Food safety management systems — Requirements for any organization in the food chain

1. FSMS principles
Food safety is related to the presence of food safety hazards at the time of consumption (intake by the consumer). Food safety hazards can occur at any stage of the food chain. Therefore, adequate control throughout the food chain is essential. Food safety is ensured through the combined efforts of all the parties in the food chain. This document specifies the requirements for a FSMS that combines the following generally recognized key elements:

  • interactive communication;
  • system management;
  • prerequisite programmes;
  • hazard analysis and critical control point (HACCP) principles.

In addition, this document is based on the principles that are common to ISO management system standards. The management principles are:

  • customer focus;
  • leadership;
  • engagement of people;
  • process approach;
  • improvement;
  • evidence-based decision making;
  • relationship management


2. Process approach

2.1 General
This document adopts a process approach when developing and implementing a FSMS and improving its effectiveness to enhance production of safe products and services while meeting applicable requirements. Understanding and managing interrelated processes as a system contributes to the organization’s effectiveness and efficiency in achieving its intended results. The process approach involves the systematic definition and management of processes, and their interactions, so as to achieve the intended results in accordance with the food safety policy and strategic direction of the organization. Management of the processes and the system as a whole can be achieved using the PDCA cycle, with an overall focus on risk-based thinking aimed at taking advantage of opportunities and preventing undesirable results.

The recognition of the organization’s role and position within the food chain is essential to ensure effective interactive communication throughout the food chain.


2.2 Plan-Do-Check-Act cycle
The PDCA cycle can be described briefly as follows:

Planestablish the objectives of the system and its processes, provide the resources needed to deliver the results, and identify and address risks and opportunities;
Doimplement what was planned;
Checkmonitor and (where relevant) measure processes and the resulting products and services, analyse and evaluate information and data from monitoring, measuring and verification activities, and report the results;
Acttake actions to improve performance, as necessary.