ISO 22000 Certification: Food Safety Management

• Obtain the standard:

Get a licensed copy of the relevant standard and familiarize yourself with the requirements to decide if certification/registration to this standard makes good sense for your organization.

• Review available literature and apply digital tools

Explore available literature, guidelines from the standard owners (e.g. ISO/TS 9002 for ISO 9001, ISO 14004 for ISO 14001)   and digital sources and tools that can assist with implementation. Note that as a DNV customer you get access to tailored tools that can assist you.

• Assemble a team and define strategy:

To implement a management system should be a strategic decision for the entire organization. Senior management must be involved in the decision, committed and involved in shaping the system. They decide the business strategy the management system should support. In addition, you need a dedicated team to develop and implement your management system.

• Determine competence needs:

First, your team implementing and maintaining the management system needs a thorough understanding of the chosen standards. Later on, the wider organization needs awareness training. DNV offers a variety of public and in-house courses worldwide that meets your competence training needs at all levels within your organization.

• Review consultant options:

Independent consultants can advise on a workable, realistic, and cost-effective strategy plan for implementation if you do not have this competence or capacity already.

• Develop management system documentation: 

Decide on an appropriate platform for your documented information (e.g. software, process map- or SharePoint-based). The right platform is important to ensure effective management, communication and implementation.

• Determine, manage and document processes:

First identify key processes – what they are, how they work, and how they interact. Each process should have a clear purpose, defined responsibilities, and expected outputs. The level of documented information needed depends on the organization’s size, complexity, and the importance of each process, but must include relevant processes and other documented information needed to deliver on intended outcomes and comply with the chosen standard’s requirements.

• Implement management system:

Clear communication and necessary competence training are essential elements. During the implementation phase, you will work to ensure that your organization is working according to defined and documented processes. Once successful, you can prove system’s compliance and effectiveness.

• Select a certification body/registrar:

Selecting the right certification body/registrar can make a difference throughout your certification journey. DNV offers a trusted partnership approach, a risk-based approach and range of free digital tools that help you manage your certification journey before, during and after the audit.

• Consider a pre-audit gap analysis:

Consider a preliminary evaluation by your certification body/registrar to identify and correct nonconformities before starting the official certification process. The purpose is to identify areas of non-conformance or weaknesses, allowing you to correct these before you begin the official certification process.

ISO 22000 is an internationally recognized standard for food safety management systems (FSMS). It specifies requirements for a food safety management system that organizations can implement to manage food safety hazards and safeguard consumers. Developed by the International Organization for Standardization (ISO), ISO 22000 is applicable to all organizations in the food chain, regardless of size and complexity.

ISO 22000 certification is a formal, independent verification that an organization’s food safety management system (FSMS) meets the requirements of the ISO 22000 standard. It is conducted by an accredited certification body following an audit and demonstrates that the organization has effective controls in place to manage food safety hazards and meet regulatory and customer requirements. Once the food safety management system is verified to be compliant with ISO 22000, a certificate is issued and must be maintained by the company through regular follow‑up audits. Certification is voluntary but increasingly expected by customers and suppliers, providing confidence that the organization manages food safety in a reliable and consistent way.

To get ISO 22000 certification, an organization must first implement a food safety management system that meets the ISO 22000 requirements and then undergo an audit by an independent, accredited certification body such as DNV. This includes establishing and maintaining processes to identify and control food safety hazards, implementing prerequisite programmes and managing operational controls in line with the standard. If the food safety management system complies with the ISO 22000 requirements, certification is granted and maintained through regular follow-up audits.