Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Apex Manual
Issue No: 00
Issue Date: 01 September 2018
INDEX
RELEASE AUTHORISATION
Mr K. Velmurugan
Coimbatore.
REVISION RECORD
Note: A PDF version of this manual is made available to interested members on common folder.
1.0 Scope:
The Food Assessment System suitable to the requirements of ISO 22000 – 4.1 versions has been developed
at Hindustan Foods Limited for packing safe product.
This manual provides guidance on the avoidance and mitigation of threats to food and food supply. It
describes a risk management methodology, Threat Assessment Critical Control Points (TACCP) against ISO
22000 – 4.1 versions.
Threat Something that can cause loss or harm which arises from the ill-intent of people.
3.1 General:
Hindustan Foods Limited evaluates the threads to food authenticity and safety– economically motivated
adulteration (EMA) and malicious contamination, and outlines the nature of other threats.
The motivation of EMA is financial, to gain an increased income from selling a foodstuff in a way which
deceives customers and consumers. This may be by either passing off a cheaper material as a more
expensive one
The intention of EMA is not to cause illness or death, but that may be the happen due to adulteration
or contamination in food material.
The motivation for malicious contamination may be to cause localized (see case 5) or widespread (see
case 6) illness or death.
3.4 Extortion:
The motivation for extortion by either an individual or group is financial, to obtain money from the
victim organization. Such activity is attractive to the criminal mind when the product is sensitive or
where a company is seen as rich.
3.5 Espionage:
The primary motivation of espionage is for competitors seeking commercial advantage to access
intellectual property. They may infiltrate using insiders to report, or may attack remotely through
information technology systems. Alternatively, organizations may try to entice executives to reveal
confidential information or use covert recording to capture such material, or they may simply steal the
material
3.6 Counterfeiting:
The motivation for counterfeiting is financial gain, by fraudulently passing off inferior goods as
established and reputable brands. Both organized and petty crime can cause companies financial loss
and harm to their reputation.
3.7 Cyber-crime:
Modern information and communications technologies provide new opportunities for malpractice
Fraudster aims to defraud both business and consumer. It is common for the attacker to try and exploit
individual ignorance of the technologies involved.
4.1 General:
The extortionist wants to gain financially from an attack but does not want to be caught, and
concentrates on avoiding detection. Their target is more likely to be a high profile business with lots to
lose from negative publicity. They may work alone and be resourceful, secretive and self-interested.
Some individuals may claim to be able to take action against a business while lacking the capability to
carry it out; the business may judge the claim as not credible but still report and respond seriously.
The opportunist may hold an influential position within an operation to be able to evade internal
controls. They may have some technical knowledge but their main asset is access. They are likely to
be discouraged by the chance of detection, so unannounced visits by customers or auditors, or sampling
for analysis may deter their actions.
The extremist takes their cause or campaign so seriously that they distort its context and overlook
wider issues. The dedication to their cause may have no limits and their determination to progress it
can be great.
Extremists may want to cause harm and are likely to enjoy publicity after the event. It may not matter,
and may be a benefit, if they themselves are harmed. The risk of failure is a deterrent, but the risk of
capture after the event is not. They are typically resourceful and innovative in devising ways to attack.
Some individuals have no rational motive for their actions. Their priorities and preoccupations have
become distorted so they are unable to take a balanced view of the world. Some may have clinically
diagnosed mental health issues.
This individual may be readily deterred by simple steps which prevent them from gaining access to
their target or make detection easy.
The disgruntled individual believes that an organization has been unfair to them and seeks revenge.
For example, they may be an aggrieved employee or former employee, supplier or customer. They may
have expert knowledge of the operation and access to it.
This attacker is likely to be an individual rather than part of a group. If an insider, they could be
dangerous, but are more likely to want to cause embarrassment and financial loss than harm to the
public. If not an insider, this individual is more likely to claim or boast of having done something than
actually being able to do it.
