Vulnerability Assessments

Background, Elliott, PAS 96 and TACCP

Elliott Review into the Integrity and Assurance
of Food Supply Networks Final Report

The British Standards Institute has worked with Defra and

industry, to develop a Publicly Available Specification Defending
Food and Drink (PAS 96).............elements such as the use of the
threats analysis and critical control points, or TACCP approach,
are relevant in the prevention of food crime.

BSI and Defra should continue to focus on the TACCP

approach, and to consider the overlap and avoid duplication
between malicious contamination and food crime.
This approach will provide the building blocks of any future
standards that could be developed on preventing food crime.
Food Quality, Safety, Fraud and Defence Overlaps

Food Fraud Deliberate Actions

Food Food
Quality Defence

Food Safety

Accidental Acts
 Elliotts Eight Pillars

1. Consumers First
2. Zero Tolerance
3. Intelligence Gathering
4. Laboratory Services
5. Audit
6. Government Support
7. Leadership
8. Crisis Management
GUIDELINE 72 - APPLICATION ROUTE

TACCP TEAM SELECTION

DEFINING THE SCOPE OF THE STUDY / PROCESS FLOW

REVIEW CURRENT TACCP MEASURES IN PLACE

THREAT CHARACTERISATION
Personnel
Premises
Process
Services
Logistics
Cybercrime

MITIGATION STRATEGY DEVELOPMENT

HORIZON SCANNING

IMPLIMENTATION

RECORDING / DOCUMENTATION

AUDIT / REVIEW
 TACCP, or Threat Assessment and Critical Control
Point, is a system that was developed in accordance
with the PAS96:2010.

Title for the revised PAS96:2014 is,

Guide to protecting and defending food and drink from
deliberate attack,

Updated from PAS96:2010,

Defending food and drink. Guidance for the deterrence,
detection and defeat of ideologically motivated and
other forms of malicious attack on food and drink and
their supply arrangements
Seven Sources of Food Fraud
UNAPPROVED ENHANCEMENTS
Melamine added to enhance protein value
Use of unauthorized additives (Sudan dyes in spices)
COUNTERFEITING
Copies of popular foods not produced with acceptable safety assurances.
DILUTION
Watered down products (Also, potentially using non-potable / unsafe water)
Olive oil diluted with cheaper substitutes
SUBSTITUTION
Sunflower oil partially substituted with mineral oil
Hydrolyzed leather protein in milk
CONCEALMENT
Poultry injected with hormones to conceal disease
Harmful food colouring applied to fresh fruit to cover defects
MISLABELLING
Expiry of dates, provenance (unsafe origin)
Toxic Japanese star anise labelled as Chinese star anise
Mislabelled recycled cooking oil
GREY MARKET PRODUCTION / THEFT / DIVERSION
Sale of excess unreported product
 BRC V7 New Clause 5.4.2

A documented Vulnerability Assessment shall be carried

out of all raw materials to assess the potential risk of
adulteration or substitution.

This shall take into account:

Historical evidence of substitution or adulteration

Economic factors
Ease of access to raw materials through the supply chain
Sophistication of routine testing to identify adulterants
Nature of the raw material
 BRC V7 Interpretation Guide

A number risk assessment tools have been published

including some specialist vulnerability assessment tools,
for example CARVER+Shock and TACCP (Threat
Assessment Critical Control Points), which may be used
to achieve a structured approach to the assessment
process.
 BRC V7 Interpretation Guide

A vulnerability assessment is a search for potential

weaknesses in the supply chain in order to prevent food
fraud i.e. to prevent the adulteration or substitution of raw
materials before they arrive at the site.

The aim of the assessment is not to assess the potential for

fraud at the site, but to examine the supply chain for
potential concerns or weaknesses to identify those raw
materials which are of particular risk of adulteration or
substitution, such that appropriate controls need to be put in
place.
 BRC V7 Interpretation Guide

Typical information to incorporate into the assessment includes:

