hands-1222866_640

UNDERSTANDING AND ASSESSING THE RISKS AND CONSEQUENCES OF CLIMATE CHANGE – ISO 14091

Climate change

Adequately addressing climate change is an urgent challenge that affects businesses of all sizes. The ISO 14091 standard helps companies to adapt to climate change. Below we have summarized all the important information for you.

While rising temperatures are affecting agricultural production, extreme weather events are impacting infrastructure and disrupting supply chains – a development that is causing headaches for many companies.

While measures aimed at keeping climate change below the 1,5 degrees Celsius limit are more important than ever, we must not only fight climate change, but also adjust to it. In doing so, it is essential to understand and assess what climate-related risks companies are exposed to and how susceptible a company is to damage.

ASSESSING CLIMATE CHANGE RISKS WITH ISO 14091

ISO 14091 “Adaptation to climate change – Guidelines on vulnerability, impacts and risk assessment” helps organizations assess the impacts of climate change and develop and implement a risk assessment capable of evaluating current and future climate change risks.

The standard provides guidance on the use of screening assessments and impact chains that enable qualitative and quantitative analysis. This information helps companies make better business decisions. The information, documented in an internationally consistent manner, also helps with climate-related reporting.

ISO 14091 is the latest standard in the ISO 14090 series. It describes the many elements of climate change adaptation, including pre-planning, adaptation planning, implementation, monitoring and evaluation, and reporting and communication. You can download this standard here.

WHAT DQS CAN DO FOR YOU

DQS is your partner for verification and validation of sustainability reporting. We are at your side – with smooth audit planning, experienced auditors and in-depth audit reports.

For more information please contact us!

 

audit-4189560_640

IFS RECERTIFICATION – WHAT TO DO IF AN ON-SITE AUDIT CAN‘T TAKE PLACE?

An IFS certificate is valid for a maximum of 12 months. In order to receive a new certificate before it expires, an on-site audit must take place. However, in times of COVID-19, such an audit is not always possible. So what are the alternatives?

“This certified company can produce a safe product according to customer specifications” – this is the guiding principle of IFS. In order to stay true to this sentence, IFS has chosen not to introduce a fully remote audit option because, according to IFS, a remote audit does not enable reliable conclusions about the hygiene and compliance with good manufacturing practices.

For sites that have implemented access restrictions due to the COVID-19 pandemic, however, an on-site audit is often not an option. To explain its position and address possible alternatives, IFS has published a new document, available for download here.

WHAT TO DO IF AN ON-SITE AUDIT CANNOT TAKE PLACE?

If the standard procedure cannot be adhered to, IFS suggests the following options:

  1. Case-by-case review

IFS does not extend the IFS Certificate if a scheduled renewal audit is not possible. In this case, IFS strongly recommends that the company whose certificate expires contacts its customers and certification body to discuss how to deal with the situation.

  1. Transparency in the IFS Database

IFS supports this process by establishing the necessary transparency about the status of the IFS certificate in the IFS database. At the beginning of the COVID-19 pandemic, IFS implemented a COVID-19 notification function in the IFS database to identify audits that did not take place and have been postponed due to the COVID-19 pandemic. The COVID-19 notification is carried out by the certification body responsible for the audit. This provides transparency about the certificates and audits affected by the COVID-19 pandemic.

  1. Risk assessment by IFS Remote Surveillance Check

In the event that a certificate expires, IFS recommends that suppliers and customers carry out a risk assessment and decide, on the basis of the risk assessment, how they wish to maintain cooperation and maintain the supply chain. Another important point in carrying out the risk assessment, whether the cooperation between supplier and customer will continue without an IFS Certificate, is the overall consideration of the business relationship. The number of recalls, the basic quality of the cooperation and many other points that only suppliers and customers can answer together.

The IFS Certificate is an important part of the collaboration, but it is not the only criterion for whether a delivery relationship works. After a thorough risk assessment, there is an option to add a COVID-19 notification to an expiring certificate. The expired certificate will still be visible. Additionally, IFS offers an IFS Remote surveillance check tool for this risk assessment. It is a voluntary option that is not accredited and is not recognised by the GFSI, where the most important documents of the management system are reviewed on a remote basis. All important information about the IFS Remote Surveillance Check can be found here.

