Documente Academic
Documente Profesional
Documente Cultură
Publication history
First published March 2008
Second edition March 2010
Third (current) edition October 2014
PAS 96:2014
Contents
Foreword ..................................................................................................... ii
1 Scope ......................................................................................................... 1
6 Assessment ............................................................................................... 12
Annexes
Annex A (informative) TACCP case studies................................................. 19
Annex B (informative) Sources of information and intelligence about
emerging risks to food supply..................................................................... 31
Annex C (informative) Complementary approaches to food and drink
protection..................................................................................................... 32
Bibliography................................................................................................. 33
List of figures
Figure 1 A food supply chain ................................................................... 2
Figure 2 Outline TACCP process ............................................................... 10
Figure 3 Risk scoring matrix ..................................................................... 14
Figure A.1 Threat identification .............................................................. 21
Figure A.2 Threat prioritization .............................................................. 28
Figure A.3 Vulnerability assessment ........................................................ 30
Figure B.1 Global dissemination of information and intelligence about
emerging risks to food ................................................................................ 31
List of tables
Table 1 Risk assessment scoring ............................................................... 13
Table 2 Approaches to risk reduction ..................................................... 15
Table 3 Tamper evidence ......................................................................... 16
Table 4 Personnel security ........................................................................ 16
Table A.1 Threat information .................................................................. 20
Table A.2 Threat identification ................................................................ 22
Table A.3 Threat assessment .................................................................... 26
Table A.4 Threat assessment report 20140422 ....................................... 29
Foreword
This PAS was jointly sponsored by the Department for Environment, Food &
Rural Affairs (Defra) and the Food Standards Agency (FSA). Its development
was facilitated by BSI Standards Limited and it was published under licence
from The British Standards Institution. It came into effect on 31 October 2014.
Acknowledgement is given to the following This PAS is not to be regarded as a British Standard.
organizations that were involved in the development It will be withdrawn upon publication of its content in,
of this PAS as members of the steering group: or as, a British Standard.
Agrico UK Limited
The PAS process enables a guide to be rapidly
Bakkavor
developed in order to fulfil an immediate need
Cargill in industry. A PAS can be considered for further
Department for Environment, Food & Rural Affairs development as a British Standard, or constitute part
(Defra) of the UK input into the development of a European or
Food and Drink Federation (FDF) International Standard.
Food Standards Agency (FSA)
It has been assumed in the preparation of this PAS
GIST Limited that the execution of its provisions will be entrusted
Global Food Security Programme to appropriately qualified and experienced people, for
Heineken UK whose use it has been produced.
Hilton Food Group plc
This publication does not purport to include all the
J Sainsbury plc necessary provisions of a contract. Users are responsible
Leatherhead Food Research for its correct application.
McDonalds Europe
Compliance with a PAS cannot confer immunity from
Raspberry Blonde
legal obligations.
SSAFE
Tesco plc
Introduction
The food industry sees the safety of its products as its It explains the TACCP process, outlines steps that can
main concern. Over the years, industry and regulators deter an attacker or give early detection of an attack,
have developed food safety management systems and uses fictitious case studies (see Annex A) to show
which mean that major outbreaks of food poisoning its application. Broadly, TACCP places food business
are now quite unusual in many countries. These managers in the position of an attacker to anticipate
systems typically use Hazard Analysis Critical Control their motivation, capability and opportunity to carry
Point (HACCP) principles which are accepted globally.1) out an attack, and devising protection. It also provides
HACCP has proven to be effective against accidental other sources of information and intelligence that may
contamination. help identify emerging threats (see Annex B).
HACCP principles however have not been routinely The TACCP process assumes and builds on a business
used to detect or mitigate deliberate attacks on a existing effective operation of HACCP, as many
system or process. Such attacks may include deliberate precautions taken to assure the safety of food, are
contamination or fraud. Deliberate acts may have likely to also deter or detect deliberate acts. It also
food safety implications but can harm organizations in complements existing business risk management and
other ways, such as damaging business reputation or incident management processes.
extorting money.
