Vulnerability Assessments

Background, Elliott, PAS 96 and TACCP

Elliott Review into the Integrity and Assurance

of Food Supply Networks Final Report

The British Standards Institute has worked with Defra and

industry, to develop a Publicly Available Specification Defending
Food and Drink (PAS 96).............elements such as the use of the
threats analysis and critical control points, or TACCP approach,
are relevant in the prevention of food crime.

BSI and Defra should continue to focus on the TACCP

approach, and to consider the overlap and avoid duplication
between malicious contamination and food crime.
This approach will provide the building blocks of any future
standards that could be developed on preventing food crime.

Food Quality, Safety, Fraud and Defence Overlaps

Food Fraud

Food
Quality

Food
Defence

Food Safety

Accidental Acts

Deliberate Actions

Elliotts Eight Pillars

1.
2.
3.
4.
5.
6.
7.
8.

Consumers First
Zero Tolerance
Intelligence Gathering
Laboratory Services
Audit
Government Support
Leadership
Crisis Management

GUIDELINE 72 - APPLICATION ROUTE

TACCP TEAM SELECTION
DEFINING THE SCOPE OF THE STUDY / PROCESS FLOW
REVIEW CURRENT TACCP MEASURES IN PLACE
THREAT CHARACTERISATION
Personnel
Premises
Process
Services
Logistics
Cybercrime

MITIGATION STRATEGY DEVELOPMENT

HORIZON SCANNING
IMPLIMENTATION
RECORDING / DOCUMENTATION
AUDIT / REVIEW

 TACCP, or Threat Assessment and Critical Control

Point, is a system that was developed in accordance
with the PAS96:2010.
Title for the revised PAS96:2014 is,
Guide to protecting and defending food and drink from
deliberate attack,

Updated from PAS96:2010,

Defending food and drink. Guidance for the deterrence,
detection and defeat of ideologically motivated and
other forms of malicious attack on food and drink and
their supply arrangements

Seven Sources of Food Fraud

UNAPPROVED ENHANCEMENTS

Melamine added to enhance protein value

Use of unauthorized additives (Sudan dyes in spices)

COUNTERFEITING

Copies of popular foods not produced with acceptable safety assurances.

DILUTION

Watered down products (Also, potentially using non-potable / unsafe water)

Olive oil diluted with cheaper substitutes

SUBSTITUTION

Sunflower oil partially substituted with mineral oil

Hydrolyzed leather protein in milk

CONCEALMENT

Poultry injected with hormones to conceal disease

Harmful food colouring applied to fresh fruit to cover defects

MISLABELLING

Expiry of dates, provenance (unsafe origin)

Toxic Japanese star anise labelled as Chinese star anise
Mislabelled recycled cooking oil

GREY MARKET PRODUCTION / THEFT / DIVERSION

Sale of excess unreported product

BRC V7 New Clause 5.4.2

A documented Vulnerability Assessment shall be carried
out of all raw materials to assess the potential risk of
adulteration or substitution.
This shall take into account:

Historical evidence of substitution or adulteration

Economic factors
Ease of access to raw materials through the supply chain
Sophistication of routine testing to identify adulterants
Nature of the raw material

BRC V7 Interpretation Guide

A number risk assessment tools have been published
including some specialist vulnerability assessment tools,
for example CARVER+Shock and TACCP (Threat
Assessment Critical Control Points), which may be used
to achieve a structured approach to the assessment
process.

BRC V7 Interpretation Guide

A vulnerability assessment is a search for potential
weaknesses in the supply chain in order to prevent food
fraud i.e. to prevent the adulteration or substitution of raw
materials before they arrive at the site.
The aim of the assessment is not to assess the potential for
fraud at the site, but to examine the supply chain for
potential concerns or weaknesses to identify those raw
materials which are of particular risk of adulteration or
substitution, such that appropriate controls need to be put in
place.

