Virtual Integrated Advanced
management SYstems Solutions & Tools cont
FSSC Integrity Program
Audit Data Summary & Auditor Database
CB instructions for use
IntroductionIn the framework of the implementation of the FSSC 22000 integrity program, the FSSC Foundation partnered with ViaSyst to implement the FSSC 22000 audit data summary (or full report) & auditor database on the ViaSyst audit management platform.
The ViaSyst platform is a fully dematerialized, web-based tool allowing CBs to manage audit
reports, action plans & auditor experience & qualification by ensuring both consistency and time & costs saving. The ViaSyst platform supports audit reports for the major management systems standards: ISO 9001, ISO 14001, ISO (or FSSC) 22000, OHSAS 18001, ISO 27000.
The new databases are directly linked, on the same server and accesses, with the existing certificate database launched in May 2012. All existing data will be kept.
FSSC database implementation steps:
1. Certificate database: since 01.05.2012 a) Certificate database
2. Integrity program, KPIs & indicators: from 01.10.2014: b) Audit data summary
c) Auditor database
3. Full audit report: open (available from 01.10.2014, but not required by FSSC)
d) Full audit report database
For the step 2, CBs will not be required to submit full audit report data on the database, but only an audit data summary. CBs will be free to submit the full audit report to their clients on the format they want.
Nevertheless, CBs wishing to benefit the simplifications, advantages and savings brought by the full report will have the opportunity to use the ViaSyst platform to edit their full reports and share them with their clients.
Interested CBs are invited to contact ViaSyst ([email protected]) for more information and a free demonstration.
Summary
1. Login ... 2
2. Browse your CB Administrator homepage ... 2
3. Personalise your application ... 3
4. Add an auditor or a CB user ... 4
5. Enter an FSSC Audit Data Summary (ADS) ... 10
6. Edit / update a certificate ... 22
1. Login
Use a compatible browser, i. e. Internet Explorer 7 or 8, Firefox 2 or 3, Chrome, Safari. Browse www.viasyst.net
The following access page will appear:
Enter the access codes you received and login.
2. Browse your CB Administrator homepage
Study briefly the various options available behind the various menus of your CB administrator (or auditor) homepage.
3. Personalise your application
As a CB, you can personalise your environment by uploading your logo. Click on “Admin” on the menu bar on the top:
Click on “Edit” on the right:
Browse and upload your logo.
NOTE: Maximum file size: 24 MB. Allowed extensions: png gif jpg jpeg
4. Add an auditor or a CB user
The CB Admin can create as much additional auditors (and/or CB users) as necessary, according to its organisation, responsibilities and authorities for entering and updating the FSSC database.
Proceed according to the following steps.
4.1 Add Auditor
Click on “Auditors” on the menu bar on the top of your Home page.
Click on “Add auditor” on the right:
Enter First name, Last name, and CB Auditor Number (allocated according the CB’s own numbering system).
NB: Choose the numbering system for the auditors that is convenient for you – or just take over the one you already use.
“Save”
4.2 Edit & update the auditor qualification folder
Select the auditor to update (by clicking on his/her CB auditor number on the link “Auditor”) and click on “FSSC qualification” on the top right.
Click on “Edit” on the top right to enter the general information related to the auditor.
NOTE: the database checks automatically all obligatory fields and warns you about the missing information requested to save your data.
Enter all requested information and “Save”.
Click on “FSSC qualification on the top right to enter the granted specification:
Click on « Edit »:
Enter the granted 22003 scopes + the various dates (all required by FSSC) & “Save”
This database contains a register with the details of the auditor’s qualifications, training, experience and scope of activity in relation to the scheme’s product categorization (FSSC Part II, Auditor registration system).
The certification body shall register qualified auditors with the Foundation and update the register at least once a year.
Element FSSC 22000 requirement
1. Competence
assessment A documented sign off of the satisfactory completion of the training program by the appointed supervisor.
