Food Fraud Prevention – ISO 31000 Risk Management
Welcome! In support of the Food Authenticity Network (FAN), this blog series reviews key topics related to food fraud prevention. Watch here for updates that explore the definitions of food fraud terms and concepts.
This blog post builds on our previous review of the definition of risk and vulnerability as well as mitigation and prevention to review the International Standards Organization publication ISO 31000 Risk Management. The next blog post will shift focus to the ISO 31000 Risk Management concepts of the likelihood and then a separate blog post on the consequences.
International Standards – and specifically the International Standards Organization (ISO) – are efficient places to start when considering terms, definitions, and basic management system standards. Specifically, ISO 31000 Risk Management provides a crucial fundamental reference. Also, it is crucial to review what is published in this type of consensus-based, government-endorsed, official publication or what is part of informal documents or meeting notes (several of the widespread food fraud-related terms were published in workshop reports or even just meeting invitations). ISO 31000 Risk Management was published as a formal standard in 2009 after many years of a contensious consensus-driven process involving national standards organizations. This superseded more informal reports or informal guidance such as ISO Guide 73 Risk Management Vocabulary.
The publication of ISO 31000 was often contentious since some industries used terms in different applications. With the publication of ISO 31000, some people would need to change to achieve harmonization. Fortunately, food fraud prevention was developed after ISO 31000 was published (e.g., ISO 31000 significantly impacted my research and projects). Thus, from the start, food fraud prevention has focused on vulnerability and presenting the assessment in terms of “likelihood” rather than “probability” and “consequence” rather than “severity.”
ISO 31000 and Risk
In ISO 31000, a risk or vulnerability is defined in terms of likelihood AND consequence. It is critical to note that the assessment must cover both if the event occurs but also this impact. For example, jaywalking and murder are both clearly crimes, but the risk response is more based on a function of the consequence. An interesting – and often uncomfortable - realization for food safety professionals is that ‘risk’ does not only have negative consequences. Admittedly, food safety almost exclusively uses ‘risk’ for situations where there is an ‘unacceptable risk’ or a “hazard that requires a preventive control.” Understanding that, in the big picture, ‘risk’ does have an upside, such as financial investments.
- Risk (ISO 31000): “effect of uncertainty on objectives;”
- NOTE 1: An effect is a deviation from the expected — positive and/or negative.
- NOTE 3: Risk is often characterized by reference to potential events (2.17) and consequences (2.18) or a combination of these.
- NOTE 4: Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood (2.19) of occurrence.
Then, a type of risk is a vulnerability.
- Vulnerability (ISO 31000 citing Guide 73): “intrinsic properties of something resulting in susceptibility to a risk source (3.3.10) that can lead to an event (3.3.11) with a consequence (3.3.18)."
“ISO 31000 includes a consideration for the preliminary or general assessments that may not require data that is very detailed, accurate, precise, certain, or robust decisions. What is often important is that ‘a’ risk assessment is conducted as long as the specification of the low certainty and low robustness is clearly defined. For food fraud prevention decisions, there may not be a lot of detail needed for a decision, or details may not be provided (at least not yet).” (Reference 1)
It is very important and of great value that ISO 31000 Risk Management provides a common set of terms.
Watch out for the next blog, which will review the application of ISO 31000 Risk Management topics of “likelihood versus probability” to “consequence versus severity.”
We’d love to hear from you in the comments box below if you have any questions on this blog.
References:
- Spink, John W (2019). Food Fraud Prevention – Introduction, Implementation, and Management, Food Microbiology and Food Safety series, Springer Publishing, New York, URL: https://www.springer.com/gp/book/9781493996193