The focus of this PAS is on protecting the integrity and
The common factor behind all such deliberate acts is wholesomeness of food and food supply. Any intending
people. The people may be within a food business, may attacker, whether from within a food business or its
be employees of a supplier to the food business, or may supply chain, or external to both, is likely to attempt
be complete outsiders with no connection to the food to elude or avoid routine management processes. It
business. The key issue being their motivation; they should help food businesses mitigate each of these
may aim to cause harm to human health or business threats, but the approach may also be used for other
reputation, or to make financial gains at the expense business threats.
of the business. In any of these situations it is in the
interests of the food business to protect itself from No process can guarantee that food and food supply
such attacks. are not the target of criminal activity, but the use of
PAS 96 can make it less likely. It is intended to be a
The purpose of PAS 96 is to guide food business practical and easily used guide and so is written in
managers through approaches and procedures to everyday language and should be used in a common-
improve the resilience of supply chains to fraud or sense rather than legalistic way.
other forms of attack. It aims to assure the authenticity
of food by minimizing the chance of an attack and
mitigating the consequences of a successful attack.
1)
Further information and guidance regarding HACCP can
be found in the CODEX Alimentarius publication, General
Principles of Food Hygiene [1].
This PAS provides guidance on the avoidance and For the purposes of this PAS, the following terms and
mitigation of threats to food and food supply. It definitions apply.
describes a risk management methodology, Threat
Assessment Critical Control Points (TACCP), which can
be adapted by food businesses of all sizes and at all 2.1 cyber security
points in food supply chains.
procedures used to protect electronic systems from
sources of threat
It is intended to be of use to all organizations, but may
be of particular use to managers of small and medium NOTE Examples of these threats are from malware and
sized food enterprises who may not have easy access to hackers intent on misusing IT systems, corrupting them
specialist advice. or putting them out of use.
NOTE 2 Food fraud may also involve the sale of meat 2.6 hazard
from animals that have been stolen and/or illegally
slaughtered, as well as wild game animals like deer that something that can cause loss or harm which arises
may have been poached. from a naturally occurring or accidental event or results
from incompetence or ignorance of the people involved
{SOURCE: FOOD STANDARDS AGENCY, http://food.
gov.uk/enforcement/enforcework/foodfraud/#.
U5Xn2v1OWwU [2]} 2.7 Hazard Analysis Critical Control Point
(HACCP)
system which identifies, evaluates, and controls hazards
2.4 food protection which are significant for food safety
procedures adopted to deter and detect fraudulent
attacks on food {SOURCE: CODEX Alimentarius. General Principles of
Food Hygiene [1]}
2.10 threat
something that can cause loss or harm which arises
from the ill-intent of people
NOTE Threat is not used in the sense of threatening
behaviour or promise of unpleasant consequence of a
failure to comply with a malicious demand.
3 Types of threat
3.1 General used to replace or extend the more expensive one (see
cases 2 and 3).
Deliberate acts against food and food supply take
several forms. Clause 3 describes the characteristics The avoidance of loss may also be an incentive for
of the main threats to food authenticity and safety adulteration (see case 4). Limited supply of a key
economically motivated adulteration (EMA) and material may encourage a producer to improvise to
malicious contamination, and outlines the nature of complete an order rather than declare short delivery to
other threats. the customer.
2)
Further details on this case of false food labels is available
from: http://www.foodnavigator-asia.com/Markets/False-food-
labels-on-82-impure-oils-in-China [3]. 5)
For further details on this adulteration case see the WHO
3)
For further details are available from: http://oceana.org/ and FAO publication, Toxicological aspects of melamine and
sites/default/files/National_Seafood_Fraud_Testing_Results_ cyanuric acid [6].
