Tip Sheet 14 - Food Defense Plan

SQF Fundamentals defines a Food Defense Plan as the “methods, responsibility and criteria for preventing food adulteration caused by a deliberate act of sabotage or terrorist-like incident.”

This element ensures a site is prepared for combating a terrorist-like incident. The Food Defense plan should address the physical security of a site including visitor/employee protocol; chemical, equipment, and ingredient storage; and product transport of raw materials and/or ingredients from approved suppliers or finished product transport.

Learning Objectives

  • Understand food defense and the intention of creating  a plan for your site
  • Identify what to include in a food defense plan
  • Measure the susceptibility and severity of identified food defense risks

Applicable Code Elements

  • 2.7.1

Key Terms

Food Defense

Preventative methods for addressing intentional and harmful adulteration to food products for the purpose of terrorist-like acts.


The measure of a harmful potential risk to a food product or process.


The measure of availability for a food product or process to be reached.

Process Steps


i. Create a team of committed employees to create, assess, evaluate, and maintain the site’s Food Defense plan.

Examples: Think of those employees in your organization that have been trained and have oversight of many aspects of your site. Consider diversifying your team to cover all site areas, management levels, and responsibilities. Could you include you Quality Manager? Your Plant Manager? List: First and Last Name, Title, Phone Number, Email

List: First and Last Name, Title, Phone Number, Email


i. Describe your site. Describe your employees. Describe your products and the processes associated with making those products.


Site Description: Building site with two processing rooms, one storage room, and one office area. One entry and exit to storage room. One entry and exit to processing room. Hallway joins storage room and processing room #1. Fence closes outside perimeter. One entry and exit for site grounds guarded 24/7 by guard. Nearby buildings include post office and consulting firm. Receiving area is in the rear of the building. All suppliers must enter from the same entrance as all employees, visitors, etc. through the guarded area.

Employee Description: 15 full-time employees. Contractors are used for equipment maintenance, pest control, and equipment calibration.

Product Description: Manufacture two (2) types of cookies. One is sugar and the other is chocolate chip.


i. List the process name and the process steps

Example: Process Name: Cookie dough

Process Steps Name: Receiving


1. Cookie dough is received from approved Supplier (Ted’s Cookie Ingredients Address: 1234 Sugar Lane, Mississippi, USA)

2. Jackie Tossem checks to make sure product is received at temperature below 41F with calibrated thermometer and records reading.

3. Received product is then placed in cooler storage area room #4.

ii. Measure and record how accessible and vulnerable each process is 1-10 scale (create your scale)

Example: The FDA has created an Accessibility scale and Vulnerability scale as shown below:

iii. List where accessibility and vulnerability could be breached in the process step. Ask question such as,

  • “Do all entry ways to the site have locks, seals, or alarms (i.e., windows, doors, roof openings, trucks, etc.)?”
  • “How are visitors and employees entering the facility monitored and identified throughout their time at the facility (i.e., sign-in sheets, identification tags, etc.)?”
  • “Are the emergency lights and sound systems regularly tested?”


i. List strategies next to each process step for mitigating potential threats. These are physical barriers such as installing an alarm system to all exit doors, peer monitoring high risk areas, ensuring barriers such as gates and walkways to areas of high vulnerability have limited accessibility, using employee uniform colors to distinguish allowed areas of entrance for employees, etc.


i. Think of necessary emergency contacts should a threat occur. Do you have a local fire department? A local FBI department? A chemical control company?

ii. List all, but not limited to, these emergency contacts with two contact names, an emergency number, emergency email, and any other contact information necessary.


i. Plan dates for when these action steps will occur. Appoint an employee to be responsible for each action step. Monitor the progress whether completed, in progress, or not started.


i. Conducted annually to validate that the Food Defense plan is not only documented and implemented, but also actually mitigating the threats it was intended to prevent.

ii. Ideally, this should be done by someone unaffiliated and unfamiliar with the Food Defense plan to ensure a non-biased assessment. This could be done through a third-party or another employee within the site.

Relevant Resources

Download the .pdf

Translations are provided as a service to SQF customers and are provided "as is." No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, or correctness of any translations made from English into any other language.

PDFs of the Guidance Documents and Tip Sheets are only available in English. To download translated versions, navigate to your desired language and save this page as a PDF. Press Ctrl + P, choose "Print to PDF" as the destination. For more help, check your browser's documentation or contact support.