Food Fraud Advisors

  • Home
  • About Us
  • Our Services
  • Tools, Templates and Training
  • Learn about food fraud
  • Report a food crime
  • News
You are here: Home / Archives for Vulnerability Assessments

27th April 2023 by Karen Constable

Food Safety Standards Compared (2023)

 

food vulnerability assessment

There are many different food safety management system standards (FSMS), and they all have different requirements.  So how do you know which standard is the best one for your food company?

When it comes to food fraud, the food safety standards have minor differences in their requirements. For example, some standards require food businesses to include counterfeiting in their vulnerability assessments, while others don’t; some standards specify that vulnerability assessments must be performed on ingredients, while others state they should be done on finished products.  Some explicitly require training in food fraud awareness, while others do not.

Confused? We are here to help.  Read on to find out which standards have what requirements, and get recommendations for creating a great food fraud prevention (VACCP) program.

Background

Food safety standards are standards that describe requirements for food and related businesses.  The requirements aim to ensure that food and food-related goods are safe for consumers and customers.  The correct term for such standards is food safety management systems standards (FSMS).

There are food safety standards for all types of operations within the food supply chain, including:

  • growing and packing fresh produce;
  • manufacture of food and food ingredients;
  • buying and selling food (“brokers”);
  • storage and transport of food;
  • manufacture or converting of packaging materials;
  • manufacture of animal feed or pet food;
  • services such as cleaning, laundry, or pest control for food businesses.

The over-arching aim of all food safety standards is to keep consumers safe, but most standards also have secondary aims. Some of the most popular food safety standards were developed by food retailing groups, and these standards were written to protect the retailers’ brands as well as keep consumers safe. Other standards were developed to help food businesses understand best practices and gain a way to demonstrate their excellence through independent certifications.  Some standards include quality parameters, while others only address food safety issues.

There are dozens of internationally accepted food safety management system standards, each with slightly different requirements.  This can make it difficult to know which standards are ‘better’ or more suitable for your food company.

To solve this problem, a standard for food safety standards was created by the GFSI (Global Food Safety Initiative).  The GFSI assesses and approves food safety standards using a process called benchmarking. The aim of GFSI benchmarking is to define best practices for food safety standards and provide a way to compare and align different food safety standards.

Among the dozens of food safety standards, some are benchmarked by the GFSI (Global Food Safety Initiative), while others are not.  Benchmarked standards usually have more requirements and more rigorous expectations than non-benchmarked standards.  The auditing and certification processes for benchmarked standards are typically more time-consuming and more expensive than for non-benchmarked standards.

Food Fraud in Food Safety Standards

Food fraud prevention activities are an important part of all food safety management systems because food fraud can pose a risk to food safety.  Some food safety standards have separate, stand-alone requirements for food fraud prevention activities, while others do not.  Standards that are GFSI-benchmarked all include explicit, separate food-fraud-related requirements. Other standards rely on the hazard analysis elements of the food safety system to identify and control hazards from food fraud.

The GFSI requires all benchmarked standards to require food companies to do a vulnerability assessment for food fraud and create a mitigation plan for food fraud prevention.  Most GFSI-benchmarked standards also include details about which materials should be assessed and which types of food fraud need to be managed.

Non-GFSI standards vary in how they require a food company to approach food fraud.  Some specify or recommend a VACCP program, which is based on food fraud vulnerability assessment activities. Others, like AIB, require that food fraud risks be considered in the supplier approvals processes.  The regulations of the USA Food Safety Modernization Act (FSMA) require that food businesses identify hazards from economically motivated adulteration-type food fraud (EMA) and implement preventive controls to minimise the risks.

Among the most well-known standards, there are some notable differences. For example, the SQF Food Safety Code requires food businesses to assess and manage risks from counterfeit-type food fraud, while the BRC Food Safety Standard only requires businesses to assess the risks from adulteration or substitution activities. BRC requires horizon scanning activities, while the SQF and IFS standards explicitly mention food fraud training.

Below you will find a table that compares the current food fraud requirements of each of the major food safety standards.

Table 1.  Food fraud requirements of major food safety standards, 2023. 

