Fill the form
We will call you back soon
Fill the form
We will call you back soon
ISO 22000 Through the Eyes of an Auditor. Issue No. 3
Interested Parties (Clause 4.2): Whose “wishes” can stop your plant?
If Clause 4.1 is your radar for the external environment, then Clause 4.2 is your list of obligations. The auditor checks whether you understand who you are responsible to and which requirements you must meet in order to stay in the market.
1. Who are these people, and why does the auditor ask about them?
Interested parties are not only customers. They include everyone who can “put the brakes” on your system.
What we check during the audit:
Regulatory authorities: If you do not have an up-to-date list of legal requirements — new rules on antibiotics, pesticides, labelling — your system is blind. You risk releasing a product that may be “safe” according to your own standards, but illegal.
Suppliers: They are your support and your main source of risk. What requirements do you set for them? Do they know about your standards?
Personnel: Yes, this is an internal party. If employees expect safe working conditions but are exposed to harmful vapours in the workshop, they may start ignoring hygiene requirements.
2. Practice: From “expectations” to “control” — the IFC methodology
The IFC guidelines emphasise that small and medium-sized businesses often fail because they do not take into account the requirements of “unspoken” parties.
Case for verification:
Your major customer, a retail chain, suddenly introduces a requirement: “All products must be GMO-free and supported by test reports from an accredited laboratory.”
System logic: Interested party’s expectation — the retail chain → Requirement — GMO test reports → Change in the FSMS — verification plan, laboratory selection.
Auditor’s logic: I check how the requirements of your key customers are reflected in your raw material and finished product specifications. If the retail chain requires allergen control, but your system says nothing about it, Clause 4.2 has failed.
3. Evidence matrix: What should be prepared for the auditor?
To successfully close this clause, show the expert not a list of names, but a monitoring system:
Register of interested parties: With a clear distinction between who they are and what their food safety requirements are — not their expectations regarding price or packaging.
Evidence of updates: How do you learn about changes in legislation? Show subscriptions to legal databases, records of participation in industry webinars, or letters from regulatory authorities.
Specifications and contracts: The auditor may ask for a contract with your pest control service provider. Why? To see whether you have taken your requirements towards them into account as an interested party under Clause 7.1.5.
Summary for the QA department
ISO 22000 teaches us that product safety is a contract with society. You cannot simply produce a “good” product; you must meet the expectations of those who trust you with their health and their money.
For an auditor, Clause 4.2 is a test of your adequacy. If you know what is expected of you and have turned those expectations into working instructions, your system is reliable. If you ignore the requirements of interested parties, you are building your business on sand — and it will collapse at the first inspection by regulatory authorities.
In the next issue: Scope of the management system (Clause 4.3). Is it possible to certify only part of the production and not all processes?
Your expert view on certification — Guard is Certification.
If Clause 4.1 is your radar for the external environment, then Clause 4.2 is your list of obligations. The auditor checks whether you understand who you are responsible to and which requirements you must meet in order to stay in the market.
1. Who are these people, and why does the auditor ask about them?
Interested parties are not only customers. They include everyone who can “put the brakes” on your system.
What we check during the audit:
Regulatory authorities: If you do not have an up-to-date list of legal requirements — new rules on antibiotics, pesticides, labelling — your system is blind. You risk releasing a product that may be “safe” according to your own standards, but illegal.
Suppliers: They are your support and your main source of risk. What requirements do you set for them? Do they know about your standards?
Personnel: Yes, this is an internal party. If employees expect safe working conditions but are exposed to harmful vapours in the workshop, they may start ignoring hygiene requirements.
2. Practice: From “expectations” to “control” — the IFC methodology
The IFC guidelines emphasise that small and medium-sized businesses often fail because they do not take into account the requirements of “unspoken” parties.
Case for verification:
Your major customer, a retail chain, suddenly introduces a requirement: “All products must be GMO-free and supported by test reports from an accredited laboratory.”
System logic: Interested party’s expectation — the retail chain → Requirement — GMO test reports → Change in the FSMS — verification plan, laboratory selection.
Auditor’s logic: I check how the requirements of your key customers are reflected in your raw material and finished product specifications. If the retail chain requires allergen control, but your system says nothing about it, Clause 4.2 has failed.
3. Evidence matrix: What should be prepared for the auditor?
To successfully close this clause, show the expert not a list of names, but a monitoring system:
Register of interested parties: With a clear distinction between who they are and what their food safety requirements are — not their expectations regarding price or packaging.
Evidence of updates: How do you learn about changes in legislation? Show subscriptions to legal databases, records of participation in industry webinars, or letters from regulatory authorities.
Specifications and contracts: The auditor may ask for a contract with your pest control service provider. Why? To see whether you have taken your requirements towards them into account as an interested party under Clause 7.1.5.
Summary for the QA department
ISO 22000 teaches us that product safety is a contract with society. You cannot simply produce a “good” product; you must meet the expectations of those who trust you with their health and their money.
For an auditor, Clause 4.2 is a test of your adequacy. If you know what is expected of you and have turned those expectations into working instructions, your system is reliable. If you ignore the requirements of interested parties, you are building your business on sand — and it will collapse at the first inspection by regulatory authorities.
In the next issue: Scope of the management system (Clause 4.3). Is it possible to certify only part of the production and not all processes?
Your expert view on certification — Guard is Certification.
Still have questions? Contact us
Zamknięta 10, 30-554 Kraków, Poland
