Food Defence, TACCP and VACCP

RQA has been providing food defence training and consulting services for over 10 years. We can train your team in food defence, TACCP and vulnerability assessment. We can assist you in developing your food defence plan and carry out a food defence assessment.

BRC 8 Site Security and Food Defence definition: “Systems shall protect products, premises and brands from malicious actions while under the control of the site.” 

Whether the threat is from internal malicious contamination or from a third party with a grievance or the adulterated supply of ingredients, it is all addressed by an effective food defence plan. Food defence covers vulnerabilities throughout the entire supply chain; it is not just about site security. RQA offers a comprehensive modular approach to working with clients in the very important area of food defence, see below for more details on these services.

Food Defence, TACCP & VACCP Training

RQA can offer you a customised Food Defence, training including TACCP and Vulnerability Assessment as required by BRC and other major retailers and food manufacturers. Click below to find out more about the course content.

Development of your Threat Assessment and Food Defence Plan

An RQA consultant will work with you to develop your threat assessment and food defence plan. This will typically follow the following format:

Meeting to discuss the following:

  • Company business, supply chain and perceived threats
  • Identification of the Food Defence Team
  • Discussion on key roles and responsibilities
  • Outline of the TACCP (threat assessment) approach and how it can be applied to your business
  • Agreement on next steps

Following the meeting, RQA can work with a key client contact to develop the TACCP threat assessment and then develop a draft Food Defence plan after further phone / email contact. The draft food defence plan is submitted to the client for review and finalisation.

Development of your Vulnerability Assessment

Our consultant will spend the day with you to go through the development of your vulnerability assessment as per BRC 5.4.2. We will focus on your supply chain and the risks to your raw materials, ingredients and packaging. This will specifically include food fraud for economic gain.

The assessment considers:

  • History of certain products being adulterated
  • Potential risk to consumers health
  • Ease in which adulteration might occur
  • Risk from the country of origin
  • Likelihood that current test and inspection methods would detect the contamination

Food Defence Assessment – On-site

RQA’s “Food Defence Assessment” is designed to help you comply with retailer standards and your own business requirements on food defence. This one-day assessment on your site will identify any gaps you may have in your systems and facilities. The RQA consultant will provide advice to improve your food defence capability. A report is provided following the visit including detailed section scores, recommendations and expert guidance on further developments. You will also receive a certificate to demonstrate your commitment to ongoing improvements in Food Defence. Full compliance with the requirements in this assessment would be considered as best practice.

It has been developed in consideration of:

  • PAS 96:2014 (Defending Food and Drink)
  • US FDA / CFSAN (US, Food & Drug Administration / Centre for Foods Safety & Applied Nutrition, Food Security Preventative Measures Guidance),
  • US FDA/CFSAN Food Defense Mitigation Strategies Database
  • FSIS Security Guidelines (US Foods Safety & Inspection Service Guidance),
  • HACCP System Guidelines
  • BRC, IFS and other customer requirements
  • RQA expertise
  • Industry best practices

The one day Food Defence Assessment includes the following key sections:
1. Food defence plan
2. TACCP, Vulnerability Assessment and food fraud controls
3. External security
4. Internal security
5. Personnel management
6. Laboratory controls
7. Chemical controls
8. Water, ice, utilities
9. Foreign material control
10. Processing and label control
11. Packaging, warehousing and distribution
12. Recall & traceability

Food Defence Site Security Penetration Test

Significant time, money and effort is spent developing your Food Defence policies and procedures to ensure the manufacture of safe, quality food products; all this is rendered useless if criminals, terrorists, activists or “fixated individuals” can gain access and contaminate or steal your products due to ineffective security measures; posing safety threats to your staff at the same time.

RQA security specialists can put your food defence plans to the test and attempt to gain access to agreed areas of your food manufacturing or processing facility and achieve pre-defined assignment objectives:

  1. Assignment objectives: Agreement with the client regarding parameters, aims and objectives. Typical objectives include:
    1. Gain access to production line and plant a ‘flag’
    2. Gain access to raw material/ingredient store
    3. Gain access to board room or server room
    4. Gain access to building roof
    5. Gain access to staff restaurant
    6. Plant “dummy device”
  2. Pre-Deployment: Web-based research into the company, the site and its surrounding area will be carried out.
  3. Surveillance: The team (usually 2 or 3 people) will proceed to site and carry out external surveillance of entry/exit activity, shift changes, perimeter, access control etc. Identify gaps in physical security and opportunities for security breach.  Surveillance is usually split across shift changes.
  4. Penetration: The team will attempt to enter the site by exploiting gaps identified in the surveillance phase and leave evidence of their presence (plant a flag) or take photographs to prove where they gained access to. Operatives will be compliant and carry agreed proof of identity in case of detection.  Other members of the team will remain external to the site for support and back-up.
  5. Reporting: Following the penetration, a report will be prepared that will identify security gaps in relation to prevention of unwanted breach. Other security-related risks may also be identified with recommendations highlighted in order of priority.  Where requested / possible photographs will be included in the report.

NOTE: This service will be agreed in advance with a senior manager at the client and the RQA security specialists will always carry a letter from a senior manager explaining their reason for being on site and providing contact details for the senior manager.

For more information on testing your physical site security click here

Food defence training and consulting services, TACCP and vulnerability.