Assemble the Food Defense Team

The Food Defense Team is responsible for development, implementation, and maintenance of the Food Defense Plan. Similar to a HACCP food safety
team, a food defense team should be comprised of members from various functions within the organization. Membership should include people from
human resources, maintenance, sanitation, purchasing, quality, distribution and production. It is important that the knowledge base cover all shifts and
all major facets of the operation.

Appoint a Food Defense Coordinator

The Food Defense Coordinator leads the Food Defense Team and has overall responsibility for the development, implementation, and maintenance
of the Food Defense Plan. The selected person should have an overall knowledge of the operation as well as the authority to enact policies and
procedures.

Training

The IA rule requires all individuals who are performing activities under the rule to be qualified to perform those functions. As stated in the regulation,
this ‘Qualified Individual’, or ‘QI’ is “a person who has the education, training, or experience (or a combination thereof) necessary to perform their
assigned activities”. In addition, workers assigned to actionable process steps and their supervisors must complete food defense awareness training.
In fact, every worker should be trained on the issue of food defense, most importantly to notify management when something does not seem right.
Records must be kept on training activities.

Conduct an initial assessment

Before conducting the more formalized vulnerability assessment, it is good to have an understanding of many of the controls that are already be in
place. Many of these controls are considered broad-based controls, or mitigations, because these are not particular to a given process within the
facility, but rather impact the overall facility. Broad-based mitigations can include procedures for employee and visitor access to the facility, hiring
practices, loading and unloading of transport vehicles, exterior facility conditions such as building exterior lighting or fences, interior conditions (layout,
lighting), and policies on employee access within facility. In this evaluation, it is important to consider mitigations that are part of other programs such
as HACCP, SSOPs (standard sanitation operating procedures), or base GMPs. Facilities normally find that there are many controls already in place
that can be considered mitigations against intentional contamination.

Determine and address gaps within the broad based controls

When assessing broad-based controls, it is important to evaluate whether these controls are being properly managed. For example, your company
may have a requirement for visitors to sign in before entering the facility, but you find that ID’s are not being checked as required, or that some
‘frequent’ visitors don’t sign in at all. Your company may have a requirement that non-access doors remain shut, but you find that employees open
these doors during production to allow fresh air into their working area.

It is also important to ask whether additional procedures are needed. The team may find that the company does not have a procedure for controlling
the entrances associated with the loading docks. In this case, a keyed entry may be needed or a procedure for drivers to call the dock manager to
gain entrance.

Conduct the vulnerability assessment

The goal of the vulnerability assessment is to evaluate the process steps used within the facility and determine which points in the process offer risk
for contamination. The process steps that are most vulnerable are ones which offer greater accessibility or can create uniform distribution of a
contaminant throughout a product batch. These points of highest risk are called our Actionable Points – points where significant vulnerability exists
and where mitigation strategies will be needed to reduce this risk.

There are a number of assessment tools available from FDA and USDA, although the FSMA IA rule doesn’t have a requirement as to which specific
assessment tool must be used. An accurate flow diagram of each process or processes must be available. Beginning at the point of receipt, the
assessment looks at each step in the process evaluating:

The public impact at that point if a contamination event would occur

The degree of physical access – can the attacker get access to that food

The ability of the attacker to successfully contaminate the product – can they add sufficient amount of a contaminate without being detected
The goal is to find the points with the biggest risk. The assessment tool will provide a numerical score, and with this, a facility can rank the process
steps in order of most vulnerable.

It is important to take broad-based controls into account when completing the assessment. Also, when conducting the vulnerability assessment, the
regulation requires that we take an ‘insider attack’ into account. An ‘insider attack’ often represents a worse-case scenario.

The vulnerability assessment is a required document for compliance. It must be written and must include an explanation as to why the step was
considered, or not considered, an actionable point.

In general, these are some points that have normally been found to be considered actionable points:

Bulk liquid receiving and loading

Liquid storage and handling

Secondary ingredient handling

Mixing and blending activities

Determine Mitigation Strategies

For each of the actionable points identified, mitigation strategies must be determined that will significantly minimize or prevent intentional
contamination, and thus reduce the level of vulnerability. Controls can be a single mitigation strategy or a combination of strategies.

On its website, FDA offers a Mitigation Strategies Database to assist with identifying preventive measures that can be used. Within the database,
there are a variety of measures listed for numerous different types of process steps. Some of the listed mitigations for a given process step type will
be more appropriate than others and it is up to the Food Defense Team to determine what will work best depending on their specific situation.

Develop Management Components for Each Mitigation Strategy

For each mitigation strategy determined for an actionable point, monitoring, corrective actions, and verification procedures must be developed. These
form the system that ensures that the given mitigation strategy is being properly implemented and is capable of reducing significant vulnerabilities.

