PJCINC

  • Home
  • About PJC
    • Why PJC
    • Our “A to Z” Approach
    • PJC Testimonials
    • PJC Clients
    • News & Events
    • Supplier Audits
    • Risk Management
    • Compliance Audit
  • Standards
    • ISO 9001
      • ISO 9000 Implementation
      • ISO 9000 Maintenance
    • AS9100
      • AS9100 Implementation
      • AS9100 Maintenance
    • TNI 2016
    • IATF 16949
      • IATF 16949 Implementation
      • IATF 16949 Maintenance
    • ISO 13485
      • Medical Device Single Audit Program
    • ISO/IEC 17025
      • Cannabis
    • ISO 14001
      • ISO 14000 Implementation
      • ISO 14000 Maintenance
    • ISO 27001
    • ISO 20000-1
    • CMMC
    • R2 – Responsible Recycling
    • RIOS
    • ISO 45001
    • HACCP
    • FSSC 22000
    • Risk Assessment
  • ISO Consulting
  • Training
    • Virtual Public Seminars
      • ISO 27001 Lead Auditor Course
      • ISO 27001 Internal Auditor
    • ISO 9001:2015 Overview Course (Online)
    • ISO 9001:2015
      Internal Auditor
    • ISO 14000
      Internal Auditor
    • IATF 16949
      Internal Auditor
    • AS9100
      Internal Auditor
    • Measurement Uncertainty
    • ISO/IEC 17025 Internal Auditor
    • ISO/IEC 17025 Overview
    • Root Cause
    • SPC
    • Core Tools
      • ISO/TS 16949:2002 Linkage to the
        Core Tools
  • Resources
    • PJC Blog
    • PJC Food Blog
    • PJC Podcast
    • PJC Videos
    • Green Paper Library
    • Executive Overviews
    • ISO Consultation
    • Quality Manual Review
  • Contact PJC
    • Request A FREE Quote
    • Request A FREE Quick Quote
      • A to Z Implementation
      • Training
      • Internal Audits
      • Assistance/Consulting
    • Here To Answer Your Questions

October 20, 2025 by PJC Leave a Comment

Allergen Control: Beyond the Label

Why This Matters

Undeclared allergens are the leading cause of food recalls in the U.S., accounting for nearly half of all recall events in 2024. Of those label-related recalls, a staggering 83.85% stemmed from undeclared allergens. The average cost of a single recall? $10 million, not including lawsuits, reputational damage, or lost sales.

What Auditors See That You Might Miss

Auditors don’t just look at your label—they trace allergen risk through your entire system. Here’s where undeclared allergens often hide:

  • Shared tools: Scoops, slicers, or utensils used across allergen and non-allergen products.
  • Rework: Reintroducing product into the system without allergen traceability.
  • Label printing: Manual label entry or outdated templates that miss allergens.
  • Ingredient swaps: Last-minute substitutions not reflected in the label.
  • Sanitation gaps: Incomplete cleaning between allergen runs, especially in dry environments.

How to Build Auditor-Visible Allergen Control

  • Labeling: Automate label control and link it to approved formulations. Use mock audits to verify label accuracy.
  • Separation: Create visual zoning, color-coded tools, and time-based scheduling to isolate allergens.
  • Spill Clean-Up: Develop a technician-proof SOP with allergen-specific response steps and disposal protocols.
  • Cleaning Validation: Use swabbing, ATP testing, or visual checks to confirm allergen removal—especially in dry clean areas.
  • Create an allergen flow map: Show where allergens enter, move, and exit your system.
  • Train for competence, not just compliance: Use verbal checks, not just sign-offs.
  • Audit your sanitation program: Validate allergen removal with swabbing or visual checks.

Final Thought

Allergen control isn’t just about avoiding recalls—it’s about protecting lives. Auditors see beyond the label. So should you.

Filed Under: PJC Blog

October 6, 2025 by PJC Leave a Comment

When “Corrective Action” Is Just Damage Control And What Corrective Action Is NotMost facilities treat corrective action like a fire extinguisher—grab it when things go wrong, spray the problem and file the report. But clause-backed corrective action isn’t about optics or containment. It’s about systemic recalibration.

