U.S. flag An official website of the United States government
  1. Home
  2. Regulatory Information
  3. Search for FDA Guidance Documents
  4. Guidance for Industry: Food Security Preventive Measures for Importers and Filers
  1. Search for FDA Guidance Documents

GUIDANCE DOCUMENT

Guidance for Industry: Food Security Preventive Measures for Importers and Filers October 2007

Final
Docket Number:
FDA-2013-S-0610
Issued by:
Guidance Issuing Office
Center for Food Safety and Applied Nutrition

NOTE: The guidance below is out of date and no longer represents FDA’s current thinking. FDA issued a final rule on Mitigation Strategies to Protect Food Against Intentional Adulteration in May 2016. The agency intends to publish guidance documents to provide information relevant to the provisions of the final rule.


Contains Nonbinding Recommendations

October 2007

Additional copies are available from:
Office of Food Defense, Communication and Emergency Response
Food Defense Oversight Team HFS-007
Center for Food Safety and Applied Nutrition
Food and Drug Administration
5001 Campus Drive
College Park, MD 20740
(Tel) 240-402-1622

This guidance represents the Food and Drug Administration's (FDA's) current thinking on this topic. It does not create or confer any rights for or on any person and does not operate to bind FDA or the public. You can use an alternative approach if the approach satisfies the requirements of the applicable statutes and regulations. If you want to discuss an alternative approach, contact the FDA staff responsible for implementing this guidance. If you cannot identify the appropriate FDA staff, call the appropriate telephone number listed on the title page of this guidance.

Table of Contents

  1. INTRODUCTION
  2. BACKGROUND
  3. DISCUSSION
    1. Related Guidance
    2. Additional Resources
  4. RECOMMENDED ACTIONS
    1. Management
      1. Preparing for the possibility of tampering or other malicious, criminal, or terrorist actions.
      2. Supervision
      3. Recall Strategy
      4. Investigation of Suspicious Activity
      5. Evaluation Program
    2. Human Element - Staff
      1. Screening (pre-hiring, at hiring, post-hiring)
      2. Daily Work Assignments
      3. Identification
      4. Restricted Access
      5. Personal Items
      6. Training in Food Security Procedures
      7. Unusual Behavior
      8. Staff Health
    3. Human Element - Public
      1. Visitors (for example, contractors, supplier representatives, delivery drivers, customers, couriers, pest control representatives, third party auditors, regulators, reporters, tours)
    4. Facility
      1. Physical Security
      2. Storage and Use of Poisonous and Toxic Chemicals (for example cleaning and sanitizing agents, pesticides)
    5. Operations
      1. Incoming Products
      2. Storage
      3. Outgoing Products
      4. Security of Water and Utilities
      5. Security of Ventilation Systems
      6. Mail Packages
      7. Access to Computer Systems
  5. Appendix: Food Defense Self Assessment Tool for Importers and Filers
    Please note that the Food Defense Self Assessment Tool is derived from the above referenced guidance and we have deleted examples and references to other agencies and their regulations. We encourage users to become familiar with the guidance document before using this tool.

I. INTRODUCTION 

This guidance is designed as an aid to operators of food importing establishments, storage warehouses, and filers. It identifies the kinds of preventive measures that they may take to minimize the risk that food under their control will be subject to tampering or other malicious, criminal, or terrorist actions.

This guidance is designed to focus operator's attention sequentially on each segment of the food delivery system that is within their control, to minimize the risk of tampering or other malicious, criminal, or terrorist action at each segment. To be successful, implementing enhanced preventive measures requires the commitment of management and staff. Accordingly, FDA recommends that both management and staff participate in the development and review of such measures.

FDA's guidance documents, including this guidance, do not establish legally enforceable responsibilities. Instead, guidances describe the Agency's current thinking on a topic and should be viewed only as recommendations, unless specific regulatory or statutory requirements are cited. The use of the word should in Agency guidances means that something is suggested or recommended, but not required.

II. BACKGROUND 

Operators of food importing establishments are encouraged to review their current procedures and controls in light of the potential for tampering or other malicious, criminal, or terrorist actions and make appropriate improvements. To be successful, implementing enhanced preventive measures requires the commitment of management and staff. Accordingly, FDA recommends that both management and staff participate in the development and review of such measures.