Highlights_FINAL.pdf [4]. 6)
Further information on common adulterants is available
4)
For further details on this adulteration case are available from the U.S. Pharmacopeial Convention Food Fraud
from: http://news.bbc.co.uk/1/hi/world/europe/8472377.stm [5]. Database: http://www.foodfraud.org/ [7].
15)
Further information about this restaurant fraud is available
13)
Further information on this example of counterfeiting is from: http://www.financialfraudaction.org.uk/cms/assets/1/
available from: http://thecounterfeitreport.com/product/322/ scam%20alert%20-%20restaurants%20web%20link%20doc.
[14]. pdf [16].
14)
Further information on this case of counterfeiting 16)
National Fraud Authority (UK) Annual Fraud Indicator 2013
is available from: http://www.news.com.au/finance/ is available from: https://www.gov.uk/government/uploads/
offshore-raids-turn-up-fake-aussie-jacobs-creek-wines/story- system/uploads/attachment_data/file/206552/nfa-annual-fraud-
e6frfm1i-1226029399148 [15]. indicator-2013.pdf [17].
4.7 The hacktivist and other cyber 4.8 The professional criminal
criminals Organized crime may see food fraud as a relatively
A hacktivist or other cyber criminal aims to simple crime, with big gains in prospect, little chance
subvert controls on computerized information and of apprehension, and modest penalties if convicted.
communications systems in order to stop them working The global trade in food in which food materials
effectively, to steal or to corrupt data which they hold, move, often with little notice, across enforcement area
and/or to disrupt internet business. Their motivation borders appears to encourage the professional criminal.
may be criminal, but may also be to demonstrate their
expertise and ability to beat any protective system They may be deterred by close collaboration between
devised to stop them. food operations and national and international police
authorities.
This type of attacker has information and
communications technology expertise that can cause
commercial harm and may pose an increasing threat to
food safety as internet activity increases.
A standing TACCP team should be formed, which could Since the TACCP process may cover sensitive material
include individuals with the following expertise: and could be of assistance to a prospective attacker,
all team members should not only be knowledgeable
security;
of actual processes, but also trustworthy, discreet and
human resources; aware of the implications of the process.
food technology;
process engineering; The TACCP team should:
production and operations; 1) evaluate all new information which has come to its
attention;
purchasing and supply;
2) identify individuals and/or groups which may
distribution;
be a threat to the organization and assess their
communications; and motivation, capability and determination;
commercial/marketing. 3) identify individuals and/or groups which may be
NOTE 1 The team may include representatives of key a threat to the specific operation (e.g. premises,
suppliers and customers. factory, site);
NOTE 2 For a small organization, one person may have 4) select a product which is representative of a
to cover all of these roles. particular process;
NOTE 3 While the HACCP team might provide a suitable NOTE 4 For example, a suitable product would be
starting point, the Business Continuity team might typical of a particular production line and could be
be a better model. The TACCP team is typically an one which is more vulnerable;
established and permanent group able to continually 5) identify individuals and/or groups that may want to
review its decisions. target the specific product;
6) draw a process flow chart for the product from 12) where the priority is high, identify who has
but not limited by, farm to fork including, for unsupervised access to the product or process and
example, domestic preparation. The whole flow whether they are trustworthy, and if that trust can
chart should be visible at one time. Particular be justified;
attention should be paid to less transparent parts 13) identify, record confidentially, agree and
of the supply chain which might merit a subsidiary implement proportionate preventative action
chart; (critical controls). The TACCP team should have a
7) from an examination of each step of the process confidential reporting and recording procedure
identify the vulnerable points where an attacker that allows management action on decisions but
might hope for success and the people who would does not expose weaknesses to those without a
have access; need to know (see case studies in Annex A);
8) identify possible threats appropriate to the product 14) determine the review and revise arrangements for
at each step and assess the impact that the process the TACCP evaluation; and
may have in mitigating the threats; NOTE 9 Review of the TACCP evaluation should
NOTE 5 Model adulterants include low-cost take place after any alert or annually, and at points
alternative ingredients to premium components; where new threats emerge or when there are
model contaminants could include highly toxic changes in good practice.
