FSMA Preventive Controls for Human Food Supply Chain Program


Learn how a new Supply Chain Program under FSMA’s Preventive Controls for Human Food can impact your supply chain.

Many medium-to large-size companies are now producing food under the new Preventive Controls for Human Food rule, while smaller companies have another year or two to comply (depending on company size).

FDA released additional guidance in August on the PCHF rule as well as extending some compliance dates for some specific sections of the PCHF rule, as well as for some of the other rules.

Now that many companies are operating under the new rule – what’s next? One of the more complicated and documentation heavy parts of the rule – the Supply Chain Program – goes into effect in March 2017.

The supply chain program is referenced in 21 CFR 117.405 and requires receiving facilities to establish and implement a risk-based supply chain program for those raw materials and other ingredients for which the receiving facility has identified a hazard requiring a supply-chain-applied control.

You might ask yourself – what does that mean? My company already has supplier approval programs & procedures – aren’t those good enough?

The Answer

Maybe! Most companies already have great supplier management programs, which include supplier approval activities. However, the supply chain program section of the PCHF rule has some specific requirements related to supplier verification activities & documentation.

The first step is to determine which ingredients require a supply chain applied control using the receiving facility’s written hazard analysis. It’s critical to understand who in the supply chain (the supplier, the manufacturer/processor or the downstream customer) is controlling the identified hazard(s).

If you determine that the supplier needs to control the hazard(s) – your receiving facility will need to determine which supplier verification activities you will do to ensure the supplier is indeed controlling the hazard(s).

There are four choices in the rule for supplier verification activities:

  • Annual onsite audit
  • Testing and sampling of raw materials (COA)
  • Supplier food safety record reviews
  • “Other” appropriate supplier verification activities.

If an ingredient has an SAHCODHA (serious adverse health consequence or death to humans or animals) – the annual onsite audit is required (unless you can justify in writing a less frequent audit or other verification activity). This audit can be a 3rd party audit (ex. GFSI scheme) or an audit you do yourself. You need to be sure that the audit considers FDA regulations and includes a review of the supplier’s written Food Safety Plan and its implementation for the hazard being controlled.

Other common verification activities are testing and sampling of raw materials (COAs), some type of supplier guarantee letter or food safety record reviews. Of course, all of these procedures, including verification activities and corrective actions must be documented.

To summarize – you must use a written hazard analysis to determine which ingredients will require a supply-chain-applied control. You then need to determine the supplier verification activities you will do to confirm the supplier is controlling that hazard – and you need to document these verification activities in a written supply chain program.


Lauren Wilson


Comments