Approved Auditor Manual

7/30/2019 Approved Auditor Manual

1/42


2/42

Version 1.1November 2011 Page 2 of42

Contents1. Introduction ......................................................................................................................... 5

Audit of Export and Domestic Requirements ..................................................................................... 5

Legislative basis for the approval of auditors ................................................................................ 6

The legislation framework .................................................................................................................. 6

Approval of auditors ........................................................................................................................... 7

2. Purpose and Scope of this Manual ........................................................................................ 8

Definitions ........................................................................................................................................... 8

Introduction to the DAFF Biosecurity Approved Auditor Management System ................................ 8

The role and responsibility of DAFF Biosecurity ................................................................................. 9

The role and responsibilities of Approved Auditors ........................................................................... 9

The role and responsibilities of the Occupier/Registered Establishment ........................................ 10

3. Approval of Approved Auditors ........................................................................................... 11

Fee ..................................................................................................................................................... 11

Duration of auditor approvals........................................................................................................... 11

Approval process and criteria for Approved Auditors ...................................................................... 11

The Approved Auditor approval process .......................................................................................... 11

Commodity risk classification........................................................................................................ 12

Commodity experience.................................................................................................................. 13

Regions of Operation .................................................................................................................... 13

Qualifications ................................................................................................................................ 14

Conflicts of Interest....................................................................................................................... 14

DAFF Biosecurity Approved Auditor Manual................................................................................. 14

Approved Auditor Code of Conduct............................................................................................... 14

RABQSA equivalence ..................................................................................................................... 15

Units of Competency..................................................................................................................... 16

Declarations .................................................................................................................................. 16

Notice of Approval........................................................................................................................ 17

Approved Auditor Register............................................................................................................ 17

Review of decisions relating to approvals ........................................................................................ 18

4. Managing the Approved Auditor ......................................................................................... 18

Verification system ........................................................................................................................... 18


3/42


Scheduled verification activities .................................................................................................... 18

Review of audit reports ................................................................................................................. 18

Refresher training ............................................................................................................................. 19

Changes in requirements and procedures ........................................................................................ 19

Maintaining the requirements for approval ..................................................................................... 19

Renewal of Approval ......................................................................................................................... 19

Surrender of Approval ...................................................................................................................... 19

Notification ....................................................................................................................................... 20

Confidentiality ................................................................................................................................... 20

Revocation or variation of approval ................................................................................................. 20

Complaints system ............................................................................................................................ 20

5. Approval of registered establishments to engage an Approved Auditor ............................... 20

6. Managing the audit process ................................................................................................ 21

Duties of Approved Auditors ............................................................................................................ 21

Scheduling the audit ......................................................................................................................... 21

Observation of processes .............................................................................................................. 22

Auditing of multi-sited food businesses ........................................................................................ 22

Audit teams ................................................................................................................................... 22

Planning the Audit............................................................................................................................. 22

Audit Criteria ................................................................................................................................. 22

Audit Scope ................................................................................................................................... 23

Documentation Review................................................................................................................. 23

Conduct the audit ............................................................................................................................. 23

Audit Findings................................................................................................................................ 25

Classification of Non-compliances ................................................................................................ 25

Corrective Actions ......................................................................................................................... 26Audit Outcomes/ Audit Frequency................................................................................................ 26

Audit Reporting ................................................................................................................................. 27

Finalisation / Closure of CARs/Non-compliance reports ............................................................... 27

Escalation policy............................................................................................................................ 28

Records ............................................................................................................................................. 28

7. Appendices......................................................................................................................... 28

Appendix 1 Application and Approval Process Approved Auditors ......................................... 29

Appendix 2 Approved Auditor Code of Conduct ....................................................................... 30


4/42


1. Purpose and Application of the Code of Conduct..................................................................... 30

Purpose of the code of conduct .................................................................................................... 30

Application of the code of conduct ............................................................................................... 30

2. Definitions ................................................................................................................................. 31

3. Conduct Provisions .................................................................................................................... 31

3.1 Identification ........................................................................................................................... 32

4. Obligations ................................................................................................................................ 32

4.1 Respect for persons ................................................................................................................ 32

4.2 Natural justice ......................................................................................................................... 32

4.3 Health, welfare and safety concerns ...................................................................................... 32

4.4 Discrimination ......................................................................................................................... 33

4.5 Workplace harassment ........................................................................................................... 33

5. Behaviour and attitude ............................................................................................................. 33

6. Dress standards ......................................................................................................................... 33

7. Use of alcohol and drugs ........................................................................................................... 34

8. Conflicts of interest ................................................................................................................... 34

9. Acceptance of gifts .................................................................................................................... 35

10. Confidential information and public comment .................................................................... 35

11. Falsification of Results .......................................................................................................... 35

12. Failure to Comply .................................................................................................................. 35

13. Acknowledgement ................................................................................................................ 35

Appendix 3 Instrument of Approval Example only ................................................................. 36

Appendix 4 Legislation, Australian Standards and DAFF Biosecurity Guidelines list .................... 40

Appendix 5 Contact List ........................................................................................................... 42


5/42


1. IntroductionDAFF Biosecurity is part of the Australian Government Department of Agriculture, Fisheries and

Forestry (DAFF). DAFF Biosecurity is the Commonwealth authority responsible for the regulation of

prescribed goods prepared for export as food from Australia. This maintains the integrity of theexported product and Australias reputation as a reliable exporter.

DAFF Biosecuritys role in providing export inspection, audit and certification services helps retain

wide access to overseas export markets.

As a result of the service delivery models agreed with the fish, dairy and meat export industries to

support export certification reform in 2011, it has been agreed that the audit of registered

establishments that prepare fish, eggs, dairy and some meat products for export as food may be

undertaken by persons approved by DAFF Biosecurity to carry out this activity Approved Auditors.

To facilitate this, DAFF Biosecurity has implemented the DAFF Biosecurity Approved Auditor

Management System to approve, manage and verify the performance of persons other than DAFF

Biosecurity employees to conduct audits of registered establishments on DAFF Biosecuritys behalf.

The system is based on both legislative requirements and the requirements of the National Food

Safety Audit Policy and the National Regulatory Food Safety Auditor Guideline (copies of these

documents can be found athttp://www.health.gov.au) and aims to reduce duplication of audits for

registered establishments.

Audit of Export and Domestic Requirements

Currently, a number of state regulatory authorities (SRAs) have responsibility for the conduct of

audits at DAFF Biosecurity registered establishments on DAFF Biosecuritys behalf. Conversely, in

some jurisdictions DAFF Biosecurity may conduct audits of export registered establishments for

compliance with both export and domestic requirements- these latter audits are conducted on

behalf of SRAs.

DAFF Biosecurity may approve auditors to audit on its behalf in all Commonwealth jurisdictions.

Where DAFF Biosecurity is responsible for the audit of both domestic and export requirements, the

approval of Approved Auditors by DAFF Biosecurity only applies to audits of export requirements.

Auditors who also wish to audit domestic requirements must make application to the appropriate

food regulator in that jurisdiction for approval.