agents, toxic industrial chemicals, readily available 15) maintain a routine watch of official and industry
noxious materials and inappropriate substances like publications which give an early warning of
allergens or ethnically unwholesome foodstuffs. changes that may become new threats or change
NOTE 6 For example, cleaning may remove the the priority of existing threats, including more local
contaminant, heat treatment may destroy it, and issues as they develop.
other food components may neutralize it. NOTE 10 An outline of some information and
9) select the points in the process where the threat intelligence systems is given in Annex B.
would have the most effect, and where they might
best be detected;
10) assess the likelihood of routine control procedures
detecting such a threat;
NOTE 7 For example, routine laboratory analysis
could detect added water or unusual fats and oils;
effective management of buying would challenge
unusual purchase orders.
11) score the likelihood of the threat happening, score
the impact it would have, and chart the results to
show the priority it should be given (see 6.3), and
revise if this risk assessment seems wrong;
NOTE 8 Some lateral thinking may be needed.
The TACCP team might ask, If we were trying to
undermine our business, what would be the best
way? It may consider how an attacker selects
attack materials:
availability;
cost;
toxicity;
physical form; and/or
safety in use, for example pesticides on farms and
aggressive flavour materials in factories may be
convenient contaminants.
6 Assessment
NOTE The following lists are not intended to be Are internal audit arrangements independent?
exhaustive of all questions that may be asked to assess Have key roles been occupied by staff for many years
a threat. with little supervision?
Are new recruits, especially agency and seasonal staff, A typical feature of EMA (see 3.2) is the substitution
appropriately screened? of a low cost item in place of a relatively high cost
component/ingredient. The TACCP team needs to be
Are services to the premises adequately protected?
alert to the availability of such alternatives. An example
Are external utilities adequately protected? where this may happen is when added value is claimed,
Are hazardous materials, which could be valuable to (e.g. organic, non-gm, locally grown, free range or with
hostile groups, stored on site? protected designations of origin). The attacker is likely
Are large numbers of people (including the general to have ready access to lower value equivalents, which
public) using the location? are almost indistinguishable.
Do any employees have reason to feel disgruntled or NOTE Further guidance on sources of information and
show signs of dissatisfaction? intelligence on the likelihood of food fraud is provided
in Annex B.
The TACCP team needs to be confident that its own Have business competitors been accused of espionage
operations and those of its suppliers are in trustworthy or sabotage?
hands. This can be achieved using advice on personnel
security.17) 6.3 Assessment of risk
Questions which the TACCP team could ask include: Organizations need to understand the threats that they
Are low cost substitute materials available? face, but should focus attention on the priority ones.
For each identified threat the TACCP team considers
Have there been significant material cost increases?
and gives a score for the likelihood of each threat
Has pressure increased on suppliers trading margins? happening and for its impact (see Table 1).
Do you trust your suppliers managers, and their
suppliers managers?
Table 1 Risk assessment scoring
Do key suppliers use personnel security practices?
Do suppliers think that we monitor their operation Likelihood of threat Score Impact
and analyze their products? happening
Which suppliers are not routinely audited?
Very high chance 5 Catastrophic
Are we supplied through remote, obscure chains?
Are major materials becoming less available (e.g. High chance 4 Major
from crop failure) or alternatives plentiful (e.g. from
overproduction)? Some chance 3 Significant
http://www.cpni.gov.uk/advice/Personnel-security1/ [18].
5 Threat A
4 Threat C
Impact 3 Threat B
2 Threat E
1 Threat D
1 2 3 4 5
Likelihood
NOTE This is an example risk scoring matrix, organizations may choose different criteria for the different risk
categories.
7 Critical controls
9 Scheduled deliveries
10 Documentation checked
before admittance
8 Response to an incident
8.1 Management of a food protection Where contamination is implicit, quarantine and maybe
crisis withdrawal and recall of product might be expected.
