Once the risks involved with the supply of materials are known, the assessment of the supplier can take place.
Assessing and approving suppliers is a requirement of the following sections of the standards:
| BRCGS Food Safety Issue 9 | 3.5.1.2 Supplier approval and monitoring system 3.5.1.6 Supply chain traceability 9.2.2, 9.2.3, 9.2.4 Supplier approval and monitoring system; traded products 9.4.3 Status verification of products |
| BRCGS Packaging Issue 6 | 3.7.2 Acceptable methods of supplier approval 3.7.5 Supply chain traceability 3.9.5 Traceability of outsourced processes 7.1.2 Supplier approval and monitoring system; traded products |
| BRCGS Agents & Brokers Issue 3 | 4.1.2 Manufacturer approval and monitoring system 3.7.4 Traceability throughout the supply chain |
| BRCGS Storage & Distribution Issue 4 | 10.2.1.1, 10.2.1.2 Supplier approval; branded products 10.3.1.2 Supplier approval; own-label 12.6.1 Approval and monitoring of distribution suppliers |
| FSSC22000 Version 5.1 | ISO 8.2.4f Supplier approval and assurance processes |
| IFS Food Version 7 | 4.4.8 Supplier approval |
| SQF Edition 9 | 2.3.3.2,I, ii, 2.3.4.6 Risk-based supplier assessment |
| FSMA Preventive controls for human food (Final 2015) | Subpart G – Supply-chain program |
Where suppliers are deemed to be low risk through the risk assessment, at least one of the following assessment methods must be used:
Where suppliers are deemed to be not low-risk through risk assessment, at least one of the following assessment methods must be used:
When assessing suppliers using supplier assessment questionnaires, third-party audits, and supplier audits, the following must be reviewed as a minimum:
Where a material has a claim, the assessment process must also verify this claim.
Where a supplier is assessed using only a supplier assessment questionnaire, the supplier’s traceability system must be proven prior to approval, using a traceability test.
The traceability test must be repeated at least every 3 years.
Where multiple materials or products are supplied from the same supplier and from the same processing site, only one test is required every 3 years.
Where supplier questionnaires are used for a number of processing sites, a traceability test is required for each site and they shouldn’t be completed all at the same time, but rather programmed so that they are spread evenly over the 3 years.
The questionnaire must be reviewed by a demonstrably competent person.
The supplier must be notified to communicate any significant changes in the information supplied in the questionnaire.
Supplier audits must be carried out by an experienced and demonstrably competent product safety auditor.
The auditor must provide the supplier with a report of any identified non-conformances. An action plan must be agreed with timescales for completion.
When using a GFSI recognised certificate to assess a supplier, the following conditions must be met:
Where a non-GFSI certificate is used to assess a supplier, the audit report must be checked against the assessment criteria.
The product safety plan of outsourced processors must be reviewed as part of the approval process by a competent person, to ensure that all the relevant hazards are covered. The processors assessment of authenticity, legality and quality must also be included. Records of the review must be kept.
Product defence is now included in the minimum supplier assessment criteria.
Where a supplier audit is used to assess a supplier, any non-conformances raised must now be managed through to completion.
Where an agent or broker has been assessed using an SAQ only, the traceability test must be completed in conjunction with their supplier – as it’s the processors traceability you’re trying to prove, not that of the agent or broker.
This article is an overview of the subject of assessing and approving suppliers. If you’re looking to gain in-depth knowledge on this subject, we’d recommend you purchase our series of eLearning courses.