Any emerging issues and information identified
Historical evidence of substitution or adulteration of the ingredient
Cost/value of material
Availability - for example, a poor harvest may restrict availability and
may increase the potential for adulteration
Sophistication of routine testing to identify adulterants if testing
within the supply chain is comprehensive and specifically focused on
potential fraud issues, then the likelihood of adulteration is reduced.
Country of origin
Length and complexity of the supply chain
The nature of raw material may change the potential for food fraud
 BRC V7 Interpretation Guide
Output from the vulnerability assessment
Where raw materials are identified as being of particular risk then
appropriate assurance controls need to be in place to ensure that
only genuine materials are purchased.
Depending on the perceived risk assurance controls may include:

Certificates of analysis from raw material suppliers

Raw material testing
Supply chain audits
Use of tamper evidence or seals on incoming raw materials
Enhanced supplier approval checks
Mass balance exercises at the raw material supplier
Changes to the supply chain eg a change of supplier or a move to a
shorter supply chain
 CARVER + shock
A method from the FDA that puts a scoring system on attributes of:

Criticality - measure of public health and economic impacts of an

attack
Accessibility - ability to physically access and egress from target
Recuperability - ability of system to recover from an attack
Vulnerability - ease of accomplishing attack
Effect - amount of direct loss from an attack as measured by loss
of production
Recognizability - ease of identifying target

shock - the combined health, economic, and psychological

impacts of an attack
 Vulnerability Assessment

Section 106 of the Food Safety Modernization Act (FSMA)

requires the FDA, among other things, to conduct a

Vulnerability Assessment (VA) of the food system

A VA is the process of identifying, quantifying, and

prioritizing (or ranking) the vulnerabilities in a system
 FSMA - What is a
Vulnerability Assessment?

In food safety there are "hazards" to accidental contamination

In food defense there are "vulnerabilities" to intentional contamination.

In calculating risk of intentional threat, the common measure of

vulnerability is the likelihood that an attack succeeds, if it is attempted

By conducting a vulnerability assessment of a food production facility or

process, you can determine the most vulnerable points in the
infrastructure and focus resources on the most susceptible points
 TACCP & HACCP

Differences and Integrating the Systems

 A Quote..
There are known known's.
These are things we know that we know.
There are known unknowns.
That is to say, there are things that we know we don't know.
But there are also unknown unknowns.
There are things we don't know we don't know.
Donald Rumsfeld, US Secretary of Defense - February 2002

It could be said that HACCP is perhaps a study of the

known known's and the known unknowns.
TACCP is an analysis of some known unknowns and
unknown unknowns.
 Key Differences
The team may cover the need for slightly different or additional disciplines

The Process Flow Diagram (PFD) will be written to capture the entire process,
not just that which takes place at the manufacturers site

As a result of the requirements, the potential hazards may detail not only
Chemical, Physical and Biological hazards, but also cover the elements of
radiological hazards and of adulteration.

Potential contaminants within the TACCP study may not be confined to those
which are pertinent to the process involved (e.g. Metal swarf from stirrer blade)

At times with TACCP, the specific hazard at each process step might not be
listed.

TACCP suggests implementing response levels of Normal, Heightened and

Exceptional, in parallel with Prerequisite programmes and Critical Control
Points.
Flow diagram - Meatball manufacture
Primal Intake of Beef Primal Intake of Pork Intake of other
ingredients
Store in Freezer Store in Freezer
Thaw Store in Chill Thaw Store in Chill Storage

Weigh Primals Weigh Primals

Mince through Mince through

5mm plate 5mm plate

Weigh batch Quantity Weigh batch Quantity

Minced Beef Minced Pork

Blend minced Beef, minced Weigh batch seasonings

Pork and other ingredients and other ingredients

Store in Chill Discharge into tote

bins

Form meatballs on forming

machine

Place in containers / trays /

packaging

Chill or Freeze

Load Vehicle Dispatch

Central delivery Depot

Deliver to meatball in sauce

manufacturer
 FSMA Vulnerability Assessment

The key activity types identified in the most vulnerable

production environments are:

Coating / Mixing / Grinding / Rework

Ingredient Staging / Prep/Addition
Liquid Receiving / Loading
Liquid Storage / Hold / Surge Tanks
 Primal Intake of Beef Primal Intake of Pork
Store in Freezer Store in Freezer
Store in Chill Store in Chill
Thaw Thaw

