With the recent passage of the Food Safety Modernization Act, a lot of attention has been focused on the purity of our foods from the perspective of accidental contamination. For the first time in the history of food legislation, the concept of food defense has been introduced. Food defense is defined as measures to protect food from deliberate tampering from criminal or terrorist sources.
With this heightened appreciation of food safety and keeping in mind the approaching 10-year anniversary of Sept. 11, 2001, it's a good time for every company and every plant in the food & beverage industry to give itself a serious checkup on physical security.
Existing food guidelines from the FDA and the USDA are intended to keep our food safe and edible. But what are we doing to keep production facilities secure? Those who would do America harm will strategically target whatever they can to spread terror in the fastest and most horrific ways possible.
America's food production companies could be a target.
Consider these benchmarks
Food industry executives should be prepared to respond to increased government involvement with food defense as a result of the new regulation – the final rules and implementation of which still have to be figured out. Scientific and performance standards will be developed to connect the industry with national security processes, yet there also will be a need for conventional physical security.
For security experts, it will make our jobs even more valuable, especially for those who have food & beverage experience. The bad news is that many food industry executives have a lot on their plates and aren't familiar with the issues surrounding true food defense.
Every organization must take this opportunity to create a food defense plan with comprehensive security requirements covering every aspect of its facilities including: processing, materials handling, personnel, storage, shipping/receiving, site security, utilities connections and the use of cybersecurity.
Processors of all types of food now will be required to evaluate the hazards in their operations, implement and monitor effective measures to prevent contamination and have a plan in place to take any corrective actions that are necessary.
It makes sense for plant managers to consider some benchmarks. First and foremost, have you documented the most likely criminal or terrorist contamination scenarios that could impact your facility? Have you implemented measures to control these identified risks? If not, this can be accomplished by:
- Conducting a security risk assessment to identify security hazards.
- Using the industry concept of goal-based security.
- Adopting security industry best-practice guidance. The FDA has available Guidance for Industry – Food Producers, Processors, and Transporters: Food Security Preventive Measures Guidance.
Some other benchmarks:
- Appoint a person or committee to be responsible for the oversight of your security program.
- Implement an incident reporting procedure and investigate all actual or potential security breaches.
- Implement a background check procedure that applies to employees, contractors and temporary employees working at your facility.
- Develop a comprehensive security awareness and training program for management, personnel with security duties and all other employees and contractors.
- Implement an effective perimeter access control system to prevent unauthorized access and to channel authorized persons to appropriate checkpoints for screening.
- Establish effective internal access control measures that prevent visitors from entering the plant, as well as persons with general access from entering security sensitive areas such as laboratories, mixing rooms and computer rooms.
- Implement operational controls such as management of incoming materials, storage for raw materials, water and utilities and access to computer systems; protect finished products from tampering; manage threats by mail.
- Establish a security recordkeeping system.
- Develop a crisis management plan to cover common emergencies (e.g., contamination, threat of contamination, breach of security, recalls).
- Implement compliance and quality assurance programs to validate security effectiveness.
With these benchmarks in mind, it is also important to be aware of the various potential pitfalls to avoid when improving physical security at your plant.
First, when any new regulation is passed, "consultants" claiming to be experts in the area come pouring out of the woodwork. It is no different in the security industry.
To avoid hiring an inexperienced or unqualified expert, you can find qualified and independent security expertise from such organizations as the International Association of Professional Security Consultants in the U.S. (www.IAPSC.org), and the Association of Security Consultants in the U.K. (www.securityconsultants.org.uk).
Expert consultants from these organizations do not sell security equipment and, therefore, do not have a conflict of interest when recommending security measures and technology for your plant. Representative consultants from security vendors may be naturally biased toward the products they offer. Keep in mind, an independent security consultant can bring more comprehensive expertise to the table – skills that focus on more than just security technology.