Combining technology and human intelligence to develop risk based audit programmes
There are many factors which affect the business performance of a company, whether you’re a small food supply chain business, a national hotel chain or an international retailer. Internally, this may be corporate strategy and leadership, the size and location of a workforce, the environment a business operates in and company culture. External pressures can come in the form of industry regulation and legislation, supply chain pressures, the wider economy and by no means least, customer demands.
Using data to drive decisions
Data can be used to mitigate the risk associated with many, if not all, of these factors and there is much ongoing discussion across the food supply chain around how we can use data most effectively to make the right business decisions to improve compliance. And it’s not just how the data is gathered and in what form or regularity, it’s about having the right technical experts to analyse it.
At LRQA, we work with many food businesses to ensure they not only do they access to the right data when they need it whether it’s alerts or dashboards or board ready reports, but that our local technical teams are on hand to make sure that information is put within the context of that individual company – and the issues it is facing. Regular data monitoring is essential to flag breakdowns in systems and processes and while it can be used as part of the evidence required for s third party audit, it often highlights the need for second party customised programmes which are specifically designed for that business. One size most definitely does not fit all.
How does this apply to your business?
Combining technology and human intelligence in this way can ensure you are alerted to potential breakdowns in systems before they happen, in the form of red flags, identification of common triggers, and through the provision of automated insight reports from across a business, no matter how large or geographically dispersed the operations may be. Remote feeds can provide data from nearly anywhere in the world, and collectively the data can be input into predictive analysis tools to identify trends and anomalies.
Why do we need audits at all?
Audits offer more than just due diligence and a license to operate. They enable you to compare internal results from your own, first party audits, against those completed by an independent certification body. It encourages ownership and accountability for safety, quality, ethical supply and other aspects that are required not just by legislation but also by stakeholders and increasingly, the public. Audits give results that can be used to shape risk based programmes and allow a deep dive into risks, weaknesses, changes to people or processes which could have a knock-on effect while encouraging ongoing best practice, rather than driving an ‘audit ready’ culture.
Which is better – data monitoring or audits?
A combination of the two gives the best results. An audit will give you a valuable snapshot in time and is an independent verification of systems and processes. It also gives you a benchmark for comparative purposes and can help challenge thinking about root cause analysis.
Continuous monitoring on the other hand, enables you to prevent serious issues and can alert you to a potential process breakdown – at any time. It can also increase awareness of the changing risks to your business over a specific timeframe, or in response to a change in process for example. It allows you to focus on the key control points for your business, whether this is staffing issues, temperature controls, allergen breaches, stock rotation or foreign body incidents, to name just a few.
Three is the magic number
Audits, data and technical expertise are all essential ingredients to a robust compliance programme. Continuous monitoring can ensure your audit programmes, whether second or third party, are delivering what you need. Technology can help drive your business forward but only with the right analytical tools and expert human interpretation to strip out the non-essential noise. Altogether, this allows you to make changes in a clear and measurable way, using the data to explain why and revisiting the business controls and factors affecting them.
More information on GFSI Conference 2019 .
LRQA's experts regularly share their research and insights.