Food protection and defence procedures aim to In cases involving criminal action, police officers from
reduce the risk of an attack but cannot eliminate it, so serious crime units should be involved at the earliest
emergency response and business continuity protocols opportunity to avoid any loss of evidence.
are essential. NOTE An important police contact in the U.K. may be
the Anti-Kidnap and Extortion Unit of the National
Food protection may sit within a business crisis
Crime Agency; others are also provided in Annex B.
management system (see BS 11200), and is likely to
share its general objectives: Generally, the best time to learn how to manage a crisis
to minimize physical and financial harm to consumers, is not in the crisis, so advanced planning and rehearsal
customers, employees and others; of procedures is essential.
to collaborate with investigatory and enforcement
authorities;
to gain public support for the organization; 8.2 Contingency planning for recovery
to minimize the cost, financial, reputational and from attack
personal, of the incident; Business continuity management principles give good
to prevent re-occurrence; and resilience to react to and recover from an attack.
to identify offenders. Advice on how best to develop and implement your
organizations recovery in response to a disruptive
incident is provided in BS ISO 22313.
It is vital that any changes which could affect the The local situation may be reviewed frequently and
TACCP assessment, such as breaches and suspected briefly against changes to conditions pertaining at the
breaches of security or authenticity, be immediately premises. A concise report of the review should have
reported to the TACCP team leader who decides if a only limited circulation.
full review is needed.
The TACCP team should regularly review food protection
The TACCP team should monitor official websites arrangements in line with other corporate policies.
for updates in national threat assessments and for
information on emerging risks, (see Annex B).
Annex A (informative)
TACCP case studies
NOTE Both case studies are entirely fictitious and any A.2.1 In this report the company identifies and
resemblance to real organizations is coincidental. comments on the threats it faces (see Table A.1).
It incorporates the flowchart on which its TACCP
assessment is based (see Figure A.1). It considers
A.1 General vulnerabilities at each stage in the process (see Table
A.2). It summarizes the threat picture (see Table A.3)
This annex presents two case studies to illustrate how
and uses the risk matrix (see Figure A.2) to rank the
the TACCP process may be adapted, operated and
threats, leading to its plan of action (see A.3).
reported by different organizations to reflect their
business situation. They are written as formal records
of the risk assessment exercise and do not attempt any
background company context. Both companies have
chosen to tabulate their findings.
Threats to locations:
E Supporters of local businesses Adverse publicity; Guilt by Some locations report high
association with fast food levels of press interest
F Overworked company staff, Petty contamination; possible Some staff shortage where
disenchantment could lead to serious malicious contamination there is little post-18
alliance with extremists (e.g. education;
terrorists) and in locations with an
extremist reputation
H Front line staff Theft; collusion with customers Rigorous audit in place;
Outlet managers trustworthy
(personnel security checks)
Threats to product:
PAS 96:2014
Step Process step Threat Vulnerability Access Mitigation Adulterant; Impact of QA/QC Likelihood Impact
no Contamination process
02 Mains water Malicious Bulk storage Services Effective Soluble toxins May inhibit May fail 1 1
contamination reservoirs engineers control of yeast; may sensory
access affect tests
dough
handling
05 Mix, divide, Malicious Batch mixing Skilled mixer Trained Powdered May inhibit May fail 1 1
prove, bake contamination operation operative experienced toxin yeast; may sensory
buns staff affect tests
dough
The British Standards Institution 2014
handling
Table A.2 Threat identification (continued)