Not all of the guidance contained in this document may be appropriate or practical for every food importing establishment, particularly small facilities. FDA recommends that operators review the guidance in each section that relates to a component of their operation, and assess which preventive measures are suitable. Example approaches are provided for many of the preventive measures listed in this document. These examples should not be regarded as minimum standards. Nor should the examples provided be considered an inclusive list of all potential approaches to achieving the goal of the preventive measure. FDA recommends that operators consider the goal of the preventive measure, assess whether the goal is relevant to their operation, and, if it is, design an approach that is both efficient and effective to accomplish the goal under their conditions of operation.

III. DISCUSSION 

This guidance is divided into five sections that relate to individual components of a cosmetics establishment operation: management, human element-staff, human element-the public, facility, and operations.

A. Related Guidance 

FDA has published a companion guidance document on food security, entitled, "Guidance for Food Producers, Processors, and Transporters: Food security preventive measures guidance." This document is available at: http://www.access.gpo.gov/su_docs/aces/aces140.html.

B. Additional Resources(2) 

A process called Operational Risk Management (ORM) may help prioritize the preventive measures that are most likely to have the greatest impact on reducing the risk of tampering or other malicious, criminal, or terrorist actions against food. Information on ORM is available in the Federal Aviation Administration (FAA) System Safety Handbook, U.S. Department of Transportation, FAA, December 30, 2000, Chapter 15, Operational Risk Management. The handbook is available at: http://www.asy.faa.gov/Risk/SSHandbook/Chap15_1200.PDF.

The U.S. Department of Transportation, Research and Special Programs Administration has published an advisory notice of voluntary measures to enhance the security of hazardous materials shipments. It is available at http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=2002_register&docid=02-3636-filed.pdf. The notice provides guidance to shippers and carriers on personnel, facility and en route security issues.

The U.S. Postal Service has prepared guidance for identifying and handling suspicious mail. It is available at: http://www.usps.com/news/2001/press/mailsecurity/postcard.htm.

The Federal Anti-Tampering Act (18 USC 1365) makes it a federal crime to tamper with or taint a consumer product, or to attempt, threaten or conspire to tamper with or taint a consumer product, or make a false statement about having tampered with or tainted a consumer product. Conviction can lead to penalties of up to $100,000 in fines and up to life imprisonment. The Act is available at: http://www.fda.gov/opacom/laws/fedatact.htm.

Finally, some trade associations have developed food security guidance that is appropriately focused for that specific industry. For example, the International Dairy Food Association has developed a food security guidance document as an aid to the dairy industry.

FDA encourages other trade associations to evaluate the preventive measures contained in this FDA guidance document and adapt them to their specific products and operations and to supplement this guidance with additional preventive measures when appropriate. FDA welcomes dialogue on the content of sector specific guidance with appropriate trade associations.

IV. Recommended Actions 

A. Management 

1. Preparing for the possibility of tampering or other malicious, criminal, or terrorist actions.

  • assigning responsibility for security to knowledgeable individual(s)
  • conducting an initial assessment of food security procedures and operations, which we recommend be kept confidential
  • having a security management strategy to prepare for and respond to tampering and other malicious, criminal, or terrorist actions, both threats and actual events, including identifying, segregating and securing affected product
  • planning for emergency evacuation, including preventing security breaches during evacuation
  • maintaining any floor or food flow plan in a secure, off-site location
  • becoming familiar with the emergency response system in the community
  • making management aware of 24-hour contact information for local, state, and federal police/fire/rescue/health/homeland security agencies
  • making staff aware of whom in management they should alert about potential security problems (24-hour contacts)
  • promoting food security awareness to encourage all staff to be alert to any signs of tampering or other malicious, criminal, or terrorist actions or areas that may be vulnerable to such actions, and reporting any findings to identified management (for example, providing training, instituting a system of rewards, building security into job performance standards)
  • having an internal communication system to inform and update staff about relevant security issues
  • having a strategy for communicating with the public (for example, identifying a media spokesperson, preparing generic press statements and background information, and coordinating press statements with appropriate authorities)

