Before food can be imported into the U.S., it is subject to FDA inspection. These inspections are intended to ensure food imports are safe, sanitary, and properly labeled. While important in maintaining food safety, this process can be long and onerous. The Voluntary Qualified Importer Program (VQIP) was created by FDA to expedite this process.
What Is VQIP?
In essence, VQIP acts as the “TSA line” for food into the U.S. The voluntary program allows foreign suppliers to get expedited entry for their food products into the U.S., provided importers meet all eligibility criteria, including offering food from a facility certified under FDA’s accredited third-party program (see below).
Why Is VQIP Important?
There are a number of reasons a U.S. importer might choose to participate in VQIP, including the following:
- Enables expedited entry into the U.S. for all foods included in an approved application.
- Limits examination and/or sampling to “for cause” situations in which there is a potential threat to public health; any sampling or examination is done at destination or another location chosen by the importer and laboratory analysis of any samples is expedited.
- Provides assurance that a foreign supplier complies to FSMA rules, avoiding the need to further assess the supplier.
- Incentivizes importers to adopt a robust system of supply chain management.
- Moves any perishable or short shelf-life product through the border quickly.
For foreign suppliers, there are also several benefits:
- Reduces the extra work of proving status as it relates to compliance to FSMA rules.
- Opens doors to new clients by making it easier for a U.S. importer to choose certified products versus a non-certified competitor.
Beyond that, VQIP further benefits public health by allowing FDA to focus its resources on food entries that pose a higher risk to public health.
What Are the Eligibility Requirements?
A company must be a food importer to participate in VQIP (i.e., a person/entity that brings food or causes food to be brought from a foreign country into the U.S.). In addition, the following criteria must be met on the importer and the foreign supplier sides:
- Have 3+ years history of importing food to the U.S.
- Have a Dun & Bradstreet Data Universal Number System (DUNS) number (used as a unique identifier number)
- Use paperless filers/brokers who have received acceptable results during their last FDA Filer Evaluation
- Do not have any food you import subject to detention under an Import Alert or Class 1 recall
- Do not have any ongoing FDA administrative or judicial action, or other history of non-compliance with food safety regulations by the importer, other entities in the supply chain, or food
- Are in compliance with supplier verification and other importer responsibilities under the applicable FSVP or HACCP (i.e., juice, seafood) regulations
- Have not been the subject of any CBP penalties, forfeitures, or sanctions related to the safety or security of any FDA-regulated product imported or offered for import
- Have current facility certification, including farms, issued under FDA’s Accredited Third-Party Certification regulations for each foreign supplier of food in VQIP (see below)
- Develop and implement a Quality Assurance Program (QAP) (see below)
What Is Foreign Supplier Facility Certification?
VQIP is regulated by the FSMA rule on Accredited Third-Party Certification. This is a voluntary, fee-based program for the recognition of third-party auditors to conduct food safety audits and issue certifications of foreign sites and the foods they produce. An accredited third-party can perform audits against the Food, Drug and Cosmetics (FD&C) Act and other FDA applicable regulations, and issue a certificate attesting compliance.
Foreign suppliers must have a facility certification, which would be issued following a regulatory audit conducted by an accredited third-party certification body. This audit attests that the foreign supplier complies with applicable food safety requirements of the FD&C Act and FDA regulations. Note that certifications are not required for Foreign Supplier Verification Program (FSVP) and Preventive Controls rules.
What Is Included in the QAP?
According to the FDA, the VQIP QAP includes all the written policies and procedures the facility will use to ensure adequate control over the safety and security of foods being imported. The QAP should include the following information:
- Corporate quality policy statement relating to food safety and security throughout the supply chain
- Organizational structure, as well as functional responsibilities for those implementing the VQIP QAP
- Food safety policies and procedures to be implemented to ensure food safety from source to entry into the U.S.
- Food defense policies and procedures to ensure compliance with FDA’s intentional adulteration regulation
- Qualification requirements for employees responsible for implementing the VQIP QAP (e.g., knowledge of regulations, understanding of the QAP)
- Procedures for implementing your VQIP QAP
- Procedures for establishing and maintaining records regarding the structure, processes, procedures and implementation of the QAP
How Do I Become Part of VQIP?
Importers must apply between January 1 and May 31 annually to be considered for VQIP. The VQIP fiscal year/benefit period is between October 1 and September 30, following application approval. Participants must submit an application every year; however, you may use data from the previous year’s application.