The British Standards Institution 2014
Step Process step Threat Vulnerability Access Mitigation Adulterant; Impact of QA/QC Likelihood Impact
no Contamination process
06 Cool, freeze,
pack buns
07 Palletize
08 Cold storage
09 Deliver to
Burgers4U
10B Select Fraudulent Poor Delivery Unique animal Meat from Negligible Random 2 3
abattoir substitution segregation drivers; identification cheaper tests may
/ cutting of species process staff recorded sources detect
plant unless
collusion
PAS 96:2014
13 Deliver to Hijacking of Supplier
Burgers4U consignment responsibility
14 Chill storage
23
Table A.2 Threat identification (continued)
24
PAS 96:2014
Step Process step Threat Vulnerability Access Mitigation Adulterant; Impact of QA/QC Likelihood Impact
no Contamination process
17 Mince patty
batches
18 Form pattys
19 Freeze
pattys
20 Pack to
cases
21 Palletize
22 Cold storage
24 Source
consumables
The British Standards Institution 2014
26 Deliver to
Burgers4U
Table A.2 Threat identification (continued)
The British Standards Institution 2014
Step Process step Threat Vulnerability Access Mitigation Adulterant; Impact of QA/QC Likelihood Impact
no Contamination process
27 Ambient
storage
28 Deliver to
restaurant
29 Pick orders
30 Deliver to
restaurant
31 Cold storage
32 Move to Malicious Out of hours; Night store- Tamper Spiked pattys Little None 1 3
kitchen substitution unsupervised staff evident cases
34 Wrap burger
35 Hot storage
36 Receive
order
PAS 96:2014
37 Supply order Selling too long Restaurant Personnel 2 2
after wrapping manager security
under procedures
wastage
pressure
25
Table A.2 Threat identification (continued)
26
PAS 96:2014
Step Process step Threat Vulnerability Access Mitigation Adulterant; Impact of QA/QC Likelihood Impact
no Contamination process
C:01B Fraud; collusion with suppliers Select bakery 2 3 Job rotation <5 years;
D:23 Counterfeiting; misappropriation of Source packaging 2 4 Formal notice to supplier; new supplier if
packaging no improvement in security after 6 months
F:32 Petty contamination; Move to kitchen 1 3 Part used cases to be security sealed by
manager
Possible serious malicious
contamination
I:10B EMA non-animal protein, or non- Select abattoir/cutting plant 2 3 Stronger management of vendor:
beef meats, replacing meat technical audit, regular sampling/ad hoc
I:11 Source meat 4 3 testing, facilitate whistleblowing.
I:12 Butchery 2 3
K:37 Selling burgers too long after Supply order 2 2 No further action
wrapping
PAS 96:2014
27
PAS 96:2014
5 C:10A
4 D:23
C:01B
F:32
Impact 3 I:10B B I:11
L:15
I:12
A
D:39
2 K:37
G
J:33
1 E H:38
Threat From Threat Vulnerability A) Mitigation Consequence Impact Likelihood Protective action
no
1 Suppliers Non-organic Top-up milk; All goods from Loss of organic 5 2 Require certificate of
supply Bought-in accredited status conformance for all
calves; suppliers ad hoc purchases
semen B)
3 BCC staff Malicious Manual All staff are Localized illness 2 1 No further action
contamination operations, family members possible
unsupervised or long
(process largely term trusted
self-controlling) partners;
All batches are
taste tested
PAS 96:2014
29
PAS 96:2014
Figure A.3 Vulnerability assessment
30 The British Standards Institution 2014
PAS 96:2014
Annex B (informative)
Sources of information and intelligence about emerging
risks to food supply
B.1 Figure B.1 illustrates local and global systems which
may be used to update TACCP assessments.
Figure B.1 Global dissemination of information and intelligence about emerging risks to food
NOTE Further information on these international sources can be found at the following: INFOSAN http://www.
who.int/foodsafety/areas_work/infosan/en/ [21], EMPRES http://www.fao.org/foodchain/empres-prevention-and-
early-warning/en/ [22] and GIEWS http://www.fao.org/giews/english/index.htm [23].
Annex C (informative)
Complementary approaches to food and drink protection
Bibliography
PD ISO/TR 31004, Risk management Guidance for the Other publications and websites
implementation of ISO 31000 [1] CODEX ALIMENTARIUS. CODEX CAC/RCP 1-1969:
General principles of food
Crisis management hygiene. Rome: CODEX Alimentarius, 2003.