In order to determine if approval as an auditor is applicable to a specific jurisdiction or a specific

commodity (i.e. fish, dairy, eggs &/or meat); reference should be made to the Service Delivery

Arrangements Table available at:www.daff.gov.au/ecri

It should also be noted that for some commodities, an importing country may place restrictions on

who can undertake audits. For example establishments that prepare or store meat for export to

the USA may only be audited by an DAFF Biosecurity employed auditor.
http://www.health.gov.au/internet/main/publishing.nsf/Content/foodsecretariat-policydocs.htmhttp://www.health.gov.au/internet/main/publishing.nsf/Content/foodsecretariat-policydocs.htmhttp://www.health.gov.au/internet/main/publishing.nsf/Content/foodsecretariat-policydocs.htmhttp://www.daff.gov.au/__data/assets/word_doc/mckenzie%20lisa/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/4S3VVBNT/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/mckenzie%20lisa/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/4S3VVBNT/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/mckenzie%20lisa/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/4S3VVBNT/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/mckenzie%20lisa/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/4S3VVBNT/www.daff.gov.au/ecrphttp://www.health.gov.au/internet/main/publishing.nsf/Content/foodsecretariat-policydocs.htm


6/42


Legislative basis for the approval of auditors

The legislation framework1

The framework for the Australian government to regulate prescribed goods for export as food

consists of:

1. an Act of Parliament: the Export Control Act 1982

2. subordinate legislation made by the Governor-General: the Export Control (Orders)

Regulations 1982, and

3. subordinate legislation made by the Minister: the Orders specifically:

a. the Export Control (Prescribed Goods General) Order 2005

and the commodity Orders:

a. the Export Control (Eggs and Egg Products) Orders 2005

b. the Export Control (Fish and Fish Products) Orders 2005

c. the Export Control (Milk and Milk Products) Orders 2005

d. the Export Control (Meat and Meat Products) Orders 2005

e. the Export Control (Poultry Meat and Poultry Meat Products) Orders 2010

f. the Export Control (Wild Game Meat and Wild Game Meat Products) Orders 2010

The Export Control Act 1982 (the Act) is the overarching legislation controlling the export of food and

other goods from Australia. The introduction of the Act provided a stable but flexible legal

framework for controlling the export of food and other goods.

The Act came into force on 1 January 1983. It has not been significantly altered since that date, but

Orders prescribed under the Act subordinate legislation have been amended and new Orders

have been established in line with changes in markets and industries, and in accordance with

international trade agreements.

The Act, its subordinate Regulations and Orders provide the legal basis for:

1. Controlling the export of prescribed goods from Australia

2. Setting conditions and restrictions for the export of prescribed goods

3. Conditions for registering premises for the preparation of goods for export

4. Powers for the Secretary and authorised officers to deal with prescribed goods and

premises, and

5. Offences and maximum penalties for contraventions of the Act.

The export legislative framework, through subordinate legislation specifically, the commodity

Orders provides the Secretary with the power to approve auditors to conduct audits in accordance

with legislative requirements.

1

Copies of all legislation cited in this document are available at:http://www.comlaw.gov.au
http://www.comlaw.gov.au/http://www.comlaw.gov.au/http://www.comlaw.gov.au/http://www.comlaw.gov.au/


7/42


Approval of auditors

Schedule 10 of the Export Control (Fish and Fish Products), (Eggs and Egg Products), (Milk and Milk

Product) Orders 2005 and Schedule 9 of the Export Control (Meat and Meat Products Orders) 2005,

(Poultry Meat and Poultry Meat Products) and the (Wild Game Meat and Wild Game Meat Products)

Orders 2010 provide the legislative basis for:

The application and approval process of auditors

Assessment of auditor competence

Decisions to approve (or not approve) auditors

Conditions of auditor approval

Conditions for the revocation of auditor approval

Period of auditor approval

Issuing of identity cards

The maintaining of a register of Approved Auditors

The Secretary (or their Delegate) may approve a person as an auditor for the purposes of auditing

registered establishments against the requirements of the applicable commodity Orders when the

Secretary (or their Delegate) is satisfied that:

the applicant has the necessary knowledge, training, skills and experience to competently

carry out audits of the kind for which approval is sought; and

the audits conducted by the applicant will be objective, independent, fair and accurate and,

unless stated otherwise in the audit report, will be complete; and

the applicant will comply with the requirements of Division II of Part 6 of the applicable

commodity Orders; and

the applicant will comply with documented procedures for the conduct of audits; and

the applicant is a fit and proper person having regard to the matters specified in section 4.05

of the Export Control (Prescribed Goods General) Order 2005.

Additionally, the Secretary (or their Delegate) may:

take into account any real or perceived conflict of interest that could arise if the applicant

was to be approved

request that the applicant provide further documents or information

request that the applicant submit to assessment by interview, audit or written examination,

or any combination of those ways

apply conditions to the approval.


8/42


2. Purpose and Scope of this ManualThis manual is provided by DAFF Biosecurity to inform Approved Auditors conducting regulatory

audits of registered establishments on behalf of DAFF Biosecurity, of the system that has been

implemented by DAFF Biosecurity to manage the approval process, the Approved Auditor and the

audit process.

Auditors approved under this system, known as Approved Auditors, may include independent, third

party or commercially employed auditors, but due to potential conflicts of interest may not include

persons in the direct employ of the DAFF Biosecurity registered establishment subject to the audit.

Definitions

In this document, terms have the following meaning:

Approved Auditor: is an auditor approved by the Secretary (or delegate of) under Schedule 10 of

the Export Control (Eggs and Egg Products) Orders 2005, Export Control (Fish and Fish Products)

Orders 2005, Export Control (Milk and Milk Products) Orders 2005 and/or Schedule 9 of the Export

Control (Meat & Meat Products) Orders 2005, Export Control (Poultry Meat and Poultry Meat

Products)Orders 2005 or Export Control (Wild Game Meat and Wild Game Meat Products) Orders

2010.

AMS: Audit Management System - DAFF Biosecuritys electronic system that manages all aspects of

audits.

Approved Arrangement (AA): the food safety management system in place at a registered

establishment, which is approved by DAFF Biosecurity for the identification, control, monitoring,

review and reporting of food safety hazards and compliance with legislative and importing country

requirements.

Registered establishment: Refers to an export registered establishment engaged in the preparation

(including storage, handling and loading) of prescribed goods for export.

Occupier: The individual, corporation or other legal entity (or any combination of these) in whose

name a registered establishment is registered.

SRA: State Regulatory Authority the state or territory authority responsible for food safety in that

jurisdiction.

Introduction to the DAFF Biosecurity Approved Auditor Management

System

DAFF Biosecurity has developed and implemented the DAFF Biosecurity Approved Auditor

Management System to:


9/42


1. Approve, manage and verify the performance of persons other than DAFF Biosecurity

employees known as Approved Auditors who conduct audits of registered

establishments on DAFF Biosecuritys behalf

2. Manage the Approved Auditor

3. Approve Registered Establishments to engage the services of an Approved Auditor

4. Manage the regulatory audit process.

The responsibility for activity in the regulatory audit process is shared between DAFF Biosecurity,

Approved Auditors conducting regulatory audits and the registered establishments that require

regulatory audits.

The role and responsibility of DAFF Biosecurity

As part of effectively demonstrating compliance with legislative and National Food Safety Auditor

Policy requirements, DAFF Biosecurity has systems in place to approve, manage and verify the

activities of authorised officers and Approved Auditors, to approve registered establishments tooperate under the DAFF Biosecurity Approved Auditor Management System and, where applicable,

respond to audit findings and results of verification activities.