Click here to open or download a pdf version of this table

 AIB*BRC*FSSC*GlobalGAP*IFS*SQF*
Food types to include in food fraud prevention activitiesIngredients (implied)

 

 

Raw materials

 

 

Products and processes

 

 

Unclear

 

 

Raw materials,

ingredients,

packaging,

outsourced processes

Raw materials,

Ingredients,

finished products

 

Food fraud types

 

 

 

Economically motivated adulteration (only)

 

 

Adulteration,

substitution

(only)

 

 

Any type where consumer health is at risk (in definition, Appendix A)

 

Unclear, however counterfeit or non-foodgrade packaging or propagation materials are included as examples

 

Substitution, mislabelling, adulteration, counterfeiting

 

 

Substitution, mislabelling, dilution, counterfeiting

 

 

Vulnerability assessments explicitly required?Risk assessment (implied, Appendix A)YesYesRisk assessmentYesImplied (Edition 9)
Mitigation plan required?

 

 

–Mitigation activities are to be included in the vulnerability assessmentYesYesYesYes
Does packaging need to be included in the vulnerability assessment?Yes

(implied)

 

Yes

(see 3.5.1.1)

 

Yes

(as per food fraud definition, Appendix A)

Yes

 

 

Yes

 

 

Implied

(primary packaging is a ‘raw material’)

Is a separate food fraud procedure explicitly required?––Implied (“method shall be defined”)–Implied

(“responsibilities shall be defined”)

Implied

(“methods and responsibilities shall be documented”)

Is training in food fraud explicitly mentioned?–Implied

(Clause 5.4.1)

––Yes

(Clause 3.3.4)

Yes
Is an annual review explicitly required?–Yes––YesYes
Other

 

 

–Horizon scanning for developing threats must be done (Clause 5.4.1)––Criteria for vulnerability assessments must be defined

(4.20.2)

Food safety risks from food fraud must be specified (2.7.2.2)

*  The full names of the standards are as follows:

AIB International Consolidated Standards for Inspection of Prerequisite and Food Safety Programs, 2023

BRCGS Food Safety, Issue 9

FSSC 22000, Version 6 (NEW!)

GlobalG.A.P. Integrated Farm Assurance (IFA), Version 5.4-1

IFS Food, Version 8 (NEW!)

SQF Food Safety Code, Edition 9

Takeaways

Among the major food safety management system standards, there are small but significant differences between food fraud prevention requirements.  Key differences include whether finished products or ingredients are to be assessed, which types of food fraud must be included and the presence/absence of requirements related to horizon scanning and training.

If that all seems confusing, don’t despair…

Recommendations for a robust and compliant food fraud prevention program (VACCP)

At Food Fraud Advisors we have been working at the intersection of food fraud and food safety since the very first days of food fraud requirements in food safety standards… and we’ve been helping businesses since day one.

Creating a robust and compliant food fraud program can take time and effort but it isn’t complicated.  Follow the steps below to get started:

  1. Carefully read the food fraud clauses of the standard you are/will be certified to. Pay attention to the food types and the food fraud types that are mentioned in your standard.  HINT: you may need to check the definitions or glossary. Carefully read the food fraud clauses of the standard you are/will be certified to.
  2. Pay attention to the food types and the food fraud types that are mentioned in your standard. HINT: you may need to check the definitions or glossary.
  3. Create a robust vulnerability assessment (here’s how) and a mitigation plan for identified vulnerabilities.
  4. Create a food fraud prevention procedure that defines the methods, responsibilities and criteria for food fraud prevention.
  5. You should also conduct training for all relevant staff and ensure that the food fraud system is reviewed at least annually.

Get a complete guide to the food fraud requirements of all the major food safety standards from us, the food fraud experts, here.

Share this:

  • Click to share on Facebook (Opens in new window) Facebook
  • Click to share on X (Opens in new window) X
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to email a link to a friend (Opens in new window) Email

Filed Under: Consultancy, Food Fraud, Learn, Vulnerability Assessments

26th June 2022 by foodfraudadvisors

Investigating Susceptibility to Food Fraud

Updated 26th June 2022

Some foods are more susceptible than others to economically motivated adulteration, substitution and dilution.  Understanding the susceptibility of an ingredient or raw material type is an important part of every food fraud vulnerability assessment process.

A TWO PART PROCESS

Susceptibility is investigated in two parts.

(1) General Susceptibility (is this type of food often affected by food fraud or not?)

You can estimate a foods general susceptibility using publicly available information.

(2) Specific Susceptibility (is the food we purchase likely to be affected by food fraud?)

The specific food fraud attributes depend on your supply chain, management of the supply chain and testing and auditing activities.

