New protocol FSSC 22000 version 4
The protocol version 4, what exactly?
The FSSC 22000 certification is managed by a protocol published by the FSSC Foundation, which defines the different requirements applicable to certified companies, certification bodies and accreditation services. This protocol has evolved towards version 4 in order to be in line with the requirements of the GFSI (Global Food Safety Initiative). FSSC certification is still based on ISO 22000 and the PRP standard. (Ex ISO TS 22002-1) (Food Manufacturing).
What are the changes that will affect our company?
The main changes to consider are:
The implementation of new requirements for the establishment of a Food Fraud and Food Defense systems.
- Mandatory conduct of at least one of the unannounced surveillance audits.
- Increasing the duration of audits with an average 4 – 8 hours per year and per site.
- A change in the definition of non-conformities, with the appearance of critical non-conformity and the disappearance of the notion of "remark" or "recommendation". The definitions of major and minor non-conformities remain unchanged.
When will these changes become mandatory?
The version 4 protocol is applicable from 1st January 2018. This means that all the audits that will be carried out in 2018 will have to be done according to the new requirements.
However, you can choose to "upgrade" your current certification to version 4, starting in October 2017.
My next audit, which is planned in 2018, is a surveillance audit, Should we do a re-certification for version 4?
If the 2018 audit is a surveillance audit (year 1 or 2), there is no requirement to recertify, but simply to perform the surveillance audit on dates agreed with your auditor, adding a few hours - more generally from 4 to 8 hours in order to audit the new requirements of V4. This audit will be called an "upgrade audit". You will receive a new contract demonstrating the additional time which will be valid for the balance of the initial certification cycle. Following this audit, if certification is maintained, ProCert will issue a new FSSC V4 certificate, with the same expiration dates as your current version 3 certificate.
We would like to obtain FSSC certification in 2017, do we have to apply the requirements of FSSC v4 ?
It is entirely possible to grant FSSC version 3 certification until 31 December 2017. In this case the audit phase 2 or the recertification audit must take place before 15 November 2017. The migration to the version 4 will then be carried out in 2018 during the surveillance audit.
Do not hesitate to contact your Market Manager for an offer in this regard.
If the action plan has not yet been closed in a non-advertised monitoring audit, what happens?
The auditor will be able to renew the non-conformities still open in minor or major depending on the causes. We recommend that you close them within 6 months after the audit.
We are already FSSC certified, and our surveillance audit is planned for 2018, will it be conducted in unexpected?
No, in this case, your surveillance audit will be an "upgrade" audit, it will be conducted normally according to the scheduled dates.
However, if the audit of 2019 is also a surveillance audit, it will in this case be conducted an unannounced audit in accordance with the requirements of protocol version 4.
We have a (re)certification audit planned in 2018, what is the process to follow?
Your (re)certification audit will be conducted according to version 4 and new contract will be established with the new auditing durations. The 2018 audit will be planned and announced as usual but at least one of the monitoring audits in 2019 and / or 2020 will have to be carried out unannounced.
In general, can we continue to combine FSSC V4 audits with other types of audits, such as ISO 9001, ISO 14001, BRC or IFS?
Completely. The FSSC audits according to version 4 can be combined as usual, while respecting the specifications and requirements of the FSSC protocol. So these ISO type audits will be conducted as unannounced audits. This question must be still clarified before a new certification contract.
We have subscribed to the "unannounced" option of the IFS and BRC audits, can they be combined with the FSSC V4 audits?
FSSC surveillance audits can be combined with an IFS and / or BRC audit, but recertification audits will always be announced and therefore can not be combined with an unannounced audit. Here is an example of a certification cycle:
- 2018: Two different audits; An announced FSSC recertification audit and another IFS and / or BRC unannounced audit.
- 2019 and 2020, one audit per year, combined FSSC / IFS/BRC unannounced audit.
We have several manufacturing sites and a headquarters that manages the central processes, how will the unannounced audits be organized?
The head office that manages central functions or processes will always be audited normally, with an announced and planned audit. The production sites will have unannounced audits as required by the FSSC V4 protocol. It is recommended that the head office audit be carried out first.