Within this system, DAFF Biosecurity maintains responsibility for any enforcement action that needs

to be taken in response to audit outcomes.

The role and responsibilities of Approved Auditors

The role of the Approved Auditor is to conduct regulatory audits of a registered establishments

compliance with:

The applicable requirements of the Act and the commodity Orders, and

The requirements of the establishments food safety management system, known as an

approved arrangement (AA) including any conditions that may apply, and

The applicable importing country requirements identified in the establishments AA,

for all aspects of the preparation (including storage, handling and loading) of the commodity or

commodities for export as food that falls within the scope of the auditors conditions of approval

and commodity risk classification.

The Approved Auditor is responsible for ensuring that:

The necessary knowledge, training, skills and experience required to conduct audits are

maintained, including the maintenance of any competencies or qualifications specified in the

approval criteria.

Audits conducted are objective, independent, fair and accurate and, unless otherwise stated

in the audit report, are completed.

Audits are conducted as expeditiously as possible and in a way that causes as little

interference as possible to the operations which may be the subject of the audit.

Any additional documented procedures provided by DAFF Biosecurity in relation to the

conduct of audits are complied with.The Approved Auditor Code of Conduct is complied with.


10/42


DAFF Biosecurity is informed immediately of any circumstances that may affect the

Approved Auditors approval with regards to criminal activity or real or perceived conflicts of

interest.

A current Approved Auditor identity card can be presented on request.

Failure to competently undertake these responsibilities, which will be verified by DAFF Biosecurity,

may result in DAFF Biosecurity revoking auditor approval or requiring the Approved Auditor to take

agreed corrective action which may include, but is not limited to, the undertaking of additional

training.

The role and responsibilities of the Occupier/Registered Establishment

The role of the occupier of a registered establishment is to ensure compliance with legislative

requirements through the effective implementation and maintenance of their approved

arrangement.

The occupier of a registered establishment is responsible for ensuring that:

DAFF Biosecurity approval to engage an Approved Auditor is sought.

Their premises and approved arrangement is audited at the frequency outlined in the

applicable DAFF Biosecurity guideline.

The Approved Auditor engaged under the system has the appropriate scope of approval,

including the appropriate commodity risk classification, to conduct the regulatory audit.

As per the requirements of the legislation2, all necessary assistance is provided to the

auditor as is reasonably necessary to enable the auditor to perform the audit of their

operations, including, but not limited to:o The provision of information, explanation, documents, translations and

demonstrations of use of equipment; and

o Allowing the auditor to interview their employees, agents or contractors and export

permit issuers; and

o Allowing the observation of their procedures; and

o Use of their equipment for the purposes of accessing, examining, testing, sampling,

recording or reproducing any documents or thing at their premises; and

o Bringing onto the premises any equipment required to perform the audit.

Any corrective action agreed to be taken to address audit findings is implemented and

reviewed for effectiveness within the timeframes specified in the Audit Report.

The occupier and the Approved Auditor are responsible for organising and managing the audit

process. DAFF Biosecurity is not involved in any contract negotiations or agreement between the

occupier and an Approved Auditor.

Failure to comply with these requirements may result in a direction being given to the occupier by

DAFF Biosecurity to comply or the revocation of approval to engage an Approved Auditor. Where

approval has been revoked, audits will be conducted by DAFF Biosecurity.

2

Order 65 of the Export Control (Fish & Fish Products) Orders 2005, Order 60 of the Export Control (Eggs & Egg Products)and (Milk & Milk Products) Orders 2005 and Order 59 of the Export Control (Meat & Meat Products) Orders 2005, (Poultry

Meat & Poultry Meat Products) and (Wild Game Meat & Wild Game Meat Products) Orders 2010


11/42


For additional information for registered establishments see: The Registered Establishment Guide to

the DAFF Biosecurity Approved Auditor Management System available at:www.daff.gov.au/ecri

3.Approval of Approved AuditorsAuditors seeking to become an Approved Auditor must apply to DAFF Biosecurity and demonstrate

that they meet the criteria for approval as described in this section.

Fee

There are currently no fees payable for the initial application or annual renewal of auditor approvals.

This is subject to change and it is the responsibility of Approved Auditors to monitor the ECRP

website atwww.daff.gov.au/ecrifor updates.

Duration of auditor approvals

The duration of an Approved Auditors approval with DAFF Biosecurity is 12 months from the date of

initial approval, unless revoked. Approved Auditors must undergo an annual renewal process to

maintain their Approved Auditor status.

Approval process and criteria for Approved Auditors

Auditors seeking to become an Approved Auditor with DAFF Biosecurity must apply by completing

the Approved Auditor Application form available at:www.daff.gov.au/ecri

Applications are to be submitted to: Certification Management

Food Division

DAFF Biosecurity

Department of Agriculture, Fisheries and Forestry

PO Box 858

CANBERRA CITY ACT 2601

A Contact List for all enquiries relating to Approved Auditors is provided atAppendix 5.

The Approved Auditor approval process

A flow diagram of the process is provided atAppendix 1.

The approval process consists of the following 6 steps:

Step 1 Submit application to DAFF Biosecurity

Applicants will be required to submit a completed application form and supporting documentation

that includes the following:

1. Personal / contact details.

2. Consent of the applicant to the publishing by DAFF Biosecurity of contact details in a public

register of Approved Auditors.
http://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/ecrphttp://www.daff.gov.au/ecrphttp://www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrp


12/42


3. Details of approval to work in Australia if not an Australian citizen (certified copies of valid

passport/current working/permanent residency visa if applicable).

4. Photographs (4) and signature sample.

5. Nomination of the commodity risk classification/s that the applicant is seeking approval for.

6. Details ofcommodity experience (medium and high risk).

7. Nomination ofregion/s of operation.

8. Details ofqualifications - Statements of Attainment / technical qualifications (certified copies

to be supplied) applicable to the commodity risk classification applied for.

9. Certified copy of professional indemnity insurance certificate.

10.Disclosure of any real or perceived conflicts of interest.

11.Disclosure of any pending criminal charges / denial of approval as a regulatory auditor.

12.Certified copy of an AFP National Police Check.

13.Certified copies of documents sufficient for a 100 Point Identification Check.

14.Acknowledgement of having read, understood and agreed to comply with the DAFF

Biosecurity Approved Auditor ManualandApproved Auditor Code of Conduct.15.A signed Declaration to the accuracy of the information provided.

The following section provides additional detail as to the requirements in italics in the above list.

Commodity risk classification

DAFF Biosecurity uses the risk classification system defined in Table 1 for commodities and processes

to determine:

The qualifications and experience required by Approved Auditors to effectively conduct

audits for some commodities.

The frequency of auditing of the approved arrangements implemented by the registered

establishments.

Applicants must indicate both the commodity and risk classification for which they are applying and

ensure that they have the appropriate qualifications and commodity experience.

Low Risk

Low risk classification is not commodity specific an auditor applying for approval to audit low risk

processes may audit any commodity / process classified as low risk. Storage includes dry, cool and

frozen storage.

Medium Risk

Medium risk processes include all processes not specifically noted as low or high and includes

processes that result in a product that will be subject to further processing or is intended to be

cooked by the consumer prior to consumption. Medium risk classification is not applicable to milk

products.

High Risk

High risk processes include:


13/42


Heat treatment processes where the product is retorted or pasteurised with a nominated

refrigerated shelf life and commercially sterile, shelf stable product.