BS 11200, Crisis management Guidance and good
practice [2] FOOD STANDARDS AGENCY. Available from: http://
food.gov.uk/enforcement/enforcework/foodfraud/#.
U9jNNvldVH4 [viewed October 2014].
Business continuity management
BS ISO 22301, Business continuity management systems [3] EAGLE, JENNY. False food labels on 82 impure oils
Requirements and guidance in China. Food Navigator-Asia, 2013. Available from:
http://www.foodnavigator-asia.com/Markets/False-
BS ISO 22313, Societal security Business continuity food-labels-on-82-impure-oils-in-China [viewed
management systems Guidance October 2014].
Supply chain security [4] OCEANA. Oceana study reveals seafood fraud
BS ISO 28000, Specification for security management nationwide. Oceana, 2013. Available from: http://
systems for the supply chain oceana.org/sites/default/files/National_Seafood_Fraud_
Testing_Results_Highlights_FINAL.pdf [viewed October
BS ISO 28002, Security management systems for the 2014].
supply chain Development of resilience in the supply
chain Requirements with guidance for use [5] BBC. Italian buffalo mozzarella probe as tests find
cow milk. BBC, 2010. Available from: http://news.bbc.
PD CEN/TR 16412, Supply chain security (SCS) Good co.uk/1/hi/8472377.stm [viewed October 2014].
practice guide for small and medium sized operators
[6] WORLD HEALTH ORGANIZATION and FOOD [13] GILLAM, CAREY. Chinese woman arrested in plot
AND AGRICULTURE ORGANIZATION OF THE UNITED to steal U.S corn technology. Kansas City: Grainews.
NATIONS. Toxicological aspects of melamine and Available from: http://www.grainews.ca/daily/chinese-
cyanuric acid: Report of a WHO expert meeting in woman-arrested-in-plot-to-steal-u-s-corn-technology
collaboration with FAO. WHO and FAO, 2009. Available [viewed October 2014].
from: http://www.who.int/foodsafety/fs_management/
Exec_Summary_melamine.pdf [viewed October 2014]. [14] THE COUNTERFEIT REPORT. How to identify
counterfeit Glens vodkas. Alexandria, 2014. Available
[7] U.S. PHARMACOPEIAL CONVENTION. Food fraud from: http://thecounterfeitreport.com/product/322/
database. Available from: http://www.foodfraud.org/ [viewed October 2014].
[viewed October 2014].
[15] NEWSCORE. Offshore raids turn up fake Aussie
[8] FOOD STANDARDS AGENCY. Update on malicious Jacobs Creek wines. Australia, 2011. Available
tampering with Kingsmill bread. Food Standards from: http://www.news.com.au/finance/offshore-
Agency, 2006. Available from: http://webarchive. raids-turn-up-fake-aussie-jacobs-creek-wines/story-
nationalarchives.gov.uk/20120206100416/http://food. e6frfm1i-1226029399148 [viewed October 2014].
gov.uk/news/newsarchive/2006/dec/kingsmill [viewed
October 2014]. [16] FINANCIAL FRAUD ACTION UK. Restaurants and
diners targeted in new scam. London. Available from:
[9] TOROK, THOMAS J. MD, TAUXE, ROBERT V. MD, http://www.financialfraudaction.org.uk/cms/assets/1/
MPH, WISE, ROBERT P. MD, MPH; LIVENGOOD, JOHN R scam%20alert%20-%20restaurants%20web%20
MD, SOKOLOW, ROBERT, MAUVAIS, STEVEN, BIRKNESS, link%20doc.pdf [viewed October 2014].
