RQA’s “Food Defence Assessment” is designed to help you comply with retailer standards and your own business requirements on food defence.
The one-day assessment will identify any gaps you may have in your systems and facilities. The RQA consultant will provide advice to improve your food defence capability. A report is provided following the visit including detailed section scores, recommendations and expert guidance on further developments. You will also receive a certificate to demonstrate your commitment to ongoing improvements in Food Defence. Full compliance with the requirements in this assessment would be considered as best practice.
It has been developed in consideration of:
- PAS 96:2014 (Defending Food and Drink)
- US FDA / CFSAN (US, Food & Drug Administration / Centre for Foods Safety & Applied Nutrition, Food Security Preventative Measures Guidance),
- US FDA/CFSAN Food Defense Mitigation Strategies Database
- FSIS Security Guidelines (US Foods Safety & Inspection Service Guidance),
- HACCP System Guidelines
- BRC, IFS and other customer requirements
- RQA expertise
- Industry best practices
The one day Food Defence Assessment includes the following key sections:
1. Food defence plan
2. TACCP, Vulnerability Assessment and food fraud controls
3. External security
4. Internal security
5. Personnel management
6. Laboratory controls
7. Chemical controls
8. Water, ice, utilities
9. Foreign material control
10. Processing and label control
11. Packaging, warehousing and distribution
12. Recall & traceability
Food Defence Site Security Penetration Test
Significant time, money and effort is spent developing your Food Defence policies and procedures to ensure the manufacture of safe, quality food products; all this is rendered useless if criminals, terrorists, activists or “fixated individuals” can gain access and contaminate or steal your products due to ineffective security measures; posing safety threats to your staff at the same time.
RQA security specialists can put your food defence plans to the test and attempt to gain access to agreed areas of your food manufacturing or processing facility and achieve pre-defined assignment objectives:
- Assignment objectives: Agreement with the client regarding parameters, aims and objectives. Typical objectives include:
- Gain access to production line and plant a ‘flag’
- Gain access to raw material/ingredient store
- Gain access to board room or server room
- Gain access to building roof
- Gain access to staff restaurant
- Plant “dummy device”
- Pre-Deployment: Web-based research into the company, the site and its surrounding area will be carried out.
- Surveillance: The team (usually 2 or 3 people) will proceed to site and carry out external surveillance of entry/exit activity, shift changes, perimeter, access control etc. Identify gaps in physical security and opportunities for security breach. Surveillance is usually split across shift changes.
- Penetration: The team will attempt to enter the site by exploiting gaps identified in the surveillance phase and leave evidence of their presence (plant a flag) or take photographs to prove where they gained access to. Operatives will be compliant and carry agreed proof of identity in case of detection. Other members of the team will remain external to the site for support and back-up.
- Reporting: Following the penetration, a report will be prepared that will identify security gaps in relation to prevention of unwanted breach. Other security-related risks may also be identified with recommendations highlighted in order of priority. Where requested / possible photographs will be included in the report.
NOTE: This service will be agreed in advance with a senior manager at the client and the RQA security specialists will always carry a letter from a senior manager explaining their reason for being on site and providing contact details for the senior manager.
For more information on testing your physical site security click here.