Cook / chill processes where minimally heat processed foods are distributed as chilled

products with a defined shelf life.

Ready to eat fish, egg, dairy and meat processes not included in the definition of heat

treatment or cook/chill that result in a ready to eat product.

Processing of bivalve molluscs where in-shore harvesting is included in the process to be

audited.

Please note:

Where an auditor has been approved for a medium or high risk commodity classification,

approval is automatically acknowledged for the lower levels of risk (i.e. medium risk

classification includes approval to audit low risk processes, high risk classification includes

approval to audit both low and medium), but only for the approved commodities.

Table 1: Commodity Risk Classification

Fish Eggs Milk Meat Poultry Game

Low Storage, packing live fish, packing of whole eggs

Medium Products to be further

processed

Products intended to be

cooked

N/A Slaughter, boning, processing &

packing of raw, chilled or frozen

meat, poultry or game

High Heat

Treatment

processes

Ready-to eat

Cook/chill

processes

Bivalves

Heat Treatment

processes

Ready-to eat

Cook/chill processes

Heat Treatment processes

Ready-to eat meat products

Cook/chill processes

Commodity experience

Applicants applying for medium and/or high commodity risk classifications must be able to

demonstrate recent commodity experience, such as relevant qualifications, industry experience

and/or audit experience.

Regions of Operation

Approved Auditors will be approved to conduct audits within all State and Territory jurisdictions.

However, the Approved Auditor Application Form requires applicants to nominate which state(s)


14/42


and/or territory(ies) they wish to operate in. This will assist registered establishments in locating and

engaging an Approved Auditor within their state or territory.

Applicants may choose to select multiple jurisdictions; however consideration should to be given to

SRA requirements (seeintroduction).

Qualifications

See Step 2 for details of the minimum qualification requirements.

Conflicts of Interest

Applicants are required to provide details of any conflicts of interests (real or perceived) that may

exist, or may be likely to arise, if the applicant is appointed as an Approved Auditor. Applicants must

provide details of any relationships or positions of management or control that may have been

offered, are currently held or have previously been held, in regard to the operations carried out in

any registered establishment.

Payment to an auditor for carrying out the functions of an auditor does not constitute a direct or

indirect interest in a registered establishment.

Additional information in relation to what may constitute a real or perceived conflict of interest is

provided atAppendix 2 Approved Auditor Code of Conduct.

DAFF Biosecurity Approved Auditor Manual

Applicants are required to acknowledge that they have read, understood and agree to comply with

the requirements of this DAFF Biosecurity Approved Auditor Manual.

To ensure reference is made to the current version of the manual see:www.daff.gov.au/ecri

Approved Auditor Code of Conduct

Applicants are required to acknowledge that they have read, understood and agree to comply with

the requirements of theApproved Auditor Code of Conduct.

Where an allegation is made that an Approved Auditor has breached the Code of Conduct, DAFF

Biosecurity will investigate the breach and, if confirmed, revocation of the auditors approval may

occur.

Step 2 Application assessed by DAFF Biosecurity in accordance with Approval Criteria

In addition to meeting the requirements detailed in Step 1, applications will be assessed to ensure

that the minimum approval criteria are met.

Applicants must demonstrate achievement of the required competencies, qualifications and

commodity experience applicable to the scope of their application before the application can be

progressed.

It is a requirement of the National Regulatory Food Safety Auditor Guideline that regulatory auditorsmaintain the following units of competency from the Food Processing Industry Training Package
http://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrp


15/42


FDF103

issued by a registered training organisation (RTO) under the requirements of the Australian

Quality Training Framework (AQTF):

Low risk

FDFFSACA / FDFAU4001A Assess compliance with food safety program(This competency may be superseded by a person who has already obtained competency

FDFFSCFSAA/FDFAU4003A)

FDFFSCOMA / FDFAU4002A Communicate and negotiate to conduct food safety audits

FDFFSCFSAA / FDFAU4003A Conduct food safety audits

FDFFSCHZA / FDFAU4004A Identify, evaluate and control food safety hazards

Medium Risk

In addition to the above listed units of competency, regulatory auditors in the medium classification

must hold a Certificate IV or higher in food science or related field (including 40 hours of food

microbiology).

High Risk

In addition to the above requirements for auditing medium risk classifications, auditors applying for

approval to audit high risk processes must, where applicable to the commodity and process being

audited, have the following high risk units of competency4:

FDFFSCC4A / FDFAU4006A Audit a cook chill process

FDFFSHT4A / FDFAU4007A Audit a heat treatment process (retort & pasteurization)

FDFFSME4A / FDFAU4008A Audit manufacturing of ready-to-eat meat products FDFFSBM4A / FDFAU4005A Audit bivalve mollusc growing & harvesting operations

Where application is made for approval to audit processes that result in ready to eat fish, egg or

dairy products, applicants will be required to provide evidence of experience with both commodity

and process.

RABQSA equivalence

The following RABQSA-issued units of competency NFS 1-4 will be accepted as equivalent to the 4

nationally recognized units of competency for auditing where an auditor has applied for either low

or medium risk commodity risk classification:

RABQSA-NFS1: Assess compliance of food safety programs

RABQSA-NFS2: Communicate and negotiate to conduct food safety audits

RABQSA-NFS3: Conduct food safety audits

RABQSA-NFS4: Identify, evaluate and control food safety hazards

3Superseded Units of Competency (FDFFSACA, COMA, FSSA, CHZA) issued under the Food Processing Industry Training

Package FDF03 will be accepted until package FDF10 is superseded or if changes are made to the specified units or the

requirements of the National Regulatory Food Safety Auditor Guideline.4

Units of Competency FDFFSCOMA / FDFAU4002A, FDFFSCFSSA / FDFAU4003A, FDFFSCHZA / FDFAU4004A are a pre-

requisite requirement for any high risk units


16/42


Auditors seeking approval for high risk commodity approval must provide evidence of having

obtained the applicable AQTF pre-requisite and high risk units of competency as listed above.

Units of Competency

Additional information on training packages, units of competency and registered trainingorganisations (RTOs) able to provide Statements of Attainment in the above listed units of

competency can be found at: http://www.ntis.gov.au/

DAFF Biosecurity may from time to time alter the required qualifications of Approved Auditors. DAFF

Biosecurity will notify Approved Auditors in writing of any changes to the requirements.

Declarations

If investigation reveals that any information provided by the applicant is intentionally false or

misleading, it may result in an application being questioned or rejected outright. If investigation

following the approval of a person reveals that substantial false and misleading statements havebeen made, the Approved Auditors approval will be revoked.

Step 3 Access provided to training in DAFF Biosecurity legislative requirements

Once the initial approval criteria have been met:

Applicants will be contacted in writing by DAFF Biosecurity and provided with a personal log-on to a

web-based learning management system where training in DAFF Biosecurity legislative requirements

is provided and is required to be successfully completed.

Applicant is to advise DAFF Biosecurity of the successful completion of training.

Step 4 -Assessment

On successful completion of the self-paced, self-assessed training at Step 3:

Applicants will then be required to undergo an on-site assessment or witness audit. This

assessment will assess the applicants skills and knowledge, understanding of the Act and applicable

commodity Orders and will verify that the prospective Approved Auditor can appropriately interpret

and apply the applicable legislation.

