We are now on part two of “Bashing third party food audits will not fix the food industry…but I know what will.”
Now, I’ve been gone for a while. I apologize; one of my employees actually joked with me and said, “Matt, you must have been super frustrated to start this the week before you go on a family trip!” It was definitely a trip, too; I don’t want to say a vacation, because the logistics involved with managing seven children is not exactly relaxing.
I’m back now, and ready to go with even more ranting, raving, and wisdom.
In part one I discussed why I feel the people bashing third party audits are completely wrong. It seems to me that they are shifting the blame for food safety issues onto third party audit providers, as if that is the problem, instead of facilities not living up to the standards.
In my oh-so humble opinion, that’s silly.
I also mentioned how most of your clients won’t accept internal audits. It’s not just your clients, either; the courts, other countries, and so on, all look at internal audits very differently than they look at third party audits.
Why is that? How do we go from an internal, first person audit, a second party audit, and an external third-party audit?
Well, a first party audit, or ‘self-audit’, is when a facilities own safety manager, or someone similar, audits their own facility. This is the closest connection possible; they are auditing themselves, and their processes. It’s checking your own homework and giving yourself a grade.
Second party audits involve internal, inter-company audits, and/or supplier audits. This is when a facility is one of several, and someone from a different facility, but the same company, oversees the audit. Even though they are done by members of the same company, it’s like when a corporate safety person goes out and checks on a facility; they are not employed directly by that facility, so there is an element of separation there. They are following up on other employees and looking at their processes. There can be some objectivity, if there is a good food safety culture in that company.
Another form of second party audits, that are VERY important, is internal audits of your suppliers. That is when your customers audit you to make sure you are following their food compliance guidelines. All GFSI audits expect you to audit your suppliers, so the more internal audits you receive from your customers, the more successful you are.
Third party audits involve external, outside organizations with no affiliation with the facility they are auditing whatsoever. These people are trained by the standard, have no connection to employees or the facilities, and are checking up on other peoples processes and results. There is the most objectivity here, as they have no incentive for fudging the results, and aren’t going to worry about negative scores, as it does not reflect on them, personally.
So why don’t most clients accept a first or second party audit?
It comes down to conflicts of interest.
If I’m doing a self-audit, I have direct control over the results, and the processes. If I do an audit that shows problems, and makes me look really bad, I then have an incentive not to show those results. Now, I could immediately set to work fixing the problems and improving, and should, but that doesn’t mean I won’t be incentivized to keep the negative results out of public view.
What we often see is on these self-audits, companies are giving themselves 90-99%, consistently. That means they are either going easy on themselves or throwing out bad results and keeping the good ones. When external auditors go in, they are consistently scoring in the low 80% range, showing that there is a disconnect between what the internal auditors see of their own work, and what outside parties see.
This is most obvious in the first years. Commonly, it doesn’t seem to be because a person is trying to hide anything. It’s just ignorance of the requirements. They often believe they have met standards that they are not meeting. Familiarizing yourself with all the requirements and standards takes time, and practice. Mistakes are easy to make, and it’s easy to land on the positive side of every judgement call if you don’t have anything to compare it to.
With second party audits, the conflict of interest comes in from need. I need that supplier; that facility is an important part of my companies supply chain. I may be inclined to help coach them through, on the assumption they can get things fixed, to avoid a slowdown on my product. That facility, in some ways, would be ‘too big to fail’, a vital part of my operation, and the auditor knows that. They are working for the best interest of the company as they see it, not necessarily purely looking at the safety considerations.
Another possibility is, what if the facility manager has a lot of influence in the corporate culture? An auditor rips a facility apart, and the manager goes above the auditor’s head and complains. There is a very real fear that you would face repercussions for ‘crossing’ this company bigwig. From then on, going to that facility, that auditor is going to have pressure on their judgement to come back with a positive result. Negative food safety cultures can set in quickly when food safety personnel are beat up by management who objected to honest results.
I remember working with a company ten or so years ago, where the VP of food safety was concerned that their audits weren’t being completed accurately. They sent in one of their QC managers to do an audit, and immediately followed it up with a second audit by the VP. An identical audit, same day, with dramatically different results. The auditors felt they had no power, and they were being bossed around by the facility manager, and over time, their results had reflected that.
Food safety culture is vital.
So, that brings us to third party audits, done by CB’s. The globally accepted third party audit is GFSI, the Global Food Safety Initiative.
I think it’s a huge disservice to corporations for people to tell those organizations that if they just do internal audits, they’ll be fine. What will happen is, down the line, your competitors will go the extra mile and be GFSI certified. They’re going to take your business, because they will be using a globally accepted audit, while your program is not.
They got to bypass the conflicts, they got results that clients and customers trust, and they don’t have to worry nearly as much about that toxic food safety culture setting in and tainting their program. They look better, and customers trust the results more.
The other point is that people complain about audit fatigue. “There are too many audits! It’s absurd!”
I agree. There are too many audits!
They aren’t third party audits. They’re internal audits. They are your clients coming to audit you. Where audit fatigue comes in, is when everyone along your supply chain comes in to check out your facility. That’s just part of how the modern supply chain works.
They ask a lot of the same questions, and hold you to the same standards, but they are NOT third-party audits by a CB.
It’s still important. Realize that you are getting this because you are SUCCESSFUL. I had a client who had 34 clients coming to audit them, and complained to me that it was a problem. He asked what I could do.
I told him what I could do…absolutely nothing! Congrats, you work for a SUCCESSFUL company with LOTS of clients!
That’s just part of the process. Take advantage of it! Send them to talk to your sales team after they walk the facility. Talk to them about new business. Check them out and get to know them. Discuss new products. Look at it as a marketing person, not just a safety person.
Just keep them mentally separated from third party audits. Each type of audit serves a different purpose. Ultimately, the third-party audit is what makes you compliant in the eyes of the industry, world-wide.
Next time, we’ll talk about potential conflicts of interest WITHIN third party audits. Though a fantastic tool, they are not perfect either, and there are things you need to keep in mind to avoid some pitfalls.
See you in a week!
Matt Regusci is a long-time food safety professional, and CEO of Train to Comply, an online training platform offering easy to access training solutions across the food safety spectrum.