4 Context T 20 .gif)
4.1 The organization and its context
External and internal issues that affect the FSMS
Requirements 1 to 2 (see also the quiz)
The two most important things in a company do not appear in its balance sheet: its reputation and its people. Henry Ford
To successfully implement a food safety management system, we must understand and evaluate everything that can influence the reason for being and business performance. You should think carefully about some key activities:
- develop a thorough diagnosis of the unique context in which your company exists, taking into account these issues:
- the external environment, such as:
- social
- regulatory
- economic
- technology
- the internal environment, such as:
- specific aspects of the corporate culture:
- vision
- rationale, purpose and mission
- core values
- staff
- products and services
- infrastructure
- specific aspects of the corporate culture:
- the external environment, such as:
- monitor and review regularly any information relating to external and internal issues
- analyze the factors that may influence the achievement of business objectives
Documented information on issues are identified, reviewed and updated. .gif)
The SWOT and PESTEL analyses can be useful for relevant analysis of business context (cf. annex 07). 
A list of external and internal issues is created by a multidisciplinary team. Each issue is identified by its level of influence and control. Priority is given to issues with great influence and poor control.
.jpg)
Minute of relaxation. Game: Context of the company
- diagnosis of the context includes the main external and internal issues
- the core values as part of the corporate culture are taken into account in the context of the company
- the results of the context analysis are widely difused
- the SWOT analysis includes many relevant examples
- the SWOT analysis is a powerful tool for identifying the main threats and opportunities
- the issues of the context of the company, such as the competitive environment, are not taken into account
- in some cases, the corporate culture is not taken into account
- risk analysis does not take into account strategic issues
- no clear link between the SWOT analysis and the actions undertaken
4.2 Interested parties
Understanding the requirements of interested parties
Requirements 3 to 5
There is only one valid definition of a business purpose: to create a customer. Peter Drucker
To understand the needs and expectations of interested parties, we must begin by determining those who may be affected by the food safety management system, such as:
- employees
- customers
- external providers
- owners
- shareholders
- bankers
- distributors
- competitors
- citizens
- neighbors
- social and political organizations
A list of interested parties is carried out by a multidisciplinary team.
Documented information on interested parties and their requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) is identified, reviewed and updated.
Every interested party is identified by its level of influence and control. Priority is given to interested parties with great influence and poor control.
The customer is king but we still can fight against rudeness. This example is from the restaurant La petite Syrah in Nice and its coffee prices:
“A coffee”...................................7 €
“A coffee, please”...............4,25 €
“Hello, a coffee, please”....1,40 €
Anticipating the reasonable and relevant needs and expectations of interested parties involves:
- meeting the requirements of the product or service offered
- preparing to address risks
- finding improvement opportunities
When a requirementexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) is accepted, it becomes an internal requirementexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of the FSMS.
- the list of interested parties is updated
- the needs and expectations of interested parties are established through meetings on-site, surveys, roundtables and meetings (monthly or frequent)
- the application of statutory and regulatory requirements is a prevention approach and not a constraint
- statutory and regulatory requirements are not taken into account
- the delivery time is not validated by the customer
- the expectations of interested parties are not determined
- the list of interested parties does not contain their area of activity
4.3 Scope
Determining the scope of the FSMS
Requirements 6 to 11
In many areas, the winner is the one who is best informed. André Muller
The scope (or in other words, the perimeter) of the food safety management system is defined by top management. For this, productsany outcome of a process or activity (see also ISO 9000, 3.4.2), services, processes and manufacturing sites are established.
Documented information is available and maintained on the scope of the FSMS. 
The specific context of the company is taken into account to determine the scope of the FSMS, including:
- issues (cf. sub-clause 4.1)
- products and services
- corporate culture
- environment:
- social
- financial
- technology
- economic
- requirements of interested parties (cf. sub-clause 4.2)
- outsourced processes
Hazards related to food safety are identified and controlled (HACCP approach).
Food safety: absence of harm to the consumer when food is prepared or consumed according to its intended use
- the scope is relevant and available upon request
- non applicable requirements are justified in writing
- some products are outside the scope of the FSMS without justification
- the washing workshop is not included in the scope of the FSMS
- the requirements of a customer are not accepted and no justification is present
- the scope is obsolete (a new subsidiary is not included)
4.4 FSMS
FSMS requirements, processes and interactions
Requirement 12
The requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of ISO 22000 relate exclusively to the food safety management system. The systemset of interacting processes (see also ISO 9000, 3.2.1) is:
- established
- documented
- implemented and
- evaluated and
- continually improved
Specific customeranyone who receives a product (see also ISO 9000, 3.3.5) requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) related to food safety are identified and are part of the FSMS.
Answers to the 451 requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) (in the text "shall") of clauses 4 to 10 of ISO 22000 are present in the FSMS documentation.
The requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of ISO 22000 in the sub-clauses of clauses 4 to 10 are shown in figure 4-1:
.jpg)
Figure 4-1. Requirements of ISO 22000 version 2018
Relax! If you comply with the food hygiene regulations and you have implemented the HACCP system, you meet a very large part of the requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of ISO 22000. You simply need to add the oPRPs and the validation of the combinations of control measures.
Never forget that food hygiene always includes food safety and suitability.
When there is insecurity, the consumer is no longer safe from hazards (such as food poisoning). So this can be a very serious situation.
When there is insecurity about food hygiene the consumer often refuses the food because they think they have detected, for example, an unacceptable presence of mold or unpleasant odor. This can have a potentially serious financial impact.
The FS manual is not a requirementexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of the ISO 22000 standard version 2018 but it is always an opportunity to present the company, its FSMS and its processes (cf. annex 08).
The ISO guide “The integrated use of management system standards” of 2018, contains relevant recommendations on the integration of management systems.
.jpeg)
Pitfalls to avoid:
- going overboard on quality:
.jpg)
- a useless operation is performed without adding value and without the customer asking for it - it is a waste, cf. quality tools D 12
- having all procedures written by the quality manager:
- quality is everybody's business, "the staff is conscious of the relevance and importance of each to the contribution to quality objectives", which is even more true for department heads and process pilots
- forgetting to take into account the specificities related to the corporate culture:
- innovation, luxury, secrecy, authoritarian management (Apple)
- strong culture related to ecology, action and struggle, while cultivating secrecy (Greenpeace)
- fun and quirky corporate culture (Michel & Augustin)
- liberated company, the man is good, love your customer, shared dream (Favi)
- the process map has enough arrows to show who the customer (internal or external) is
- for a process, it is better to use a lot of arrows (several customers) rather than to forget one
- reveal the added value of the process during the process review
- the analysis of process performance is an example of continual improvement and evidence of the effectiveness of the FSMS
- top management regularly monitors the objectives and action plans
- the purpose of each process is clearly defined
- some process outputs are not set correctly (customers not considered)
- process efficiency criteria are not established
- the process owners are not formalized
- outsourced processes are not determined
- control of outsourced services is not described
- very real activities are not determined in any process
- sequences and interactions of certain processes are not determined
- methods to ensure the performance of certain processes are not defined
- monitoring the performance of certain processes is not established
- the FSMS resources do not allow achievement of objectives
- the FSMS is not updated (new processes not determined)
- the threats and weaknesses identified in the SWOT analysis remain without actions
The rest of the T 20v18 ISO 22000 readiness version 2018 training is accessible on this page.
See also the training T 40v18 Internal audit ISO 22000 and the training package ISO 22000.