The assessment will be carried out by an DAFF Biosecurity officer who holds appropriate auditing

competencies, technical and educational qualifications and specialised endorsements. The

assessment(s) will be conducted to the highest commodity risk classification that the auditor has

applied for.

Approved Auditors wishing to change or upgrade their scope of approval must re-apply to DAFF

Biosecurity and may be subject to additional assessment.
http://www.ntis.gov.au/http://www.ntis.gov.au/http://www.ntis.gov.au/


17/42


Step 5 -Notice of Approval / Identity Card

On successful completion of the assessment activities in Step 4:

Notice of Approval

Successful applicants will receive a Notice of Approval which specifies their responsibilities to DAFF

Biosecurity while undertaking the duties and responsibilities of an Approved Auditor. The Notice of

Approval will include:

a. Name of Approved Auditor

b. Date of Approval

c. Conditions of Approval including the following:

1. Commodity Risk Classification

2. Scope of Approval

3. Code of Conduct

The scope of approval of the Approved Auditor will be restricted to the requirements of the

legislation and commodity risk classification that the Approved Auditor has been assessed and

approved against. Approved Auditors must not conduct audits outside of their scope of approval.

SeeAppendix 3for an example of the Notice of Approval.

Identity card

The Approved Auditor will be issued with an identity card. On receipt of the card, applicants must

formally acknowledge receipt.

The identity card will be dated and is valid for one year. A new card will be issued upon successful

application for renewal.

The identity card remains the property of DAFF Biosecurity. If an auditors approval is revoked by

DAFF Biosecurity or expires, the card must be returned immediately to DAFF Biosecurity.

If the auditor identity card is lost or stolen, the auditor must notify DAFF Biosecurity immediately. A

new card will be issued. A fee may apply and is at the discretion of DAFF Biosecurity.

Step 6 Listing on the Approved Auditor Register

Approved Auditor Register

DAFF Biosecurity maintains a register of all Approved Auditors. This register will be made publically

available on DAFF Biosecuritys website atwww.daff.gov.au/ecriand will be updated as required. It

is the responsibility of Approved Auditors to ensure that the information they supply for the register

is accurate and updated as necessary.

The following information, collected from the Approved Auditor Application Form, is the minimum

information that will be listed on the Approved Auditor Register:

Approved Auditors name
http://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrp


18/42


Contact details (phone number and e-mail contact only)

Commodity risk classification

Operating regions

Once an identity card has been issued and the applicant has been listed on the Approved Auditor

Register, they may commence audits in their endorsed commodity/risk sectors.

At no time prior to receiving the identity card and being listed on the Approved Auditor Register may

any applicant conduct audits of registered establishments on DAFF Biosecuritys behalf.

Review of decisions relating to approvals

At this time, all decisions relating to approvals will be made by DAFF Biosecurity. If the decision is

made not to approve the applicant, the applicant will be advised of the decision and the reasons for

the decision in writing. Unsuccessful applicants may seek a review of the decision under Part 16 of

the Export Control (Prescribed Goods General) Order 2005.

4. Managing the Approved AuditorThe following section provides details of both DAFF Biosecurity requirements and the responsibilities

of Approved Auditors with regards management of auditor performance.

Verification system

The verification systems used by DAFF Biosecurity to check forcompliance to set standards, systems

and legislative requirements enables DAFF Biosecurity to assess and monitor the competence and

performance of Approved Auditors.

Verification activities may be scheduled or triggered by complaints, system reviews, trends, audit

reports or requests by registered establishments.

Scheduled verification activities

DAFF Biosecurity will conduct scheduled verification activities based upon the Approved Auditors

commodity risk classification. Outcomes of verification activities may result in requests for corrective

action, re-training or revocation of approval, if poor auditor performance is identified.

Scheduled verification activities may include:

a) an examination of reports made by the Approved Auditor in the course of auditing

operations at registered establishments;

b) an audit of at least one operation that was audited under the applicable commodity Order

or Orders within the previous six months by the Approved Auditor; and/or

c) observing the auditor while he or she is conducting an audit.

Review of audit reports

Audit reports will be reviewed by DAFF Biosecurity to ensure compliance with DAFF Biosecurityreporting requirements. The following may be included in the review:


19/42


Audit duration

Review of the content of the audit report; clarity of findings

Relevance of non-compliances issued

Classification of non-compliances issued

Notification of critical non-compliances

Notification of audit failure or non-completion

Compliance with timeliness of report submission.

Approved Auditors will be notified in writing of any findings of the review of audit reports. This may

take the form of advice or information or it may result in the issuing, by DAFF Biosecurity, of a

corrective action request.

Refresher training

DAFF Biosecurity will provide refresher training where required by changes to legislative

requirements or procedures. Approved Auditors may also be required to undertake refreshertraining as a result of verification findings.

Changes in requirements and procedures

Approved Auditors will be advised by DAFF Biosecurity of any changes in requirements and

procedures by the posting of information to the DAFF Biosecurity website:www.daff.gov.au/ecri.

Approved Auditors are required to subscribe to the automatic e-mail notification function available

to ensure access to current requirements.

Maintaining the requirements for approval

Approved Auditors are responsible for maintaining the currency of the applicable competencies /

technical qualification and annual renewal of approval.

Renewal of Approval

Approved Auditors are responsible for applying for renewal of approval prior to the expiration date

detailed in the Notice of Approval. Approved Auditors must not perform audits without a current

approval. Approved auditors should apply for renewal at least 30 days prior to the expiry of their

approval to allow sufficient time for the processing of renewal applications.

Applications for renewal are available on the DAFF Biosecurity website at:www.daff.gov.au/ecri

Surrender of Approval

An Approved Auditor may request that their approval be cancelled should they decide not to

continue working on behalf of DAFF Biosecurity. It is the responsibility of the individual auditor to

ensure that they do not market their services as meeting DAFF Biosecurity requirements once they

have surrendered their approval.
http://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrphttp://www.daff.gov.au/__data/assets/word_doc/Wittich%20Mark/Local%20Settings/Temporary%20Internet%20Files/Content.Outlook/T9CB8WSF/www.daff.gov.au/ecrp


20/42


Notification

All Approved Auditors must, during the term of their approval, immediately notify DAFF Biosecurity

of any event or information which relates to or may affect DAFF Biosecurity's satisfaction that the

auditor is a suitable person to be appointed as an Approved Auditor including:

Unintentional or suspected breach of the Approved Auditor Code of Conduct

Conviction of an offence against the Crimes Act 1914, or another law of the Commonwealth

or a law of a state or territory

Threats, intimidation, bribery against the Approved Auditor

Complaints against the Approved Auditor

Conflict of interests (real or perceived) of the Approved Auditor.

Confidentiality

The Approved Auditor Code of Conduct requires that an Approved Auditor must not disclose certainconfidential information.

The Approved Auditor Code of Conduct states that Approved Auditors must keep all commercially

sensitive and official information confidential. If an auditor discloses such information without

appropriate consent, DAFF Biosecurity may revoke an auditors approval.

Revocation or variation of approval

Should DAFF Biosecurity find reason to vary the conditions of or revoke an Approved Auditor s

approval, DAFF Biosecurity will notify the auditor in writing. On receipt of that notice, the Approved

Auditor will have an opportunity to make submissions to DAFF Biosecurity for a review of the

decision.