  • Damage control is reactive.
  • Corrective action is architectural.

Start with the Right Problem

A corrective action plan begins with a precise problem statement—not a solution, or a justification.

  • Define the issue without solving it.
  • Let clause cues guide your lens:
    1. “Systemic” → not isolated
    2. “Repeat finding” → ineffective past action
    3. “Gap in control” → architectural flaw

If the finding reads like déjà vu, your system isn’t learning—it’s looping.

🔌 Corrective Action Is a Switch

Think of corrective action like a switch:

  • Insert it → the problem disappears
  • Remove it → the problem returns

If the issue persists with post-correction, you didn’t find the root—you found a symptom.

  • Root cause analysis isn’t about blame.
  • It’s about solving correcting the system that created the problem

🛠️ Correction vs. Corrective Action

Correction: An immediate fix to contain or resolve the issue (e.g. Re-cleaning a contaminated surface)

Corrective Action: Systemic change to prevent recurrence, based on root cause analysis (e.g. Revising sanitation SOP and retraining)

🎯 Match the Action to the Cause

If your root cause is “lack of training,” your corrective action isn’t “update the SOP.” The action must directly neutralize the root cause.

✅ Verification Isn’t a Checkbox

Verification must evaluate effectiveness, not just confirm completion.

Ask:

  • Did the problem reoccur?
  • Did the system behave differently post-action?
  • Can we prove the fix worked under stress?

🌐 Preventive Action—The Look Across

Preventive action isn’t a bonus—it’s a systems mindset.

Use the root cause to scan adjacent systems:

  • If one SOP was flawed, are others built on the same logic?
  • If one operator misunderstood, is the training model flawed?

Corrective action closes the loop. Preventive action expands the lens.

🧭 Closing Thought

Corrective action isn’t a form. It’s a philosophy. When done right, it’s the difference between a facility that survives audits—and one that evolves through them.

Legacy isn’t built on fixes. It’s built

Filed Under: PJC Blog

September 25, 2025 by PJC Leave a Comment

HACCP Without Blind Spots

HACCP Without Blind Spots

By: M.R. Trace

Hazard Analysis and Critical Control Points (HACCP) is the backbone of food safety systems. It’s clause-backed, globally recognized, and mandatory in regulated environments. But here’s the uncomfortable truth:

Many HACCP plans look complete—until you audit them.

WHAT I SEE AS AN AUDITOR

I’ve reviewed hundreds of HACCP plans. Some are robust. Most are performative. Here are recurring gaps that compromise safety, traceability, and credibility:

  • No mention of rework – Product re-entering the process isn’t addressed. Risk is recycled, not mitigated.
  • Waste streams ignored – Disposal logic is missing. What leaves the system isn’t tracked.
  • Customer returns excluded – Returned product is outside the hazard lens. That’s a blind spot.
  • Flow chart not verified by HACCP Coordinator – No signature, no ownership. Just a diagram.
  • Flow chart doesn’t match hazard analysis – Steps are skipped, merged, or mislabeled. The map doesn’t match the terrain.
  • High-risk steps identified but not mitigated – Hazards are acknowledged, then left hanging. No CCP. No control.
  • No clause-backed justification for exclusions – “Not applicable” is used like white-out, not like logic.

If a step is excluded, it must be evaluated and justified—per clause, not convenience.

METAL DETECTOR ≠ HACCP PLAN

One of the most common missteps I see:
Facilities treat the metal detector as their only Critical Control Point
It’s installed, calibrated, and documented—so they assume the job is done.

But here’s the clause-backed reality:

  • Metal detection addresses one hazard type metal fragments.
  • It does not mitigate biological, chemical, or other physical hazards (e.g., brittle plastic, glass, bone).
  • It’s a last-line defense, not a comprehensive control strategy.

If your HACCP plan has one CCP — and its metal detection—you better have clause-backed justification for every other hazard being controlled upstream.

Otherwise, you’re not managing risk. You’re outsourcing it to a machine.

