GFSI requires a robust auditing function for every organization seeking food safety certification. Specifically, GFSI certification requires that:

• Internal audits are established.
• Supplier audits are conducted.
• External service audits are used.

Each individual GFSI scheme requires internal audits for Food Safety Management System (FSMS) conformance, and each has its own specific internal audit requirements:

• SQF: Internal audit requirement must show that the FSMS is established to meet the standard.
• BRC: There needs to be an effective audit system to verify that the FSMS covers the standard.
• IFS: Effective internal audits shall be conducted according to a defined and agreed-upon program that covers the requirements of the standard.
• FSSC 22000: The company plans, conducts, and reports on internal audits to ensure that the FSMS has been effectively implemented and maintained.

Planning to Meet Requirements

Meeting these GFSI requirements involves developing a strong internal audit program that uses internal resources and trained and certified auditors to perform internal audits. Lack of a properly designed or implemented internal audit process is one of the most common GFSI non-conformances.

It takes planning and strategy to create and implement an effective internal audit program. Kestrel often works with companies to determine the most effective internal audit development process, create a strategy for the audit program, and assist in its subsequent implementation.

All requirements under GFSI must be developed to assure a robust and well-functioning internal audit program, including development of:

• Internal audit process
• Process review
• Effective audit schedule
• Trained internal auditors
• Strong corrective/preventive action program
• Appropriate links to Management Review

Once these elements are developed, conducting required audits allows the company to identify the areas for improvement. Once non-conformances are identified, it is important to evaluate potential approaches and determine what will allow for the greatest improvements, while also meeting GFSI requirements. Following the management system Plan-Do-Check-Adjust cycle helps to ensure continual operational and food safety improvements.

Planning to Realize Benefits

This “planning” approach to internal audits leads to a number of benefits. The company will:

• Become more capable of managing the internal audit process on its own.
• Learn to identify non-conformances within current practices.
• Create opportunities for continual improvement by following the Plan-Do-Check-Adjust cycle.
• Realize subsequent quality improvements and cost reductions.
• Gain a better understanding of the GFSI management system requirements.
• Be better positioned to achieve GFSI certification.

Internal audits identify possible non-conformances and show continuous improvement of the management system for the certifying organization. Auditing on a regular basis further creates an environment where continual improvement occurs naturally.