Complaints system

DAFF Biosecuritys complaints system is accessible by registered establishments, Approved Auditors,

other jurisdictions and the general public. Complaints may be made via the website, email, phone,

fax or by letter. The complainant may remain anonymous if they wish.

Procedures for making complaints are detailed online at:

www.daff.gov.au/aqis/about/contact/compliments-complaints

5.Approval of registered establishments to engage an ApprovedAuditor

Registered establishments must seek approval from DAFF Biosecurity to engage an Approved

Auditor.

Granting of approval is contingent on several factors including consideration of the service delivery

arrangements that may be in place within the establishments state or territory jurisdiction.
http://mylink.agdaff.gov.au/team/femn/Document%20Library/Projects/Food%20Safety%20Auditor%20Competency%20Framework/AAO%20Manual%20and%20Est%20Manual/www.daff.gov.au/aqis/about/contact/compliments-complaintshttp://mylink.agdaff.gov.au/team/femn/Document%20Library/Projects/Food%20Safety%20Auditor%20Competency%20Framework/AAO%20Manual%20and%20Est%20Manual/www.daff.gov.au/aqis/about/contact/compliments-complaintshttp://mylink.agdaff.gov.au/team/femn/Document%20Library/Projects/Food%20Safety%20Auditor%20Competency%20Framework/AAO%20Manual%20and%20Est%20Manual/www.daff.gov.au/aqis/about/contact/compliments-complaints


21/42


When approved, the establishment will be provided with written notification from DAFF Biosecurity

that details their approval and the commodity risk classification/s of their establishment.

This will enable the occupier of a registered establishment to access the Approved Auditor Register

and contact an Approved Auditor within their local area that has the commodity risk classification/s

required to conduct an audit of their establishment.

6. Managing the audit processDAFF Biosecurity has developed procedures for managing the audit process where auditing is

undertaken by Approved Auditors.

The following section provides details of the duties of Approved Auditors and the overarching

procedures that must be complied with for the conduct of regulatory audits of registered

establishments.

Where the audit of specific commodities requires additional procedures, Approved Auditors will be

provided with documented procedures by the commodity program. Additional procedures may be

required for

determining the frequency of audit where frequency may be based on audit outcomes

audit reports and reporting (including provision of DAFF Biosecurity Audit Report

Templates).

Duties of Approved Auditors

An Approved Auditor conducting audits of registered establishments on behalf of DAFF Biosecurity

has the following duties:

a) to carry out audits of the approved arrangement approved and in place at the registered

establishment

b) to carry out any necessary follow-up action, including further audits, if necessary, to

determine whether action has been taken to remedy any deficiencies of any such approved

arrangement identified in an audit

c) to audit and report in accordance with legislation and DAFF Biosecurity requirements.

Scheduling the audit

Prior to scheduling the audit, Approved Auditors must ensure that the occupier of the registered

establishment has written approval from DAFF Biosecurity to engage an Approved Auditor.

It is the responsibility of the occupier to engage an Approved Auditor with the appropriate

commodity risk classification to conduct their regulatory audit. The registered establishment and the

Approved Auditor are then responsible for organising and managing the audit process.

These two parties must ensure that audit frequencies determined by DAFF Biosecurity as applicable

to the establishment being audited are met, taking into consideration that audit frequency may vary

dependent on audit findings.


22/42


Observation of processes

Audits must be scheduled to coincide with production to enable actual processing operations to be

observed. However, where the establishment to be audited is a vessel where processing occurs at

sea, audits should be scheduled where possible to coincide with vessel unloads to provide access to

product and crew.

Auditing of multi-sited food businesses

Irrespective of whether an occupier operates from many sites, each site is an individual registered

establishment and must maintain their own approved arrangement and records and be audited

against that establishments approved arrangement.

The approved arrangement used on site must accurately reflect how export requirements and food

safety issues are being managed on that site.

Audit teams

There may be instances where teams of Approved Auditors, rather than individual Approved

Auditors, are required to carry out regulatory audits. Under these circumstances the lead auditor of

the audit team will be required to ensure that all auditors undertaking work as part of the audit

team are Approved Auditors and have the appropriate commodity risk classification to conduct such

audits.

Planning the Audit

Audit Criteria

All audits of registered establishments must be conducted against the appropriate audit criteria

that is, the requirements of the Act, the applicable commodity Orders and where applicable the

Australian Standards as referenced in the commodity Orders. Audit criteria can include the approved

arrangement as the system to ensure compliance with the requirements of the legislation. Criteria

may also include applicable importing country requirements where identified in the establishments

AA.

DAFF Biosecurity Audit Report templates include provision for selecting and indicating the applicable

criteria.

The Approved Auditor should ensure that they have access to all relevant legislation applicable to

the type of registered establishment that is to be audited. Copies of this legislation and any

applicable Australian Standards and DAFF Biosecurity Guidelines should be on hand during the audit

for easy reference.

SeeAppendix 4for a list of legislation, Australian Standards and DAFF Biosecurity Guidelines and

details of where these documents can be accessed.


23/42


Audit Scope

DAFF Biosecurity Audit Report templates detail the scope of the audit in the form of a list of

elements that are to be audited and include provision for selecting the elements that are actually

audited at a given audit.

It is a DAFF Biosecurity requirement that, regardless of the frequency of audit, all elements are

audited within a 12-month period. It is the responsibility of the Approved Auditor to ensure that this

requirement is met through effective audit planning, consideration of audit frequency and the

elements audited at previous audits.

Where an establishments hazard analysis identifies critical control points (CCPs), the HACCP

element must be audited at each audit.

Documentation Review

Where an Approved Auditor requires documents for review prior to the on-site audit, the auditormust make the request directly to the occupier (or their agreed representative) of the establishment

to be audited. DAFF Biosecurity does not provide copies of AAs or HACCP plans directly to Approved

Auditors.

As part of audit preparation or entry meeting, the Approved Auditor is to obtain and review copies

of the previous audit report/s including any corrective action requests.

It is a requirement of the Export Control (Prescribed Goods General) Order 2005 that an

establishment display a current copy of their DAFF Biosecurity Certificate of Registration. This

document provides details of the commodities and operations that the establishment is approved byDAFF Biosecurity to prepare and undertake. The Certificate of Registration also provides details of

the persons listed by DAFF Biosecurity as being in management and control at the establishment and

may include details of importing country listings. This document should be available and reviewed

for currency at each audit.

Conduct the audit

All audits must be conducted at the registered establishment to be audited.

The time taken to perform the audit is not predetermined. An audit shall continue until the

Approved Auditor is satisfied that the audit of all elements of scope required to be reported to DAFF

Biosecurity have been completed effectively.

The table below outlines the minimum requirements expected when conducting a regulatory audit

of a registered establishment.


24/42


Table 2: Minimum requirements for conducting an audit of a registered establishment

Audit Activity Minimum Requirement

Entry Meeting Approved Auditor to present Identity Card on request

Appropriate management must be present and recorded

Auditor to detail the audit criteria and the scope of the audit

Previous audit report/s reviewed and discussed

Where required, outstanding non-compliances discussed, including evidence and

verification that corrective action taken has been effective

Current DAFF Biosecurity Certificate of Registration to be available and reviewed

for accuracy

Approved Arrangement is available and on site

Monitoring records and any other documents applicable to the audit areavailable, current and on site.

