Navigating SQF Edition 10: A Food Manufacturer's Guide

I. Introduction: The Evolving Landscape of Food Safety Standards

The Safe Quality Food (SQF) program is a GFSI-benchmarked certification that provides a globally recognized framework for managing food safety and quality. Built on HACCP principles, it helps businesses identify and control risks across the supply chain, demonstrating their commitment to consumer protection and brand trust.

SQF Codes evolve continuously to stay relevant, driven by industry input, new safety issues, global supply shifts, regulatory changes, and scientific advances.

SQF Edition 10 is set for release in Q3 2025, with audits beginning in early 2026. This update aims to boost food safety compliance, enhance security, and modernize certification, aligning with the 2024 GFSI Benchmarking Requirements. Developed through broad stakeholder input, Edition 10 reflects a highly collaborative process. Though the public comment period ended May 9, 2025, ongoing engagement with SQFI and industry forums remains crucial. For manufacturers, active participation means not just staying informed but shaping standards to reflect real-world challenges and turning compliance into strategic influence.

II. Supplier Management in SQF Edition 9: A Baseline Understanding

Effective supplier management is essential to food safety, as finished product quality depends on externally sourced materials and services. SQF Edition 9, effective May 24, 2021, introduced a strong framework for this under Clause 2.3.4 Approved Supplier Program (Mandatory). The core requirements of Edition 9 for supplier management are detailed as follows:

1. Responsibility and Procedure (2.3.4.1): Sites were explicitly mandated to document and implement clear procedures for the systematic selection, thorough evaluation, formal approval, and continuous monitoring of all approved suppliers. This requirement extended to maintaining current records of all approved suppliers, detailed receiving inspections, and comprehensive supplier audits. This foundational element ensured a structured and accountable approach to supplier oversight, minimizing ad-hoc decisions.

2. Elements of the Approved Supplier Program (2.3.4.2): The program itself was required to be inherently risk-based, taking into account both the historical performance of a supplier and the inherent risk level associated with the raw materials, ingredients, packaging, and services they provided. Key components that had to be included were:

   • Clearly agreed-upon specifications for all incoming items, with explicit reference to Clause 2.3.2.

   • A transparent reference to the specific level of risk assigned to raw materials, ingredients, packaging, and services sourced from each approved supplier.

   • A concise summary of the food safety controls that were confirmed to be implemented by the approved supplier.

   • Detailed methodologies for formally granting approved supplier status.

   • Specific methods and a defined frequency for the ongoing monitoring of approved suppliers.

   • Provisions for obtaining and reviewing certificates of conformance, where applicable and required.

   • Clearly outlined methods and frequency for regularly reviewing the performance and current status of approved suppliers.

3. Verification of Raw Materials (2.3.4.3): Manufacturers held the responsibility for verifying the safety and quality of incoming raw materials through various means, including obtaining certificates of conformance, certificates of analysis, or conducting their own sampling and testing. The frequency of this verification was to be determined by the site itself, based on its own risk assessment, allowing for flexibility while maintaining a risk-centric approach.

4. Receipt from Non-Approved Suppliers (2.3.4.4): This clause strictly stipulated that the receipt of raw materials, ingredients, processing aids, and packaging from non-approved suppliers was permissible only in genuine emergency situations. In such rare instances, a thorough receiving inspection or analysis was mandatory and had to be meticulously conducted and recorded prior to the material's use. This provision underscored the critical importance of maintaining a robust approved supplier list and minimizing any deviations from it.

5. Materials from Other Sites Under Same Corporate Ownership (2.3.4.5): Even when raw materials, ingredients, and packaging were sourced from other facilities operating under the same corporate ownership, they were still subjected to the identical rigorous specification requirements (as per 2.3.2), approved supplier requirements, and receiving inspections as materials from any other external provider. This ensured consistent and uncompromised food safety standards across the entire organizational structure.