BRC V7 Interpretation Guide

Typical information to incorporate into the assessment includes:
Any emerging issues and information identified
Historical evidence of substitution or adulteration of the ingredient
Cost/value of material
Availability - for example, a poor harvest may restrict availability and
may increase the potential for adulteration
Sophistication of routine testing to identify adulterants if testing
within the supply chain is comprehensive and specifically focused on
potential fraud issues, then the likelihood of adulteration is reduced.
Country of origin
Length and complexity of the supply chain
The nature of raw material may change the potential for food fraud

BRC V7 Interpretation Guide

Output from the vulnerability assessment
Where raw materials are identified as being of particular risk then
appropriate assurance controls need to be in place to ensure that
only genuine materials are purchased.
Depending on the perceived risk assurance controls may include:
Certificates of analysis from raw material suppliers
Raw material testing
Supply chain audits
Use of tamper evidence or seals on incoming raw materials
Enhanced supplier approval checks
Mass balance exercises at the raw material supplier
Changes to the supply chain eg a change of supplier or a move to a
shorter supply chain

CARVER + shock
A method from the FDA that puts a scoring system on attributes of:
Criticality - measure of public health and economic impacts of an
attack
Accessibility - ability to physically access and egress from target
Recuperability - ability of system to recover from an attack
Vulnerability - ease of accomplishing attack
Effect - amount of direct loss from an attack as measured by loss
of production
Recognizability - ease of identifying target
shock - the combined health, economic, and psychological
impacts of an attack

Vulnerability Assessment
Section 106 of the Food Safety Modernization Act (FSMA)
requires the FDA, among other things, to conduct a
Vulnerability Assessment (VA) of the food system
A VA is the process of identifying, quantifying, and
prioritizing (or ranking) the vulnerabilities in a system

FSMA - What is a
Vulnerability Assessment?
In food safety there are "hazards" to accidental contamination
In food defense there are "vulnerabilities" to intentional contamination.

In calculating risk of intentional threat, the common measure of

vulnerability is the likelihood that an attack succeeds, if it is attempted

By conducting a vulnerability assessment of a food production facility or

process, you can determine the most vulnerable points in the
infrastructure and focus resources on the most susceptible points

TACCP & HACCP

Differences and Integrating the Systems

A Quote..
There are known known's.
These are things we know that we know.
There are known unknowns.
That is to say, there are things that we know we don't know.
But there are also unknown unknowns.
There are things we don't know we don't know.
Donald Rumsfeld, US Secretary of Defense - February 2002

It could be said that HACCP is perhaps a study of the

known known's and the known unknowns.
TACCP is an analysis of some known unknowns and
unknown unknowns.

Key Differences

The team may cover the need for slightly different or additional disciplines

The Process Flow Diagram (PFD) will be written to capture the entire process,
not just that which takes place at the manufacturers site

As a result of the requirements, the potential hazards may detail not only
Chemical, Physical and Biological hazards, but also cover the elements of
radiological hazards and of adulteration.

Potential contaminants within the TACCP study may not be confined to those
which are pertinent to the process involved (e.g. Metal swarf from stirrer blade)

At times with TACCP, the specific hazard at each process step might not be
listed.

TACCP suggests implementing response levels of Normal, Heightened and

Exceptional, in parallel with Prerequisite programmes and Critical Control
Points.

Flow diagram - Meatball manufacture

Primal Intake of Beef

Primal Intake of Pork

Store in Freezer

Store in Freezer
Store in Chill

Thaw

Thaw

Weigh Primals

Store in Chill

Mince through
5mm plate

Weigh batch Quantity

Minced Beef

Weigh batch Quantity

Minced Pork

Blend minced Beef, minced

Pork and other ingredients
Discharge into tote
bins
Form meatballs on forming
machine
Place in containers / trays /
packaging
Chill or Freeze
Load Vehicle

Storage

Weigh Primals

Mince through
5mm plate

Store in Chill

Intake of other
ingredients

Dispatch

Central delivery Depot

Deliver to meatball in sauce
manufacturer

Weigh batch seasonings

and other ingredients

FSMA Vulnerability Assessment

The key activity types identified in the most vulnerable
production environments are:

Coating / Mixing / Grinding / Rework

Ingredient Staging / Prep/Addition
Liquid Receiving / Loading
Liquid Storage / Hold / Surge Tanks