FDA will conduct a VQIP inspection to verify that you meet all eligibility criteria and have fully implemented food safety and food safety defense systems, as established in your QAP. FDA may also:
- Conduct an FSVP inspection
- Request a copy of food labels for those foods included in the application
- Ask you to submit supporting documentation (e.g., hazard analysis, lab results, food labels)
Additional information on VQIP and the application process can be found on the FDA website.
The ultimate responsibility for food safety lies with food service providers and their ability to develop and maintain effective food safety management systems. Currently, there is a shift in the emphasis of hazard analysis and preventive controls related to both Process Safety Management (PSM) and Hazard Analysis and Critical Control Points (HACCP). This is of particular concern for the food industry, where many regulations include both EHS and food safety requirements.
Many food operations fall under both PSM and HACCP requirements. In general, PSM is bulk chemical-centric for food operations, while HACCP is food safety risk-centric for maintaining food purity. (Common chemicals subject to both include anhydrous ammonia for cooling and chlorine for sanitation of product and processes. In addition, many large food processing types include process aids at levels under PSM.)
Changing regulations and the increased emphasis on hazard analysis require the food industry to develop well-documented and managed programs that address both PSM and HACCP using common approaches:
- Better use of organizational resources
- Standard programs
- Training efficiency and effectiveness
- Shared knowledge and approaches
- More effective and aligned hazard analysis management
PSM is a key risk management practice that must be implemented for qualifying plants. PSM is covered in the recent Executive Order focused on modernization of high-risk sites and, as a result, is under greater scrutiny with regulator focus and recent events. While PSM is a highly visible requirement, it is currently not widely inspected and reviewed—though that may be changing. PSM generally entails a more event-driven inspection by interested parties other than the company. As a growing area of focus and concern, PSM will require plants to reassess and, potentially, update systems and operations to meet requirements.
HACCP, on the other hand, is widely implemented for food processing and is expanding with high visibility. HACCP is the historic requirement providing the accepted food safety plan for some food industries. HACCP is rapidly being advanced with FSMA and GFSI-level requirements, but requirements have not been fully established based on FSMA rulemaking. The complexity of programs is rapidly increasing, while the level of food industry sectors is expanding to include all food contact, packaging, GRAS, and distribution and transportation companies.
Hazard Analysis Methods
The hazard analysis methods under PSM and HACCP are similar but different:
- Process Hazard Analysis (PHA) is associated with high-risk chemicals or materials, and is required for compliance with PSM. A PHA is designed to protect people and the environment from specific hazards. PHA methods vary based on an organization’s determination of the best method for their situation. These methods are directed to the overall process and operating condition by the process step. PHA focuses largely on equipment, instrumentation, utilities, human actions, and external factors that might impact the process. It involves an organized, systematic analysis of potential hazards to improve safety and reduce the potential consequences of those hazards.
- Hazard Analysis and Preventive Control (HAPC) is associated with food safety risk under Hazard Analysis and Risk-based Preventive Controls (HARPC) and is an aspect of HACCP. HAPC is a growing regulatory compliance requirement related to food safety plans (FDA and USDA) that focuses on process, equipment, contamination, procedures, and control points. HAPC involves an organized and systematic analysis of potential risks to food and food materials to improve the purity of food during processing/handling by reducing contamination.
PHA and HAPC are required for facilities, as determined by the regulations, and include the following common requirements:
- Develop preventive control plan
- Perform hazard analysis for foreseeable hazards (written)
- Conduct “what-if” scenarios, rating, and ranking
- Identify and implement preventive controls, as well as intentional hazards and controls
Under both PSM and HACCP, all plans and records may be subject to inspections. Failures to act may be interpreted as willful non-conformance or probable cause for expanded inspection.
Companies subject to PSM and HACCP need to consider other related regulatory requirements, as well. This relationship in itself is key under GFSI.
- Maintain evidence
- Conduct development programs and hazard analysis adequately
- Establish programs to ensure preventive controls
- Conduct training
- Validate and verify programs, completed forms
- Record all key information relevant periods
- PSM-level inspections can be part of incident follow-up or planned OSHA or NEP inspections; there is state registering of PSM inspections.
- HACCP will be part of mandatory FDA inspections, by any qualified agency to FSMA, and required under GFSI; customers may also require HACCP as part of their supplier programs.
- Cleanup and Catch-up
- Monitor effectiveness
- Establish corrective actions
- Verify programs and preventive controls
- Monitor and support SOPs/GMPs
- Diligently follow and record Management of Change (MOC)
In addition, hazardous materials and communication are key for both EHS and FDA, as well as areas like air quality, water quality, sanitation, and blood borne pathogen/bodily fluids.
