[Cover Story] Food Security in Smalltown America

ith a local population of only 9,000 people, one radio station, and a location just outside of the popular Wisconsin Dells waterpark, Reedsburg, Wis., is far from being one of the nation’s smallest cities. But with small towns generally defined as those with populations of less than 20-25,000 people, the home of Foremost Farms’ butter plant falls well within that distinction, and presents the facility with a food security dichotomy familiar to many plants across the nation.

When one thinks of potential terrorist activity – or in food-chain terminology: intentional contamination – we often expect that such activity would most likely occur in large plants in large cities. While such plants could indeed be key targets and should be taking steps to implement thorough food-defense plans, it can just as easily be the very characteristics of informality and innate trust held by small-town people and business that make those food plants ideal targets for aggressors of intentional contamination.

With 20 dairy-product processing plants, most of which are located in small cities, the Foremost Farms dairy cooperative, which is owned by nearly 3,000 dairy-farmer members across seven states, is taking steps to ensure that its small-town assets don’t become security liabilities through both internal and contract security initiatives.

"A lot of employees have the misconception that ‘it won’t happen here,’" says Dave Jelle, quality systems manager, consumer products. "That’s always the perception that it won’t happen here; but it can happen here. The biggest challenge is getting the employee to realize that it is a possibility."

But it’s not just individuals who are reluctant to accept the idea that ‘it can happen here.’ "Some companies don’t believe it’s going to happen to them," says Regulatory Compliance Manager Jim Wittenberger. But all you have to do is look at a single event (take, for instance, the recent non-intentional spinach contamination) and the effect it has on its entire industry to realize that it can – and does happen, and every plant should take steps to ensure that such an event does not originate there.

Product contamination – whether intentional or not – can have such repercussive effects on a company and the industry as a whole that customers have become almost paranoid about security. If the seal on a tanker of milk is missing, the customer often won’t accept delivery, Jelle says, rejecting what can amount to $7,000 worth of milk in a single load. "The product is at risk over a little red seal that costs nine cents.

"Who would have thought that three years ago?" Jelle says. "The challenge is getting people to understand that that’s the reality today. A missing seal impacts food safety."

The implementation of food security programs is being very strongly driven by customers and regulatory agencies. "A lot of our customers expect it; FDA expects it," Wittenberger says. "And it’s going to become more expected in the industry to have a security plan in place."

Not only is it an expectation, Jelle adds, it has become a requirement of a number of up-chain customers. Customers and end consumers expect secure, safe food. Thus, he says, while food-security programs are still voluntary, "if you’re going to do business in today’s environment, you have to do it. If you don’t have a food defense program, you will fail their audit. It is now a customer and marketplace demand."

If this article is being read by members of the pharmaceutical industry, Wittenberger says, those readers are probably saying, "We’ve been doing that for 15 years." But the food industry has not had well-defined programs in place, nor the expectation that plants would focus on security. In fact, though regulatory agencies have increased their focus on risk assessment, there are still few security-focused mandates – beyond those of record-keeping and traceability – set for the food industry.

But the existence or non-existence of mandates from governmental agencies or even customers is almost a moot point with Foremost Farms. "We don’t just do it because customers say to," Jelle says. "We do it because we want to. We want to protect our products; we want to protect our employees."

SECURITY INITIATIVES. Foremost Farms’ first major foray into food security was a 30-minute Food Security Training video developed in 2005 to heighten employee awareness of food defense. "The biggest thing the video did was increase awareness that the employee is our best defense," Jelle says. The video CD has been used for new employee orientation and annual refresher training of all employees; and it is given to Foremost Farms’ customers as a testament to its dedication to security and evidence of its program.

The program concentrates on physical, personnel and product security based on seven key areas. The areas, with examples of training are:

1. Management of Food Security – As the video states, "Foremost Farms realizes the best way to manage food security is through its employees. Employee awareness in our plants is more than just knowing what your particular job entails; it means an understanding of all the processes of the plant, so that when something seems unusual, you recognize it and report it."

2. Physical Facility Security – Controlled access and management of security points through employee ID badges, screening of visitors, visitor check-in and ID badges, work order inspections, and practices such as no visitors in production areas, escorting of visitors at all times, and identification and restricted movement of contractors and delivery personnel.

3. Employee ID and Access – Background checks on prospective employees/new hires; increased awareness of one’s surroundings, with the assertion that "familiarity allows you to recognize the unfamiliar"; concern for the health and safety of one’s co-workers.

4. Computer System Access – User ID and passwords required on all systems; computers set to timeout to view only, particularly on production area systems and touch screens.

