FSIS Directive 5420.1 Food Defense Verification Procedures and National Terrorism Advisory System Alert Response for the Office of Field Operations
(Part 2)


    A. IPP are to perform food defense tasks as assigned in PHIS. PHIS will automatically generate one routine food defense task per quarter to the establishment task list. Inspectors-in-charge (IICs) assigned to multi-inspector, multi-shift establishments are to use the established information-sharing practices to ensure that they perform the food defense task at the prescribed frequency. The FLS is to provide any necessary oversight. While performing this task, if IPP identify that the establishment profile information on the food defense plan is not current, IPP are to update the profile to reflect the status of the establishment's food defense plan.

    B. The table below lists the questions associated with the food defense task. The examples of food defense practices provided in the table are not all-inclusive. Establishments can implement a variety of food defense measures to protect their products, people, and processes from intentional contamination. Food defense is not a one-size-fits-all approach. IPP are to consider this when performing the food defense task. In addition, some food defense activities may not be obvious to IPP. Therefore, IPP are to discuss these activities with management during the weekly meeting to learn more about the establishment's food defense practices. IPP are to be aware that establishments can use the FSIS Food Defense Risk Mitigation Tool to find a more comprehensive list of food defense practices (mitigation strategies). If IPP have questions regarding this task, they are to direct them to their immediate supervisor.

    C. IPP are to answer all the questions in the food defense PHIS questionnaire as either "Yes," "No," or "not applicable" ("N/A"). IPP are not to leave questions blank.

    D. As IPP are completing the task, they are to be aware that food defense practices are policies, procedures, or countermeasures to mitigate vulnerability to intentional contamination. An establishment does not have to implement multiple food defense practices for IPP to answer "Yes" to the task questions. IPP are to answer "Yes" to the question if one or more of the examples of food defense practices are implemented or if there is another mitigation strategy to address the potential vulnerability. If IPP have questions about the appropriateness of a mitigation strategy that is not listed as an example, they are to direct these questions to their immediate supervisor.

    E. Not all tasks may be applicable to all establishment types. If a task does not apply to their establishment, IPP are to answer "N/A."

    F. IPP are to try to observe as many of the food defense practices as possible. However, if IPP do not know the answer to a question, they are to discuss it with establishment management at a weekly meeting. In this case, the IPP are to leave the task open until the next weekly meeting and complete the task after that meeting. The establishment is not required to disclose information about its food defense practices to IPP. IPP are not to issue a Noncompliance Record (NR) if the establishment chooses to withhold information. If IPP do not know the answer to a question and are unable to verify the answer with establishment management, they are to answer it as "N/A."

    G, If IPP are unclear as to how to conduct the food defense task or have questions about the task, they are to contact their immediate supervisor. Supervisors seeking support or guidance are to submit questions to the SIPRS at FoodDefense@usda.gov.