For the food defense monitoring requirement, facilities must have written procedures, including the frequency they are to be performed. Monitoring
must be documented so that these records can be verified. There must also be written corrective action procedures when mitigation strategies are not
properly implemented. Food defense verification procedures ensure that monitoring activities are being completed as planned, that appropriate
corrective actions decisions are being made, and that records are reviewed.

Like HACCP based systems, food defense plans need to be verified though a periodic reassessment. At a minimum, reanalysis should be conducted
every three years, but should be done immediately if there are significant changes to the operation, when new information becomes available about a
new vulnerability, when the mitigation strategies are found to be inadequate, or new information becomes available about a given threat.

Maintain Required Records

The following records are required to be maintained:

The food defense plan including the vulnerability assessment and determination of actionable steps

Food defense monitoring records, corrective action and verification records, as well as reanalysis activity records

Training documentation

In summary, a Food Defense Plan can be easily developed through careful and thoughtful analysis of the operation with an eye towards identifying
the most vulnerable points in the operation. From this assessment, mitigation strategies are put in place for these vulnerable points. In many cases,
these mitigation strategies should not require an extensive capital outlay, but rather, may just be adjustments or added procedures that result in in
reducing how accessible these vulnerable points are.
The examples detailed below are written based on the four food defense principles, and can be applied to
a broad-spectrum of industries and company sizes.

Select the category which best describes your operation to view possible mitigation strategies:

• Uniformly mixed products/batches

• Large batch size
• Short shelf life products
• Easily accessible entry points

Uniformly mixed products/batches

This category would include products such as ground beef, processed meats, baked goods, and/or other
processed products that are uniformly homogenized. Below is a list of mitigation strategies that would
help alleviate vulnerabilities frequently associated with these production processes.

• Securing all cleaning and sanitation supplies

• Restricting equipment controls to authorized personnel
• Securing all sampling ports
• Securing air vents with one way valves
• Conducting a visual inspection prior to using the mixer
• When practical, using self-contained equipment
• Protecting the integrity of compressed air/inert gases if used at the mixer
• Engineering equipment controls to preclude unauthorized use or access
• Using engineering applications to limit accessibility where practical
• Restricting physical access to the mixer
• Positioning the mixer for maximum visibility
• Ensuring that all equipment removed from the production environment are
cleaned/sanitized/inspected prior to returning to service

It is recommended that companies select the appropriate mitigations that best fit their needs.

Large batch size

This category would include liquid storage silos, tanker trucks, and/or other food service
products/ingredients that are batched in large volumes. Below is a list of mitigation strategies that would
help alleviate vulnerabilities frequently associated with industries handling these types of
products/ingredients.

• Restricting equipment controls to authorized personnel

• Using Clean-in-Place (CIP) equipment when possible
• Securing any unused ports
• Securing all air vents with one way valves
• Filtering all compressed gases used at the hopper
• Installing an alarm system at hopper access points and sampling ports
• Ensuring adequate lighting around the hopper
• Installing windows in offices to enable easy observation of the production floor
• Ensuring that all equipment removed from the production environment is cleaned/ sanitized/
inspected prior to returning to service
 • Requiring that all contractors hired for cleaning and maintenance operations have adequate
employee screening procedures
• Verifying/auditing service contractor’s employee screening plan
• If logical at this stage in processing, add or increase non-thermal treatments to FDA limits
approved for the commodity in process (e.g., irradiation, UV light)

It is recommended that companies select the appropriate mitigations that best fit their needs.

Short shelf life products

This category would include fluid dairy/milk, perishable items, and/or other processed products that
must be refrigerated. Below is a list of mitigation strategies that would help alleviate vulnerabilities
frequently associated with industries processing these types of products.

• Cover offerings during transport from prep area to food bar

• Restrict food handling to designated employees
• Restrict unit cleaning to specific employees
• Secure cleaning supplies away from unit
• Training employees to be cognizant of suspicious behavior
• Developing a policy and protocol for dealing with “suspect product”
• Utilize frequent employee unit servicing (cleaning, changing or freshening offerings)
• Minimizing offering quantities to necessitate increased employee presence at unit
• Locate food bar self serve unit in high visibility area
• Encourage (designated) employee foot traffic through food bar area
• Locate food bar away from premises exits (to enhance observation of surreptitious acts)

It is recommended that companies select the appropriate mitigations that best fit their needs.

Easily accessible entry points

This category would include components such as back doors to your operation, loading docks, employee
entrances, and/or other entry points to your operation. Below is a list of mitigation strategies that would
help alleviate vulnerabilities frequently associated with these factors.