The competence of auditors shall be reestablished every 3 years.
Reference: FSSC 22000, Part II, Appendix II A1, section 1.
2. Initial and
continuous training
A plan for continued training to keep the auditors up to date with the best practices and relevant regulatory and statutory developments in the sector(s) where they perform audits.
Reference: FSSC 22000, Part II, Appendix II A1, section 2.
3. Auditor
experience In order to maintain category and scheme knowledge, auditors shall be required to carry out a minimum of 5 on-site GFSI recognized audits at different organizations each year. Reference: FSSC 22000, Part II, Appendix II A1, section 2.
4. Witness audit Witness audit.
Reference: ISO 17021, clause 7.2.12 Enter the date on which the documents (evidence) were reviewed and accepted by the appointed supervisor of the CB. The CB is responsible for keeping records and documents as supporting evidence.
4.3 Complete the auditor qualification folder for desk review purposes (ONLY on FSSC specific request, not mandatory for all auditors)
Continue entering the auditor folder by using the menus on the left (followed by “Edit”): - Audit experience (see further on)
- Competence assessment - Witnessing
NOTE 1: enter no more audit experience than required by FSSC, i.e. 5 audits per year against any GFSI recognized FSMS scheme (see drop list of accepted schemes by entering data).
NOTE 2: there are 2 ways to enter audit experience:
a) automatically incremented for any FSSC audit report (full or summary)entered in the database, b) entered manually by using “Add experience” for additional GFSI audits as necessary.
NOTE 3: format of the competence assessment report to be uploaded is free, provided it is in English. Competence assessment shall be repeated every 3 years, and shall address all ISO 22003 food chain categories for which the auditor is qualified.
NOTE 4: format of the witnessing report to be uploaded is free, provided it is in English. Witnessing shall be repeated every 3 years, on any FSSC scheme.
NOTE 5: initial training shall be entered only once, by creating the auditor folder.
NOTE 6: continuous training shall be recorded according to FSSC requirement, i.e. 1 day per year FSSC training (program & attendance record to be uploaded).
4.4 Assign CB admin (or auditor) access rights
To assign a CB user login and password:
(NOTE: this is only necessary for CB admin people needing to enter or upload data on the database, or for auditors for CBs who choose to edit full audit reports on the database)
Enter the fields, select language, and assign or not CB Admin level (necessary to have right to add organisations and to create, edit and assign auditors).
4.5 Assign organisations to an auditor (ONLY for editing full reports on the database – not required by FSSC)
For auditors (who normally do not have access to all organisations’ data within the CB, tick (Column Edit / Write) the organisations he/she is authorised to edit audit report data:
NOTE 1: to find an organisation in the list, use the Ctrl+F search function.
NOTE 2: by changing the assigned auditor(s), the new one will access the entire organisation’s folder, and the ancient one will loose access.
5. Enter an FSSC Audit Data Summary (ADS)
The present section provides instructions for entering audit report data (full or summary) directly in the database, e.g. for CBs who decided to use the database to use the database functionalities to interactively provide the audit report and manage the action plan with their clients.
NOTE 1: if the data are to be entered by another (or several other) person within your CB organisation, first move to section 4 of the present instructions and create the corresponding user.
NOTE 2: the most efficient way to enter the audit report data is to ask the (lead) auditor to do it directly.
NOTE 3: for certification of organizations with multiple sites, each certified site shall be entered separately within the database (see 6.2).
5.1 Add Organisation
Click on “Organisations” on the menu-bar on the top of your Home page. You access the following page:
Click on “Add organisation” on the right.
You access the following page:
Enter all fields marked with a *, which are the obligatory fields requested by FSSC for the audit data summary.
NOTE: the same *code will be repeated on all pages where data shall be entered for the audit data summary.
All the other fields do not have to be filled in – they are to be entered for editing a full audit report (for CBs using the database for sharing full reports and managing actions plans with their clients, or for integrity program desk reviews).
