Food Safety

What happens in a Food Supplier Audit?

A Food Supplier Audit is a key part of food quality control & assurance. These take one of three forms:

  • Audits against Food Standards such as Global Food Safety Initiative
  • Audits against Retailer Standards
  • Internal Audits

Safety in the Food Industry is based on Quality Assurance. Each supplier in the supply chain is responsible for their own actions and rely on the actions of their suppliers to provide safe products. Supplier approval procedures and Raw Material approval procedures then test the Suppliers Quality Assurance but assume that the Supplier has done the same of their Suppliers and their Supplier’s products. Suppliers are approved through a desktop audit (also known as a Self Audit Questionnaire or SAQ) or site visit and food supplier audit.

Food Supplier Audit

Manufacturing Standards such as the Global Food Safety Initiative (GFSI) provide assurance that a manufacturing site operates to a defined standard. Awarded as graded certificates, these electronic documents can be freely shared with Customers. The grades achieved provide an indication of a manufacturer’s ability to manufacture food safely. Retailers have often created their own standards that their Suppliers must adhere to alongside GFSI accreditation.

How do Food Supplier Audits vary?

Each audit type is slightly different, though the audit process is the same for each. An experienced auditor will tour the food factory and look for 2 things. Adherence to Food Safety principles and will also compare the written processes against what’s actually happening. In an ideal world, all food safety principles will be observed and food production practices will match the written processes. If there are any deviations, these are called non conformances and can be either major or minor. Major non conformances are things that could or would result in a food safety issue that may result in harm to consumers. Minor non conformances are things that aren’t right, but on their own wouldn’t potentially cause harm to consumers. Multiple minor non conformances of either a similar type or in the same area, will be grouped into a single major non conformance.

In the case of a food supplier audit against a GFSI standard, BRC, ISO 22001 or  FSSC 22000 for example, a third party auditor benchmarks the manufacturing site against each section of the standard. This auditor is an employee of the Certification body, such as AIB International, Lloyd’s Register or SAI for example and will audit the manufacturing site against the standard.

What is the BRC Standard?

BRC provides a framework to manage product safety, integrity, legality and quality, and the operational controls for these criteria in the food and food ingredient manufacturing, processing and packing industry. To do this it focuses on:

  • encouraging development of product safety culture
  • expanding the requirements for environmental monitoring to reflect the increasing importance of this technique
  • encouraging sites to further develop systems for security and food defence
  • adding clarity to the requirements for high-risk, high-care and ambient high-care production risk zones
  • providing greater clarity for sites manufacturing pet food; and ensuring global applicability and bench-marking to the Global Food Safety Initiative (GFSI)

BRC Issue 8 for example has 9 sections.


Commitment at a senior level is essential in the development of a good food safety culture. It is necessary for any food safety system to be effective and ensure the full application and continual development of these systems.


Effective hazard and risk analysis enables the company to identify and manage those hazards that may pose a risk to the safety, quality and integrity of their products. The Standard requires the development of an effective hazard analysis and critical control point (HACCP) programme based on the requirements of the internationally recognised Codex Alimentarius system.


This section ensures the company works to well-documented, systematic management systems that form the basis for the product and process controls necessary to produce safe products, meet customer expectations and ensure staff are trained.


This covers the suitability, cleanliness and control of the site and includes topics such as factory conditions, cleaning, equipment, pest control, foreign body controls and food defence/site security.


Establishing product controls such as allergen management, the prevention of food fraud and product testing are important in the reliable delivery of safe, authentic products.


These requirements ensure that the documented HACCP plan is put into operation on a daily basis, together with effective procedures to consistently manufacture the product to the correct quality.


Training, protective clothing and hygiene practices are covered in this section.


A specific section of the Standard dealing with products that are susceptible to potential pathogen contamination and therefore need additional controls to ensure product safety.


A voluntary additional section of the Standard for sites that purchase and sell food products that would normally fall within the scope of the Standard and are stored at the site’s facilities, but which are not manufactured, further processed or packed at the site being audited.

Audits Against Retailer Standards

Manufacturing sites that supply own label food products to the Supermarkets such as Tesco, Marks & Spencer, Asda, Waitrose, Sainsbury’s, Coop etc will have to meet the individual retailer requirements as well as the GFSI standards. These standards will vary from retailer to retailer and compliance against them is also measured by audit, the only difference is that the auditor will be employed by the individual retailer rather than an accreditation body. The content and requirement of retailer standards is not in the public domain.

Internal food supplier audits

As part of their ongoing food quality control and assurance program it is good practice to undertake regular internal audits. This process might be system wide or might take place on a smaller scale. In the case of a system wide internal audit, an employee – or possibly an external consultant – will audit all systems and processes against their own systems, a GFSI standard, a retailer standard or possibly a mix of all 3. All non conformances will then be reported through their non conformance reporting system. Non conformances must result in Corrective Actions & Preventative Actions. Internal audits  might be triggered by a series of complaints, an upcoming customer visit or could be a regular part of their Continuous Improvement program.

What happens after an audit?

Following the audit, an audit report will confirm where the manufacturing site was compliant, where improvements can be made and also list all of the audit non conformances. The non conformances will need to be entered into the non conformance reporting system and deadlines given for rectification. Each non conformance will require a Corrective Action to close it out and a Preventative Action to prevent recurrence. The auditor will want to see proof that the non conformance has been closed out – this might be a picture or a re-written procedure for example.

For more information or to learn more about improving Food Supplier audit outcomes – visit our website or click here!