5. Raw Material/Packaging Control – Use of only licensed and approved vendors, and development of an approval process including the mandate: "Never use ingredients or supplies that you cannot verify the use of through certified supplier listings." Locking and tagging of all deliveries.

6. Operational Controls – Backflow and general protection against water system tampering; secured and regular examination of air intake points; separation of and limited access to cleaning and sanitation chemicals.

7. Finished Product Security – Sealing and labeling for traceability; destruction of unused lot-numbered labels; hold and release policies, and empowering of any employee to "place a suspect product on hold based on noncompliance with specifications."

To add a bit of fun and interest to the training, the video was developed in the framework of an undercover reporter "Rinaldo Hevera" on special assignment to gain undetected access to the Foremost Farms plant and proceed with simulated terrorist contamination "to demonstrate to all how utterly vulnerable our American food supply chain is to terrorist intervention."

The plant’s security program and employee responsibilities are depicted as the reporter fails to gain the access he seeks, and the video finishes with its training goal: "Foremost Farms wants you to do all you can to ensure our products are the highest quality and safest they can be."

AIB RED. In addition, Foremost Farms is implementing AIB International’s Risk Exposure Delineation Program (AIB RED), an electronic risk assessment and management program through which Foremost Farms is assessing the security of its plants, implementing corrections and improvements based on the questionnaire results and risk levels, and training its people to be its front line of defense against any potential security breach. (See Red Alert, page 16, for more information on this program.)

AIB RED is being rolled out throughout Foremost Farms’ plants, with a core team from the company’s headquarters in Baraboo, Wis., dedicated to overseeing and working with the individual plants. "We want all our plants to be on the same page of the same program," Wittenberger explains. "We want all of our plants to be safer."

Foremost Farms chose the AIB RED program because, Wittenberger says, "It was current software that seemed to satisfy the needs of the company." With well-written and reasonably priced software, the program has enabled the group to initiate a more organized, focused approach toward security, Wittenberger says.

"We knew we had to do a better job of documenting and putting a plan together," Jelle says. "We thought AIB RED would be a very good way to organize the plants. I look at it like HACCP," he adds, explaining that the program assesses critical points for security as HACCP addresses critical control points for food safety.

The AIB RED program begins with a set of 270 questions – which can be edited to fit the particulars of a specific plant or entire company. The questions delve into all areas of a plant’s processes to determine where risks – of high, medium or low intensity – exist. "The first thing you have to do is step back and find out what’s really going on out there [in the plant]," Wittenberger says. The assessment program provides plants with a tool to do just that.

By running the same questions and the same program across the cooperative’s 20 plants, the group also can assess its security as a whole. With particular concentration on any areas cited as high risk, Wittenberger says, "We’ll look at all plants and see if there are any commonalities." This may mean increased expenditures for correction, but it is an area in which the group is willing to invest. "Capital budgets aren’t that easy to get, but if it’s for food safety, it’s easier."

Programs such as AIB RED which begin with a full-plant assessment provide a good starting point for food processing plants, he says, because they start the plant right at the beginning, and address areas which managers and employees may not have previously thought to consider or review.

By the end of 2006, each of Foremost Farms’ plant had completed the risk assessment portion of AIB RED and was working on implementation of the results. Because it is important the each facility has at least one Food Defense Coordinator – a designated, trained person charged with heading up the food defense programs – Foremost Farms put two individuals per site through AIB’s two-day, in-depth training course. Most people managing food defense in this industry have a food safety background, and Foremost Farms is no exception; each person selected as Food Defense Coordinator had a food safety background with limited or no security experience or training.

But even within the same company every plant has variations – of product, process and people, so it is important that the assessment be conducted at each location. At the Reedsburg plant, various security initiatives had been developed and implemented in recent years, but assessing its personnel, processes and physical design through the AIB RED questionnaire revealed areas which they had not realized to be security risks.

INITIATING IMPROVEMENTS. Once the risks were identified, the plant needed to determine which were of highest priority and what measures could and should be put in place. At Reedsburg, Plant Quality Assurance Supervisor Jane McKeever selected a team to move the security plan forward, making a point of including front-line workers. The purpose was not only to provide hands-on information for assessment but also to increase overall acceptance of changes. "It’s good to have employees buy in to what we’re accomplishing in the plant," she says. When hand-picking the team members, she explained to each their role within the group, and asked that, as front-line workers, they "let us know what changes they would like to see in their work area based on the risk assessment."

