a three-year period to transition to ISO 22000:2018. STRUCTURE OF ISO 22000:2018 The structure of ISO 22000:2018
There are PowerPoint Training Presentations covering ISO 22000, HACCP, Internal Audits, Implementing ISO 22000 Food Safety Team Guide and FSSC 22000 Certification Scheme Additional Requirements plus a Sample Training Matrix. Introduction to ISO 22000 Introduces the ISO 22000 standard to the management team.
ISO 22000:2018, ISO/TS 22002-1:2009, FSSC 22000 Additional requirements CIII Processing of perishable animal and plant products (mixed products) M ixing, cooking, packing, ensemble cooling, chilling, freezing Final products e.g. mixed products, pizza, lasagna, sandwich, dumplings, ready-to-eat meals. ISO 22000 :2018 , ISO/TS 22002 -1:2009 , DS
ISO 9001, ISO 14001 and ISO 45001, making a smooth road for auditors and auditees. ISO 22000 is the food safety management system that can be easily applicable to any organization in the food chain. ISO 22000 was initially developed on September 1st 2005 by the ISO/TC 34/SC 17 as the first truly international FSMS standard.
Transition Guidance; From ISO 22000:2005 to ISO 22000:2018 . Organizations are granted a . three-year transition period. after the revision after 19. th. June 2018 published to migrate their food safety management system to the new edition of the standard. This means that certification to ISO 22000:2005 will be invalid beyond 29. th. June 2021.
standard ISO 22000:2018 for Food Safety Management Systems or the FSSC 22000 certification scheme version 5. The package is based on the integration of the ISO 22000:2018 food safety management standard and Technical Specification TS ISO 22002: part 1 Prerequisite Programmes for Food Manufacturers.
ISO 22000 demands monitoring system and planning of corrective actions for operational PRPs, as for CCPs. ISO 22000 demands analysis and improvement according to the outcome of monitoring of oPRPs and HACCP plan. ISO 22000 also requires the review and identification of specifications, formulation and origin for input and end-products.
Since then, ISO 22000 has exhibited a worldwide implementation and the number of certificates to this standard has steadily increased during all these years. According to the ISO annual survey [4], of the number of valid certificates to ISO management system standards worldwide, a total of 33.502 ISO 22000 certificates were
Unit 2 Phonics and reading 1.Choose the picture that matches the vowel team word CSK 2.Complete the vowel team words E68 3.Complete the word with the correct vowel team HTK 4.Choose the vowel team sentence that matches the picture DJD 5.Choose the r-control word that matches the picture VVD 6.Complete the word with the correct r-controlled vowel: ar, er, ir, or, ur PLR 7.Complete the word with .