The Right Resources
A higher level of compliance requires plans to be reassessed and, subsequently, the resources to reassess them. For many, once programs are developed, they are put into “maintain” mode. Historical knowledge isn’t captured or is lost to turnover.
Beyond that, PSM and HACCP both require that “qualified individuals” develop and manage these systems. Qualified individuals include a designated lead with certain experience and qualifications, as outlined in the requirements. Availability of resources is almost always an issue, as maintaining systems with just one person is very difficult, especially given organizational change.
Keeping qualified resources at the proper certification is difficult. New employees are now typically required to provide both oversight and operational capability. The mix of education, work experience, and certification are all important. The growing approach is to maintain teams with alternates to supplement the leads and to provide coverage for all situations, including daily/weekly schedules. This is an area that must be continually monitored and subjected to corrective action.
The following tips will help to effectively align PSM and HACCP programs and strategies, and provide for efficient compliance with both regulatory programs:
- Establish plans to assess existing programs
- Apply continuous improvement (Plan-Do-Check-Act)
- Take inventory of qualified resources
- Align qualified personnel to PSM and HACCP teams
- Use a sub-team approach to ensure the necessary level of participation and backup
- Maintain multi-year strategy, planning, and training
- Establish a cleanup and catch-up approach for hazard analysis activities to move forward
- Use continuous improvement to maintain validated and verified programs
The Global Food Safety Initiative (GFSI) relies on a number of benchmarked schemes to establish food safety requirements; all are designed to ensure the quality and safety of a company’s products. In order to become certified to one of these GFSI-recognized schemes, a company must undergo a third-party audit by a certified auditor. Kestrel’s experience conducting these audits has revealed that companies who successfully achieve certification demonstrate a number of common attributes—regardless of their chosen scheme:
- Corrective and preventive actions are up-to-date and current.
- Continuous improvement/root cause analysis process is in place to make ongoing improvements and to ensure final resolutions to all out-of-control issues or non-conformances to the Food Safety Program.
- Premises, facility, and building programs are established and operating, including controls, signage, direction, job training, and physical evidence of a fully implemented Food Safety Program.
- Preventive maintenance system links scheduled maintenance to Hazard Analysis & Critical Control Points (HACCP) critical equipment monitoring requirements.
- Approved materials and process specifications are managed and controlled.
- Product identification and traceability processes are in place, including complete records detailing all activities for the production of food product.
- Document management and control program is updated, validated, and maintained. Developing program management systems helps ensure compliance with document management and control.
- Food safety program updates and management are completed through annual and multi-year planning for maintaining the Food Safety Program, including management of change, management review, approvals, and internal audit.
- Records and verification management systems provide access to supporting data, as determined by FDA/FSMA and company programs.
- Data management of food safety records outlines processes for assuring prompt or immediate access to critical records, as needed, for audit, compliance, or regulatory purposes.
A management system is the organizing framework that enables companies to achieve and sustain their operational and business objectives through a process of continuous improvement. A management system is designed to identify and manage risks—safety, environmental, quality, business continuity, food safety (and many others)—through an organized set of policies, procedures, practices, and resources that guide the enterprise and its activities to maximize business value.
The management system addresses:
- What is done and why
- How it is done and by whom
- How well it is being done
- How it is maintained and reviewed
- How it can be improved
Creating an Effective and Valuable Management System
Each company’s management system reflects its unique culture, vision, and values. To be effective and valuable, the management system must be tailored and focused on how it can enhance the business performance of the organization. It must also be:
- Useful to people in the operations
- Intuitive—organized the way operations people think
- Flexible—making use of methods and tools as they are developed and documented
- Valuable from the outset—addressing the most critical risks and processes
- Linked to the business of the business (not “pasted on”), with ownership at the operational level
- A means to better align operational quality, safety, and environment with the business
Attributes of an effective management system are senior management expectations and guidance coupled with employee engagement. Importantly, a management system involves a continual cycle of planning, implementing, reviewing, and improving the way in which safety, quality, and environmental obligations and objectives are met. In its simplest form, this involves implementing the Plan, Do, Check, Act/Adjust (P-D-C-A) cycle for continuous improvement.
Auditing for Ongoing Compliance
The connection between management systems and compliance is vital in avoiding recurring compliance issues and in reducing variation in compliance performance. In fact, reliable and effective regulatory compliance is commonly an outcome of consistent and reliable implementation of a management system.
Conducting periodic audits is a practical way to test a management system’s implementation maturity and effectiveness. One of the many advantages of audits is that they help identify gaps so that corrective/preventive actions can be put into place and then sustained and improved through the management system.
