Food-Processing Security:

Voluntary Efforts Are Under Way, but Federal Agencies Cannot Fully Assess Their Implementation

GAO-03-342: Published: Feb 14, 2003. Publicly Released: Mar 18, 2003.

Additional Materials:

Contact:

Lawrence J. Dyckman
(202) 512-9692
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

The events of September 11, 2001, have placed added emphasis on ensuring the security of the nation's food supply. GAO examined (1) whether FDA and USDA have sufficient authority under current statutes to require that food processors adopt security measures, (2) what security guidelines FDA and USDA have provided to industry, and (3) what security measures food processors have adopted.

Federal food safety statutes give the Food and Drug Administration (FDA) and the U.S. Department of Agriculture (USDA) broad authority to regulate the safety of the U.S. food supply but do not specifically authorize them to impose security requirements at food-processing facilities. However, these agencies' food safety statutes can be interpreted to provide authority to impose certain security measures. FDA believes that its statutes authorize it to regulate food security to the extent that food security and safety overlap but observes that there is little overlap between security and safety. USDA believes that it could require food processors to adopt certain security measures that are closely related to sanitary conditions inside the facility. USDA also believes that the statutes, however, cannot be interpreted to authorize the regulation of security measures that are not associated with the immediate food-processing environment, such as requiring fences, alarms, and outside lighting. Neither agency believes that it has the authority to regulate all aspects of security at food-processing facilities. Both FDA and USDA issued voluntary security guidelines to help food processors identify measures to prevent or mitigate the risk of deliberate contamination. Because these guidelines are voluntary, neither agency enforces, monitors, or documents their implementation. Both FDA and USDA have asked their inspectors to be vigilant and to discuss security with managers at food-processing facilities, but the agencies have stressed that inspectors should not enforce the implementation of security measures or document any observations because of the possible release of this information under the Freedom of Information Act and the potential for the misuse of this information. Since FDA and USDA do not monitor and document food processors' implementation of security guidelines, the extent of the industry's adoption of security measures is unknown. According to officials of trade associations and the five facilities we visited, however, food processors are implementing a range of security measures. In addition, the FDA and USDA field inspectors we surveyed indicated that most facilities have implemented some security measures, such as installing fences. However, the inspectors were less able to comment on security measures that were not as obvious, such as accounting for missing stock and implementing proper mail-handling practices. The inspectors also noted that while USDA has provided some of its field supervisory personnel with security training on the voluntary security guidelines it issued, it has not provided most of its inspectors with such training. FDA has not provided its staff with any training on the security guidelines. Without training on the security guidelines, inspectors are limited in their ability to conduct informed discussions regarding security with managers at food-processing facilities.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: In its February 14, 2003 report, GAO recommended that the Food and Drug Administration train its food safety investigators on issues involving the security of food products produced in the United States and inspected by FDA. FDA asked for additional information not contained in GAO's report stating the critical need to promptly deliver training to enhance efforts to prevent the food supply from deliberate contamination. FDA noted that GAO's survey results of FDA domestic food investigators contains written comments by respondents and that those comments would be extremely beneficial to FDA in developing training to be delivered via a nationwide satellite broadcast on March 13, 2003. Since this training correlates directly to its recommendation, GAO agreed to provide the data to FDA after summarizing it in such a manner that individual respondents could not be identified. On March 13, 2003, FDA conducted the satellite training for its field investigators to provide them with additional knowledge needed to deliver suggestions to food processors about the security of their products. FDA officials have confirmed that the data GAO provided was used to design at least part of the training course. The training was delivered on March 13, 2003.

    Recommendation: To increase field inspectors' knowledge and understanding of food security issues and facilitate their discussions about the voluntary security guidelines with plant personnel, the Secretary of Health and Human Services and the Secretary of Agriculture should provide training for their agencies' field staff on the security measures discussed in the voluntary guidelines.