  1. Unannounced GMP Check

The crucial question of whether a producer can produce a safe product according to customer specifications is and remains the focus of GMP and hygiene in food production. The vast majority of food producers maintained their production in the COVID-19 pandemic. Raw materials are being delivered and external personnel have access to the production facilities to maintain the equipment or perform pest control activities. So in general it is possible that facilities can be visited, taking necessary precautions into consideration. In such cases, also an auditor can perform a visit in order to get an idea of the production facilities and to check whether GMP and hygiene are complied with.

For this purpose, IFS offers the IFS Unannounced GMP check tool. It is a voluntary option that is not accredited and is not recognised by the GFSI, where compliance with GMP and hygiene in production is checked. This gives an answer to the question of whether the production is safe. For the execution of the IFS Unannounced GMP check, only the personnel in the production area, who manage the production and the employees in the production, must be present. The IFS Unannounced GMP check is an option if a complete IFS certification audits cannot take place, for example when key employees with access to documents and records are working from home.

  1. IFS Certification Audit

As soon as normal audit practices and certifications according to IFS standards/programs are possible, IFS strongly recommends that a full IFS certification audit be performed.

The full document on the IFS approach to COVID-19 can be viewed here.

All information about the remote audit options of the IFS can be found here.

For more information please contact us!

Remote audit

IFS REMOTE AUDITS & SPLIT AUDITS

IFS audits can now also be performed partially remotely. IFS Broker audits can even take place completely remotely. This new regulation is not a temporary exception, but rather applies regardless of how the COVID-19 pandemic evolves. In the following, we present the new IFS regulations on remote auditing.

BACKGROUND

When the COVID-19 pandemic broke out, many IFS certification audits had to be cancelled because auditors could not travel to the site. Doing audits remotely was not possible, as the scheme rules did not allow this. IFS developed a non-accredited alternative: the remote surveillance check. However, the remote surveillance check did not result in an accredited certificate, which is exactly what many sites require.

IFS Remote AuditsWhen GFSI updated its requirements in June 2020, this opened the door for a more permanent, widely accepted solution. The new rules IFS is developing should be seen in this light.

 

 

FULLY REMOTE AUDITS FOR IFS BROKER STANDARD

IFS-Broker Remote auditThe first IFS Standard to be audited fully remotely will be IFS Broker. Sites that are certified to the IFS Broker Standard can choose to have their annual audit entirely remotely. Doing the audit remotely is optional and needs to be agreed between the certified site and their certification body. The remote audit option only applies to announced audits and is ideally carried out by the same auditor who led the last surveillance audit or initial audit. Doing the audit remotely remains optional and should be agreed between the site and the certification body. The remote audit option only exists for announced audits and is ideally performed by the same auditor who conducted the last surveillance audit or initial audit.

At DQS, we are ready to serve our customers with remote audits immediately.

SPLIT AUDITS FOR OTHER IFS STANDARDS

The IFS Split Audit applies to recertification assessments of all IFS Standards and Global Markets programs (intermediate level). Since good manufacturing practices or good distribution practices and hygiene are essential aspects of these standards, it is not possible to perform the certification audits completely remotely. Auditors will still need to physically visit the site. IFS has therefore introduced the IFS Split Audit: an on-site audit combined with a remote part.

Unlike BRCGS and FSSC 22000, IFS requires the on-site part of the audit to be completed before the remote part is started. This enables the auditor to get a better overview of the products, processes and facilities of the company.

Here too it is important that the split audit is optional and must be agreed between the site and the certification body. The certification body will be required to evaluate whether doing the audit partially remotely poses any risk to the audit effectiveness. Only sites with a positive risk assessment are able to choose the partially remote option.

CONDUCTING IFS SPLIT AUDITS – HERE’S HOW IT WORKS

The on-site portion of the IFS Split Audit can take place announced and unannounced. The unannounced option gives every company the possibility to fulfil the new GFSI requirement that at least every third IFS audit must be performed unannounced.

