Vulnerability Assessment Tool (BRC Method) – Frequently asked questions (FAQ)

Is this assessment tool suitable for businesses operating to food safety management system standards other than BRC?

This spreadsheet is designed for food fraud vulnerability assessments for businesses that manufacture food in accordance with the requirements of BRC’s (British Retail Consortium) GLOBAL STANDARD FOOD SAFETY, Issue 7 and Issue 8, which require that businesses assess their ingredients and raw materials for vulnerability to economically motivated adulteration, substitution or dilution.

The risk assessment methodology and matrix are based on the recommendations of the British Retail Consortium in their document Understanding Vulnerability Assessment (2015).  It is not suitable for vulnerability assessments on finished food products.  It is not recommended for businesses that need to meet the requirements of other food safety management system standards.  It is not suitable for food defense vulnerability assessments.  We recommend you purchase our other tools instead.

Is this assessment tool suitable for businesses that do not operate a food safety management system?

If your business is not operating to a food safety management standard and does not have supplier approval processes, purchasing specifications and robust systems for receiving materials then it is more vulnerable to accepting fraudulent material and this tool will underestimate the risk.

If your business is not operating to a GFSI standard, you should check out our other tools to help you prepare your vulnerability assessment.

What happens if I can’t complete all the questions?

If you have not answered all the questions the tool will calculate a high vulnerability rating. However it is possible to supplement the calculated rating with your own estimate if desired. This means that if you already think that a particular raw material has a very low risk of occurrence or detection you may choose to simply enter your best estimates of likelihood instead of completing all the data fields. This will allow you to prioritise your time and focus on the most important raw materials and ingredients first.  Note that if you do this the resulting assessment documents are unlikely to be acceptable to an auditor because they will not contain a complete explanation of how the risk assessment was performed.  To obtain a complete explanation, every question should be answered.

What if I disagree with the results?

The Vulnerability Assessment Tool calculates likelihood of occurrence and detection using information entered by the user.  Users are encouraged to also enter their own estimates.  The reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

Why are some of the questions repeated?

The tool was developed to be closely aligned with the recommendations of the British Retail Consortium in their document Understanding Vulnerability Assessment (2015).  That guidance document describes the elements that should be considered when assessing likelihood of occurrence and likelihood of detection and according to the British Retail Consortium’s methodology there are a number of elements that should be included in both occurrence and detection assessments.

Why is the Vulnerability Assessment Tool an Excel spreadsheet instead of specialised software?

The tool was created for Quality Assurance Mangers and Food Safety Managers to use. It was created with Microsoft Excel because most of its intended users are familiar with excel and so can begin entering data as soon as they open the spreadsheet, with no special training.   Data can be copied, pasted and searched just as you would in any spreadsheet and results can be easily extracted for use in other documents. Blank and completed spreadsheets can and should be incorporated into a company’s controlled documents and record-keeping system and Microsoft Excel files are usually suitable for this purpose.

The tabular format of the data entry pages allows users to have a ‘whole picture’ visual understanding of the data that has been entered and the gaps that need to be filled.  Other types of software such as questionnaire-style assessments do not provide a visual overview and require information to be entered in a defined series of steps which can be frustrating. Within the tables of the Vulnerability Assessment Tool, colour-coding functions provide instant feedback about whether an answer affects vulnerability in a positive or negative way, which can be a valuable learning tool.

Why are some of the cells password protected?

Password protection has been applied to many of the cells in the spreadsheet.  There are a number of reasons for this, the most important of which is so that users do not accidentally ‘break’ the formulas which would be very easy to do if it was unlocked.

This means that users are not able to make changes to the wording of the questions or the automatically generated answers.

Can I copy the results into my own spreadsheet or other document?

Yes. The data can be copied, pasted, sorted and manipulated as in any spreadsheet. When copying from the tool use the excel function ‘paste special – values’, which will prevent pasting formulas that might return error values in a different document.

Do I have to purchase a new spreadsheet for each material group?

No, you may make as many copies of this spreadsheet as you need for ONE food business in one manufacturing location.  You may not share it with other food businesses or take it when you change jobs.  For complete terms and conditions click here.

