Welcome back
to this blog. I hope that the information presented here is interesting for you,
that it somewhat enriches your knowledge of
ISO 22000:2018 standard and its requirements.
In this entry
I am starting the analysis of the groups of requirements corresponding to Sub-clause 5.2 – Policy of this standard, so I will start with Section 5.2.1 -
Establishing the food safety policy. There are many and very important requirements included in this section, so in this post I will analyze approximately half of them, and the
rest, in a second part, in other entry.
However,
before beginning with this analysis of the requirements of Section
5.2.1, I believe it is important to present to you some
useful preliminary information for a better understanding and application of
the requirements of this Sub-clause 5.2, and of which little is mentioned in relation to this ISO 22000
standard.
First of all,
it is important to consider that in its Clause 3 - Terms and definitions, this standard, in its subsection
3.34, presents the term "policy" and defines it as follows:
We can understand this, in a better way, if we consider that intention is a term which means what one intends to accomplish or attain; and we can understand by direction: guidance or supervision of action or conduct.
These terms
lead us to consider that the policy, in this case of food safety, should integrate a series of elements: on the one hand, those that
identify the "intentions" of the organization in terms of food safety, which can be from a single one, to all those that the organization can identify
as desirable or necessary. On the other hand, this policy should integrate as well, all the direction elements that it considers relevant in this matter
of food safety.
The top
management of an organization that establishes a food safety management system in compliance
with ISO 22000 standard, should take
into account that the food safety
policy is a
strategic element of great importance so that said system can be of value to the organization itself. In
fact, for the food safety management system, the food safety
policy is the most
important strategic element, because all other activities that are going to be
carried out within that system should be aimed at complying with that policy. Of course that there are strategic elements of a
higher level than this policy, such as the mission, vision and values, but these
are above this management system, and it is
the policy that should be aligned with those elements.
Similarly, it
is very important to understand that this food safety policy is a statement that should be issued by top
management and contain
various components, including intentions and direction elements, in accordance with the requirements of this Section 5.2.1.
However, a
common flaw in organizations that apply
these food safety management systems, based on the ISO 22000: 2018 standard, is that the food safety policy they establish are not elements generated by top management, but rather by some operational-type mid-level official, perhaps with
the participation of some technical manager and, therefore, these policies do not integrate either the intentions or the direction elements that
should be established and formally expressed by top management. So, they
are elements that do not really make up a food safety policy, according these requirements, but some statement that contains some phrases, more motivational than
guiding, with the intention of meeting with a requirement of the standard, but that are far from complying with all requirements established for said policy. In most of
these cases, these policies do not meet the definition presented above, nor do
they contain the intentions or the direction elements that can serve as a guide to the entire organization in terms of food safety.
After this
brief introduction to the subject, we begin with the analysis of the requirements related to
the food safety policy that I will analyze in this post, and which are the
following:
As I have
mentioned in other entries regarding analysis of requirements
of management system standards, we should be careful when reading these requirements, since the way in which the texts are presented
in these standards, when separating each requirement individually, seems that these are repeated.
However, each of them sets a different specification from the others.
As with all requirements derived from Sub-Clause 5.1 – Leadership and commitment, all the requirements of this Section
5.2.1 – Establishment of the food safety policy, have been established for the top management of the organization. In the case of Section 5.2.2 – Communication of the food safety
policy, its derived requirements
refer to food safety policy, although its application falls partially on top
management, but also on other members of the organization.
We should be
aware that the most costly, but also perhaps the most common (and often
unidentified) deficiency in the
operation of management systems based on standards is the lack
of commitment from top management.
There may be
a wide variety of failures in management systems, and they may often be identified and corrected. But the identification
of failures by top management is very complicated, both because of the ignorance
of the personnel and even of auditors, as well as possibly because of the fear of
receiving reprisals.
Paradoxically,
those who should be more aware of and committed
to these management systems are the ones who least comply with the
responsibilities assigned to them by these standards. This is partly because they don't know the standards well, they can't identify the responsibilities assigned to them, and those responsible for
operating these systems either don't know them, or
don't dare enforce those responsibilities.