"It’s really everyone’s responsibility," McKeever says. And it’s the team effort that enables a food-security plant to succeed. "I can’t do it by myself, I need some help," she says. "It really does take a multi-disciplined team to identify hazards and come up with solutions." A risk assessment program may identify hundreds of areas which could be improved, but attempting to focus on all could literally stop a plant’s processes in its tracks. Thus, the risks need to be assessed for level of threat, feasibility of correction, and economics.

While capital expenditures and budget planning will be required to correct some of the deficiencies found during the assessment, Jelle says, "We’re finding out that a lot of them aren’t capital budgeting; there are things that we can do now to change a No to a Yes." And, based on the assessment results and determined risk levels, it is up the plant to determine next steps. "The team decides, ‘How do we want to handle this risk?" McKeever says.

Once it is determined how the risk is to be handled, employees need to be trained to the new standard and supervisors committed to monitoring. At the same time, employee training focuses on individual empowerment. "We empower the employee to take ownership," Wittenberger says. "Don’t just rely on a supervisor to take care of it."

Within the framework, employees are encouraged to get to know their co-workers and be sensitive to changing moods. Very often, critical security threats come from inside a plant, from disgruntled workers or previously unidentified rogues. Foremost Farms managers encourage employees to use its Employee Assistance Program by which they can get counseling or mental health assistance. In addition, knowing one’s fellow employees means that one can immediately identify non-employees or even employees who are outside their area of responsibility. Employees are also encouraged to be proactive, to report anything that appears to be unusual and bring questions to the attention of a supervisor.

SUPPLIER SECURITY. In addition to internal improvements, Foremost Farms has extended security enhancements to it suppliers. It has initiated a vendor-approval program, emphasizing documentation and corporate standards; reduced its number of suppliers, eliminating individual plant purchasing; and increased its scrutiny of vendor programs and deliveries. "We scrutinize our vendors more," Jelle says.

Assessing a plant for security risks and implementing a security program is not a quick process. In fact, the Reedsburg management team expects to be at it for another three or four years – with implementation of about 30 identified program initiatives and employee training and awareness programs; but even at that point they won’t be finished as, similar to a food safety program, the plant will continue to assess itself and instigate initiatives for continued improvement.

Once plans are implemented, Jelle says, daily or weekly audits will be run on the security initiatives. "We’ll validate that we’re doing a food defense plan."

"It’s not going to go away," he says. The key to food security is "getting away from that knee-jerk reaction," taking a long-term, proactive approach, and making it difficult for an aggressor to even consider contaminating food. QA

Lisa Lupo is a staff editor for QA magazine. She can be reached at llupo@gie.net.

---------------------------------------

Red Alert!

Though not (yet) mandated, government regulatory agencies are strongly recommending – and inspecting for – food defense plans in processing plants. At the same time, many processors are finding that their customers are mandating such plans with specific supplier requirements for evidence of the plant’s plan for defending against intentional product contamination.

Before a plant can develop such a plan, however, it needs to assess its vulnerabilities, determine the threat levels, and set and prioritize corrective action plans for the identified risks. “The development of a food defense plan is similar to development of your HACCP plan,” says Lance Reeve, director of food defense, AIB Food Defense Resource Center, Manhattan, Kan. “You really cannot have a complete HACCP program without first assessing your plant processes and raw materials. The same is true of a food defense plan.

Assessment of plant and product vulnerabilities is critical to the effective food defense program, and it is evidence of such an assessment that is one of the first items requested by plant customers as well as FDA and USDA.”

AIB International’s Risk Exposure Delineation (AIB RED) Security Manager provides a tool to assist plants develop such plans from assessment to response. The web-based analytical program integrates audit questions, reports, checklists and management tools to guide plant managers and security teams through the process of developing a plant-specific food defense plan.
The program draws on the knowledge of AIB, FDA, USDA/FSIS and the Department of Homeland Security and is designed to “anticipate” state and federal regulations relating to food defense. Through analysis of a plant’s simple “yes,” “no” or “not applicable” answers to more than 250 questions, the program calculates risk, the probability of an incident and the potential seriousness of the result. The analysis is based on the STRAEC Risk Methodology developed for the chemical industry.

“I think the most important aspect of AIB RED is that it allows the individual company or plant to do a customized assessment,” Reeve says. “The program guides them through the inspection process, helps them identify vulnerabilities and risks, then prioritize the identified risks for implementation of a defense program.” The program also enables the processor to identify countermeasures; compare expenses against value and weigh various options; and create a plant incident database. “Compiling a database of all types of incidents at the facility, including security or natural events, allows the company to track incidents through the year for identification of security risks or vulnerabilities.”

AIB’s Food Defense Resource Center (www.aibfooddefense.org or call 1-800-633-5137) also provides products, services, training as well as online resources.