Vulnerability Assessment Tool (BRC Method) – Frequently asked questions (FAQ)
Is this assessment tool suitable for businesses that do not operate to a GFSI food safety management standard?
This tool is designed for businesses that are currently operating to a Global Food Safety Initiative (GFSI) standard and it assumes that the requirements of those standards such as those related to supplier approvals, purchasing specifications and incoming goods receipt are already met. If your business is not operating to a food safety management standard and does not have supplier approval processes, purchasing specifications and robust systems for receiving materials then it is more vulnerable to accepting fraudulent material and this tool will underestimate the risk.
If your business is not operating to a GFSI standard, you should check out our other tools to help you prepare your vulnerability assessment.
What happens if I can’t complete all the questions?
To get a result you need only enter the name of material group that is being assessed. If you have not answered all the questions the tool will calculate a high vulnerability rating. However it is possible to supplement the calculated rating with your own estimate if desired. This means that if you already think that a particular raw material has a very low risk of occurrence or detection you may choose to simply enter your best estimates of likelihood instead of completing all the data fields. This will allow you to prioritise your time and focus on the most important raw materials and ingredients first. Note that if you do this the resulting assessment documents are unlikely to be acceptable to an auditor because they will not contain a complete explanation of how the risk assessment was performed. To obtain a complete explanation, every question should be answered.
What if I disagree with the results?
The Vulnerability Assessment Tool calculates likelihood of occurrence and detection using information entered by the user. Users are encouraged to also enter their own estimates. The reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.
Why are some of the questions repeated?
The tool was developed to be closely aligned with the recommendations of the British Retail Consortium in their document Understanding Vulnerability Assessment (2015). That guidance document describes the elements that should be considered when assessing likelihood of occurrence and likelihood of detection and according to the British Retail Consortium’s methodology there are a number of elements that should be included in both occurrence and detection assessments.
Why is the Vulnerability Assessment Tool an Excel spreadsheet instead of specialised software?
The tool was created for Quality Assurance Mangers and HACCP Managers to use. It was created with Microsoft Excel because most of its intended users are familiar with excel and so can begin entering data as soon as they open the spreadsheet, with no special training. Data can be copied, pasted and searched just as you would in any spreadsheet and results can be easily extracted for use in other documents. Blank and completed spreadsheets can and should be incorporated into a company’s controlled documents and record-keeping system and Microsoft Excel files are usually suitable for this purpose.
The tabular format of the data entry pages allows users to have a ‘whole picture’ visual understanding of the data that has been entered and the gaps that need to be filled. Other types of software such as questionnaire-style assessments do not provide a visual overview and require information to be entered in a defined series of steps which can be frustrating. Within the tables of the Vulnerability Assessment Tool, colour-coding functions provide instant feedback about whether an answer affects vulnerability in a positive or negative way, which can be a valuable learning tool.
Can I copy the results into my own spreadsheet or other document?
Yes. The data can be copied, pasted, sorted and manipulated as in any spreadsheet. When copying from the tool use the excel function ‘paste special – values’, which will prevent pasting formulas that might return error values in a different document.
Do I have to purchase a new spreadsheet for each material group?
No, you may make as many copies of this spreadsheet as you need for ONE food business in one manufacturing location. You may not share it with other food businesses or take it when you change jobs. For complete terms and conditions click here.
Is there a telephone number I can call for help and support with the tool?
Real-time support is coming soon. Until then, please email firstname.lastname@example.org with your query, including your preferred contact details and geographical location (for time zone purposes). We will contact you by telephone or Skype or email an answer to you.
Can I have access to the formulas that generate the results?
If you disagree with the results the tool allows you to override them; the reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.
If you think the methodology, including the risk calculations should be amended or you think there is an error in any formula please contact us. We want the Vulnerability Assessment Tool to be the best that it can and value your feedback.
Want to buy an unlocked version that is fully customisable? Request a quote here.
My security settings will not allow me to run macros, is this a problem?
No problem; the Vulnerability Assessment Tool has been created without macros to keep things safe and secure and to prevent headaches with your internal IT systems.
I only have Microsoft Excel 1997 – 2003, will this be a problem?
No problem; a Lite version of the Vulnerability Assessment Tool that is compatible with Excel 1997 – 2003 comes free with every purchase of the spreadsheet. This also works best for users with older versions of Excel for Mac. For more information about compatibility, click here.
Can I get a tax receipt?
Australian purchasers receive a tax invoice for GST purposes in their confirmation email. Purchasers in other countries are not charged any tax but receive an itemised purchase receipt in their confirmation email.