• Confirm the identity and credentials for all job applicants being considered for employment.
• Install a perimeter fence, wall or barrier with appropriate clear zone.
• Install adequate interior and exterior lighting to facilitate detection of suspicious activities.
• Install “No Trespassing” signs at regular intervals along the fence.
• Install surveillance cameras.
• Install an alarm system (e.g., motion, infrared).
• Install alarmed self-locking emergency exit doors.
• Secure all facility openings when not in use, including freight loading doors, windows, roof
openings/hatches, vent openings, ventilation systems, utility rooms, ice manufacturing and
storage rooms, loft areas and trailer bodies, and bulk storage tanks.
• Minimize the number of entrances to non-public areas of your facility. Be sure to consult any
relevant Federal, State, or local fire and occupational safety code before making changes.
• Add a receptionist or security guard at facility entrance to screen employees, contractors and
visitors.
• Restrict visitor access to food handling and storage areas.

It is recommended that companies select the appropriate mitigations that best fit their needs.
• Accompany unauthorized persons (e.g., visitors, contractors, personnel) to restricted areas
• Clean / sanitize equipment and components periodically (e.g., immediately prior to use, after maintenance, when
security devices are breached, following a suspect event)
• Clean / sanitize locations periodically (e.g., immediately prior to use, after maintenance, when security devices are
breached, following a suspect event)
• Conduct periodic checks of packaging integrity (e.g., upon receipt and prior to use) including for packaged
products, ingredients, and equipment components
• Maximize visibility of operations, equipment, and locations (e.g., install windows, light adequately, keep area clear
of visual obstructions)
• Restrict access to equipment and controls to authorized personnel
• Restrict access to ingredients and products to authorized personnel
• Restrict access to location to authorized personnel
• Restrict access to openings or access points (e.g., to bins, tanks, vats, ports/valves, conveyor belt, inspection
points, system openings) to authorized personnel
• Restrict operations to authorized personnel
• Use Clean in Place (CIP) equipment and prescribed CIP procedures (e.g., pre-rinse, wash, post-rinse, drain, and
sanitize)
• Use an alarm system to alert access breaches to location, equipment, controls, and coverings for openings or
access points (e.g., motion, infrared)
• Use an alarm system to monitor and detect suspect events
• Use automated equipment (e.g., for dispensing, injection, incorporating, packing) to restrict access to product
• Use closed systems (e.g., in-line, self-contained, sealed) for operations
• Use coverings to secure openings, access points and open systems/operations (e.g., shrouds, covers, lids, panels,
seals) to restrict access to product
• Use electronic access control system to restrict access to location and/or controls (e.g., cipher lock, swipe cards,
biometric devices, RFID)
• Use isolation or separation to secure items, operations, equipment (e.g., locate away from other items and
operations)
• Use locks to secure location, equipment, and controls when not in use or unattended (e.g., use tamper-proof
containers, locks, gear locks, remove keys)
• Use one-way valves to restrict access to product
• Use peer monitoring (e.g., buddy system) during operations or in assigned locations
• Use personnel (e.g., guards, supervisors, trusted employees) for visual observation at restricted locations and
operations
• Use personnel identification (e.g., color coded uniforms, badges) to restrict access to location, equipment, control,
and operations
• Use physical barriers to restrict access to location, operations, and equipment (e.g., locate in secure room, enclose
with a fence, cage, gate, restricted-access ladders, wall, or panel)
• Use surveillance equipment to monitor locations and operations
• Use tamper-evident devices (e.g., seals, covers, locks) to secure openings, access points, equipment and
components
• Use tamper-evident devices (e.g., seals, covers, locks) to secure packaging and storage containers
• Visually inspect equipment, equipment components, and supplies prior to use and report anomalies

Facilities
Designate parking areas for personnel and visitors, and distinguish vehicles using parking decals or other identification

Implement a check in/check out procedure at security or reception areas that includes verification of proper identification, screening equipment and
relinquishment of prohibited items

Implement a policy for acceptance of goods, mail, and packages that includes proper documentation review, screening procedures and chain-of-
custody when appropriate

Implement a policy for driver check-in and vehicle documentation review

Implement a policy for handling suspect persons, items and events including changes in employee health or behavior
Implement a policy for increasing security measures during elevated threat/risk levels

Implement a policy for protection of sensitive information (e.g., computers, food defense plans, schematics) and periodically modify instituted security
measures such as passwords, keys, access cards, and codes

Implement a policy for random security checks of personnel, equipment and processes

Implement a policy for scheduling deliveries, maintenance and service

Implement a policy for updating and maintaining accurate records (e.g., personnel files, training records, food defense plan documentation, emergency
response contacts)