Audits also help companies with continuous improvement initiatives; properly developed audit programs help measure results over time. To achieve best value, audits should emphasize finding patterns that can yield opportunities for learning and continual improvement, rather than “gotchas” for exceptions that are discovered.
Management System Standards
Several options are available for structuring management systems, whether they are certified by third-party registrars and auditors, self-certified, or used as internal guidance and for potential certification readiness.
The International Organization for Standardization (ISO) standards are some of the most commonly applied. The ISO standards for quality (ISO 9001), environment (ISO 14001), health & safety (ISO 45001), business continuity (ISO 22301), and food safety (FSSC 22000) have consistent elements, allowing organizations to more easily align their various management systems. Aligned management systems help companies to achieve improved and more reliable quality, environmental, and health & safety performance, while adding measurable business value.
Companies can become certified to each of the standards discussed above. Certification has a number of benefits, including the following:
- Meet customer or supply chain requirements
- Use outside drivers to maintain management system process discipline (e.g., periodic risk assessment, document management, compliance evaluation, internal audits, management review)
- Take advantage of third-party assessment and recommendations
- Improve standing with regulatory agencies (e.g., USEPA, OSHA, FDA, and state programs)
- Demonstrate the application of industry best practice in the event of incidents/accidents requiring defense of practices
However, if there is no market or other business driver, certification can lead to unnecessary additional cost and effort regarding management system development. Certification in itself does not mean improved performance—management system structure, operation, and management commitment determine that.
There are a number of reasons to implement a management system. A properly designed and implemented management system brings value to organizations in a number of ways:
- Risk management
- Identify risks
- Set priorities for improvement, measurement, and reporting
- Provide great opportunity to identify, share, and learn best practices, while recognizing operational differences
- Protection of people
- Send people home the way they arrived at work
- Protect the public and the environment
- Compliance assurance
- Improve and sustain regulatory compliance
- Business value
- Continually improve quality, environmental, and safety performance across the organization (employee, public, equipment, infrastructure)
- Reduce incident costs and accrued liabilities
- Protect assets
- Assure processes, methods, and practices are in place, documented, and consistently applied
- Reduce variability in processes and performance
- Employee engagement
- Help employees to find and use current versions of all procedures and documents
- Provide a ready reference for field management to structure location-specific procedures
- Enable the effective transfer of standards, methods, and know-how in employee training, new job assignments, and promotions
Produced by the Food Processing Suppliers Association (FPSA), PROCESS EXPO is the nation’s largest trade show dedicated to bringing the latest technology and integrated solutions to all segments of the food and beverage processing and packaging industry.
Are you registered to attend?
October 8-11, 2019
Special Food Safety Training Courses
Kestrel will once again be joining FPSA at the PROCESS EXPO to offer supplemental food safety training courses from Monday, October 7 – Wednesday, October 9. The FDA training helps the industry, particularly small- and medium-sized companies, to comply with the new preventive controls rules.
HACCP Training HACCP is a systematic preventive approach to food safety from biological, chemical and physical hazards in production processes that can cause the finished product to be unsafe and designs measures to reduce these risks to a safe level. This is a certified 2-day course based on Global Codex and GFSI requirements.
FSVP Training This 2-day course will provide participants with the knowledge to implement the requirements of the FSVP for Importers of Food for Humans and Animals regulation of FDA’s FSMA. The FSVP course meets FSMA compliance, and FPSA certificates will be issued upon successful completion of the course.
Preventive Controls for Animal Food This 2.5-day course is being made available in response to FDA’s final rule requiring covered animal food facilities to establish and implement an animal food safety system that includes an analysis of hazards and implementation of risk-based preventive controls. Completing this course meets FSMA requirements for a PSQI.
Read the full course descriptions online.
Complete your PROCESS EXPO registration to book your food safety training courses today!
A food company’s supply chain can be the weakest link in the food safety program. Food ingredient adulteration, fraud, and counterfeiting negatively impact everyone in the food supply chain.
Don’t miss the 5th Annual Food Safety Supply Chain Conference — and learn more about regulatory compliance, as well as the tools, technologies, and techniques that can protect your company from the weakest link in your global supply chain.
When: May 29-30, 2019
Where: U.S. Pharmacopeial Convention, Rockville, MD
Plus… Be sure to check out Kestrel’s presentation, Issues & Impacts Surrounding GFSI & FSMA, on Wednesday, May 29 at 1:15 p.m. In this session, you will learn about:
- Differences between GFSI & FSMA
- Key FSMA requirements
- GFSI conformance to FSMA requirements
- How FSMA is addressed in GFSI audits
- How findings are presented at closing meetings
Get Ready…by taking the FSMA IQ Test developed by Kestrel for Food Safety Tech on FSMA supply chain considerations that will be discussed at the Conference.