Click on “Save” in the bottom of the page.
Check whether organisation creation succeeded (green display bar below), unless (red display bar with error message) remediate by using “Edit” on the right.
5.2 Provide access to your client organization
NOTE: this step is not required by FSSC for entering the audit data summary.
RATIONALE: the ViaSyst database allows CBs to interact with their certified organizations for a) sharing audit report (full or summary) data,
b) online interactive editing & completing action plans linked to non-conformities.
Interested CBs may (but are not obliged to) use this functionality instead of any other form or database to save time by managing the action plans (see 5.8).
Click on “Add user” on the top right.
Enter the client’s organization contact details and “Save”
NOTE 1: you may create as much client’s users as required.
NOTE 2: the tick box “Quality manager” shall be activated if you want that your client can complete the action plans directly on the database.
5.3 Add Audit
The present section provides instructions for entering audit report data using 2 methods, 1- Enter audit report data directly on the database (5.3.1)
2- Add an audit data summary by using the transfer form to upload the audit report (5.3.2) CBs can choose one of the methods described below.
5.3.1 Enter an audit data summary (ADS) directly on the database
Go back to the Home page.
Click on the organisation name you just created on the left hand side margin.
TIP: To browse a longer organisations list
- type Ctrl + F, and enter company name, or
- click on “Organisations” on the menu bar on the top of your screen and use the filters by typing the company name
The following screen appears:
Click on “Audits” in the left hand side menu (see above). Click on “Add audit” on the right (see image below).
Choose “New audit” in the drop list.
TIP: if there is already an audit report (or summary) for the organisation on the database, you will preferably choose the last audit in the drop list. This brings advantage that all available and potentially stable data will be taken over from the last report – so that you spare a lot of time for entering the new report, by just checking existing data and updating as necessary.
Assign the applicable standards (see below), whereby systematically 3 standards shall be assigned, i.e.:
1. ISO 22000
2. Applicable PRP scheme, with corresponding 22003 version 3. FSSC additional requirements, with corresponding 22003 version
“Save”
Browse the italic menus on the left hand side (see below) and enter the corresponding data by editing/saving each page (all fields marked with * are requested for the FSSC audit data summary)
Validate the audit report summary (see 5.7)
5.3.2 Transfer form to upload the audit report
NB: The “FSSC audit data summary transfer tags” document will help you set up an audit report form allowing to identify (or “tag”) the data to be uploaded. Use the tags in this document to construct your audit report. Refer to the instructions for use in the introduction of the applicable “FSSC audit data summary transfer tags” document. Go back to the Home page.
Click on the organisation name you just created on the left hand side margin.
TIP: To browse a longer organisations list
- type Ctrl + F, and enter company name, or
- click on “Organisations” on the menu bar on the top of your screen and use the filters by typing the company name
Click on “Upload Audit Data summary” in the left hand side menu (see above). Click on “Attach new file”.
Browse the tagged report to upload from your documents “Save”
Check whether upload succeeded (green display bar below), unless (red display bar with error message) remediate by correcting the tagged transfer document.
Once the entire audit’s information is entered, click on “CB Validation” to validate the audit.
Note: The validation of the audit is necessary to increment the audit experience for the auditor and be visible on his profile.
5.4 Audit Folder
You accessed the directory page of the audit folder you just created.
This is the hub from where you can manage the audit report (full or summary) edition & validation.
In contrary to the organization’s page, this page and all related items (see menu on the left hand side) is editable by the assigned auditors.
For editing the audit title (e.g. specifying whether it is a certification or surveillance audit, or entering the real audit date), click on “Edit” on the top right.
NOTE 2: this page is visible neither by the client organization nor by the scheme owner (FSSC).
Click on “Save”
5.5 Enter Audit Report Data (full or summary)
NOTE 1: only fields marked with a * are requested by FSSC for the audit data summary.