This type of attacker has information and communications technology expertise that can cause
commercial harm and may pose an increasing threat to food safety as internet activity increases
Organized crime may see food fraud as a relatively simple crime, with big gains in prospect, little chance
of apprehension, and modest penalties if convicted. The global trade in food in which food materials
move, often with little notice, across enforcement area borders appears to encourage the professional
criminal.
They may be deterred by close collaboration between food operations and national and international
police authorities.
Type of
Nature Control Measures
Attacker
Legal Identity verification Personal
Wants gain financially May work alone Verification before employment Working
The extortionist
and be resourceful, secretive under supervision Access control to critical
areas
An influential position within an Legal Identity verification Personal
operation have some technical Verification before employment Working
The opportunist
knowledge but their main asset is under supervision Access control to critical
access areas
Legal Identity verification Personal
Takes their cause or campaign so
Verification before employment Working
The extremist seriously may want to cause harm and
under supervision Access control to critical
are likely to enjoy publicity
areas
5.1 Aim:
• Identifying specific threats to the company’s business and reduce the likelihood (chance) of a
deliberate attack.
• Reduce the consequences (impact) of an attack by assessing the potential impact by considering
the consequences of a successful attack
• Protect plant and customer brand reputation.
• Satisfy international expectations and support the work of own organization and customer
(Hindustan Unilever Limited) and demonstrate that reasonable precautions are taken and due
diligence is exercised in protecting food.
HINDUSTAN FOODS LIMITED unit will take actions to minimize the chances of loss of life, ill health,
financial loss and damage to business reputation that an attack could cause.
TACCP shall be conducted through Food Safety Team to meet its needs and adapt it to other threats as
necessary to deal with four underlining questions:
The following flowchart (see Figure 2) and description of the TACCP process focuses on deliberate
adulteration and contamination.
HINDUSTAN FOODS LIMITED forms the TACCP/ Food Safety team and it include individuals with all
sections / Departments. Team follows the below steps and evaluate the threads against process and
its controls.
5. Walk through the flow chart and examination of each step of the process to identify the
vulnerable points where an attacker might hope for success and the people who would have
access.
6. Identify possible threats appropriate to the product at each step and assess the impact that the
process may have in mitigating the threats.
7. Select the points in the process where the threat would have the most effect, and where they
might best be detected based on the risk matrix.
8. Assess the likelihood of routine control procedures detecting such a threat
9. Score the likelihood of the threat happening, score the impact it would have, and chart the
results to show the priority it should be given and revise if this risk assessment seems wrong
10. Where the priority is high, identify the action points or control measures to reduce to eliminate
the risk or points to justify it is not a major risk to the product or organization or Brand.
11. Identify record proportionate preventative action (critical controls). The TACCP/ Food Safety
team should have a confidential reporting and recording procedure and same to be in controlled
condition.
12. Determine the review mechanism along with FSMS review and revise any based on the issues
faced or changes in operations.
13. Maintain a routine watch of local issues.
6.0 Assessment:
HINDUSTAN FOODS LIMITED assess the premises and the organization to control the attack from a
range of groups and individuals (see Clause 4), and each element shall be assessed separately. The
TACCP/ Food Safety team shall consider suppliers under financial stress, alienated employees and
former employees, single issue groups, commercial competitors, media organizations, terrorist
organizations, criminals and local pressure groups.
The TACCP/Food Safety team goes through the following to access the risk and control measures.
product have particular religious, Product commonly used across all category people.
ethical or moral significance for some Product details printed on Laminate (Pouch) itself like Veg.
people logo. HUL Team shall ensure the local land rule
product be used as an ingredient in a Product and its packaging material made up of approved
wide range of popular foods materials. HUL Team shall ensure the local land rule.
product contain ingredients or other Product and its packaging material made up of approved
material sourced from overseas materials. HUL Team shall ensure the local land rule.
Are we under foreign ownership by nations HUL & Hindustan Foods Limited both are in same
involved in international conflict? nation and ensure the local land rule to avoid conflict.
Does product/brand have a celebrity or high Product is belongs to HUL. Hindustan Foods Limited
profile chief executive or proprietor? having proper agreement with HUL.