Implement a policy to prohibit employees from removing from the premises company-provided gear that could be used to gain unauthorized entry into
the facility

Implement a policy to prohibit personal items from production, storage or other restricted areas

Implement a policy to restrict access to locations, equipment and operations and periodically modify instituted security measures such as passwords,
keys, access cards, and codes

Implement a visitor policy which requires proper identification, escorts and adherence to rules regarding restricted access

Implement an inventory management system for products, ingredients, materials, and chemicals or potential contaminants

Implement emergency response procedures including preventing security breaches during evacuation

Maximize visibility of perimeters, entry/exit points, locations and operations (e.g., light adequately, install windows, remove visual obstructions)

Minimize the number of access points to your facility

Secure water, air and gas supplies and supply lines

Use locks, fencing, gates or other physical barriers at perimeters, entry/exit points, locations and operations to restrict access

Use personnel (e.g., guards, supervisors, trusted employees) to monitor perimeters, entry/exit points, locations and operations

Use signage at perimeters, entry/exit points, locations and operations to designate restricted areas.

Use surveillance equipment (e.g., cameras) and/or alarms to monitor perimeters, entry/exit points, locations and operations.

Personnel
Implement a check in/check out procedure at security or reception areas that includes verification of proper identification, screening equipment and
relinquishment of prohibited items

Implement a human resources policy that includes vetting candidates prior to hiring

Implement a policy for employee resignation or termination that includes the relinquishment of all items used for access to the building including
badges, keys, codes, uniforms, etc.

Implement a policy for handling suspect persons, items and events including changes in employee health or behavior

Implement a policy for protection of sensitive information (e.g., computers, food defense plans, schematics) and periodically modify instituted security
measures such as passwords, keys, access cards, and codes

Implement a policy for random security checks of personnel, equipment and processes

Implement a policy for updating and maintaining accurate records (e.g., personnel files, training records, food defense plan documentation, emergency
response contacts)

Implement a policy to prohibit employees from removing from the premises company-provided gear that could be used to gain unauthorized entry into
the facility

Implement a policy to prohibit personal items from production, storage or other restricted areas

Implement a visitor policy which requires proper identification, escorts and adherence to rules regarding restricted access

Implement an inventory management system for products, ingredients, materials, and chemicals or potential contaminants

Implement emergency response procedures including preventing security breaches during evacuation

Maintain an up-to-date list of emergency contacts for food defense events and make it available to personnel

Train appropriate personnel on proper implementation of the food defense plan and conduct periodic retraining at appropriate intervals or when
changes have been made
Train personnel on food defense awareness and conduct periodic retraining

Train personnel to recognize and report suspect items or events to the appropriate contacts and conduct periodic retraining

Use personnel (e.g., guards, supervisors, trusted employees) to monitor perimeters, entry/exit points, locations and operations\

Management
Implement a check in/check out procedure at security or reception areas that includes verification of proper identification, screening equipment and
relinquishment of prohibited items

Implement a communication policy for emergencies including internal stakeholders, the press and the public

Implement a food defense plan and periodically reassess the plan to keep it up to date

Implement a human resources policy that includes vetting candidates prior to hiring

Implement a policy for employee resignation or termination that includes the relinquishment of all items used for access to the building including
badges, keys, codes, uniforms, etc.

Implement a policy for handling suspect persons, items and events including changes in employee health or behavior

Implement a policy for increasing security measures during elevated threat/risk levels

Implement a policy for protection of sensitive information (e.g., computers, food defense plans, schematics) and periodically modify instituted security
measures such as passwords, keys, access cards, and codes

Implement a policy for random security checks of personnel, equipment and processes

Implement a policy for supplier requirements including auditing suppliers and service contractors and maintaining updated lists of acceptable suppliers
and service contractors

Implement a policy for updating and maintaining accurate records (e.g., personnel files, training records, food defense plan documentation, emergency
response contacts)

Implement a policy to prohibit employees from removing from the premises company-provided gear that could be used to gain unauthorized entry into
the facility

Implement a policy to prohibit personal items from production, storage or other restricted areas

Implement an inventory management system for products, ingredients, materials, and chemicals or potential contaminants

Implement emergency response procedures including preventing security breaches during evacuation

Keep current on food defense-related industry news, regulations, customer requirements

Maintain an up-to-date list of emergency contacts for food defense events and make it available to personnel

Train appropriate personnel on proper implementation of the food defense plan and conduct periodic retraining at appropriate intervals or when
changes have been made

Train personnel on food defense awareness and conduct periodic retraining

Train personnel to recognize and report suspect items or events to the appropriate contacts and conduct periodic retraining