STEP 1. GENERAL SUSCEPTIBILITY

To investigate the general susceptibility of a food or ingredient to food fraud, use publicly available information about incidences of fraud that have occurred in the past and that might occur in the future.

There are a few different ways to access information about previous incidences and emerging issues with a raw material type, as shown below.

1. Online databases – access to historical data:

A food fraud database provides a way to access historical information about food fraud.

A food fraud database is a collection of information about food fraud incidents and food fraud risks. There are a number of free and paid databases operated by governments, not-for-profits and private companies available worldwide.  The type of data varies from database to database, as does the cost and the features.  For a current list of food fraud databases, check out our post Food Fraud Databases Compared.

2. Email alerts via subscription service:

Email services provide near-to-real-time information about food fraud incidents as they occur. This can be a good way to keep on top of developing food fraud risks.   Below is a list of email subscriptions that can provide information about food fraud.

  • Food Forensics, a laboratory located in United Kingdom, offer a monthly horizon scanning risk newsletter to members.
  • FoodChainID Horizon Scan is a paid subscription service that provides alerts on adulteration and fraud, as well as food safety contamination events.
  • Some trade associations provide email services to members.
  • The Rotten Apple, by Karen Constable (of Food Fraud Advisors), is a weekly newsletter that includes trends and analysis as well as a summary of updates made to the Trello Food Fraud database each week.
  • Government-run food safety and food regulatory bodies in some jurisdictions send emails to interested parties.  Contact your local authority for more information.

3.  Direct intelligence:

Direct intelligence is another means of gathering information about the occurrence of food fraud for a given food or ingredient.

  • Information can be obtained by asking law enforcement officials and government departments.
  • Suppliers can provide information about their material types.
  • Trade associations can be approached for information on food fraud and emerging issues.
  • Conferences and webinars about food fraud and food defence are held regularly and these can be a good source of information.

STEP 2. SPECIFIC SUSCEPTIBILITY

In step one you considered the general likelihood of food fraud occurring for the food or ingredient you are assessing.

In step two you must consider the characteristics of your specific material as it is purchased by your food business.

Characteristics that should be considered include those associated with your supply chain, purchasing policies and the format of the material, for example whether it is a powder or liquid or solid.

Each characteristic should be considered with regards to how it could affect the degree to which a person may be motivated to fraudulently adulterate the material and how it could allow a person to:

a) gain access to the material,

b) commit fraud by adulterating, substituting or diluting the material or

c) avoid detection.

To ensure that all relevant characteristics are considered it is best to use a checklist

Checklists help to ensure that all relevant information has been considered.

You can create your own checklist or use a checklist prepared by experts such as those found in a proprietary Vulnerability Assessment Tool.

There are a number of fraud assessment tools available on-line, with differing degrees of usefulness (some are really annoying to use!).  The most comprehensive checklist for food fraud vulnerability assessments can be found in Food Fraud Advisors’ Vulnerability Assessment Tools.

Need more help?  Get easy-to-use, comprehensive downloadable templates in our online training course.

Visit our training academy today

Share this:

  • Click to share on Facebook (Opens in new window) Facebook
  • Click to share on X (Opens in new window) X
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to email a link to a friend (Opens in new window) Email

Filed Under: Food Fraud, Learn, Vulnerability Assessments

14th March 2022 by Karen Constable

How to do a Vulnerability Assessment for Storage and Distribution

From the desk of Karen Constable, our Principal Consultant

The other day, a frustrated food safety manager wrote to me, wanting help to figure out how to do a food fraud vulnerability assessment for storage and distribution (BRCGS Issue 4).

It’s such a tricky one, because storage and distribution (S & D) facilities have so little direct control over product choices.  And the BRC standard is so wordy!

The good news is that when BRC first added product fraud to their storage and distribution standard in 2018 (Issue 3), they wrote a position paper that attempted to provide some guidance.

Even though Issue 4 is a bit different to Issue 3, the guidance in the position paper is still useful.

Here’s just a small portion of guidance from BRC Position Paper:

“The Standard does not define the exact process that the company must follow when completing the vulnerability assessment;however, it is likely to incorporate the following steps:

  • draw up a list of products and services and the controls that are already in operation (e.g. approval of suppliers by customers, pre-packaged products purchased)
  • consider any relevant information regarding potential fraud for each product and service
  • complete a risk assessment on the vulnerability of the products.