The on-site visit requires the presence of only those employees who are necessary to run production and related areas smoothly and in compliance with the law and customer specifications. In the subsequent remote part of a split assessment, for which a fixed date is determined, interviews with other relevant staff members can be completed.

The on-site audit is supplemented by the remote part, which includes a review of further documented information and a careful cross-check of documentation and records.

The remote audit must take place within 14 days of the on-site part. The certification body and the audited company must determine a mutually convenient date so that every staff or management member the auditor still needs to speak to is available.

PLANNING AND PREPARING FOR AN IFS SPLIT AUDIT

There are several steps to planning an IFS Split Audit for certification renewal:

  • The company should clarify in advance with its customers whether they accept a certificate based on the IFS Split Assessment.
  • The site to be assessed and its certifications body (CB) need to perform a risk evaluation to make sure that an IFS Split Audit is technically possible.
  • The use of Information and Communication Technologies (ICT) during the audit process requires a written agreement between the company and the certification body. The certification body and the assessed site shall have appropriate information technology (IT) infrastructure and environment (e.g. internet access) in place.
  • The assessed company needs to ensure that they have all relevant documents and records available digitally.
  • IFS has identified in each standard and global markets program checklist which requirements can be assessed on-site, which ones can be assessed remotely, and those that must be cross-checked. This helpful document gives companies and auditors clear guidelines of how to conduct an IFS Split Assessment. You can download the checklist here.

After completing the IFS Split Audit, the CB will include the following statement in the audit report and on the IFS Certificate: “part of the assessment has been performed using ICT – split assessment”. This increases transparency with a company’s customers, retailers, and other stakeholders.

REMOTE, ON-SITE OR BOTH: DQS IS YOUR CERTIFICATION PARTNER

As one of the pioneers of remote auditing, we are happy to support our customers with remote options. Contact us with any questions you may have.

Reference: DQS CFS Newsletter

TISAX

TISAX – Information Security For the Automotive Industry

What is TISAX Label?

TISAX (Trusted Information Security Assessment Exchange) is a new assessment and exchange mechanism which is based on the ISO 27001 standard and was developed to adapt to the additional requirements of the automotive domain.  The dedicated TISAX online platform is designed to support cross-company recognition of information security assessments in the automotive industry.

Who developed the TISAX Mechanism?

The TISAX (Trusted Information Security Assessment Exchange) mechanism was developed by the VDA, a German automotive industry association (Verband der Automobilindustrie) in partnership with European Network Exchange (ENX), which is an association of European automotive manufacturers.

Who Deploys the TISAX Mechanism?

The TISAX mechanism is deployed by OEMs such as Volkswagen, BMW, Audi, Porsche, Mercedes, Daimler. It is also used by some key equipment suppliers such as Continental, Bertrand, Bosch, Magna Steyr, to build a robust IT security mechanism.

Why do you need a TISAX Label?

Your clients have confidential information they need to share with their supplier – you. The co-operation between you and your clients creates value. The information your clients share with you is an important part of this value creation. Thus, they need to protect it appropriately. And they want to be sure that you are handling this information with the same due care. But how can they be sure that this information is in good hands? They can’t just “believe” you. Your clients need to see some proof and TISAX label is the best way to have them “trust” you!

Who needs to go for the TISAX Assessment?

Are you a supplier or service provider for the automotive industry? If so, you need only one thing to assure customers that you are keeping their information secure – participation in the TISAX Exchange. All it takes is one assessment every 3 years!

How the Network and Exchange Platform works?

The TISAX security audit mechanism allows the mutual acceptance of assessment results (carried out by trusted certification bodies) within the automotive industry and provides a common evaluation mechanism for professional exchanges.

The participants on this platform, share information via a common online platform on the information security status of another participant, in the form of the results of assessments performed. It is important to note that not every TISAX participant automatically has access to the assessment results of another participant. Who receives what information in the TISAX network is something the audited company itself decides by explicit release from case to case.

What are the advantages of TISAX?