Learn about best practices and downfalls since the introduction of FSMA FSVP and updates regarding VQIP from Kestrel’s food safety experts and DNV GL, a leading certification body.
FSMA, FSVP & VQIP: What Have We Learned So Far?
Friday, May 17, 2019
9:00 am – 10:30 am CT
Importing food & beverages into the United States can be complex and costly. The Foreign Supplier Verification Program (FSVP) Rule requires importers to verify that their foreign suppliers of food for human and animal consumption meet applicable FDA safety standards. FDA’s Voluntary Qualified Importer Program (VQIP) (TPP) established by the Food Safety Modernization Act (FSMA) provides expedited review and importation of human and animal foods into the United States for approved applicants who achieve and maintain a high level of control over the safety and security of their supply chains.
This complimentary webinar will cover the following topics:
- Validating your FSVP
- Major issues found by FDA
- VQIP importers’ role
- Eligibility and benefits
- VQIP legalities and consequences
- DNV GL FSMA third-party certification
On behalf of our team, Kestrel Management would like to invite you to join us at BRC Food Safety Americas on May 21-22 in Coronado, California.
The conference offers invaluable insights and exclusive updates designed specifically to improve food safety management–and we want to offer you the chance to attend at a discounted rate (see below).
You’ll learn more on:
- Preparing for and passing inspections
- Food safety culture and training
- Identifying and controlling contamination
- Future-proofing food safety
- Traceability within the supply chain
GFSI requires a robust auditing function for every organization seeking food safety certification. Specifically, GFSI certification requires that:
- Internal audits are established.
- Supplier audits are conducted.
- External service audits are used.
Each individual GFSI scheme requires internal audits for Food Safety Management System (FSMS) conformance, and each has its own specific internal audit requirements:
- SQF: Internal audit requirement must show that the FSMS is established to meet the standard.
- BRC: There needs to be an effective audit system to verify that the FSMS covers the standard.
- IFS: Effective internal audits shall be conducted according to a defined and agreed-upon program that covers the requirements of the standard.
- FSSC 22000: The company plans, conducts, and reports on internal audits to ensure that the FSMS has been effectively implemented and maintained.
Planning to Meet Requirements
Meeting these GFSI requirements involves developing a strong internal audit program that uses internal resources and trained and certified auditors to perform internal audits. Lack of a properly designed or implemented internal audit process is one of the most common GFSI non-conformances.
It takes planning and strategy to create and implement an effective internal audit program. Kestrel often works with companies to determine the most effective internal audit development process, create a strategy for the audit program, and assist in its subsequent implementation.
All requirements under GFSI must be developed to assure a robust and well-functioning internal audit program, including development of:
- Internal audit process
- Process review
- Effective audit schedule
- Trained internal auditors
- Strong corrective/preventive action program
- Appropriate links to Management Review
Once these elements are developed, conducting required audits allows the company to identify the areas for improvement. Once non-conformances are identified, it is important to evaluate potential approaches and determine what will allow for the greatest improvements, while also meeting GFSI requirements. Following the management system Plan-Do-Check-Adjust cycle helps to ensure continual operational and food safety improvements.
Planning to Realize Benefits
This “planning” approach to internal audits leads to a number of benefits. The company will:
- Become more capable of managing the internal audit process on its own.
- Learn to identify non-conformances within current practices.
- Create opportunities for continual improvement by following the Plan-Do-Check-Adjust cycle.
- Realize subsequent quality improvements and cost reductions.
- Gain a better understanding of the GFSI management system requirements.
- Be better positioned to achieve GFSI certification.
Internal audits identify possible non-conformances and show continuous improvement of the management system for the certifying organization. Auditing on a regular basis further creates an environment where continual improvement occurs naturally.
Each year, Kestrel looks forward to the Food Safety Summit as one of the premier events in the food industry. Join our experts to discuss industry trends and solutions to your food safety challenges.
- When: May 6-9, 2019
- Where: Donald Stephens Convention Center, Rosemont, Illinois
- Who: Retailers, food processors, distributors, food manufacturers, growers, foodservice, testing laboratories, importing/exporting, law firms, and other food safety professionals
- Find Kestrel: Stop by our booth (#214) in the exhibit hall!
Kestrel is proud to provide our ongoing support for the manufacture, processing, and distribution of safe food. We look forward to seeing you in Rosemont!