6. Supplier Audits (2.3.4.6): Supplier audits were explicitly mandated to be risk-based, as determined by the criteria in 2.3.4.2. These audits had to be conducted by individuals possessing demonstrable knowledge of applicable regulatory and food safety requirements, and who were formally trained in auditing techniques. This emphasized the necessity of qualified and competent personnel in the supplier verification process.

SQF offered training like 'Ingredients for a Successful Supplier Approval Program' to help manufacturers meet requirements. Clause 2.3.4 in Edition 9 set a strong, risk-based foundation for supplier management, ensuring structured oversight of external inputs, a key base for Edition 10 enhancements.

III. Key Shifts in SQF Edition 10: Direct Impacts on Supplier Management & Compliance

SQF Edition 10 builds on existing standards rather than overhauling them. While specific changes to Clause 2.3.4 aren't detailed, broader updates will significantly impact supplier management.

A. Strengthening Food Safety Culture

Edition 9 established food safety culture as an auditable requirement, led by senior management. Edition 10 builds on this by introducing a formal Food Safety Culture Plan with defined objectives, performance metrics, and more prescriptive requirements.

This stronger cultural foundation significantly influences supplier management, since these values extend to how suppliers are selected, evaluated, and monitored. A culture deeply committed to safety leads to more rigorous supplier verification, thorough audits, prompt handling of non-conformances, and better training for those managing supplier relationships. Leadership-driven investment in culture ensures that expectations for safe, high-quality inputs are consistently reinforced across the supply chain.

B. Dedicated Change Management

In Edition 9, change management was addressed indirectly through broader clauses. Edition 10 introduces a dedicated Change Management clause requiring documented procedures for changes in equipment, processes, or personnel.

This is especially relevant to suppliers, sinec eany changes in materials, packaging, or supplier operations must now follow formal risk assessments and documentation. Manufacturers must proactively evaluate and control risks tied to onboarding new suppliers, modifying specifications, or changes in supplier personnel, ensuring supply chain changes don’t compromise food safety.

C. Streamlined Records and Documentation

SQF certification has long required detailed documentation. Edition 10 streamlines this by consolidating requirements into one structured section, easing compliance and aiding auditor efficiency.

While seemingly an administrative change, this streamlining is critical for effective supplier management. Centralized and structured documentation will make it considerably easier to manage all supplier-related records, including specifications, Certificates of Analysis (CoAs), audit reports, performance reviews, and corrective actions. This improved structure enhances supplier data analysis, enabling faster trend detection and proactive risk management. It also supports "always-on compliance" by making data easily accessible for audits and internal reviews, reinforcing data-driven decision-making.

D. Enhanced Training and Competency Assessments

Edition 9 required resourced training and HACCP certification, with guidelines in Clauses 2.9.1 and 2.9.2. Edition 10 emphasizes competency and awareness, consolidates training requirements, and mandates assessments. FSPCA v2 is accepted only with a validated assessment.

This means that personnel involved in critical supplier management activities, including supplier selection, evaluation, receiving, verification, and internal auditing, will need to demonstrate proven competency through formal assessments. This ensures that individuals responsible for managing incoming materials and supplier relationships are not just trained, but demonstrably capable of upholding the highest food safety standards. Training for receiving teams to spot red flags related to food defense and fraud is also specifically highlighted.

E. Reintroduction of the SQF Pre-Audit

Edition 9 eliminated desk audits for initial certifications, moving straight to site audits. Edition 10 reintroduces the SQF pre-audit, making effective internal audits even more essential for certification readiness.

With the pre-audit’s return, supplier programs and documentation will face an early, detailed review, including supplier performance reviews, verification records, non-conformance handling, and contractual agreements. Manufacturers must ensure internal audits thoroughly cover all aspects of supplier management. This reinforces "always-on compliance" and the need for proactive audits to catch and resolve issues before certification.

F. Potential Shift in Audit Grading

Edition 9 used a point-based scoring system, with major non-conformities worth 5 points and surveillance audits triggered for scores between 70–85%. Edition 10 proposes a Pass/Fail system: Compliant (80+), Surveillance (70–79), and Fail (below 70). Module 2 non-conformances may carry a 1.75x weight, and repeat issues could be strictly treated as major.

The proposed grading shift greatly impacts supplier management. Module 2 includes key clauses like the Approved Supplier Program, and heavier weighting means deficiencies here could lead to an outright "Fail." This raises the stakes for flawless execution, with repeat issues requiring strong corrective actions to avoid serious audit consequences.

G. Broader Risk Management (Food Defense, Food Fraud, Cybersecurity)

Edition 9 included food defense and fraud prevention, targeting deliberate threats. Edition 10 expands focus on effective implementation and review, adds cybersecurity to food defense, and increases emphasis on risk-based environmental assessment.

Expanded risk management in Edition 10 impacts supplier oversight. Manufacturers must update audits and questionnaires to address food defense, fraud, and cybersecurity at supplier sites. Receiving teams need training to detect intentional threats, and suppliers’ data security must be assessed. Strong traceability, documentation, and third-party validation are key to managing these broader risks.

H. Contractual Agreements

Edition 9 had separate clauses for different contract types. Edition 10 streamlines them under "Contractual Agreements 2.3.3," combining them into two broad clauses covering all contracts and SQF compliance.

This change promotes a unified approach to managing all external partners, requiring that every contract ensures SQF compliance. Manufacturers must apply the same rigorous standards to all service providers (e.g., manufacturing, storage, distribution, pest control, sanitation, etc.) as they do to raw material suppliers, supporting consistent, holistic supply chain control.

IV. Strategic Preparation for Food Manufacturers

The transition to SQF Edition 10 presents both challenges and opportunities for food manufacturers, particularly concerning supplier management and compliance. Proactive preparation, rather than reactive adjustments, will be key to a smooth transition and sustained certification.

To navigate these changes effectively, food manufacturers should consider the following actionable recommendations:

1. Conduct a Gap Analysis: Review current systems against Edition 10, focusing on supplier management, change control, and documentation to identify needed updates.

2. Upgrade Training with Competency Assessments: Implement documented assessments for all staff involved in supplier-related functions, covering new risk areas like food defense, fraud, and cybersecurity.

3. Strengthen Internal Audits: Use mock audits aligned with Edition 10, especially Module 2, to identify and resolve weaknesses in supplier programs before pre-audits.

4. Adopt Digital FSMS: Digitize records and processes to boost traceability, streamline compliance, and support data-driven supplier management.

5. Deepen Supply Chain Risk Reviews: Expand supplier assessments to include food defense, fraud, and cybersecurity, updating agreements and audit protocols accordingly.

6. Refine Contracts: Ensure all external partner agreements mandate Edition 10 compliance, audit rights, and performance oversight.

7. Promote Food Safety Culture: Foster leadership-driven commitment to food safety across all operations, embedding supplier integrity as a core value.

By proactively addressing these areas, manufacturers can ensure SQF Edition 10 compliance while gaining benefits like reduced risk, stronger customer trust, broader market access, and greater supply chain efficiency. The updated Code drives continuous improvement and higher food safety standards.

BONUS: Supplier-Related Documents to Prepare or Update

SQF Edition 10 releases in August 2025, with audits starting in early 2026. While the final code isn't out yet, expected changes highlight stronger food safety culture and proactive measures. Here's what supplier-related documents you'll likely need to update for compliance.

I. Approved Supplier Program Documentation (Core Requirement, always critical):

1. Supplier Approval Procedure:

   • Criteria for approving new suppliers (e.g., certification status, audit results, performance history, risk assessment).

   • Process for initial approval and ongoing monitoring.

   • Specific requirements for different risk categories of suppliers (e.g., high-risk ingredients vs. packaging).

2. Supplier Risk Assessment:

   • Documented risk assessment for all raw material, ingredient, and packaging suppliers, considering factors like:

     • Product type (e.g., allergens, sensitive ingredients).

     • Geographic origin.

     • Supplier's food safety history (recalls, withdrawals, non-conformances).

     • Supply chain complexity.

     • Transportation methods.

     • Food fraud vulnerability.

   • This will influence the frequency and type of supplier monitoring.

3. Approved Supplier Register/List: A current and accessible list of all approved suppliers, including their contact information, scope of approval, and approval date.

4. Supplier Performance Monitoring:

   • Procedures for evaluating supplier performance (e.g., COAs, inspection results, complaint history, delivery issues).

   • Defined frequency for reviews based on risk.

   • Records of performance reviews and follow-up actions.

5. Supplier Specifications:

   • Detailed, current specifications for all raw materials, ingredients, and packaging materials. These should clearly define:

     • Chemical, physical, and microbiological parameters.

     • Allergen information.

     • Origin (if relevant).

     • Shelf-life requirements.

     • Packaging requirements.

   • Ensure suppliers sign off on these specifications.

6. Certificates of Conformance (COCs) / Certificates of Analysis (COAs):

   • Requirements for receiving COCs/COAs with incoming materials, as specified in your purchasing procedures.

   • Records of reviewing and verifying these documents.

7. Supplier Audit Reports (if applicable):

   • If you conduct your own supplier audits, retain the audit reports, corrective action requests, and verification of corrective actions.

   • If relying on third-party audits (e.g., GFSI-recognized certifications), ensure you have copies of current certificates and audit summaries.

II. Documents Related to New/Enhanced Edition 10 Requirements:

• Food Safety Culture Plan:

  • While not directly a "supplier document," your own Food Safety Culture Plan will likely include objectives and activities related to integrating supplier quality into the overall food safety culture (e.g., communication, training, recognizing good supplier performance).

  • This may require communicating your food safety culture expectations to key suppliers.

• Change Management Procedures and Records:

  • Crucial for suppliers: Edition 10 introduces a dedicated Change Management clause. You'll need documented procedures for managing changes related to:

    • Supplier changes: New suppliers, changes in supplier's ownership, location, or certification status.

    • Raw material/packaging changes: Changes in specifications, ingredients, processing aids from suppliers.

    • Supplier process/equipment changes: How you assess and approve changes made by your suppliers that could impact the safety or quality of materials they provide.

  • Records of risk assessments, approvals, and communication related to these changes.

• Streamlined Documentation and Records (Organizational Impact):

  • Edition 10 aims to consolidate documentation requirements. While this is about your system's organization, it will make it easier for auditors to review your supplier documentation if it's well-organized and easily retrievable.

  • Consider how your records, including supplier records, are controlled, stored, and retained.

• Enhanced Training and Competency Records (Indirectly affects suppliers):

  • Your own team's training on supplier approval, risk assessment, and incoming material inspection processes will be under scrutiny. Ensure these training records are robust.

  • If you rely on FSPCA training (Version 2) for any personnel involved in supplier management, ensure it includes an assessment.

• Cybersecurity Considerations:

  • While specific supplier requirements aren't fully detailed yet, expect auditors to ask about how you manage data security and cybersecurity risks related to your suppliers, especially if you share sensitive information or integrate systems. This might involve confidentiality agreements or IT security protocols.

III. General Foundational Documents (Always Required):

1. Legislation and Regulatory Compliance: Records demonstrating that your suppliers meet all applicable food safety legislation in the country of origin and destination (if known). This includes labeling requirements, maximum limits for contaminants, and any specific permits or registrations.

2. Product Withdrawal and Recall Plan: Your plan needs to include procedures for tracing materials back to suppliers and communicating with them during a recall or withdrawal event.

3. Complaint Management Records: Records of complaints related to supplier-provided materials, including investigations, root cause analysis, and corrective actions taken with suppliers.

4. Non-Conforming Product/Material Procedure: Documented procedures for identifying, segregating, and managing non-conforming raw materials/packaging from suppliers, including communication and resolution with the supplier.