2. Supervision

  • providing an appropriate level of supervision to all staff, including cleaning and maintenance staff, contract workers, data entry and computer support staff, and especially, new staff
  • conducting routine security checks of the premises, including automated manufacturing lines, utilities and critical computer data systems (at a frequency appropriate to the operation) for signs of tampering or malicious, criminal, or terrorist actions or areas that may be vulnerable to such actions

3. Recall Strategy

  • identifying the person responsible, and a backup person
  • providing for proper handling and disposition of recalled product
  • identifying customer contacts, addresses and phone numbers

4. Investigation of Suspicious Activity

  • investigating threats or information about signs of tampering or other malicious, criminal, or terrorist actions
  • alerting appropriate law enforcement and public health authorities about any threats of or suspected tampering or other malicious, criminal, or terrorist actions

5. Evaluation Program

  • evaluating the lessons learned from past tampering or other malicious, criminal, or terrorist actions and threats
  • reviewing and verifying, at least annually, the effectiveness of the security management program (for example, using knowledgeable in-house or third party staff to conduct tampering or other malicious, criminal, or terrorist action exercises and mock recalls and to challenge computer security systems), revising the program accordingly, and keeping this information confidential
  • performing random food security inspections of all appropriate areas of the facility (including receiving and warehousing, where applicable) using knowledgeable in-house or third party staff, and keeping this information confidential
  • verifying that security contractors are doing an appropriate job, when applicable

B. Human Element - Staff 

Under Federal law, food establishment operators are required to verify the employment eligibility of all new hires, in accordance with the requirements of the Immigration and Nationality Act, by completing the INS Employment Eligibility Verification Form (INS Form I-9). Completion of Form I-9 for new hires is required by 8 USC 1324a and nondiscrimination provisions governing the verification process are set forth at 8 USC 1324b.

1. Screening (pre-hiring, at hiring, post-hiring)

  • examining the background of all staff (including seasonal, temporary, contract, and volunteer staff, whether hired directly or through a recruitment firm) as appropriate to their position, considering candidates' access to sensitive areas of the facility and the degree to which they will be supervised and other relevant factors (for example, obtaining and verifying work references, addresses, and phone numbers, participating in one of the pilot programs managed by the Immigration and Naturalization Service and the Social Security Administration [These programs provide electronic confirmation of employment eligibility for newly hired employees. For more information call the INS SAVE Program toll free at 1-888-464-4218, fax a request for information to (202) 514-9981, or write to US/INS, SAVE Program, 425 I Street, NW, ULLICO-4th Floor, Washington, DC 20536. These pilot programs may not be available in all states], having a criminal background check performed by local law enforcement or by a contract service provider [Remember to first consult any state or local laws that may apply to the performance of such checks])

Note: screening procedures should be applied equally to all staff, regardless of race, national origin, religion, and citizenship or immigration status.

2. Daily Work Assignments

  • knowing who is and who should be on premises, and where they should be located, for each shift
  • keeping assignment information updated

3. Identification

  • establishing a system of positive identification and recognition that is appropriate to the nature of the workforce (for example, issuing uniforms, name tags, or photo identification badges with individual control numbers, color coded by area of authorized access), when appropriate
  • collecting the uniforms, name tag, or identification badge when a staff member is no longer associated with the establishment

4. Restricted Access

  • identifying staff that require unlimited access to all areas of the facility
  • reassessing levels of access for all staff periodically
  • limiting access so staff enter only those areas necessary for their job functions and only during appropriate work hours (for example, using key cards or keyed or cipher locks for entry to sensitive areas, color coded uniforms [remember to consult any relevant federal, state or local fire or occupational safety codes before making any changes])
  • changing combinations, rekeying locks and/or collecting the retired key card when a staff member who is in possession of these is no longer associated with the establishment, and additionally as needed to maintain security

5. Personal Items

  • restricting the type of personal items allowed in non-public areas of the es

Submit Comments

You can submit online or written comments on any guidance at any time (see 21 CFR 10.115(g)(5))

If unable to submit comments online, please mail written comments to:

Dockets Management
Food and Drug Administration
5630 Fishers Lane, Rm 1061
Rockville, MD 20852

All written comments should be identified with this document's docket number: FDA-2013-S-0610.

Back to Top