Task Question Examples of Food Defense Practices (not all-inclusive) Additional Information
1. Does the establishment implement practices to prevent unauthorized access to the facility? ? Locked doors
? Fence around perimeter of facility
? Security guards
? Alarm system
? Controlled-access system
This question is targeting practices the establishment has in place to prevent an unauthorized individual from getting into or having access to the facility.
2. Does the establishment implement practices to prevent access to restricted areas inside the facility? Restricted areas are secure areas where the establishment wants to control access. ? Surveillance cameras
? Designate and clearly mark all restricted areas
? Controlled-access system
? Locks
? Buddy system
? Restrict access to ice and storage tanks for potable water and water reuse systems
The definition of a restricted area may differ from one establishment to another. Examples of restricted areas may include: areas where ingredients, chemicals, or hazardous materials are stored; in-plant laboratory; areas where product containers or processing equipment is stored; etc.
3. Does the establishment implement personnel security measures to prevent an intentional contamination incident? ? Background checks
? Employee identification system (e.g., badges, color-coded uniforms)
? Restrict personal items in operational areas (e.g., cell phones, cameras)
? Restrict temporary employees and non-employees to areas relevant to their work
? Maintain updated shift roster
Personnel security measures are actions the establishment can take either before or after an employee is hired to ensure there is no history of behavior or current behaviors that may indicate an individual is likely to intentionally contaminate product or negatively impact public health or the safety of others.
4. Does the establishment implement management controls to prevent intentional contamination? ? Maintain a policy for handling suspect persons/disgruntled employees, items, and events
? Adopt a functional food defense plan
? Track customer complaints/comments for trends
? Maintain a system to encourage employees to report signs of possible product contamination, unknown or suspicious persons in the facility, or other food defense vulnerabilities
? Conduct mail-handling activity in a separate room or facility that is away from in-plant food production/processing operations
Management controls are activities that establishment management can do to reduce the likelihood of intentional contamination.
5. Does the establishment promote situational awareness for employees, including: ? Training on food defense?
? Procedures for reporting suspicious activity?
? Food defense training methods may include (but are not limited to) online, in-person, fact sheets, or in-plant exercises
? Employees should be encouraged to report signs of possible product contamination, unknown or suspicious persons in the facility, or other food defense vulnerabilities
The following free training courses and exercise toolkits are available for industry:
? Food Defense and Recall Preparedness Exercise Tool (FSIS)
? Employees FIRST (FDA)
? Food Defense 101 (including ALERT) (FDA)
6. Does the establishment implement practices to prevent unauthorized access to computer systems or industrial control systems? ? Protect computer systems through firewalls and passwords
? Maintain updated computer virus detection systems
? Provide information security training to employees with access to cyber systems
? Limit or closely monitor remote access to web-based applications that manage industrial control systems
An industrial control system is an integrated hardware and software system designed to monitor and control the operation of machinery and associated devices within the food production environment. Industrial control systems may include (but are not limited to):
? Supervisory control and data acquisition (SCADA) systems
? Distributed control systems
? Programmable logic controllers
The following cyber resources are available for industry:
? NIST.gov/CyberFramework
? US-CERT.gov
? StaySafeOnline.org
? FSIS Cybersecurity Countermeasures
? Selete Cybersecurity Countermeasures in the Lookup Tool
7. Does the establishment implement practices for the following processing activities: ? Mixing, blending, and similar activities (e.g., coating/mixing/ grinding/rework)?
? Non-meat, non-poultry, and non-egg ingredient handling (e.g., ingredient staging/prep/addition)?
* Answer N/A if this is an import establishment
? Restrict access
? Conduct monitoring and surveillance
? Verify product integrity throughout the production process, up to primary and secondary packaging
? These processing activities are those that have been identified as being more vulnerable to intentional contamination.
? Non-meat and non-egg ingredients may include (but are not limited to) spices, preservatives, flavoring, etc.
8. Does the establishment implement practices for reinspection/staging areas?
* Answer N/A if re-inspection does not occur at the establishment
? Restrict access
? Conduct monitoring and surveillance
? Verify primary and secondary packaging is intact
? Maintain updated product inventory
9. Does the establishment implement practices to prevent access to storage of the following items: ? Raw materials and non-meat, non-poultry, and non-egg ingredients (e.g., spices, preservatives)?
? Liquid storage and handling (e.g., marinade, brine, open vats/bins/silos/totes)?
? Chemicals and hazardous materials?
? Finished products (ready to be shipped)?
? Labels and packaging materials?
? Maintain access log
? Restrict access
? Conduct monitoring and surveillance
? Control product labels and packaging to prevent theft and misuse
10. Does the establishment implement practices for the following shipping and receiving activities:
? Bulk liquid receiving/loading?
? Procedures for incoming product integrity?
? Verifying transportation vendors and drivers?
? Control access
? Ensure seals and locks are present
? Verify boxes or containers have not been tampered with
? Background checks on transportation drivers
? Driver identification upon pickup/delivery
? Minimize the time a truck is unlocked during loading or delivery
11. Does the establishment have incident response procedures in place in the event a contamination incident occurs? ? Pre-established communication with local, state, and federal law enforcement or incident response personnel
? Recall plan
? Procedures to communicate with the media or consumers
? Have up-to-date establishment layout/blueprints for local law enforcement, including the fire department, if needed
? Maintain records to allow easy trace-back of raw materials to suppliers
? Maintain records to allow easy trace-forward of finished products to vendors
In most cases, it cannot be determined if a contamination event is intentional or unintentional until later in the investigation. Therefore, incident response procedures for both intentional and unintentional contamination incidents should be considered when answering this question.
12. Has the establishment conducted a written vulnerability assessment of their facility within the past year? A vulnerability is a weakness within the food production process that makes it easy to intentionally contaminate product. A vulnerability assessment is an assessment to identify vulnerabilities within or outside of a facility that may lead to intentional contamination of product.
13. Additional comments? This question allows IPP to enter free text to provide further explanation or clarification for answers to the task questions.
    H. To access and complete the PHIS task questionnaire, IPP are to:

        1. Look for "Food Defense Task" on the establishment task list and schedule it on their task calendar, then claim the task when they are ready to conduct the task;

        2. Select the "Activity" tab, then select the applicable Verification Activity (Review & Observation, Record Keeping, or Both);

        3. Select the "Questionnaire" tab. Click on "Take Questionnaire" tab to access the questions;

        4. Click "Start" to begin questionnaire;

        5. Select answers to questions on page one. Click "Next" and proceed to the next page of questions. IPP are to complete all questions and are not to leave any blank or unanswered. IPP are to select "N/A" if the question does not apply to the establishment or If IPP do not know the answer to a question and are unable to verify the answer with establishment management;

        6. Click "Submit" to complete the questionnaire; and

        7. Record the task as completed after the questionnaire results have been entered.

    I. IPP are to review the answers of the questionnaire with establishment management in the weekly meeting following task completion. Based on the questionnaire answers, IPP are to discuss areas in the establishment where a food defense vulnerability exists and mitigation strategies to address identified vulnerabilities and weaknesses in the establishment. IPP can find examples of common food defense mitigation strategies in FSIS Food Defense Risk Mitigation Tool.

    J. When a threat notification is issued, the IIC is to receive specific instructions through supervisory channels on other actions, if any, that they are to take based on information received about the threat to a product or process. If additional food defense tasks are necessary, IPP are to follow the instructions in FSIS Directive 13,000.1, Scheduling In-Plant Inspection Tasks in the Public Health Information System (PHIS),when scheduling a directed PHIS task.

    K. If the establishment requests guidance or additional information on food defense, including how to develop a functional FDP, IPP are to direct establishments to http://www.fsis.usda.gov/fooddefense. The food defense website contains guidance documents and tools to assist establishments with food defense practices (e.g., a general FDP template, brochures, guides, and fact sheets). Many of these materials are available in multiple languages. Alternatively, IPP may download a copy of the General Food Defense Plan from the FSIS website at http://www.fsis.usda.gov/fooddefense.
Prior segment of
FSIS Directive 5420.1 (PART 2)
Next segment of
FSIS Directive 5420.1 (PART 2)