Does organization have a reputation for having
HUL & Hindustan Foods Limited both are in same
significant links, customers, suppliers, etc. with
nation and ensure the local land rule to avoid conflict.
unstable regions of the world?
HUL & Hindustan Foods Limited both are in same
Are brands regarded as controversial by some?
nation and ensure the local land rule to avoid conflict.
Hindustan Foods Limited gets the material from HUL
Do we or our customers supply high profile
approved vendor and dispatch to HUL Depots as per
customers or events?
the received plan from HUL.
6.2.1 General:
Organizations have different business needs and operate in different contexts. The TACCP/ Food Safety
team can judge which approach and questions are appropriate and proportionate to the threats they
identify.
A typical feature of EMA (see 3.2) is the substitution of a low cost item in place of a relatively high cost
component/ingredient. The TACCP/ Food Safety team needs to be alert to the availability of such
alternatives. An example where this may happen is when added value is claimed, (e.g. organic, non-
gm., locally grown, free range or with protected designations of origin).
The TACCP/Food Safety team goes through the following to access the risk and control measures.
Are we aware of shortcuts to the process Hindustan Foods Limited having eligible staffs to monitor
which could affect us? the process against the standard procedure.
All materials are procured by Hindustan Foods Limited and the materials during receipt at
plant will be inspected based on the specification and UMA method from HUL. Test reports
will be shared and if any failing the rejection call will be taken by HUL.
Questions which the TACCP/ Food Safety team could ask of both its own operations and that of its
suppliers include:
Do any employees bear a HR HOD & Factory Manager Any grievances from Hindustan Foods
grudge against the recorded the grievances from Limited workers will be recorded and to
organization? workers. be recorded by HR HOD/ Unit head.
Organizations understand the threats that they face, but shall focus attention on the priority ones.
For each identified threat the TACCP/ Food Safety team considers and gives a score for the likelihood
of each threat happening and for its impact (see Table 1).
Scoring pattern:
No medical treatment
1 Low 1 1 No brand image loss 1 no loss
required
2 2 4 6 8 10
3 3 6 9 12 15
4 4 8 12 16 20
5 5 10 15 20 25
Scoring pattern:
4 Medium high
5 High
PROBABILITY
1 2 3 4 5
1 1 2 3 4 5
SEVERITY 2 2 4 6 8 10
3 3 6 9 12 15
4 4 8 12 16 20
5 5 10 15 20 25
Hindustan Foods Limited conducted a risk assessment on the TACCP and recorded the same. It is used
to demonstrate that the business had taken all reasonable precautions.
Threat
Severity TACCP
Score
Contributin Justific Risk
S. No Prob
g factor Brand Economical Avg Risk Control ation Owner
Health
image loss Severity No. measure
Hindustan Foods Limited conducted a risk assessment on the VACCP and recorded the same. It is
used to demonstrate that the Procurement and Transportations had taken all reasonable precautions.
Vulnerability Vul
Contributing factor VACCP
Assessment Score
Supplier relationship
Geopolitical issues
Test frequency
Audit Strategy
Supply chain
Justification
Risk Owner
Economical
Anomalies
Control measure
History of
Prob Avg
Material
Severity
Quality
history
Issues
Fraud
S.No
Risk
No.
Avg
Probability Sev
Prob
Organization maintains the access control to workmen’s, visitors, vehicles and other aspects through
gate control, surveillance camera, dedicated parking place.
Access to vehicles:
Missed deliveries Bulk bags having tampered seal and batch & Number tracking system.
investigated Dispatched vehicle having tampered seal with number tracking system.
Screening of visitors:
Proof of identity required Visitor details collected and verified at security gate
CCTV monitoring and recording of CCTV Monitoring and Recording system in place for all
sensitive areas sensitive areas
Other aspects:
Restrictions on portable electronic Area restricted to take photos and copy electronic data's.
and camera equipment Accompany throughout the visit.
Limitations on access to mains Visitors allowed only on appointment and access to their
services scope only.