WHAT A CLAUSE-BACKED HACCP PLAN LOOKS LIKE

  • Every process step is mapped, verified, and owned
  • Rework, waste, and returns are addressed with hazard logic
  • High-risk steps trigger mitigation — not just acknowledgment
  • Flow chart and hazard analysis are synchronized and clause-referenced
  • HACCP Coordinator signs off — not just in theory, but in practice
  • Not applicable is justified with clause-backed rationale, not convenience
  • CCPs are validated — not assumed

FINAL THOUGHT

HACCP plans don’t fail because the hazards are invisible. They fail because the system pretends not to see them. If your flow chart is decorative, your hazard analysis is incomplete, your CCPs are unvalidated, and your exclusions are unexamined— you don’t have a HACCP plan. You have a liability.

Filed Under: PJC Blog

September 12, 2025 by PJC Leave a Comment

What a Food Safety Team Should Actually Be Doing

By: M.R. Trace

What a Food Safety Team Should Actually Be DoingIn most facilities, the food safety team gets mentioned in audits, training slides, and org charts—but what does it actually *do*? More importantly, what *should* it be doing?

Let’s strip away the fluff and look at the real work of a food safety team, not the ceremonial stuff. The operational stuff. The kind that keeps systems sharp, risks visible, and decisions grounded.

First, Define the Team

A food safety team isn’t just QA and the plant manager. It’s **cross-functional by design**. That means:

  • Production brings process realities
  • Sanitation brings frontline insight
  • Maintenance brings equipment context
  • Purchasing brings supplier and spec awareness
  • R&D or Product Development brings formulation foresight
  • Quality/Regulatory brings system oversight

When these voices are in the room, the team becomes a **decision-making engine**, not just a compliance checkpoint.

What Should Be on the Agenda?

Here’s what a food safety team should be reviewing regularly—not just when an auditor’s coming:

1. Site Inspection Nonconformances

  • Review internal audits, GMP walks, and sanitation inspections
  • Trend findings over timeespecially repeat offenders
  • Focus on identifying and correcting root causes, not just surface fixes

2. Ingredient, Process, Customer Changes or Product Changes

  • Any new ingredient, equipment, or formulation should trigger a review
  • Focus especially on new allergens — even trace introductions
  • Ask: Has this change been risk-assessed and communicated clearly?

3. HACCP Plan Review

  • Revisit hazard analysis when processes shift or new risks emerge
  • Don’t just “update the document” — challenge the assumptions
  • Ask: Is our plan still relevant to what’s actually happening on the floor?

4. PRP and CCP/Preventive Control Effectiveness

  • Review monitoring records and corrective actions
  • Look for patterns: missed checks, repeated deviations, vague responses
  • Ask: Are our controls working, or are we just checking boxes?

Final Thought

The food safety team isn’t a formality. It’s a forum. A place where operations, quality, and strategy intersect. When it’s functioning well, it doesn’t just protect the brand—it drives continual improvement.

Filed Under: PJC Blog

January 15, 2025 by PJC Leave a Comment

Advantages of Outsourcing your ISO implementation Project

Advantages of Outsourcing your ISO implementation ProjectDo you have customers requiring ISO certification and don’t know where to begin?

ISO 9001 and other ISO standards are based on certain requirements. These requirements vary depending on the standard. An organization seeking certification is responsible for establishing, documenting, implementing, and once certified, maintaining the ISO system.

Can an organization’s personnel implement the requirements on their own?

Of course they can! If the organization can expend the time and energy of one of the managers to attend a couple of weeks of training and dedicate a good part of the next several months to documenting and implementing the requirements, then yes. Once the requirements are learned, the challenge can be applying these requirements in their respective operation.

Then Why Engage a Certification Consultant?

Time and money. While there is a cost in hiring a consultant, there is also a cost for a company to utilize internal resources.

The fundamental advantage is that a good consultant will provide common sense explanations in understanding ISO 9001. The standard is full of vague requirements leaving individuals new to ISO with a sense of frustration trying to nail down, “what does this mean?”

Aside from this, a good consultant can help with proven methodologies and supply you with sample forms, etc. Many companies feel that they need to invest in software or otherwise incur other expenses to implement an ISO system. This is not the case.