Auditors, both internal
and external, are also responsible for these deficiencies, who
generally ask them very generic questions about the leadership they exercise, but usually do not ask specific questions that can
reveal these failures. And the same happens with the evaluators of certification
bodies, who, due to ignorance of these issues, I suppose,
prefer to focus on evaluating the operational and methodological aspects of the
management systems than evaluating compliance with the
responsibilities of top management.
The ISO 22000:2018 standard establishes the following requirements derived from
the Section
5.2.1, and I present them with the corresponding
progressive numbering, as I have been presenting all the requirements of this standard that I have
been analyzing.
Requirement No. 52: Top management shall establish a food safety
policy that is appropriate to the purpose of the organization.
The first thing that this requirement establishes, and that is repeated in some subsequent ones that
correspond to this sub-clause, is that top
management should establish the organization's food safety policy, but it also establishes that it should be appropriate to the purpose of the organization.
This leads us to identify the meaning of the word "establish", which we previously did in what corresponds
to Sub-clause
4.4 of this standard:
Based on this definition, top management should develop and institute a food safety policy for the organization by agreement.
The second element to consider from this requirement is that this food safety policy should be appropriate to the purpose of the organization. However, a question could enter here: What is the
purpose of an organization? How can we find it, understand it or know it?
I have not found a single ISO management system standard that defines the concept of purpose, although it is included in all of these standards. But if we
look in dictionaries, we may find the following definition:
However, in the ISO 9000:2015 standard, which, as I have mentioned in a previous entry, it is important to consult in relation to any management system standard, although its primary orientation is the ISO 9001:2015 standard, for quality management, two terms and their definitions are included that can shed some light on this concept:
If we add another term to these two, that is related to them, which is values, this one is not defined in the ISO 9000:2015 standard, but whose definition appears in the ISO 22316:2017 standard - Security and resilience - Organizational resilience - Principles and attributes, and is as follows:
We can consider that the purpose of an organization is identified from two key strategic elements for any organization, which are the mission and the vision, which may be accompanied by another element that
we can consider as complementary, such as values, but which is important in guiding and supporting
the behavior of the entire organization. These elements should be established by the owners and would mean why the organization was created (fundamental goal), and what would be the expectations of its
performance in a certain period of time.
The fact that an organization should have identified a mission, vision and values, does not
mean that they are specific requirements of the ISO 22000 standard, nor of any management system standard, since it is considered that every organization should have these elements identified and documented, and that they
should be accessible to its entire staff. Also, it is considered that an organization could not perform in a successful way if it does not have these primary
strategic elements. These elements can also be modified, either to redefine
them, enrich them, or to redirect them.
It would be expected that this purpose would establish the reason that justifies the
existence of an organization based on three elements: its profits, its impact
on society, and its impact on the people that comprise it.
Once the concept of purpose is understood, top
management should ensure that the food safety
policy is appropriate and aligned with these elements.
This would mean that by consistently applying and complying with this policy,
the organization would be getting closer to fulfilling that purpose.
If we make the corresponding adjustment to the ISO 22000 standard, the technical specification ISO/TS 9001:2018 - Quality
management systems — Guidelines for the application of the ISO 9001:2015 indicates that in order to establish the food safety policy, entries such as the following may be taken into
account:
— a clear understanding of the context of the organization, including the current performance of its management system and the needs and expectations of its relevant interested
parties;
— the organization’s strategic direction, based on its mission, vision, guiding principles and core values;
— the level and type of future improvements
needed for the organization to be successful;
— the expected degree of customer
satisfaction;
— the resources needed to
meet intended results;
— the potential contributions of relevant interested parties.
Requirement No. 53: Top management shall establish a food safety
policy that is appropriate to the context of the organization.
We already
saw with the previous requirement what it means for top management to establish a food safety policy. In addition to that, the requirement establishes that this policy is
appropriate to the context of the organization.
For this, it
is good to remember what the context of the organization means, in
accordance with the ISO 9000:2015 standard.
This
definition in the ISO 9000:2015 standard contains four notes, which
contain important complementary information, and I present below:
Note 1 to entry: The objectives of the organization may be related to its products and services,
investments and behavior towards its interested
parties.
Note 2 to entry: The concept of context of the organization is equally applicable
to not-for-profit or public service organizations as it is to those seeking profit.
