Food Defense Plan
Aligned with SQF Code Edition 9 – System Element 2.8.3
Requirement Overview
SQF Code Edition 9, System Element 2.8.3, requires:
“A food defense plan shall be established and effectively implemented to ensure the site is protected from intentional acts of sabotage or terrorist-like incidents. The plan shall be based on a risk assessment of potential threats.”
A food defense program safeguards against intentional contamination by identifying facility vulnerabilities and implementing security and monitoring systems.
Disclaimer: Food Safety Systems is not affiliated with or endorsed by the Safe Quality Food Institute (SQFI). This content is for internal compliance and training purposes only. For official program requirements, visit www.sqfi.com.
Key Compliance Objectives
-
✓ Identify site-specific threats and access vulnerabilities
✓ Document and implement food defense control measures
✓ Monitor access and install security protocols
✓ Train employees and conduct simulation drills
Step-by-Step Compliance Implementation
1. Conduct a Site-Specific Threat Assessment
-
Key Areas to Assess:
-
• Perimeter and gate security
• Raw material and finished goods storage
• Processing, blending, and packing zones
• Shipping, receiving, and driver access points
• Utilities (e.g., water, HVAC, compressed air systems)
Evidence to Maintain:
-
• Completed food defense vulnerability assessment
• Facility layout with zone-specific risk classification
• Security risk analysis with prioritized zones
- • Perimeter and gate security • Raw material and finished goods storage • Processing, blending, and packing zones • Shipping, receiving, and driver access points • Utilities (e.g., water, HVAC, compressed air systems)
- • Completed food defense vulnerability assessment • Facility layout with zone-specific risk classification • Security risk analysis with prioritized zones
2. Develop and Document the Food Defense Plan
-
Your Plan Should Include:
-
• Vulnerable areas and entry points
• Physical and procedural barriers
• Emergency and response protocols
• Assigned roles and responsibilities
Evidence to Maintain:
-
• Signed and version-controlled food defense plan
• Internal SOPs for each control measure
• Organizational chart showing designated response personnel
- • Vulnerable areas and entry points • Physical and procedural barriers • Emergency and response protocols • Assigned roles and responsibilities
- • Signed and version-controlled food defense plan • Internal SOPs for each control measure • Organizational chart showing designated response personnel
3. Install Security Measures and Access Controls
-
Example Controls:
-
• Badge or biometric access for employees
• Visitor and contractor sign-in logs
• CCTV coverage of critical areas
• Sealed packaging zones with tamper-proof features
• Lockable or restricted ingredient storage
Evidence to Maintain:
-
• Access control records
• Surveillance system inspection and maintenance logs
•
Visitor tracking logs and review summaries
- • Badge or biometric access for employees • Visitor and contractor sign-in logs • CCTV coverage of critical areas • Sealed packaging zones with tamper-proof features • Lockable or restricted ingredient storage
- • Access control records • Surveillance system inspection and maintenance logs • Visitor tracking logs and review summaries
4. Train Staff and Run Food Defense Drills
-
Training Program Must Include:
-
• Annual training for all site personnel
• Role-specific training for security or facility leads
• Simulated food defense breach scenarios
• Documentation of response, gaps, and corrective actions
Evidence to Maintain:
-
• Attendance records from food defense training sessions
• Drill reports with findings and CAPAs
• Evaluation forms from simulated incidents
- • Annual training for all site personnel • Role-specific training for security or facility leads • Simulated food defense breach scenarios • Documentation of response, gaps, and corrective actions
- • Attendance records from food defense training sessions • Drill reports with findings and CAPAs • Evaluation forms from simulated incidents
5. Review and Update the Plan Annually
-
Annual Program Review Includes:
-
• Plan revalidation or update (especially after facility changes)
• Review of any past incidents or audit findings
• Improvements based on drill outcomes or supplier alerts
Evidence to Maintain:
-
• Annual review log and sign-off documentation
• Updated versions of food defense plans and SOPs
• Meeting minutes or review notes
- • Plan revalidation or update (especially after facility changes) • Review of any past incidents or audit findings • Improvements based on drill outcomes or supplier alerts
- • Annual review log and sign-off documentation • Updated versions of food defense plans and SOPs • Meeting minutes or review notes
Common Audit Findings & Recommended Fixes
Finding
Corrective Action
No written food defense plan
Create a documented plan with assigned roles and updates
Inadequate perimeter security
Install physical barriers or access control devices
No employee training on threats
Conduct annual site-wide awareness training
No record of drills or updates
Schedule simulations and maintain change logs
| Finding | Corrective Action |
|---|---|
| No written food defense plan | Create a documented plan with assigned roles and updates |
| Inadequate perimeter security | Install physical barriers or access control devices |
| No employee training on threats | Conduct annual site-wide awareness training |
| No record of drills or updates | Schedule simulations and maintain change logs |