  • Cross-company recognition of the assessment results among all TISAX participants
  • Greater confidence in certified service providers and suppliers
  • Avoids the need for multiple checks
  • Fewer misunderstandings due to the harmonized VDA-ISA test catalogue
  • Mutual recognition in the TISAX network saves time and cost
  • Only one TISAX assessment every three years

Watch out for our future blogs with more information on the assessment levels, the 4 main pillars of the assessment, the assessment procedure, main difference between TISAX and ISO 27001 etc.

For more information please contact us!

 

Food safety

FOOD SAFETY CULTURE: NEW LEGAL REQUIREMENTS AT EU LEVEL

The implementation of a food safety culture effectively reduces a company’s vulnerability to food fraud. This awareness is gaining ground, even at the highest political level. The EU Commission has now revised Regulation 852, one of legal pillars for food safety in the EU. A draft version of the general requirements for a food safety culture has now been published. In this article, we have summarized everything you need to know about this development.

Food safety culture has arrived in the mainstream of hygiene requirements. After the Global Food Safety Initiative (GFSI) updated its benchmarking criteria in February 2020, the EU is now also planning to give the concept of food safety culture a permanent place in legislation. The new requirements can be found in regulation (EC) No 852 / 202X on the subject of food hygiene, which is currently being revised.

THE BACKGROUND

The introduction of requirements for food safety culture at EU level is related to the Codex Alimentarius. The Codex Alimentarius develops and adopts food standards that serve as a reference for international food trade. It is based on the assumptions and decisions of the Codex Alimentarius Commission, a joint body of the Food and Agriculture Organization (FAO) and the World Health Organization (WHO) of the United Nations.

The three objectives of Codex Alimentarius:

  • Protect consumers’ health;
  • Ensure fair practices in international food trade;
  • Coordinate all food standards work done by international governmental and non-governmental organisations.

All EU member states are members of the Codex Alimentarius Commission. In 2003 the European Union itself also joined. It shares responsibilities with the EU countries, depending on the degree of harmonization of the respective legal provisions.

WHAT WILL CHANGE WHEN?

The Codex Alimentarius Commission is expected to adopt the revision of its standard on the general principles of food hygiene in the next few months.

The revision contains increased requirements for good hygiene practices. Among other things, these are designed to better avoid cross-contamination of allergens when harvesting, transporting or storing food. Food safety culture plays an important role in prevention and is therefore introduced as a general principle.

The change in the Codex standard and the expectation of consumers and trading partners that food produced in the EU meets this standard make it necessary to include general requirements for food safety culture in the EU regulation.

You can access the draft regulation (EC) No 852 / 202X here.

WHY IS FOOD SAFETY CULTURE SO IMPORTANT?

The aim of a food safety culture is to raise awareness and improve the behaviour of employees regarding food safety. A corporate culture that values food safety shows employees directly and indirectly that food safety is important and necessary to be successful in the company. This influences the behaviour of employees and helps ensure that they act appropriately. For more information on what a food safety culture is and how it can be assessed and nurtured, please click here.

ADDITIONAL INFORMATION

On request, we offer workshops & training courses on the subject of food safety culture.

Climate change

Climate Change Risk – Time for Action? – 2.0

We ended our last discussion on climate change on “I’m not sure I want to give up electricity or stop buying anything made in a factory!”.  Well if we’re smart in the way we mitigate climate change – that’s solving it – and we act fast, you won’t have to.  As we have defined the problem, we need practical and executable solutions without creating imbalances in the economy.  A tough line to tread.

We need to switch to low emissions technologies, which are available and affordable to produce.  Many countries (25 countries including EU, Canada, Singapore, Japan, Ukraine and Argentina) are putting a price on carbon and the other greenhouse gases, to take into account the environmental damage caused by fossil fuels.

But should fossil fuels be punished for being the cheapest energy source?

Common Sense says that we shouldn’t punish fossil fuels, but we are in dire need to transition away from them pretty much immediately.  Here is where we need to expand our perspective and look at the bigger picture.  While cheap in terms of dollars, the ramifications of prolonged use of fossil fuels on climate change have not been taken into account at all.

If the true cost had been included – fossil fuels would be much more expensive!  One way to factor in this cost is to introduce a price on carbon-intensive technologies.  That way, we would speed up the transition to clean, renewable energy sources, like solar and biofuels.  But there’s been a lot of debate about this…   is carbon pricing the best policy approach to dealing with climate change?  We will discuss this later.