The output of the vulnerability assessment is usually a ranking or scoring of the materials to identify those which need additional controls. The ranking and actions required could, for example, be as follows:

  • Very high – a high-profile product with recent reports of adulteration or substitution published by regulatory authorities. Action or monitoring is required to ensure that only genuine materials are purchased.
  • High – a high-profile product that provides an attractive target for potential substitution or adulteration. Some action and/or monitoring is required to ensure that only genuine materials are purchased.
  • Low – this product is unlikely to be a target for substitution or adulteration. However, a re-assessment may be necessary if new information becomes available.
  • Negligible – no further action is required as the product is extremely unlikely to be a target for fraud.”

 

There’s more in the position paper, which you can read or download from the BRC Website: https://www.brcgs.com/media/1055426/sd308-position-statement-accommodating-the-requirements-of-gfsi-benchmark-72-into-issue-3-v2-12082019.pdf

If you are completely new to vulnerability assessments, we have step-by-step instructions on our website, which might help a little if you haven’t seen it yet.  Plus, our on-demand, online food fraud training might also help.  Although both of these resources were created primarily for food manufacturers the concepts of vulnerability assessments also apply to S & D facilities.

I can also assist with custom one-on-one consulting, guidance/feedback or custom templates if you need.   Just get in touch and we can hop on a phone call to discuss.

Regards,

Karen Constable

Food Fraud Advisors

Share this:

  • Click to share on Facebook (Opens in new window) Facebook
  • Click to share on X (Opens in new window) X
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to email a link to a friend (Opens in new window) Email

Filed Under: Learn, Vulnerability Assessments

14th September 2021 by Karen Constable

How To Do a Vulnerability Assessment for Food Fraud

Updated 30th December 2022

What is a vulnerability assessment?

 

A vulnerability assessment is a risk-assessment-style evaluation of a food’s vulnerability to food fraud.

A food fraud vulnerability assessment is a documented assessment that identifies vulnerabilities to food fraud and explains how those vulnerabilities were identified.

Vulnerability assessments are also done to assess the threat of a malicious attack on food.  Malicious attacks include attacks conducted for extortion, ideological reasons or terrorism. We call these issues of food defense. To learn more about vulnerability assessments for food defense (intentional adulteration), click here.

Why ‘vulnerability’ and not ‘risk’? 

 

  • A risk is something that has occurred before and will occur again. A risk can be quantified using existing data.
  • A vulnerability is a weakness that can be exploited.  A vulnerability can lead to a risk.

Food fraud is difficult to estimate and quantify, so we use the word vulnerability rather than risk.

Why do a vulnerability assessment?

 

  1. To protect consumers: Food that is vulnerable to food fraud presents significant risks to consumers.  Food that is adulterated or diluted   [Read more…]

Share this:

  • Click to share on Facebook (Opens in new window) Facebook
  • Click to share on X (Opens in new window) X
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to email a link to a friend (Opens in new window) Email

Filed Under: Food Fraud, Learn, VACCP, Vulnerability Assessments

26th July 2016 by foodfraudadvisors

Future food fraud threats; an introduction to horizon scanning (archived)

Oops, this page has moved!

Click here for horizon scanning information

 

Share this:

  • Click to share on Facebook (Opens in new window) Facebook
  • Click to share on X (Opens in new window) X
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to email a link to a friend (Opens in new window) Email

Filed Under: Food Fraud, Horizon Scanning, Learn, VACCP, Vulnerability Assessments

  • 1
  • 2
  • Next Page »

MORE FROM FOOD FRAUD ADVISORS

What is a food fraud team? (and what to do if you can’t get one)

A food fraud prevention team is a group of employees in a food business that is responsible for creating, implementing … [Read More...]

Food Fraud Databases Compared

Updated 30 April 2025 A food fraud database is a collection of information about food fraud incidents and food fraud … [Read More...]

What to do About Food Fraud (USA)

I was talking to a new client the other day.  They are based in the United States and had discovered their competitors' … [Read More...]

Paprika, Chilli Powder and Sudan Dye Contamination

Can paprika and chilli powder be “too red”? This post was originally published in The Rotten Apple … [Read More...]

Is Food Fraud to Blame for the Cinnamon-apple Recall (Video)

Our Principal, Karen Constable, explains how high levels of lead may have got into applesauce (video audiogram). For … [Read More...]

follow

  • View foodfraudadvice’s profile on Facebook
  • View karenconstable4’s profile on Twitter
  • LinkedIn

© Copyright 2015 - 2025 Food Fraud Advisors · All Rights Reserved · Privacy Policy · Return and Refund Policy