One of the requirements for a food safety management system (FSMS) is for the organization to have a robust internal audit program. This aligns well with the concept of continuous improvement following the Plan-Do-Check-Act cycle of improvement.

Once an organization has developed its FSMS, the management system must be deployed and implemented. The only manner to verify that all the requirements have been implemented and verified as planned, all training is being delivered, understood and employees are following it correctly is by the development and implementation of a robust internal auditing program.

Developing the Audit Program
The organization will first need to identify hourly and management employees who are willing to learn how to become internal auditors. This team of interdisciplinary areas, will require special training on the following:

• The specific standard being audited

• Techniques and requirements for an internal auditor to follow and identify nonconformities

• How to write audit reports to identify compliance or non-conformance in a manner that clearly describe areas of concern and allows the organization to determine correct course of action to eliminate issues, improve processes and ensure food safety, quality and regulatory compliance

With practice, the team will become proficient in helping the organization to verify that food safety programs are implemented correctly, understood by employees and being followed, as required in procedures and work instructions. This is very important to assure that the organization is meeting the obligations sets as goals and running the food-safe operations.

What’s Required?
The internal audit process requires the following:

• The organization must develop an audit schedule and scope for the year that includes all requirements from management system standard used.

• The audit schedule must include all known food safety legal requirements for the facility so the internal audit team reviews how the organization is assuring compliance at all times.

• Audits will verify paperwork is being completed, as required by law.

• Audits must review how the organization remains aware of and implements new food safety requirements (e.g., The Food Safety Modernization Act) as they become regulation or law.

• By using independent internal auditors, the organization will find deficiencies prior to an outside assessment.

• By following the Plan-Do-Check-Act cycle of continuous improvement, any identified nonconformance can be rectified or mitigated, as required.

• Upon completion of improvement, the organization will send out an audit team to verify and validate the corrective action solved the nonconformance.

• Management is aware of nonconformance and signs off on any rectification. This allows management to determine what other steps are required to assure compliance at all times and look for methods to improve in other areas not part of initial audit scope.

Audit reports are used by management to determine the state of compliance for the organization. The audit reports and information learned are then used, in part, for the management review process. 

Roberto Bellavia is a senior consultant with nearly 20 years of experience working in the food industry as a quality assurance professional. He is currently a project manager for Kestrel’s food safety-related projects.