Now, let’s dig into one of the most important concepts to find true cost – externalities.

If I play loud music while you’re trying to study for an exam, does this have an impact on you? You’re probably feeling quite distracted and annoyed by now, which may mean you lose valuable study time and even possibly fail that exam.  In effect, you’re being indirectly and adversely impacted by my activities.

The decisions of individuals and organisations to produce, consume and invest have indirect impacts on people who are not directly involved in these activities and these Indirect, un-costed impacts are what economists call “externalities”.

Externalities can be both positive and negative.  Positive externalities can be good for society.  For example, if a sufficiently large proportion of the population is vaccinated against a disease, the entire population gains what is called “herd immunity.”

Negative externalities, on the other hand, are often problematic.  Sometimes, negative externalities are relatively inconsequential in the grand scheme of things, such as Smokers ignore the harmful impact of toxic ‘passive smoking’ on non-smokers.  But, when negative externalities are more widespread, they can become costly for the wider community.

The classic example of a negative externality is air pollution generated by industry (reminds me of the perennial air pollution in our so-called “Pollution Capital – New Delhi”).  Most business enterprises make decisions based only on their direct cost of inputs and profit expectations.

A power plant or even a printing press, for instance, may operate without factoring in the indirect costs caused by pollution, because the firm does not bear these costs.  However, these costs, or externalities, are real for other people and organisations in the economy.  For example, a homeowner living near the polluting power plant may suffer higher healthcare costs.  Or, the local tourism industry may lose revenue due to pollution from the plant causing environmental damage.

Now, if you consider the costs incurred due to the indirect damage caused by the power plant to its balance sheet, its production decisions would probably change.  The point is, since the indirect costs are not borne by the power plant, the actual social cost of production is greater than the power plant’s private costs of production.

This is known as a market failure and is one of the main reasons why governments intervene as public policy.  The 2007 Stern Review on the Economics of Climate Change regarded greenhouse gas emissions as negative externalities and labelled climate change as the greatest and widest-ranging market failure ever seen.

The review emphasized that the cost of this will be borne mostly by civil society.  It estimated that the potential impacts of climate change on water resources, food production, health and the environment could result in a loss of between 5% and 20% of GDP globally. Today, years after the Stern Review was published, these potential impacts are likely to be much greater due to our careless approach towards its mitigation.

In climate economics, we use a metric known as the social cost of carbon.  According to the US Government, the social cost of carbon can be defined as an “A monetized estimate of the damages associated with an incremental increase in carbon emissions in a given year.”

Simply put, the social cost of carbon represents the economic damage done to society by each additional ton of carbon dioxide.  So how much is this in dollar terms?

Well, depending on the expert you talk to, the computer model and the discount rate used, the social cost of carbon varies widely. The US government puts the social cost of carbon at between 11 and 109 US dollars per ton of carbon dioxide emitted.

While this is interesting, does this metric have any practical application beyond informing governments of the economic consequences of climate inaction?  The answer is yes; the social cost of carbon is being increasingly used in public policy.  The US and UK governments have, in recent years, integrated it into their economic decision-making process for large infrastructure projects. Just google “Keystone XL Pipeline and social cost impacts” to understand how the decision on this project was impacted by social costs & externalities.

So, what can governments do to address the externalities of greenhouse gas emissions?  The social cost of carbon provides an important part of the answer.  Governments can enact public policies to ensure that the social cost of CO2 emissions is paid by the people and businesses responsible for those emissions.

In the terminology of economics, negative externalities need to be internalized by adjusting the price of the polluting activity to reflect the monetary value of that externality. This may, for instance, include putting a price on carbon emissions or requiring emitters to buy a tradable permit.

Look at our industry and think about how we deal with our externalities – how we handle (or sometimes just dump) our waste, use harmful chemicals and inefficient old equipment, manage finite resources like water, energy etc.  If negative externalities are calculated and factored in the balance sheet – how will it reflect on our daily lives?  Let’s ponder until we meet again!

For more information please contact us!