Primal Intake of Beef

Primal Intake of Pork

Store in Freezer

Store in Freezer

Store in Chill

Thaw

Thaw

Store in Chill

Weigh Primals

Weigh Primals

Mince Through 5mm Plate

Mince Through 5mm Plate

Weigh Batch Quantity Minced Beef

Weigh Batch Quantity Minced Pork

Blend Minced UK Beef, Minced Pork /

Ingredients
Store in Chill

Discharge Into Tote Bins

Form Meatballs on Forming Machine

Place in Containers / Trays / Packaging

Chill or Freeze
Load Vehicle

Dispatch

Central delivery Depot

Deliver to Meatball in Sauce Manufacturer

TACCP
Human Elements

The Centre for the Protection of National Infrastructure (CPNI's)

Insider Data Collection Study indicated:
Significantly more males engaged in insider activity (82%) than
females (18%)
The majority of insider acts were carried out by permanent staff
(88%); only 7% of cases involved contractors and only 5% involved
agency or temporary staff
60% of cases were individuals who had worked for their organisation
for less than five years
49% of insider cases occurred within the 31-45 years age category.
Instances of insider cases increased with age until they peaked within
this category and then decreased beyond 45 years of age

Human factors
Skill based
errors
Errors

Mistakes
Human
Factors

Slips of
action

Lapses of
memory

Thought the setting

should be 4 when in
fact it should be 6

Rule based
mistakes

Used baking powder

instead of baking soda

Knowledge
based
mistakes

Used a thermometer
that wasnt calibrated

Routine

Violations

Intended to set dial to

3 accidentally set to 6

Knows to follow steps 1

to 10 in order but always
performs steps 1-5, 7-10
then step 8

Situational

When under time or

other constraints, the
action not carried out
as per the procedure

Exceptional

Disgruntled employee
received a warning that
day and chose to act in a
way they shouldnt

Complacency, Incompetence,
Criminality: 3 Business Threats

Subject Matter:
Complacency
Smug self satisfaction

Incompetence
Lacking the necessary skill

Criminality
Tendency to illegal acts

Sudan dyes
Melamine

Case study I: Sudan dyes

(genotoxic carcinogens, prohibited for use in food)
May03 France reports Sudan dyes
as an issue in Indian chilli
products
Jul03 Pan-EU controls introduced
Feb04 FSA reminds UK industry of
issue
Jan05 56 Alerts issued in UK since
2003
Feb05 Worcestershire sauce found
with sudan (made with 2002
chilli)
Mar05 580 products withdrawn
from the UK market

Case Study II: Melamine

2005/6 Local reports of melamine as an
in issue in Chinese milk
Mar07 First US pet deaths directly
attributable to melamine
Aug07 >5300 products recalled
Jun08 Linkage between baby kidney
damage and Sanlu milk in Gansu
province
Aug08 Melamine found by Fonterra (NZ)
Sep08 Fonterra advise NZ government
who advise the Chinese govt.
Significance of problem
recognised
Dec08 Estimated number of cases:
>250,000 babies & infants

Points to consider
Understand the historical perspective
Inevitable lag time between commencement and
detection
Value of certification
Adulteration often relates to value (money) determining
product attributes
Attribute quality is often measured to an indirect or subjective
end-point (e.g. Colour)

Fraud is becoming more sophisticated

chemically identical substitutes (e.g. vanilla)
Commodity items (e.g. olive oil / basmati rice / tomato paste)

How To Conduct a TACCP Study

APPLICATION ROUTE / LOGIC TABLE

TEAM SELECTION
DEFINING THE SCOPE OF THE STUDY / PROCESS FLOW
REVIEW CURRENT TACCP MEASURES IN PLACE
THREAT CHARACTERISATION
Personnel
Premises
Process
Services
Logistics
Cybercrime

MITIGATION STRATEGY DEVELOPMENT

HORIZON SCANNING
IMPLIMENTATION
RECORDING / DOCUMENTATION
AUDIT / REVIEW

Threats categorised by likelihood / impact and plotted

EXCEPTIONAL

Impact

HEIGHTENED

NORMAL
1

3
Likelihood

DOC REF: TACCP1

DATE: XX/XX/XX

EDITION: 1
VERSION: 1

TACCP ANALYSIS: FOOD SECURITY

Product / Process:
No.

Process step
description

Step
No.

Threat description and job role

involved

Response:
Normal
Heightened
Exceptional

Preventative Actions / Control

Measures

Severity

Likelihood

Total

Thank you
Lorraine Green
Quality Management Systems Specialist Campden BRI
Tel: 01386 842458
Email: Lorraine.green@campdenbri.co.uk