Note 3 to entry: In English, this concept is often referred to by
other terms, such as “business environment”, “organizational environment” or “ecosystem
for an organization”.
Note 4 to
entry: Understanding the infrastructure can help to define the context of
the organization.
Thus, this requirement indicates that this food safety policy should be appropriate to this context of
the organization, considering the internal and external issues, determined by the organization, that are relevant to its purpose and that affect its ability to achieve the expected
results of its food safety management system, as set out in ISO 22000 Sub-Clause
4.1. It should consider what the organization has determined in terms of the needs
and expectations of its interested parties, as set out in Sub-Clause 4.2. This policy should also consider the scope
of the FSMS, as established in Sub-clause 4.3, and also the characteristics of the FSMS itself, as established in Sub-clause 4.4 of this standard.
Requirement No. 54: Top management shall implement a food safety
policy that is appropriate to the purpose of the organization.
What this requirement tells us is that once top management has established the food safety policy, the very same top management should implement it. For this, I present
the definition of this term:
Based on this definition, we can understand
that top
management should apply, and ensure that it is applied throughout the organization, at all relevant levels
and functions, each of the elements (intentions and direction elements) that make up
said policy, and that they are
appropriate to the purpose of the organization.
Requirement No. 55: Top management shall implement a food safety
policy that is appropriate to the context of the organization.
With the previous requirement we already saw what the
term implement means. Based on this
definition, we can understand that top management should apply, and ensure
that it is applied throughout the organization, at all relevant levels
and functions, each of the elements (intentions and direction elements) that make up
said policy, and that they are
appropriate to the context of the organization.
Requirement No. 56: Top management shall maintain a food safety policy that is appropriate to the purpose of the organization.
What this requirement tells us is that once top management has established and implemented the food safety policy, the same top management should maintain it. For this, I present
the definition of this term:
This means that top management should preserve the food safety policy, in the face of any
adjustment that must be made, for any change that may exist in relation to the purpose of the organization, in order for this policy to keep its validity
over time, and remains applicable for all relevant functions and levels.
Requirement No. 57: Top management shall maintain a food safety policy that is appropriate to the context of the organization.
With the previous requirement we saw what the term maintain means. Based on this
definition, top
management should preserve the food safety policy for any change that may occur in relation to
the context of
the organization, in order for this policy to keep its validity over time, and remains applicable for all relevant
functions and levels.
Requirement No. 58: Top management shall establish a food safety
policy that provides a framework for setting the
objectives of the FSMS.
This requirement also refers to the establishment of the food safety policy by top management, as we saw previously with
the requirements with progressive numbering 52 and 53, but in particular this
one requires that the aforementioned policy provide a framework to
establish the objectives of the FSMS.
If you have read the ISO 22000:2018 standard, you may know that there
is a Clause 6 Planning, dedicated to this topic
of FSMS Planning. However, what we should
understand with this requirement No. 58 is that the food safety policy should establish the basis for that planning. The important point in relation to this is: How can we identify that framework,
within the policy, to establish the objectives for this system?
Remember that in developing and issuing management system standards, ISO has not been inventing
new things. This is no its function. ISO has been integrating
knowledge that for more than a hundred years has been developed in management
area, since the concepts of scientific management to date. The most valuable
thing about these standards is that they have identified some very valuable elements of administrative
process as requirements of standards for integrating a management system so that an organization which implements it is able to build
confidence in its performance.
It is considered that for an organization to establish its objectives (specific, or
quantifiable), within any productive system, it should be able to
count on some strategic elements as a framework.
We have already mentioned what the mission, vision and values are, as well as the
importance they have for identifying the purpose of the organization, that is, the
justification for the existence of the organization, what they intend to
achieve in the future, in a determined time and with what bases of behavior
accepted by the organization itself.
These elements are of a general type, basic
for any organization, and do not have to
refer to any particular management system. From this, the top management should break down this purpose and specify other
strategic elements, from general to particular, so that all corresponding
areas, functions and levels of the organization participate actively to
achieve this purpose.