Is there a telephone number I can call for help and support with the tool?

For support, please email support@foodfraudadvisors.com with your query, including your preferred contact details and geographical location (for time zone purposes). We will contact you by telephone or Skype or email an answer to you.

January 2022: Why aren’t the formulas working?

Microsoft 365 recently switched its default Excel formula settings so that by default, formula calculations are turned off.

This means that none of the formulas in any spreadsheet will work until you switch the calculation function back on. To switch formula caluculations on, go to the ‘Formulas’ tab on the Excel ribbon and choose ‘Calculation Options’ on the far right. Set calculations to ‘Automatic’. This will fix the problem.

Can I have access to the formulas that generate the results?

If you disagree with the results the tool allows you to override them; the reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

If you think the methodology, including the risk calculations should be amended or you think there is an error in any formula please contact us. We want the Vulnerability Assessment Tool to be the best that it can and value your feedback.

Want to buy an unlocked version that is fully customisable?  Request a quote here.

My security settings will not allow me to run macros, is this a problem?

Vulnerability Assessment Tool (BRC Packaging Materials) – Frequently asked questions (FAQ)

Is this assessment tool suitable for businesses operating to management system standards other than BRC Packaging Materials?

This spreadsheet is especially designed to meet the requirements of BRC’s (British Retail Consortium) PACKAGING MATERIALS Issue 6, which requires that businesses assess their raw materials for vulnerability to economically motivated (fraudulent) substitution.

It is not recommended for businesses that need to meet the requirements of other management system standards.  It is not suitable for food defense or TACCP vulnerability assessments.  We recommend you purchase one of our other tools instead.

Is this assessment tool suitable for businesses that do not operate a food safety or quality management system?

If your business is not operating to a food safety or quality management standard and does not have supplier approval processes, purchasing specifications and robust systems for receiving materials then it is more vulnerable to accepting fraudulent material and this tool will underestimate the risk.

What about the Threat Assessment Tool?

The threat assessment tool is a bonus add-on for purchasers of the packaging vulnerability assessment tool, it is not sold separately.  Is is also designed to meet the requirements of BRC Packaging Issue 6.

What happens if I can’t complete all the questions?

If you have not answered all the questions the tool will estimate your material as being vulnerable (very likely to be affected by fraudulent substitution). However it is possible to supplement the calculated rating with your own estimate if desired. This means that if you already think that a particular raw material has a very low risk you may choose to simply enter your best estimates of likelihood instead of completing all the data fields. This will allow you to prioritise your time and focus on the most important raw materials first.  Note that if you do this the resulting assessment documents are unlikely to be acceptable to an auditor because they will not contain a complete explanation of how the risk assessment was performed.  To obtain a complete explanation, every question should be answered.

What if I disagree with the results?

The Vulnerability Assessment Tool calculates the vulnerability using information entered by the user.  Users are encouraged to also enter their own estimates.  The reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

Why is the Vulnerability Assessment Tool an Excel spreadsheet instead of specialised software?

The tool was created with Microsoft Excel because most of its intended users are familiar with excel and so can begin entering data as soon as they open the spreadsheet, with no special training.   Data can be copied, pasted and searched just as you would in any spreadsheet and results can be easily extracted for use in other documents. Blank and completed spreadsheets can and should be incorporated into a company’s controlled documents and record-keeping system and Microsoft Excel files are usually suitable for this purpose.

The tabular format of the data entry pages allows users to have a ‘whole picture’ visual understanding of the data that has been entered and the gaps that need to be filled.  Other types of software such as questionnaire-style assessments do not provide a visual overview and require information to be entered in a defined series of steps which can be frustrating. Within the tables of the Vulnerability Assessment Tool, colour-coding functions provide instant feedback about whether an answer affects vulnerability in a positive or negative way, which can be a valuable learning tool.

Why are some of the cells password protected?

Password protection has been applied to many of the cells in the spreadsheet.  There are a number of reasons for this, the most important of which is so that users do not accidentally ‘break’ the formulas which would be very easy to do if it was unlocked.

This means that users are not able to make changes to the wording of the questions or the automatically generated answers.