    Agency Affected: Department of Health and Human Services

  2. Status: Closed - Not Implemented

    Comments: In February 2003, GAO recommended that, in order to reduce the risk of deliberate contamination of food products, the Secretary of Health and Human Services study existing statutes and identify what additional authorities the Food and Drug Administration (FDA) may need relating to security measures at food-processing facilities. On the basis of the results of these studies, the Department should seek additional authority from the Congress, as needed. FDA received significant new authorities under the Public Health Security and Bioterrorism Preparedness and Response Act of 2002 which the agency has been implementing over the last 3 years. FDA officials state that these new authorities have enhanced its ability to act quickly in responding to a threatened or actual terrorist attack, as well as to other food-related emergencies. This landmark legislation was the most fundamental enhancement to its food safety authorities in many years. According to FDA, if the Administration identifies additional authorities that are needed, the Administration will inform Congress. As noted in GAO's report FDA has issued specific guidance on security measures for food processors and the agency reports that it actively promotes this guidance in meetings with stakeholders at the local, state, and industry level. Along with this broad outreach campaign, FDA reports that the agency is working directly with industry and trade associations to discuss specific food defense issues. This has allowed both FDA and the industry to better determine vulnerabilities, begin to identify prevention strategies, and generate specific research questions. For example, FDA has shared new science on specific mitigation strategies with relevant industries and will continue to do so when new information becomes available. Because the guidance is voluntary, FDA does not monitor compliance per se. As part of each food safety inspection, however, FDA has asked the company/facility management about their awareness of food security issues and their knowledge of the guidance. Where the managers are unfamiliar with the issues and the guidance, FDA investigators offer them a copy of the guidance. While not security experts, FDA investigators also may point out observed security issues for company/facility management to consider in their plant operations. GAO has determined that although the Public Health Security and Bioterrorism Preparedness and Response Act of 2002 is a significant step in the right direction, it does not provide all the additional authority that FDA needs to ensure complete security at food-processing facilities. FDA officials have stated that if they feel they need more authority, they will inform Congress. If that should happen, GAO will try to close this recommendation.

    Recommendation: In order to reduce the risk of deliberate contamination of food products, the Secretary of Health and Human Services and the Secretary of Agriculture should study their agencies' existing statutes and identify what additional authorities they may need relating to security measures at food-processing facilities. On the basis of the results of these studies, the agencies should seek additional authority from the Congress, as needed.

    Agency Affected: Department of Health and Human Services

  3. Status: Closed - Not Implemented

    Comments: As per GAO's 2003 recommendation, USDA has reviewed its existing food safety statutes to determine if additional authority is needed to enforce food security measures. USDA, through its Office of General Counsel, has determined that USDA does have authority to enforce some of the voluntary food security measures as expressed in FSIS' food security guidelines. At this time, it is unclear whether USDA will pursue obtaining additional authority from Congress regarding food security. USDA is still in the process of determining whether it will require food-processing facilities to develop a food security plan. An estimated date for this determination is unknown. FDA has provided no information to GAO regarding the status of this recommendation. In September 2005, USDA provided additional documentation showing that it believes it has the authority it needs under the Federal Meat Inspection Act, the Poultry Products Inspection Act, and the Egg Products Inspection Act. FSIS said that it is currently exploring measures, including proposed regulations, to improve food security using its existing authorities and then said: "If, after implementing the measures under consideration, the Agency determines that the effectiveness of such measures is limited..., FSIS will consider other alternatives, including seeking additional authority from Congress."

    Recommendation: In order to reduce the risk of deliberate contamination of food products, the Secretary of Health and Human Services and the Secretary of Agriculture should study their agencies' existing statutes and identify what additional authorities they may need relating to security measures at food-processing facilities. On the basis of the results of these studies, the agencies should seek additional authority from the Congress, as needed.

    Agency Affected: Department of Agriculture

  4. Status: Closed - Implemented

    Comments: In January 2005, USDA issued a comprehensive directive detailing the Food Security Verification procedures that inspection personnel are to follow at food processing faciliites. As part of implementing these new security procedures, USDA has provided food security awareness training including face-to-face and CD-ROM training specifically designed for its field personnel. USDA has also developed other initiatitves including training on the use of the FSIS security guidelines for industry and practical antiterrorist strategies. USDA's actions address GAO's recommendation.

    Recommendation: To increase field inspectors' knowledge and understanding of food security issues and facilitate their discussions about the voluntary security guidelines with plant personnel, the Secretary of Health and Human Services and the Secretary of Agriculture should provide training for their agencies' field staff on the security measures discussed in the voluntary guidelines.

    Agency Affected: Department of Agriculture

 

Explore the full database of GAO's Open Recommendations »

Sep 24, 2014

Sep 18, 2014

Sep 17, 2014

Sep 10, 2014

Sep 9, 2014

Sep 8, 2014

Jul 31, 2014

Jul 29, 2014

Looking for more? Browse all our products here