Any changes to activities, products or processes conducted at the registered

establishment that may affect the establishments food safety risk and/or

compliance with legislative requirements are reviewed

Conducting

The Audit

Audit of approved arrangement including:

- Review of amendments to AA

- Review of audit elements as specified on DAFF Biosecurity Audit Report

Template

- Review of HACCP plan

- Inspection of the registered establishment and observation of processing

- Trace back of export eligible product transferred to another establishment or

exported to source / supplier to determine effective procedures to identify

and trace product

- Review of export documentation (where applicable may include a review of

procedures for the completion/validation of export documentation)

Review objective evidence to determine and classify any non-compliancesidentified

Document non-compliance/s identified

Where, in the Approved Auditors opinion, a non-compliance identified is to be

classified as critical, DAFF Biosecurity is to be contacted immediately as direction

may be required to be given by an authorised officer to the occupier for the

cessation of processing for export

Exit Meeting

Conducted at

completion ofthe audit

Appropriate management to be present and recorded

Audit findings to be presented including details of any non-compliances

indentified Agree appropriate corrective action/s, including the evidence to be presented and


25/42


Audit Activity Minimum Requirement

the timeframes required for closure of any CARs issued as a result of non-

compliances identified

Overall audit outcome to be presented and discussed - if a criticalnon-

compliance has been identified, the occupier must be informed that they will be

contacted by DAFF Biosecurity regarding the action to be taken

Date of next audit to be confirmed

Copies of completed, acknowledged Audit Reports and Non-compliance Reports /

CARs must be provided to both the occupier and DAFF Biosecurity within 14 days of

the date of audit

The occupier and Approved Auditor are responsible for ensuring that all non-

compliances are actioned and CARs are closed out within the agreed timeframes

Audit Findings

Audit Reports must clearly state the audit findings that is:

(a) whether in the auditors opinion the audit was satisfactorily completed or was

terminated prior to completion; and

(b) whether in the auditors opinion:

(i) the applicable requirements of the Act and the applicable commodity

Orders; and

(ii) the requirements of the approved arrangement and its conditions; and

(iii) the applicable importing country requirements;

for all aspects of the operations in relation to the commodity for export as foodcovered under operations are complied with; and

(c) the reasons for the auditors opinion.

Approved Auditors must act on non-compliances observed during the audit by classifying and

documenting them as Corrective Action Requests (CARs) / Non-compliance reports

Classification of Non-compliances

DAFF Biosecurity requires the classification of non-compliances identified at audit as minor, major or

criticalwhich are summarised as follows:

Critical non-compliance:

Division II of Part 6 of the fish, egg, milk, meat, poultry and wild game commodity Orders requires

that should an Approved Auditor identify a failure (or a combination of failures) that amounts to a

critical non-compliance, the Approved Auditor must notify DAFF Biosecurity immediately.

A critical non-compliance when used in relation to the audit of a registered establishment means a

failure (or a combination of failures) to comply with

a) a requirement of the Act or the Orders or

b)

the requirements of any applicable approval, including an approval of an approvedarrangement or


26/42


c) the applicable importing country requirements

that results in, or is likely to result in, the preparation or export of food that:

a) is not fit for human consumption or its integrity is compromised or

b)

does not comply with an importing country requirement orc) results in or is likely to result in the issue or giving of an export permit or government

certificate that is inaccurate or incomplete or

d) prevents an accurate assessment being made as to the above.

Under no circumstances can an Approved Auditor take enforcement action or act as an DAFF

Biosecurity authorised officer. At any time where an Approved Auditor feels that enforcement

action is necessary, they must contact DAFF Biosecurity immediately.

Major non-compliance:

Where a requirement of the legislation has not been addressed

An activity that is in direct contravention of the legislation

An activity that is in direct contravention of a procedure and could have a significant effect

on product or legislative compliance.

Minor non-compliance:

An isolated incident of a non-compliance with a system or procedural requirement with no

direct consequential effect on product or legislative compliance

Trends of minor non-compliances could lead to major non-compliance if several incidents of

the same deficiency are encountered.

Observations/ Advisory Findings

Where an observation or advisory finding is made, sufficient detail must be provided to clearly

determine that the finding is an observation only and could not be considered as a non-compliance

under the definitions provided.

Corrective Actions

The corrective action to be taken to address non-compliances identified at audit is to be determined

by the occupier of the establishment (or their representative) and detailed on the CAR /Non-compliance Report. Corrective actions are to be agreed between the occupier and Approved Auditor

that must be taken to prevent the reoccurrence of the non-compliance and must include actions

that will effectively address both the immediate and long term (systemic) issues.

CARs should include details of the evidence that the occupier will be required to provide to the

Approved Auditor to demonstrate that effective corrective action has been taken.

Audit Outcomes/ Audit Frequency

For some commodities, DAFF Biosecurity uses a non-compliance scoring system that results in an

establishment rating (A to E) to indicate audit performance and the required frequency of audit.


27/42


Details of the specific commodity establishment rating system is detailed in the DAFF Biosecurity

Guideline applicable to the commodity and will be provided to the Approved Auditor by the

commodity program.

Where the audit outcome has resulted in the establishment being rated a D or an E, DAFF

Biosecurity may require additional audit/s of the establishment by a DAFF Biosecurity authorised

officer.

The purpose of these additional audits by DAFF Biosecurity is to provide DAFF Biosecurity with

evidence that the establishment has taken steps to comply with their export requirements and has

sustained compliance over a period of time.

If the registered establishment continues to not comply, appropriate enforcement action will be

taken by an authorised officer of DAFF Biosecurity.

Copies of enforcement action must be produced by the registered establishment at their next audit.

Audit Reporting

Approved Auditors will be provided with DAFF Biosecurity Audit Report Templates to be used for the

documenting of CARs/Non-compliance Reports and the Audit Report.

Templates may be completed either in the DAFF Biosecurity AMS system where the Approved

Auditor has been provided with a log-on by DAFF Biosecurity or in the form of a template to be e-

mailed to DAFF Biosecurity.

Finalised Audit Reports including details of agreed corrective actions and timeframes for action

must be acknowledged by the occupier of the establishment audited and copies provided to both

the occupier and DAFF Biosecurity within 14 days of the date of audit.

It is the Approved Auditors responsibility to confirm agreed corrective actions, receive

acknowledgement from the occupier and provide copies to DAFF Biosecurity within the required 14

days timeframe.

Finalisation / Closure of CARs/Non-compliance reports

It is the responsibility of the Approved Auditor to:

Carry out any necessary follow-up action, including further audits if necessary, to determine

whether the agreed corrective action has been taken to address the non-compliances

identified at audit within the required timeframes.

Provide DAFF Biosecurity and the occupier with copies of finalised CARs / Non-compliance

Reports within 14 days of completion.

Immediately advise DAFF Biosecurity when agreed timeframes for the corrective action to

be taken in the event of a major non-compliance have not been met.


28/42


Escalation policy

Failure by registered establishments to rectify a minor non-compliance within the required

timeframe is to be actioned by the Approved Auditor by the re-issuing of the CAR and the escalating

of the classification of the CAR to a major with a maximum timeframe for action of 14 days.

DAFF Biosecurity will manage the failure to address a major non-compliance within agreed

timeframes for corrective action.

Records

Approved Auditors are required to use Audit Report Templates as provided by DAFF Biosecurity.