A good consultant will develop level one and two documents for you and will include the interaction of processes. Your documentation should reflect what your company does. It should also meet the requirements of the standard, leaving you with a manageable system. This is one of the biggest pitfalls…companies choosing to tackle this on their own often over document creating more work for themselves down the road in doc modification.

Consultants can also help with quality objectives, management review, internal audits and corrective action.

Conclusion

Overall, hiring an ISO expert will expedite your ability to achieve certification more quickly, which will in turn, keep your customers happy.

Filed Under: PJC Blog

December 23, 2024 by PJC Leave a Comment

Holiday Greetings from Perry Johnson Consulting, Inc.

We at Perry Johnson Consulting (PJC) want to take a moment to express our heartfelt gratitude to you – our clients, partners, and supporters. Your trust and collaboration have been instrumental to our success this year, and we are truly honored to have been part of your journey.

The holiday season is a time for reflection and celebration, a moment to pause and cherish the company of friends and family. With this in mind, our offices will be closed on December 25th and January 1st, to give our hardworking team the opportunity to enjoy this time with their loved ones.

As we prepare to welcome 2025, we are filled with excitement for the opportunities and growth it will bring. We look forward to continuing to serve you with the same dedication and excellence you’ve come to expect.

From all of us at Perry Johnson Consulting, we wish you a joyful holiday season and a new year filled with health, happiness, and success.

Warmest regards,
The Perry Johnson Consulting Team

Filed Under: PJC Blog

December 6, 2024 by PJC Leave a Comment

Preparing for Certification Audits: Common Pitfalls to Avoid

Preparing for Certification Audits: Common Pitfalls to Avoid

I recently had a conversation with Jason Leighton, Certified Lead Auditor at Perry Johnson Consulting. Jason’s 20+ years’ experience in the ISO Industry includes implementation of quality management systems in hundreds of organizations. He has also conducted certification audits on behalf of a registrar.

We discussed some of the common nonconformances found during certification audits, primarily with companies that implemented the requirements without outside assistance from a technical expert.

Per Jason, the three common issues found during certification audits are:
1. Issues with documentation
2. Lack of Employee Training and awareness of the quality management system
3. Addressing nonconformances through corrective action

Documentation Issues – Organizations struggle to understand the breadth and depth of the documentation needed for a quality management system. Some organizations fail to meet the minimum documentation requirements while others over document their system. Each presents itself with problems that are difficult to overcome. Engaging an expert to prepare your quality and procedures manual so that it meets the criteria of the standard but is easy to maintain will alleviate problems both in document control and in certification audits. A good consultant will also guide the company in the records the company must maintain and should be able to provide you with sample forms etc.

Lack of Training – Often employees don’t have an understanding of the ISO requirements, and this makes it difficult for them to respond to the auditor. Training employees is critical. An implementation firm that offers hands on training and classroom training is what is recommended. Independent consultants will not likely offer course training with student materials etc. Also, it is important to note that webinars are useful but do not take the place of a training course on the topic as they are usually very short in duration.

Addressing Nonconformances – Organizations struggle with effective root cause analysis and systemic corrective actions. Root cause analysis training should be part of the implementation plan.

Jason goes on to say that any failure to meet a requirement leads to a nonconformity thus delaying certification. If there are findings/nonconformances found during the certification audit, the organization must re-evaluate their system to determine where the systemic failure has occurred and make changes to prevent its recurrence. In addition to delaying certification for a few months, the company may have to spend additional funds if a second visit is required by the registrar auditor.

The Bottom Line – It’s true, hiring a certification consultant does cost money. Second guessing in how to appropriately respond to ISO requirements can cost a company much more in time/money. The number one cost to a company is their staff, ask any controller. Be prudent and engage an experienced certification consulting firm such as Perry Johnson Consulting. Your road to certification will be shortened, cost you less and the quality management system will be easier to maintain.

Contact us at [email protected] to see how we can help.


Filed Under: PJC Blog

November 27, 2024 by PJC Leave a Comment

Information/Data Security

Information/Data Security

Did you Know?

Organizations spend resources on Antivirus Software, Intrusion Detection and Prevention Systems, and set up Firewalls.

Despite our attempts, data breaches continue to cost companies millions of dollars.

Why?