Weigh Primals Weigh Primals

Mince Through 5mm Plate Mince Through 5mm Plate

Weigh Batch Quantity Minced Beef Weigh Batch Quantity Minced Pork

Blend Minced UK Beef, Minced Pork /

Ingredients

Store in Chill Discharge Into Tote Bins

Form Meatballs on Forming Machine

Place in Containers / Trays / Packaging

Chill or Freeze

Load Vehicle Dispatch

Central delivery Depot

Deliver to Meatball in Sauce Manufacturer

 TACCP

Human Elements
The Centre for the Protection of National Infrastructure (CPNI's)
Insider Data Collection Study indicated:

Significantly more males engaged in insider activity (82%) than

females (18%)

The majority of insider acts were carried out by permanent staff

(88%); only 7% of cases involved contractors and only 5% involved
agency or temporary staff

60% of cases were individuals who had worked for their organisation
for less than five years

49% of insider cases occurred within the 31-45 years age category.
Instances of insider cases increased with age until they peaked within
this category and then decreased beyond 45 years of age
 Human factors
Intended to set dial to
Slips of 3 accidentally set to 6
action
Skill based
errors Lapses of Thought the setting
should be 4 when in
memory fact it should be 6
Errors
Rule based Used baking powder
instead of baking soda
mistakes
Mistakes
Knowledge Used a thermometer
Human based that wasnt calibrated

Factors mistakes
Knows to follow steps 1
to 10 in order but always
Routine performs steps 1-5, 7-10
then step 8

When under time or

other constraints, the
Violations Situational action not carried out
as per the procedure

Disgruntled employee
received a warning that
Exceptional day and chose to act in a
way they shouldnt
Complacency, Incompetence,
Criminality: 3 Business Threats
Subject Matter:

Complacency
Smug self satisfaction

Sudan dyes
Incompetence
Lacking the necessary skill
Melamine
Criminality
Tendency to illegal acts
 Case study I: Sudan dyes
(genotoxic carcinogens, prohibited for use in food)

May03 France reports Sudan dyes

as an issue in Indian chilli
products
Jul03 Pan-EU controls introduced
Feb04 FSA reminds UK industry of
issue
Jan05 56 Alerts issued in UK since
2003
Feb05 Worcestershire sauce found
with sudan (made with 2002
chilli)
Mar05 580 products withdrawn
from the UK market
 Case Study II: Melamine
2005/6 Local reports of melamine as an
in issue in Chinese milk
Mar07 First US pet deaths directly
attributable to melamine
Aug07 >5300 products recalled
Jun08 Linkage between baby kidney
damage and Sanlu milk in Gansu
province
Aug08 Melamine found by Fonterra (NZ)
Sep08 Fonterra advise NZ government
who advise the Chinese govt.
Significance of problem
recognised
Dec08 Estimated number of cases:
>250,000 babies & infants
 Points to consider

Understand the historical perspective

Inevitable lag time between commencement and
detection
Value of certification
Adulteration often relates to value (money) determining
product attributes
Attribute quality is often measured to an indirect or subjective
end-point (e.g. Colour)
Fraud is becoming more sophisticated
chemically identical substitutes (e.g. vanilla)
Commodity items (e.g. olive oil / basmati rice / tomato paste)
How To Conduct a TACCP Study
 APPLICATION ROUTE / LOGIC TABLE

TEAM SELECTION

DEFINING THE SCOPE OF THE STUDY / PROCESS FLOW

REVIEW CURRENT TACCP MEASURES IN PLACE

THREAT CHARACTERISATION
Personnel
Premises
Process
Services
Logistics
Cybercrime

MITIGATION STRATEGY DEVELOPMENT

HORIZON SCANNING

IMPLIMENTATION

RECORDING / DOCUMENTATION

AUDIT / REVIEW
Threats categorised by likelihood / impact and plotted

EXCEPTIONAL
4

Impact 3 HEIGHTENED

2
NORMAL
1

1 2 3 4 5
Likelihood
 DOC REF: TACCP1
DATE: XX/XX/XX
EDITION: 1

VERSION: 1
TACCP ANALYSIS: FOOD SECURITY
Product / Process:
No. Process step Step Threat description and job role Response: Preventative Actions / Control Severity Likelihood Total
description No. involved Normal Measures
Heightened
Exceptional

3
 Thank you
Lorraine Green
Quality Management Systems Specialist Campden BRI

Tel: 01386 842458

Email: Lorraine.green@campdenbri.co.uk