Risk assessment and, more specifically, food safety risk assessment approaches such as hazard analysis critical control point (HACCP) have been used in food manufacturing for over 50 years. Food crime risk assessment (FCRA), however, is a much newer phenomenon and many food manufacturers are developing their own risk assessment approaches and associated food integrity management systems (FIMSs). The mechanisms for FCRA are outlined in this chapter along with how the use of risk management tools to determine organisational vulnerability can then inform appropriate countermeasures and security controls to protect food integrity.
6.1 BS EN ISO 31000:2009 Risk management – Principles and guidelines is an international standard for risk management processes and the contents are of value for manufacturers in terms of all aspects of risk assessment. The standard BS EN ISO 31000:2009 provides within the standard principles a framework and a process for managing risk. Risk assessment is influenced by the quality of knowledge and information available on which to base any given risk assessment and also the degree of certainty (or uncertainty) on whether any given event, consequence or likelihood can be adequately determined. BS EN ISO 31000:2009 provides a hierarchy of how risk should be dealt with:
An understanding of the types of food criminal and their motivations is crucial when undertaking a formal FCRA and then when developing a FIMS. The PAS 96:2017 Guide to protecting and defending food and drink from deliberate attack has its own typology of food criminals and other typologies have been developed too (see 5.7).
6.2 Food manufacturers, as part of their FCRA process, must firstly identify the individual food products that they procure, supply and/or produce which fall into the category of foods that are vulnerable to food crime (see 5.3). Vulnerabilities are the weak points or gaps in the formal management systems, or on the manufacturing site itself, that can be identified by perpetrators where their intentional action to mislead, misinform and/or undertake illegal activity can lead to a realisable threat (see 5.6). These vulnerabilities or weak areas within manufacturing operations or in the wider supply chain are often termed hotspots. Vulnerability risk assessment is the process that determines the weaknesses or exposed elements of a manufacturing organisation or supply chain where illicit activity can take place in order to determine how susceptible the system is to that potential threat and to mitigate such weaknesses where they are identified so appropriate action can be taken to reduce risk. Vulnerability will be reduced if there is a high level of deterrence and this will depend on the security measures and types of countermeasures that are in place (see Chapter 7). Vulnerability risk assessment tools can be applied at national, supply chain and individual business levels and these are now explored in this chapter.
6.3 PAS 96: 20171 differentiates between accidental contamination of food, which is addressed by HACCP plans (see Chapter 3), and intentional contamination. A threat is defined by PAS 96:2017 Guide to protecting and defending food and drink from deliberate attack as ‘something that can cause loss or harm, which arises from the ill‐intent of people’. PAS 96:2017 identifies generic threats to food and drink including economically motivated adulteration, malicious contamination with toxic materials causing ill‐health and even death, sabotage of the supply chain, leading to food shortage, and misuse of food and drink materials for terrorist or criminal purposes. Threat analysis critical control point (TACCP), as outlined in PAS 96:2017, is a risk management methodology that aligns with HACCP but focuses on deliberate or intentional acts that affect the integrity of food products themselves and the wider food supply chain. PAS 96:2017 describes TACCP as a ‘systematic management of risk through the evaluation of threats, identification of vulnerabilities, and implementation of controls to materials and products, purchasing, processes, premises, distribution networks and business systems by a knowledgeable and trusted team with the authority to implement changes to procedures’. TACCP aims to:
For the manufacturer and in comparison with HACCP, PAS 96:2017 states that TACCP should be a team approach that follows 15 specific steps:
The term horizon scanning is increasingly being used to consider the supply chain and a given food operation’s food crime vulnerability and the countermeasures that need to be introduced to ensure effective control. Horizon scanning is systematic in nature and considers the existing information, evidence or intelligence available about products, processes and the wider supply chain as well as socio‐economic factors that could influence future trends and scenarios with regard to food crime. Effective horizon scanning considers evidence from this range of sources in order to effectively map potential threats and vulnerabilities and then identify the potential for their occurrence and the means for their control. Horizon scanning is not an on–off exercise. Horizon scanning needs to be a dynamic management approach that can react to changes in the supply chain, with products and ingredients, and within the manufacturing operation itself. It is important to have formalised mechanisms for updating horizon scanning assessments if the evidence base changes in the future and as a result the ranking for a given threat and associated risk changes.