Much raw material storage, some product storage, most distribution vehicles and all packaged foods
can be tamper evident. Should an attacker gain access, tamper evidence gives some chance that the
attack may be detected in time to avoid the impact.
Detecting Tamper:
Activity Controls
Seal verification system during unloading.
Document verification system before start unloading.
Raw Material Quantity verification system before start unloading.
Material Quality inspections system after unloading.
Vehicle inspection system before start unloading.
Document verification system before start unloading.
Quantity verification system before start unloading.
Packaging Material
Material Quality inspections system after unloading.
Vehicle inspection system before start unloading.
All Raw material stored on racks through ASRS system.
Limited authorization given to handle of ASRS system.
All packaging material stored on racks with proper identification label
with bin card. All finished Goods are 2 layer packing system having with
Storage (RM, PM, FG, sealed inner layer and double stitched outer layer.
HK & scrap yard) Housekeeping chemicals stored with proper identification and lock & Key
system in place and limited authorized given to handle.
All the material issued authorized persons only.
All materials mass balancing weekly / monthly basis
CCTV monitoring and Recording system in place for all areas.
All the computers are password protected.
Electronic storage
Limited authorization given to access the mail and computer
Effective seals on retail All the retail packs having effective seal.
packs CCTV monitoring & Recoding system in place for all important areas
Dispatch against HUL Planning.
Vehicle selection through approved transporters.
Vehicle inspection and approval system in place and QA persons only
Dispatches
approved.
Seal recording and bag counting system in place.
CCTV Monitoring & Recording system
Personnel security guidance is used to mitigate the insider threat to the organization. Its principles can
also be used by food businesses to judge whether key staff within the organizations that supply goods
and services can be trusted to comply with specifications and procedures, and to work in the best
interest of both the supplier and customer.
Pre-employment Checks:
1 Proof of identity
2 Proof of qualifications
3 Verification of contractors
4 More sensitive roles identified with appropriate recruitment
Activity Approach
Staff in critical roles motivated Incentive system in place to motivate the people.
and monitored Top management involves and monitor their routine issues
All loaders are working under contractor
Legal identity verification
Verification against visitor pass
Loaders from external Personal hygiene verification
Basic food safety induction shall be given
Working under supervision
Access restricted to limited areas
Whistle packing arrangements Daily abnormality monitoring system in place
No Temporary staffs and all external persons worked under
Temporary staff supervised
the supervision.
Induction and approval system in place.
Individuals able to work alone
Review system in place
Security control in place
Favorable security culture
CCTV monitoring and recording system in place
Activity Approach
Access and ID cards and keys
Hand over system in place
recovered
Computer accounts closed or
Electron data’s retained with different password
suspended
Termination interview assesses
Hand over and Relieving system in place
security implications
Food protection and defense system aims to reduce the risk of an attack but cannot eliminate it, so
emergency response and business continuity protocols are essential.
Food protection may sit within a business’ crisis management system (see BS 11200), and is likely to
share its general objectives:
• To minimize physical and financial harm to consumers, customers, employees and others
• To collaborate with investigatory and enforcement authorities
• To gain public support for the organization
• To minimize the cost, financial, reputational and personal, of the incident
• To prevent re-occurrence and to identify offenders.
Where contamination is implicit, quarantine and withdrawal / recall of product shall be initiated.
Mock recall to be conducted yearly once to ensure the system effectiveness.
Ref: HFL/SOP/QA/025 - MANAGEMENT OF INCIDENTS, PRODUCT WITH DRAWAL AND PRODUCT RECALL
Business continuity management principles give good resilience to react to and recover from an
attack. Advice on how best to develop and implement your organization’s recovery in response to a
disruptive incident is provided in BS ISO 22313.
Any changes which could affect the TACCP assessment, such as breaches and suspected breaches of
security or authenticity, to be immediately reported to the TACCP/ Food Safety team leader who decides
if a full review is needed.
Review will be happening along with Food safety MRM half yearly once with Top management or
whenever it is necessary.
The TACCP/ Food Safety team shall review food protection arrangements on yearly once.
*********