Depending on the study/research*, it is said that as much as 95% of data breaches are caused by HUMAN ERROR… 19 out of 20 breaches. This information is both astounding and terrifying.

Human error can be attributed to misconfigured security settings, or accidentally sharing information that is sensitive. It can be as simple as an employee clicking on a link that could expose the organization’s data to cyber criminals. These cyber criminals then hold this crucial information for ransom. Trillions of dollars are spent on cyber-attacks… a staggering number that is on the rise.

What’s The Solution?

If 95% percent of the breaches are caused by human error, it is crucial that companies implement an ISO 27001 management system that can greatly reduce the chances of a cyber-attack.

Certification to ISO 27001 is crucial, as organizations realize that managing their data is equally as important as the software or systems they employ.

To become certified, an organization must implement the requirements and employ an accredited third party that, through an audit, will certify their Information Security Management System (ISMS).

By contracting with a reputable ISO consulting firm, the management system can be implemented in months.

Conclusion

The benefit of certification is obvious. Savvy organizations and business owners realize that this layer of protection is essential.

For more information, a complimentary executive overview can be found on our website www.pjcinc.com along with upcoming ISO 27001 training course dates.

*IBM Study-2021

Author: Carrie Hayden – Vice President


Filed Under: PJC Blog

November 22, 2024 by PJC Leave a Comment

Can a Consultant be Available During a QMS* Registration Audit?

Can a Consultant be Available During a QMS* Registration Audit?

This is a question that has been asked of me many times. While a registrar may allow the consultant to be present during management system audits, a representative of the organization must respond to the auditor and present evidence.

Clause 4. Puts the responsibility of establishing, documenting, implementing and maintaining a quality management system on the company (not the consultant).

If the consultant also performs internal audits for the organization and manages the corrective action, they could be the right individual to respond to questions about those processes. The idea of the consultant answering all of the questions about all processes would be unlikely.

Be mindful that a consultant can be present but must not be disruptive and cannot attempt to control the audit.

In as much as it limits the role a consultant may play in an audit, the benefit of having a consultant available can be to assist on your reaction to a nonconformance, perform root cause analysis, and determine corrective action during the audit.

*The exception to the above is IATF 16949 (automotive audits) where it is not permitted for a consultant to partake in an audit.

Author: Carrie Hayden – Vice President


Filed Under: PJC Blog

November 14, 2024 by PJC Leave a Comment

Benefits of ISO 9001 Certification

Benefits of ISO 9001 Certification

What is the benefit of ISO 9001? That’s the question asked by many companies that are on the fence as to whether, or not they will gain anything from it. Over the years I have gone back to clients we have prepared for certification and asked what their biggest benefits have been from becoming certified, and below are a few of the most common answers.

Increased Business

There are many companies that will only buy from suppliers that are ISO 9001 certified. This is a big untapped market for companies that have never been certified before. Once you’re certified, placing the ISO 9001 Certified logo on your website, brochures, and social media sites is a good place to start and don’t forget to educate your sales team on the benefits. Review previously lost prospects due to not being certified and reach back out to them now that you are. These are all good ways to increase your business with ISO 9001.

Improved Productivity and Employee Satisfaction

When adding ISO 9001 properly, one of the first things that happen is an increase in morale. Giving employees a voice in the quality process, gives them ownership in the system and individual accountability moving forward. Employees working in the process have firsthand knowledge of what their unnecessary procedures are. By documenting these procedures and having discussions with management on where these unnecessary steps can be eliminated, it increases productivity and improves employee satisfaction.

Continuous Improvement

ISO 9001 standard requires the organization to continually improve the suitability, adequacy and effectiveness of the QMS (quality management system). ISO 9001 also requires management reviews. These reviews need to include decisions and actions related to opportunities for improvement including changes to the QMS, and any resources needed to accomplish the improvements. You can only consistently improve if you are always looking for ways to do so.

Enhanced Customer Satisfaction

By monitoring the expectations of the customer, and their perception of how well the company has achieved them, it allows the company to identify additional areas for improvement. This increases customer satisfaction over time.

Conclusion

ISO 9001 can enhance your business operation in several ways by making it more efficient, allowing you to streamline your processes, open a new marketable customer base, reduce overall costs, enhance employee/management engagement and improve customer relations. Contact Perry Johnson Consulting at [email protected] for easy set up and implementation of ISO 9001.

