ISO 22000:2018 Insight: Organizational Risk Management
by Breda Kearney | March 7, 2019 | Blog , Food , Food Safety , ISO 22000:2018 , Organizational Risk Management , |
ISO 22000:2018 sets out the requirements for Food Safety Management Systems (FSMS) across the entire food chain, from farm to fork. ISO 22000:2018 was published in June 2018 and while many of the requirements are similar to ISO 22000:2005, there are some key changes which have been introduced under Annex SL – The High-Level Structure applicable to ISO management system standards.
One of these key changes is the requirement for organizations to take a more proactive approach to minimizing expected risks and maximising expected opportunities that are relevant to the food safety management system, in addition to managing food safety risks. Management of food safety risks using the principles of HACCP is well understood within the food industry, but with the publication of ISO 22000:2018 businesses now need to understand and manage organizational risks. But what is meant by organizational risk?
Organizational risks relate to any events that could potentially impact on the performance and effectiveness of the FSMS. Examples of these events may include but are not limited to: Resource availability, changes to Regulatory/Statutory requirements, reliance on sole/key suppliers, changing customer needs, competitors, ageing equipment, organizational culture and behaviour, reliance on small number of key customers.
When identifying risks, organizations should consider:
- Context of the organization (internal and external issues)
- Scope of the food safety management system
- Requirements of interested parties
Organizational risks can be addressed by mitigation, sharing, transfer, acceptance by informed decision or taking a risk to pursue an opportunity. By addressing organizational risks, businesses can act to prevent undesirable effects and take advantages of opportunities aimed at improving overall performance.