NOTE 2: all the other fields do not have to be filled in – they are to be entered for editing a full audit report (for CBs using the database for sharing full reports and managing actions plans with their clients, or for integrity program desk reviews).
NOTE 3: for CBs using the database for editing & sharing their full audit reports, it is advantageous that the auditors edit their report directly on the database.
Browse the italic menu on the left hand side and enter either
a) fields marked with a *, as a minimum required by the FSSC audit data summary, or b) all fields for a FSSC compliant full report audit.
NOTE 4: there are no required fields (*) on the page “General impression” for the FSSC audit data summary.
5.6 Add audit findings
All the audit findings can be added directly from the tagged transfer template that you will upload, but you can also add findings manually, as described below:
You access following page:
First, assign your finding to the corresponding clause of the standard and grade it by clicking on “add” beside the standard number (see above).
Use the tick lists to select corresponding interpretation (grading) and clause, “Save”.
TIP: to reorder audit findings according to your editing preferences or rules (e.g. progressive clause numbering), you can click on the cross on the left of the finding and drag it at the correct place + “Save”. See below: before …
… and after
5.7 Validate the audit report
Once he entered and checked all audit data, the auditor (or CB) shall validate the audit report by clicking on “Validation by the lead auditor” on the top right.
If any required field for the FSSC audit data summary is missing, a red bar will appear, with links to complete the corresponding fields (see print screen below).
Note: The validation of the audit is necessary to increment the audit experience for the auditor and be visible on his profile.
5.8 Complete & validate the action plan
Complete (CB, lead auditor or client) the action plan by editing the fields “Cause analysis” and “Planned corrective action”.
Click on “Non-conformity manager” on the lhs.
You’ll see the summary of all findings, with their completion progress & status:
Click on “See finding” to edit any of them.
To validate the action plan, go on the bottom of the page and “Validate” finding per finding:
NOTE 1: the lead auditor may validate progressively as soon as he receives an automatic e-mail alert when the client completes the action plan.
NOTE 2: the status will appear ticked as validated once the non-conformity completion will have been verified and validated at next audit (which is another level of validation as validation of the action plan):
6. Edit / update a certificate 6.1 Add or update a certificate
Click on “Certificates linked to the audit” at the bottom of the left hand side menu (see print screen).
Click on “Add certificate” on the right.
Select the corresponding standard:
For Food Manufacturing:
FSSC Manufacturing - ISO 22002-1:2009 (22003:2007) FSSC Manufacturing - ISO 22002-1:2009 (22003:2013) For Packaging: FSSC Packaging - ISO 22002-4:2013 (22003:2007) FSSC Packaging - ISO 22002-4:2013 (22003:2013) FSSC Packaging - PAS 223:2011 (22003:2007) FSSC Packaging - PAS 223:2011 (22003:2013) For Feed: FSSC Feed - PAS 222:2011 (22003:2007) FSSC Feed - PAS 222:2011 (22003:2013)
In addition to the data already available through the audit data summary (or full report), enter the following fields as required by the FSSC certificate database:
- Accredited: enter whether the certificate is issued – “yes” or “no” – under your current CB accreditation scope
- Issue (“From date:”) and expiry date (“To date;”)
- Initial certification date (may be the same as initial for first certification) - Issuer is a facultative field, where you can enter the persons in charge of the
certification decision.
Enter the issue, expiry and initial dates on the bottom of the page. Click on “Save”
6.2 Organizations with more than one location
In case of organizations with more than one location, FSSC requires a separate
certificate and report for each location or site. Repeat steps 5.1 to 5.9 for each certified site.
IMPORTANT: FSSC does not allow multi-site certification. See FSSC guidance document
“Guidance notes on certification with more than one location.”
6.3 Renewal of certificate in case of recertification
In case of recertification (certificate renewal), you can either a) Create a new certificate with specific dates, or
b) Edit the existing certificate and change issue and expiry dates
Enter an FSSC full report To be completed