6.4 There are a number of methods that have been developed to determine vulnerability as part of a horizon scanning process. These include emerging risk determination, global chain analysis and incident classification matrices.
Emerging risk determination is a systematic approach that uses a protocol, intelligence strategy and expert knowledge to detect emerging risk utilising a set of questions namely:2,3
What is typical? Identify and characterise the current status within the food chain to form a baseline.
What is exceptional? Use available intelligence to monitor movements against the baseline and identify variance.
How do we prevent recurrence? Determine root causes of reoccurring issues so corrective action is targeted and effective.
What don’t we know? Analyse global food chains and identify vulnerabilities that could lead to future threats.
Global chain analysis (GCA) determines vulnerability and the risk of illicit behaviour at the stages in the food supply chain where food crime could occur.
Incident classification matrices take a risk assessment approach to determine whether a given food crime incident is classified as low, medium or high risk.4 The method uses a scoring system based on the criteria of severity (health effects, consumers affected, risk assessment, perceived risk by consumers and the media) and complexity (number of reports, number of products, number of agencies involved, traceability).
These three models operate at the supply chain level as opposed to the organisational level, but a number of risk assessment approaches use a matrix approach at the level of the manufacturing unit.
6.5 The United States (US) Food and Drug Administration (FDA) distinguished between national risk assessment models and supply chain or organisational food defence models.5 The model that was developed considers vulnerability specifically with regard to intentional ideological contamination. In the US, the CARVER + Shock method was adopted, where the acronym CARVER stands for:
Risk is determined via a weighted score‐based approach. The FDA and the US Department of Agriculture (USDA) adapted the CARVER + Shock approach to develop facility or process level food defence vulnerability assessment using a vulnerability assessment software (VAS) tool to develop a focused food defence plan for the given operation. In so doing, the VAS tool combined existing FDA tools, resources and guidance to reduce the risk of intentional food contamination. In May 2016, the FSA introduced a further iteration, the Food Defense Plan Builder, a software programme designed to assist food manufacturers to develop personalised food defence plans. This software is available online and includes vulnerability assessment, and the development of a mitigation strategy and associated action plan. It should be noted that a food defence plan is only one aspect of wider controls to mitigate for food crime.
6.6 Decision tools such as vulnerability assessment critical control point (VACCP) and the TACCP approach have been developed based on hazard analysis critical control point (HACCP) principles. There are multiple explanations of how VACCP and TACCP are differentiated from each other in industry texts and standards, and at the time of this new edition of the Guide being written there is no clear focus as to a definitive approach. The aim of this chapter is not to develop a specific critique of this nature, but to explain that many private certification standards, such as the British Retail Consortium (BRC) Global Food Standard (Version 7), require a manufacturer to undertake a vulnerability risk assessment and consider all food raw materials or groups of raw materials at risk of adulteration and substitution (see 5.2 for definitions). This is a much narrower scope than the wider vulnerability risk assessment approaches outlined in this chapter. In this context the BRC Standard (Version 7) describes adulteration as the ‘addition of an undeclared material into a food item for economic gain’. The Standard outlines that the following factors need to be taken into account:
6.7 Vulnerability risk assessment and ranking or prioritisation of risks is not a static process. The vulnerability risk assessment needs to be reviewed formally if there is no non‐compliance on a minimum annual basis. Reactive review is also essential. Reactive review of the vulnerability risk assessment can arise from intelligence concerning a particular new, emerging or existing threat or a breakdown in security measures in the supply chain, identification of increased vulnerability after verification activities such as an audit that countermeasures and other controls are not effective or the need to purchase raw materials from an alternative source with no supplier history. All reviews should be recorded and any necessary action taken as a result.
6.8 All FCRA documents should form part of the controlled documents system defined by the manufacturing system. These documents should be reviewed at designated intervals to ensure their currency and also in the event of an incident.
3.146.37.250