These documents must be filled in completely and accurately including:

All dates must be recorded as DD/MM/YY

Establishment numbers must be included where indicated on forms References to the name of the company must be the occupier name, not a trading name

Names of persons from the establishment who were involved in the audit

All handwritten notes must be clear and legible

It is important that Approved Auditors have a filing and record keeping system for all documents

that is consistent and enables accurate identification and timely retrieval of files.

All hand written notes, checklists and computer based documents may be required by DAFF

Biosecurity at short notice. This may be in response to a Freedom of Information request, a

Ministerial directive or as part of DAFF Biosecuritys verification program.

7.AppendicesAppendix 1 Approval process for Approved Auditors Flow Diagram

Appendix 2 Approved Auditor Code of Conduct

Appendix 3 Notice of Approval and standard conditions Example

Appendix 4 Legislation, Australian Standards and DAFF Biosecurity Guidelines list

Appendix 5 Contact List


29/42


Appendix 1 Application and Approval Process Approved Auditors

Successful completion of

witness audit

Unsuccessful completion of witness audit

will result in a form letter sent to applicant

advising they were not successful

5. Notice of Approval issued: Successful

applicant provided with the Notice and

ID card

Verification of Approved Auditor performance (may include):

a) Review of audit reports

b)

Audit of operations at registered establishmentsc) Auditor observation while he or she is conducting an audit.

6. Listing of the Approved Auditor on the

Approved Auditor Register

1. Application to DAFF Biosecurity

2. Application assessed in accordance with Approval

Criteria

Applicant completes training satisfactorily

3. Satisfactory initial assessment: Applicant given access

to AQIS Legislative Environment training

4. Assessment of applicant

If applicant requires retraining or

reassessment invite them to reapply

at a later date.


30/42


Appendix 2 Approved Auditor Code of Conduct

Approval by DAFF Biosecurity as an Approved Auditor is subject to the applicant agreeing to abide by

the Approved Auditor Code of Conduct.

Approved Auditor Code of Conduct

The Code of Conduct requires that an Approved Auditor, whilst undertaking audits on behalf of DAFF

Biosecurity, must:

behave honestly and with integrity;

act with care, diligence and professionalism;

treat everyone with respect and courtesy, and without harassment;

comply with all applicable Australian laws;

maintain appropriate confidentiality about client dealings;

disclose, and take reasonable steps to avoid, any conflict of interest (real or perceived) inconnection with their role as an Approved Auditor;

not provide false or misleading information to clients or DAFF Biosecurity;

not make improper use of:

a. commercially sensitive information, or

b. the Approved Auditors duties, status, power or authority,

in order to gain, or seek to gain, a benefit or advantage for the Approved Auditor or for any

other person;

behave in a way that upholds the integrity and good reputation of DAFF Biosecurity; and

comply with any other conduct requirement that is prescribed in the DAFF Biosecurity

Approved Auditor Manual.

The following provides guidance and explanation of the obligations and expected standards of

behaviour for Approved Auditors.

1. Purpose and Application of the Code of ConductPurpose of the code of conduct

This code applies to all auditors approved by DAFF Biosecurity to conduct audits of registered

establishments. Such persons are expected to conduct themselves with integrity, professionalism

and be accountable to the outcomes of audits they perform. The code sets out the minimum

standard of behaviour expected of Approved Auditors.

Application of the code of conduct

This code applies to all Approved Auditors.

Approved Auditors should:

Familiarise themselves with this Code.

Familiarise themselves, and comply, with all legislation concerning auditors, audits, audit

performance and the legislation to which they are auditing.


31/42


Any Approved Auditor confirmed as failing to comply with this Code may have their approval

revoked by DAFF Biosecurity.

2. Definitionsreal conflict of interest- when DAFF Biosecurity would conclude that an Approved Auditors abilityto conduct an audit has been compromised by their private or business interests in the clients

business.

perceived conflict of interest- when DAFF Biosecurity would consider that the private or business

interests of an Approved Auditor may interfere with, unduly benefit, or disadvantage their ability to

conduct a fair audit of a registered establishment.

commercially sensitive informationmeans information:

a) provided to an Approved Auditor by a registered establishment during an audit of the

establishment, disclosure of which may impact the establishments commercial interests

b) provided by someone else other than the registered establishment concerning some

aspect of the registered establishments commercial interests, where, upon receipt of

the information, the Approved Auditor has been requested not to disclose the

information.

gifts means any item or benefit offered by:

a) an employee of a registered establishment, or

b) any other person acting on behalf of a registered establishment or in the interests of a

registered establishment

to solicit favourable treatment during an audit, or offered to an auditor in response to a finding of

non-compliance during an audit.

3. Conduct ProvisionsApproved Auditors shall:

Maintain their competencies and qualifications as specified in the DAFF Biosecurity

Approved Auditor Manual

Only conduct regulatory audits of registered establishments once approved by DAFF

Biosecurity Not audit registered establishments outside their scope of approval and commodity risk

classification

Conduct audits expeditiously and in a way that causes as little interference as possible to the

operations which may be the subject of the audit

Comply with reporting requirements, including timeframes for the provision of audit reports,

to both the occupier of the registered establishment being audited and DAFF Biosecurity.

Immediately inform DAFF Biosecurity of any criticalnon-compliances identified during

audits, in accordance with procedures dictated in the DAFF Biosecurity Approved Auditor

Manual


32/42


Comply with any additional documented procedures provided by DAFF Biosecurity in

relation to the conduct of audit

Assist with enforcement activity taken by DAFF Biosecurity as a result of the Approved

Auditors auditing activities including, but not limited to, providing statements of evidence

for matters concerning legal prosecutions

Not seek or accept recompense from any client for failure to implement appropriate action

in relation to a finding of non-compliance detected during an audit. This includes, but is not

limited to, non-compliance of a legislative nature.

Maintain records relating to audits conducted as an Approved Auditor and make them

available upon request to DAFF Biosecurity.

3.1 Identification

An Approved Auditor shall produce their Approved Auditor Identity Card when requested.

4. ObligationsThe following provides further explanation of the Code:

4.1 Respect for persons

Approved Auditors shall behave in a fair manner and without undue favouritism, patronage or

prejudice displayed toward any person associated with a registered establishment.

Approved Auditors shall not let their personal beliefs influence the outcomes of audits they perform.

Auditors shall not use abusive, obscene or threatening language or behaviour towards any person

associated with the registered establishment.

4.2 Natural justice

Approved Auditors will follow the principles of procedural fairness (natural justice) when making

decisions. The principles of procedural fairness require an Approved Auditor to:

Provide opportunity for both sides of an issue to be heard and considered before decisions

are made.

Not allow any personal interest associated with an audit or a person associated with a

registered establishment to influence an audit outcome.

Act in good faith while conducting audits.

Provide sound reasons to support decisions made whilst conducting audits.

4.3 Health, welfare and safety concerns

Approved Auditors shall comply with all aspects of relevant Australian occupational health and

safety legislation, including the health and safety policies of registered establishments being audited.

Approved Auditors shall further respect the health, safety and welfare of all persons and/or animals

associated with a registered establishment while conducting audits, as well as to ensure their own

health, safety and welfare is not unlawfully put at risk while conducting audits.


33/42


4.4 Discrimination

Approved Auditors shall not unlawfully discriminate against any emp

Approved Auditor Manual

Documents

Transcript of Approved Auditor Manual