KRISTEN A,SKEELS, MICHAEL R PhD, MPH, HORAN,
JOHN M MD MPH, FOSTER, LAURENCE R, MD, MPH. [17] NATIONAL FRAUD AUTHORITY. Annual fraud
A large community outbreak of Salmonellosis caused indicator. National Fraud Authority, 2013. Available
by intentional contamination of restaurant salad bars. from: https://www.gov.uk/government/uploads/system/
American Medical Association, 1997. Available from: uploads/attachment_data/file/206552/nfa-annual-fraud-
http://www.cdc.gov/phlp/docs/forensic_epidemiology/ indicator-2013.pdf [viewed October 2014].
Additional%20Materials/Articles/Torok%20et%20al.pdf
[viewed October 2014]. [18] CENTRE FOR THE PROTECTION OF NATIONAL
INFRASTRUCTURE. Personnel security. London: CPNI.
[10] Q FOOD. Food Tampering: [1989] Glass in baby Available from: http://www.cpni.gov.uk/advice/
food. Germany. Available from: http://www.qfood. Personnel-security1/ [viewed October 2014].
eu/2014/03/1989-glass-in-baby-food/ [viewed October
2014]. [19] CENTRE FOR THE PROTECTION OF NATIONAL
INFRASTRUCTURE. Holistic management of employment
[11] ORR, JAMES. Blackmailer jailed over Tesco bomb risk (HoMER). London: CPNI, 2012. Available from:
threats. The Guardian, 2008. Available from: http:// http://www.cpni.gov.uk/advice/Personnel-security1/
www.theguardian.com/uk/2008/jan/28/ukcrime [viewed homer/ [viewed October 2014].
October 2014].
[20] SCOTTISH GOVERNMENT and FOOD STANDARDS
[12] MURRAY, KEVIN D. Electronic eavesdropping & AGENCY. Expert advisory group report the lessons
Industrial espionage. New York: Murray Associates. to be learned from the 2013 horsemeat incident.
Available from: http://www.spybusters.com/mbsc1.html 2013. Available from: http://www.scotland.gov.uk/
[viewed October 2014]. Resource/0043/00437268.pdf [viewed October 2014].
[22] FOOD AND AGRICULTURE ORGANIZATION OF CENTRE FOR THE PROTECTION OF NATIONAL
THE UNITED NATIONS. Emergency prevention system INFRASTRUCTURE. Products and services.
(EMPRES). Available from: http://www.fao.org/ Available from: http://www.cpni.gov.uk/advice/
foodchain/empres-prevention-and-early-warning/en/ [viewed October 2014].
[viewed October 2014].
EUROPEAN COMMISSION. http://ec.europa.eu/
[23] GLOBAL INFORMATION AND EARLY WARNING dgs/health_consumer/dyna/consumervoice/create_
SYSTEM (GIEWS). Available from: http://www.fao.org/ cv.cfm?cv_id=891.
giews/english/index.htm [viewed October 2014].
FOOD STANDARDS AGENCY. Principles for preventing
[24] FOOD AND DRUG ADMINISTRATION. Carver + and responding to food incident. FSA, 2007. Available
Shock Primer An overview of the Carver plus Shock from: http://multimedia.food.gov.uk/multimedia/pdfs/
method for food sector vulnerability assessments. FDA, taskforcefactsheet23mar07.pdf [viewed October 2014].
2009. Available from: http://www.fda.gov/downloads/
INSTITUTE OF FOOD SCIENCE AND TECHNOLOGY. Good
Food/FoodDefense/FoodDefensePrograms/UCM376929.
manufacturing practice: A guide to its responsible
pdf [viewed October 2014].
management. Wiley-Blackwell, 2013.
[25] PLATFORM FOR INTERNATIONAL COOPERATION ON
MI5 THE SECURITY SERVICE. Current threat level in the
UNDOCUMENTED MIGRANTS. PICUM Five-Point Action
UK. Available from: www.mi5.gov.uk [viewed October
Plan for the Strategic Guidelines for Home Affairs from
2014].
2015. PICUM, 2014.
BSI is incorporated by Royal Charter. British Standards and other standardization products are
published by BSI Standards Limited.