FDA launches Food Defense Plan Builder 2.0 to simplify IA compliance
The Acheson Group explains the details of FDA’s Food Defense Plan Builder 2.0 which hopes to simplify compliance with the Intentional Adulteration rule.
Although large facilities were to be in compliance with FSMA’s Intentional Adulteration (IA) rule by 26 July 2019, to include a written Food Defense Plan (FDP), the US Food and Drug Administration (FDA) launched its updated Food Defense Plan Builder (FDPB) v2.0 in September 2019 and held a demonstration webinar in October 2019.
The purpose of the FDPB, which is aligned with the requirements in the IA rule, is to help the industry easily create food defence plans to meet the rule’s requirements. The previous version (1.0) was not aligned with the rule’s requirements.
The plan builder is helpful for compliance, as it enables owners and operators to enter information about their facilities, then generates a food defence plan once all the sections are completed. There were some good takeaways from the webinar and FDA’s User Guide that are worth highlighting.
As a general overview, the sections in FDPB now include facility information, process/product description, vulnerability assessment, mitigation strategies, food defence monitoring procedures, food defence corrective action procedures, food defence verification procedures, supporting documents, and signature.
The FDPB 2.0 and User Guide can be accessed and downloaded here. The page also includes computer system requirements. Although downloading the FSPB V 2.0 is easy, it is not designed to be shared between computers, and can only be done on a Windows-based system – the FDPB does not work on the Mac operating system.
The user guide is detailed and provides plenty of information on how to fill in each section. Similar to the automated food safety plan builder, some sections will be pre-populated and carried into subsequent sections as information is entered.
If you had developed a food defence through FDA’s FDPB 1.0, you can convert this over to 2.0 by simply opening your saved .fdp file in 2.0. When the file is converted, the content from the Broad Mitigation Strategies, Emergency Contacts, Action Plan, and Supporting Documents sections of 1.0 are automatically converted into PDF format and saved as a document in the Supporting Document section.
The Vulnerability Assessment information from 1.0 also will copy over to 2.0, however, because there are three elements that can be scored in 2.0 (versus two elements in 1.0), the two 2.0 scores will carry over, but there will be a third element (Element 1: Potential Public Health Impact) that will be left blank. It is important to note, also, that the conversion is permanent; once the file is converted, it cannot be reopened in 1.0.
FDPB 2.0 also addresses several options for the vulnerability assessment. For each of the three elements, there are scoring tables from the IA Rule guidance documents and the corresponding calculators. For example, for the public health impact score, data entered for element one is automatically used to help analyse and determine the score for element three when the representative contaminant approach is chosen.
Additionally, from within FDPB 2.0, users can access and search for mitigation strategies on FDA’s online Food Defense Mitigation Strategies Database (FDMSD) – for which you will need to have internet access. You can then incorporate content directly from the FDMSD to your food defence plan. The FDMSD can be accessed independently here.
FDPB v2.0 also includes a spell check feature, which can be quite handy for retaining the professionalism and accuracy of your FDP.
A few additional key points include:
- The Signature section of the FDPB 2.0 enables you to electronically sign your FDP and keep a log and a copy of the signed versions. It also includes a comment box in which to document any specific changes made to your FDP in this version. You also can opt to manually sign it by printing, signing, and scanning a copy as a PDF
- The Supporting Documents section enables supporting flow diagrams, facility maps, recall plans, vulnerability assessments done outside of the FDPB and company-specific policies, etc to be electronically added to your FDP. The supporting documents can be in almost any format (Microsoft Visio, Excel, Word, Project, PDF, etc). Links or URLs may also be added and will appear on the list along with the other supporting documents
- The automatically generated food defence plan can be viewed, saved, and printed from the Food Defense Plan section. The PDPB allows great flexibility in terms of what is included in the food defence plan when printing/exporting and the layout of the plan and tables is consistent with the format in IA Rule guidance documents.
In the user guide, FDA also is careful to note that although the content of the Food Defense Plan Builder v. 2.0 is consistent with its existing regulations and guidance, use of the tool does not constitute FDA approval of a food defence plan or guarantee compliance with FDA’s requirements.
Additionally, once downloaded, the FDPB resides only on the user’s computer (or other location as selected by the user); FDA does not track or monitor its use and does not have access to its saved content or documents. Because food defence plans may include sensitive information, it is the user’s responsibility to ensure files are saved and stored in a secure location.
While the FPDB does help in the creation of a food defence plan, there are many requirements of the IA rule that can be complex as they require the assessment of your facility and processes for vulnerabilities, and the implementation of mitigation strategies to prevent potential ‘insider attacks’ and ‘acts of terrorism’ against the food supply.
About the author
Led by Former FDA Associate Commissioner for Foods, Dr David Acheson, The Acheson Group is a food safety consulting group that provides guidance worldwide for companies throughout the food supply chain. With in-depth industry knowledge combined with real-world experience, TAG’s team of food safety experts help companies more effectively mitigate risk, improve operational efficiencies, and ensure regulatory and standards compliance.