After those three elements already mentioned (mission, vision and values), the next strategic
level is commonly known as general objectives. Top management should identify all the general objectives, or global intentions, that are necessary for
the organization to fulfill its purpose. As the name implies,
these objectives have a fairly broad
coverage and do not need to be quantifiable. They can refer to any relevant
item, such as productive areas of interest, investment and profit aspects, technological
focus, among others, but it is important that there is, at least, one of them
related to the food safety management system.
The next strategic level is known as policies, which are the
guidelines and direction elements that the organization establishes as general behavior
guides for all the organization's personnel.
With respect to this requirement of the standard, what is needed is that top management issues a documented
statement, which the standard calls the food safety
policy, which should be made up of all the general objectives (intentions) and all the policies (guidelines or direction elements) that guide the
entire organization towards where it is
going to advance and what is expected to be achieved in terms of food safety.
I understand that since the first version of
the ISO 9001
standard was developed, which was published in 1987, it was considered to use the
term global
intentions instead of general objectives, even though the concept
was the same, to avoid confusion between the different levels. of objectives (general or specific),
as well as using the term guidelines, and in the current version, direction, instead of policies, to leave this term as
an identification of the requirement and the statement for
the basic strategic element of these management systems based on standards.
Based on these elements that make up the food safety policy, the corresponding
planning areas will have the appropriate framework so that from each
identified intention or general objective in the aforementioned policy, all the objectives (specific) necessary to
meet that intention, can be displayed, so
that from each one of these objectives the planning of all the necessary
activities to meet it can be developed. If an organization achieve all its objectives following the
established guidelines, all the intentions are fulfilled (general objectives), and with that, will
achieve its purpose.
Requirement No. 59: Top management shall establish a food safety policy that provides a framework for reviewing the objectives of the FSMS.
Like the
previous requirement, this one also refers to the establishment of the food safety policy by top management, as we also saw previously in the requirements No. 52 and 53, but in particular this one requires that the said
policy provides a framework to review the objectives of the FSMS.
To meet this
requirement, the food safety policy should provide a framework that favors the review of the FSMS objectives.
For this, we should
take into consideration that all these strategic elements that have been
mentioned here, the mission, vision, values, intentions (general objectives) and direction (guidelines or policies) are timeless, or we could call them permanent, that is, they do not
have a date for its validity or compliance. That is why they should be reviewed at certain intervals, so that the organization can assess if each of these elements will be maintained as originally established, if it continues to be valuable, if it is
canceled or if it requires some modification, either to make it more or less
strict. The intentions and direction that make up the policy should
provide that framework to carry out
this review of the objectives of the FSMS.
Requirement No. 60: Top management shall implement a food safety
policy that provides a framework for setting
the objectives of the FSMS.
This requirement also refers to the implementation of the food safety policy by top management; as we also saw
previously in requirements
No. 54 and 55, but in particular this one
requires that when the
aforementioned policy is implemented, it provides an
appropriate framework to establish the FSMS objectives.
Requirement No. 61: Top management shall implement a food safety
policy that provides a framework for reviewing
the objectives of the FSMS.
This requirement also refers to the implementation of the food safety policy by top management, like the
previous one and as we also saw previously in requirements No. 54 and 55, but in this one it requires that when implemented the aforementioned policy, it provides
an appropriate framework to review the FSMS objectives. We have
already seen what the policy implementation and FSMS objectives´ revision mean.
Requirement No. 62: Top management shall maintain a food safety
policy that provides a framework for setting the
objectives of the FSMS.
This requirement also refers to maintaining the food safety policy by top management, as we also saw
previously in the requirements with numbers 56 and 57, but in particular this
requires that, when the aforementioned policy is maintained, it continues providing
an appropriate framework to establish the FSMS objectives.
Requirement No. 63: Top management shall maintain a food safety
policy that provides a framework for reviewing
the objectives of the FSMS.
This requirement also refers to the maintenance of the food safety policy by top management, like the previous one
and as we also saw previously in the requirements with numbers 56 and 57, but in this one it requires that when the said policy is maintained, it continues providing
an appropriate framework to review the FSMS objectives.
I will be grateful to the readers who upload
their doubts or comments about this analysis. In the next entry I will conclude
with the analysis of these requirements derived from Sub-clause 5.2.1 of the ISO 22000:2018 standard.
Author:
Ernesto Palomares Hilton
Comments
Post a Comment
Nombre:
País:
Comentarios: