FSSC 22000 Unannounced Audits: What to Expect and How to Stay Ready

At least one audit in every FSSC 22000 certification cycle is unannounced. What that means, how the notification works, and how to build a system that is always audit-ready.

If you hold FSSC 22000 certification, at least one audit in every three-year cycle will arrive without warning. Not as a possibility — as a requirement. The auditor will appear at your gate during a normal working day, and the clock starts the moment they walk in.

This is not a trap. It is a feature of the scheme, and understanding exactly how it works removes most of the anxiety around it. Here is what the FSSC 22000 Version 7 scheme documents actually say, what happens when the auditor arrives, and how to build an operation that treats every day as audit day — because under FSSC, one of them will be.

Why FSSC 22000 Requires Unannounced Audits

Certification schemes earn their value from integrity. A certificate that can only be maintained by preparing a site for a known inspection date does not tell a buyer, retailer, or regulator very much. GFSI — the Global Food Safety Initiative, under whose benchmarking framework FSSC 22000 is recognised — requires its approved schemes to include unannounced audit provisions precisely because the alternative creates a perverse incentive: clean up for the auditor, then relax.

Buyers who specify FSSC 22000 in their supplier requirements are paying attention to this. A certificate on a supplier's profile no longer just signals that the supplier passed an audit in the last 12 months. It signals that at least one of those audits was unannounced — meaning the site was assessed as it actually operates, not as it can look when it knows someone is coming.

For FSSC 22000 Version 7, the requirement is stated explicitly in clause 5.4: at least one surveillance audit must be conducted unannounced after the initial certification audit, within each three-year period. The initial certification itself — stage 1 and stage 2 — cannot be unannounced. But once you are certified, the obligation is live.

How the Unannounced Audit Window Works

The mechanics of FSSC unannounced audits are more structured than most people realise, and understanding the rules prevents unnecessary panic.

The CB sets the date — not the site. The certification body (CB) determines when the unannounced audit will occur as part of the audit programme. The site is not told the date, and the audit plan is not shared until the opening meeting on the day itself.

Blackout days are permitted. Before the audit window opens, the CB and the certified organisation agree on blackout days — dates when an unannounced audit cannot take place. These are legitimate exclusions: planned maintenance shutdowns, statutory holidays, periods when the facility genuinely cannot operate. Blackout days must be agreed in advance; they cannot be invoked on the day of the auditor's arrival.

Visa and security exceptions. In exceptional cases where visa or security restrictions require advance contact with the organisation, the CB may communicate a time window — typically 30 days — during which the audit will occur. Even then, the exact date is not confirmed.

Shifts matter. The unannounced audit takes place during normal operational working hours, with consideration of all shifts where applicable. A site that operates night shifts cannot assume the auditor will only ever arrive at 08:00.

Secondary sites are included. Off-site storage, warehouses, and distribution facilities are also subject to the unannounced audit. The full scope of your certified operation is in scope — not just the primary production facility.

Voluntary full unannounced programmes. An organisation that wants to go further can voluntarily elect to conduct all surveillance and recertification audits as unannounced. Some sites do this to demonstrate unconditional confidence in their system — and to signal exactly that to buyers.

What Happens When the Auditor Arrives — the First 30 Minutes

FSSC 22000 Version 7 is specific: the production facilities and premises inspection begins within one hour of the auditor arriving on site. This is not the time to gather your food safety team, dig out your HACCP plan, or brief a supervisor who just came off the night shift.

Here is what that first hour actually looks like in practice:

The auditor arrives at reception or the gatehouse and presents credentials. The site's designated contact — whoever is first on the list — receives them. An opening meeting is held, at which the audit plan is shared for the first time. Immediately after, the auditor moves to the production floor.

Within that first inspection, the auditor is looking at conditions as they exist at that moment: hygiene practices, GMP compliance, CCP monitoring being executed in real time, staff behaviour, cleaning standards, and whether the production environment reflects what your documented procedures say it should. There is no grace period to tidy up.

If you have multiple buildings, the auditor will decide the inspection order based on risk — not convenience.

One scenario worth knowing: if no production or service processes are in operation when the auditor arrives, the audit cannot proceed. It will be rescheduled. The scheme does not allow an unannounced audit to be conducted on a non-operational site, because the whole point is to observe live operations.

Scope of an Unannounced Audit vs a Scheduled Audit

A common misconception is that an unannounced audit covers a reduced scope — a spot-check rather than a full assessment. This is incorrect.

Under FSSC 22000 Version 7, each surveillance audit — announced or unannounced — is a full system audit. All scheme requirements must be assessed, including all production or service processes in operation at the time. The unannounced format changes when the auditor arrives, not what they assess.

If parts of the audit plan cannot be completed during the unannounced visit (for example, a process line is not running), a follow-up announced audit must be scheduled within 28 calendar days, while still meeting the calendar year requirement. The follow-up covers only what could not be assessed — it is not a new full audit.

What this means practically: your entire food safety management system must be functional and auditable on any given operational day. Not just the parts you expect the auditor to focus on.

The Difference Between FSSC Unannounced and BRCGS Unannounced Options

If your customers include retailers who reference both FSSC 22000 and BRCGS (formerly BRC), it is worth understanding how the two schemes approach unannounced audits — because they are structured differently.

FSSC 22000 makes unannounced surveillance mandatory. Once certified, you have no choice: at least one audit in every three-year cycle is unannounced. The CB controls the timing. The site negotiates blackout days in advance, then waits.

BRCGS operates an optional unannounced programme — the Unannounced Audit Programme (UAP). Sites opt in voluntarily and receive an "AA" grade designation on their certificate if they pass, which signals a higher confidence level to buyers. Participation is a commercial decision, not a scheme obligation.

The practical consequence: an FSSC-certified site that is also pursuing BRCGS certification and has opted into the UAP is managing two parallel unannounced audit obligations. Planning blackout days that work for both CBs requires coordination, and the food safety team needs to be prepared for the possibility that either scheme's auditor could arrive in any given month.

For the vast majority of South African food businesses, FSSC 22000 is the primary certification, and the mandatory unannounced requirement under Version 7 is the one to build your readiness system around.

Building a System That Is Always Ready

The difference between a site that dreads the unannounced audit and a site that is indifferent to it comes down to one thing: whether the food safety system is live or performed.

A performed system is one where procedures are followed when the auditor is expected and allowed to slide when no one is watching. A live system is one where the documented standard is the actual operating standard, regardless of whether anyone external is present.

Building a live system is not about perfectionism. It is about closing the gap between what your documents say and what your people do.

Five structural commitments that make this possible:

1. Your documented procedures must reflect actual practice. If your cleaning procedure says the floor drains are sanitised daily but they are actually done twice a week, the document is wrong — not the practice. Fix the document, or fix the practice. An auditor who observes a drain that has not been sanitised and then reads a procedure claiming it is done daily has found two findings, not one.

2. Records must be completed in real time. Backdated records are among the most common causes of major nonconformities under any GFSI scheme. CCP monitoring records, temperature logs, pre-operational checks — these must be completed at the point of monitoring, by the person who did the monitoring. Train for this. Verify it during internal audits.

3. Trained staff must be present and confident. An auditor who asks a production worker to explain the CCP at their station is assessing whether food safety understanding has reached the floor, not just the food safety manager's office. If the answer is a blank look, that is a finding under clause 2.5.8 (food safety and quality culture).

4. Your nonconformance system must be active. An operation that has raised zero internal nonconformities in six months is not running a perfect system — it is running a blind one. A healthy FSMS generates and closes nonconformances continuously. The absence of findings is itself a finding.

5. Maintenance and calibration must be current. Equipment that is out of calibration or overdue for maintenance is a compliance gap that has a date on it. If the auditor arrives on a day when your critical thermometer is three months past its calibration due date, the records will show it.

Daily, Weekly, and Monthly Readiness Routines

Permanent readiness is not achieved through motivation — it is achieved through routine. The following schedule gives a framework for building audit-readiness into normal operations.

Daily

• Pre-operational GMP inspection completed and signed before production starts
• CCP monitoring records completed in real time, every shift
• Pest sighting log checked and any findings actioned before end of shift
• Chemical register current — all chemicals on-site are on the approved list, stored correctly, and labelled
• Production areas, equipment, and staff presentation meet GMP requirements before production begins

Weekly

• Calibration status check: identify any equipment approaching due dates
• Nonconformance log reviewed: all open NCRs have an assigned owner and a due date
• Internal temperature verification completed and recorded
• Allergen management check: raw material stores, production scheduling, cleaning records aligned with allergen procedures
• Waste and rework records reviewed

Monthly

• Internal audit conducted against at least one section of the scheme (rotate through all sections over the year; complete a full system audit at least once annually)
• Pest control contractor visit records filed and reviewed; trend analysis updated
• Supplier approved list reviewed for any changes, lapses, or new additions
• Management review input data compiled: KPIs, nonconformance trends, audit outcomes, customer complaints
• Mock recall or traceability exercise conducted and timed; findings documented and actioned

A food safety team that runs this rhythm is not preparing for an audit. They are doing their job. The unannounced audit then becomes evidence of that, not a test of it.

What to Do If You Are Not Ready When the Auditor Arrives

First: do not refuse the audit. This is the single most consequential mistake a site can make. Under FSSC 22000 Version 7, clause 5.4.2(8) is unambiguous — if a certified organisation refuses to participate in the unannounced audit, the certificate is suspended within three working days. If the audit is not then conducted within six months of suspension, the certificate is withdrawn. Refusal is not a strategy.

If you have operational concerns on the day:

Talk to the auditor at the opening meeting. If a specific line is not running, it cannot be assessed; a follow-up will cover it. If a key member of your team is absent, the audit proceeds — it is not a condition that your food safety manager must be present, though it obviously helps.

If you have a known compliance gap:

Disclose it proactively. An auditor who finds an issue that you knew about and did not disclose will grade it more severely than one who finds an issue you self-declared and were already actioning. FSSC 22000 clause 2.5.17 requires communication of serious events to the CB — proactive transparency is a scheme expectation, not just a strategy.

If you find the audit results in significant nonconformities:

A major nonconformity does not mean automatic loss of certification. The process is: correction and corrective action are submitted within the required timeframe (typically 28 days for majors), evidence of implementation is reviewed by the auditor, and the certification decision is made on the basis of the closed corrective action. A critical nonconformity results in suspension; the certificate can be reinstated once the CB verifies the critical issue is resolved and a follow-up audit confirms compliance.

The worst outcome is not finding a nonconformity. The worst outcome is having a nonconformity that is never found, never fixed, and eventually causes harm. An unannounced audit is designed to surface what your internal systems should already be catching. If it finds something significant, use it.

The Bottom Line

The FSSC 22000 unannounced audit is not a punishment for organisations with poor systems. It is the mechanism by which the scheme maintains the credibility that makes your certificate worth holding. Buyers who accept FSSC 22000 as proof of food safety management competence are banking on the fact that the scheme includes this requirement.

The most useful reframe is this: if your system is what your documents say it is, an unannounced audit is simply a surveillance audit that starts a bit earlier than expected. Build the system. Run the routines. The auditor is just a witness.

*For more on what FSSC 22000 Version 7 changes mean for certified organisations, see our Unannounced Audit Programme gallery card.*