Can I copy the results into my own spreadsheet or other document?

Yes. The data can be copied, pasted, sorted and manipulated as in any spreadsheet. When copying from the tool use the excel function ‘paste special – values’, which will prevent pasting formulas that might return error values in a different document.

Do I have to purchase a new spreadsheet for each material group?

No, you may make as many copies of this spreadsheet as you need for ONE business in one manufacturing location.  You may not share it with other businesses or take it when you change jobs.  For complete terms and conditions click here.

Is there a telephone number I can call for help and support with the tool?

For support, please email support@foodfraudadvisors.com with your query, including your preferred contact details and geographical location (for time zone purposes). We will contact you by telephone or Skype or email an answer to you.

Can I have access to the formulas that generate the results?

If you disagree with the results the tool allows you to override them; the reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

If you think the methodology, including the risk calculations should be amended or you think there is an error in any formula please contact us. We want the Vulnerability Assessment Tool to be the best that it can and value your feedback.

Want to buy an unlocked version that is fully customisable?  Request a quote here.

My security settings will not allow me to run macros, is this a problem?

Vulnerability Assessment Tools – Frequently asked questions (FAQ)

What if I disagree with the results?

The Vulnerability Assessment Tool creates estimates of vulnerabilities using information entered by the user.  Users are encouraged to also enter their own estimates.  The reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

Why is the Vulnerability Assessment Tool an Excel spreadsheet instead of specialised software?

The tool was created for Quality Assurance Mangers, Food Safety Managers and HACCP Team members. It was created with Microsoft Excel because most of its intended users are familiar with excel and so can begin entering data as soon as they open the spreadsheet, with no special training.   Data can be copied, pasted and searched just as you would in any spreadsheet and results can be easily extracted for use in other documents. Blank and completed spreadsheets can and should be incorporated into a company’s controlled documents and record-keeping system and Microsoft Excel files are usually suitable for this purpose.

The tabular format of the data entry pages allows users to have a ‘whole picture’ visual understanding of the data that has been entered and the gaps that need to be filled.  Other types of software such as questionnaire-style assessments do not provide a visual overview and require information to be entered in a defined series of steps which can be frustrating. Within the tables of the Vulnerability Assessment Tools, colour-coding functions provide instant feedback about whether an answer affects vulnerability in a positive or negative way, which can be a valuable learning tool.

Can I copy the results into my own spreadsheet or other document?

Yes. The data can be copied, pasted, sorted and manipulated as in any spreadsheet. When copying from the tool use the excel function ‘paste special – values’, which will prevent pasting formulas that might return error values in a different document.

Do I have to purchase a new spreadsheet for each material that I need to assess?

No, you may make as many copies of this spreadsheet as you need for ONE food business in one manufacturing location.  You may not share it with other food businesses or take it when you change jobs.  For complete terms and conditions click here.

Is there a telephone number I can call for help and support with the tool?

Real-time support is coming soon. Until then, please email support@foodfraudadvisors.com with your query, including your preferred contact details and geographical location (for time zone purposes). We will contact you by telephone or Skype or email an answer to you.

Why are some of the cells password protected?

Protection has been applied to many of the cells in the vulnerability assessment spreadsheets.  There are a number of reasons for this, the most important of which is so that users do not accidentally ‘break’ the formulas which would be very easy to do if the cells were not locked.

Within the food fraud tools, the protection prevents users from making changes to the wording of the questions or the automatically generated answers.  To get an idea of how the cells are protected, download our free trial food fraud spreadsheet:  Try it free v3.0s

There is no password protection in the food defense tool.  Some cells have been protected to prevent accidental changes, but passwords have not been applied, so users may ‘unprotect’ any part of the spreadsheet if desired.

Can I have access to the formulas that generate the results?

If you disagree with the results the tools allow you to override them; the reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

If you think the methodology, including the risk calculations should be amended or you think there is an error in any formula please contact us. We want the Vulnerability Assessment Tools to be the best they can be and value your feedback.

Want to buy an unlocked version that is fully customisable?  Request a quote here.

My security settings will not allow me to run macros, is this a problem?