Food Safety Magazine, August/September 2010

CARVER + Shock software5 might look like Figure 3. Although the steps have slightly different names than those used in the HACCP flow diagram due to the structure of the software, the process used to identify the production process for a vulnerability assessment is identical to the HACCP process.

The CARVER process was originally developed by the Department of Defense as a target development and vulnerability tool. It was an offensive methodology adapted to defensive purposes and applied to the Nation’s food infrastructure and industries following 9/11.

CARVER is an acronym that relates
six attributes that help define the risk of
a food processing component to attack.
The attributes are the following:
• Criticality - measure of public health
and economic impacts of an attack
• Accessibility - ability to physically ac-
cess and egress from target
• Recuperability - ability of system to re-
cover from an attack
• Vulnerability - ease of accomplishing
attack
• Effect - amount of direct loss from an
attack as measured by loss in produc-
tion
• Recognizability - ease of identifying
target
“Shock” has been added to the origi-
nal six attributes to assess the combined
health, economic and psychological im-
pacts of an attack within the food indus-
try.

Using the process requires the business to identify the key steps in the production process. The process steps are then grouped into rooms, buildings and facilities in accordance with the layout of the facility. A series of questions are posed within the software that explores each component’s overall vulnerability to intentional contamination based on the above attributes.

Figure 4: CARVER Software Ranking of Production Elements.

The vulnerability assessment, when completed, ranks the steps in the production process from most to least risky. Each attribute is scored from a 1 (low) to a 10 (high), and the attribute scores are summed to obtain a total score. Hypothetical scores for the example are shown in Figure 4. Note that steps 2 and 5 in the HACCP plan received the highest scores, identifying them as critical defense points (CDPs).

Simplified Vulnerability
Assessment for Small
Business and HACCDP

Although the CARVER software is an extremely useful vulnerability assessment tool, it is not likely to be as useful for small businesses as it may be for larger ones. An alternative method for small businesses that is compatible with and builds on HACCP is proposed here by the authors. It begins with the HACCP flow diagram and requires someone familiar with that process to assess the vulnerability, accessibility and consequence of contamination at each step of the HACCP process. This simplified assessment is conducted for each step in the HACCP flow diagram. The elements of the assessment are described below.

Example ratings follow. It is not so important to use these definitions as it is to establish definitions that are meaningful for your establishment. Any rating system used should be documented in writing. These definitions simply suggest the kinds of things one may think about regarding each of the three attributes.

1. Accessibility

Is this step in your process accessible? Could a person intent on contamination or adulteration of your product gain access to the location, station, equipment or process step depicted in the diagram? Rate their access as high, moderate, low or none.

High = Easily Accessible (e.g., target
is outside the building and there is no
perimeter fence; limited physical or
human barriers or observation; attacker
has relatively unlimited access to the tar-
get; attack can be carried out using
medium or large volumes of contami-
nant without undue concern of detec-
tion; multiple sources of information
concerning the facility and the target are
easily available).

2. Vulnerability

Is this step in your process vulnerable? If a person gained access to this process step, could they successfully complete an attack? How easy would it be for an attacker to introduce a chemical, pathogen or other attack agent in sufficient quantities to achieve their goal once the target has been reached? Rate the vulnerability as high, moderate, low or none.