Author: Ralph Black – Business Development Manager


Filed Under: PJC Blog

  • 1
  • 2
  • Next Page »
Request A FREE Quote - PJC

Receive News & Updates From PJC



PJC Implementation Process

Training



MORE INFO / REGISTER NOW!


PJC Blog

  • Allergen Control: Beyond the Label
  • When “Corrective Action” Is Just Damage Control And What Corrective Action Is Not
  • HACCP Without Blind Spots

News & Updates

  • First Step in Preparing for ISO Certification: GAP Assessment

Testimonials

Our consultant, Jim Johnson, was extremely helpful not only during the implementation process but afterwards. Kudos to Jim and the staff of PJC!
Ken SeloverQuality ManagerStructural Diagnostics, Inc.
Mahindra Automotive North America (MANA) Manufacturing challenged Perry Johnson Consulting (PJC) to help implement ISO 9001:2015 while ramping up production for our ROXOR off-road vehicle. MANAM was focused on a streamlined, high-level approach to build quality into our manufacturing processes and develop the Quality Management System. PJC was a true partner! Our consultant, Nancy, embraced our approach and kept us focused on key ISO deliverables. She guided us to a successful ISO implementation… Read more
Denise VallisProject ManagerMahindra Automotive North America
From quoting to certification, everyone at Perry Johnson Consulting has been professional and a valued partner. Their auditors demonstrate a vast knowledge of quality standards and are able to translate them to real world application.
Matt NorbergQuality Control ManagerNational Products Inc.
Steve was a wonderful auditor. He was very professional and thorough. He took time to answer my questions about different parts of the standard. I would recommend him to other companies needing an internal audit.
Kelli BradburyPrecision Die Technologies
Hiring Perry Johnson to help us get certified to ISO 9001:2015 was the right move on our part. They did an excellent job on our documentation. Perry Johnson also answered a lot of questions for me going up to the audits which helped greatly. WE passed the audit in June. Thank you for your help, it was money well spent. I will refer you to anyone I talk to about this.
Tony BriaQuality ManagerHydra-Matic/Fabrics For Industry
PJC did consulting for us for our ISO 9002:2015 system and we found them to be professional and listened to our needs. They created a system that was easy to implement and use on a daily basis.
Kraig ReichwaldVP of ManufacturingCustom Metal Products
Wayne’s expertise in ISO 9001:2015 was essential in Vonco Products attaining our ISO certification. His knowledge was a great help improving our system by eliminating waste while assisting in developing our QMS.
Mike DeleoQuality ManagerVonco Products
Michael was instrumental in helping us make this transition much less stressful than I thought it would be. His attention to detail and expertise prepared us for our recertification audit. His professional demeanor made him a pleasure to work with.
Tyler HawkOperations ManagerCross Technologies Group, Inc.
We have been using Perry Johnson Consulting for 5 years and have never had a bad experience. With their expertise and knowledge of the ISO programs they have guided and helped us achieve an outstanding QMS. Thank you to all the friendly and professional people at PJC and we hope to have a long lasting relationship.
Larry ReimersQuality ManagerCTG, Inc.
Thought I’d drop a line to you and the staff to say thank you all very much for your dedicated hard work. You helped save our company, and I’m sending you all a heartfelt thanks!
Kevin J. CoffeyPresidentAlert Tubing Fabricators Inc.

RECEIVE NEWS & UPDATES FROM PJC

Subscribe to our mailing list:


Government "We are proud to provide services to the U.S. Government!"

PJC Celebrates 30 Years!

PJC's 30th Anniversary
Teresa O'Donnell – President & CEO
Teresa O'Donnell
President & CEO

Perry Johnson Consulting, Inc.

200 East Big Beaver Rd.
Troy, Michigan 48083
Phone: 1-888-248-0256 or (248) 519-2602
Email: [email protected]

PJC Contact Us

  • Facebook
  • Instagram
  • LinkedIn
  • YouTube

Copyright © 2025 PERRY JOHNSON CONSULTING, INC. (PJC) • All rights reserved.