The FSMA Preventive Controls for Human Food rule (21 CFR Part 117) requires every food facility to implement a written food safety plan with hazard analysis, preventive controls, monitoring procedures, corrective actions, and verification activities — all managed by a Preventive Controls Qualified Individual. FreedomDev builds the digital systems that replace paper-based HACCP binders with enforceable, auditable, real-time food safety platforms for mid-size food manufacturers, processors, and co-packers.
The FDA Preventive Controls for Human Food rule — codified in 21 CFR Part 117, Subparts A through G — fundamentally changed what food safety compliance means for manufacturers. Before FSMA, food facilities operated under Current Good Manufacturing Practices (CGMPs) and voluntary HACCP programs. After FSMA, every facility that manufactures, processes, packs, or holds human food must maintain a written food safety plan that includes a hazard analysis, preventive controls for each identified hazard, a supply-chain program for raw materials where the supplier applies the preventive control, a recall plan, and documented monitoring, corrective action, and verification procedures. This is not optional. It is federal law under the FDA Food Safety Modernization Act, signed in 2011 and phased into enforcement between 2016 and 2018 for facilities of varying sizes. FDA conducts inspections specifically against Part 117 requirements, and the consequences of non-compliance range from FDA Form 483 observations to warning letters, import alerts, injunctions, and facility seizures.
The practical problem is that most mid-size food manufacturers — facilities with 50 to 500 employees, $10M to $200M in revenue — built their food safety programs around paper. The HACCP binder sits in the quality manager's office. CCP monitoring logs are handwritten on clipboards that line operators carry on the production floor. Corrective action records are Word documents stored in a shared drive folder. Environmental monitoring swab results come back from the lab and get filed in a cabinet. Supplier verification records — letters of guarantee, certificates of analysis, audit results — live in another cabinet or a series of email attachments. The food safety plan itself is a Word document last updated 14 months ago that does not reflect the two new product lines added since then, the supplier change that happened in Q3, or the facility modification that altered the production flow.
This fragmentation creates three categories of risk that compound over time. First, monitoring gaps. When CCP monitoring is paper-based, deviations slip through. A line operator records a temperature reading at 2 PM that was actually taken at 1:30 PM — or not taken at all. A corrective action is performed but not documented until the end of shift, by which time the details are approximate. Environmental monitoring swabs are scheduled monthly but actually happen every 6 to 8 weeks because the lab coordinator is also covering QA duties. Under 21 CFR 117.145, monitoring must be performed as appropriate to the nature of the preventive control and its role in the facility's food safety system. Paper systems cannot enforce monitoring frequency or timeliness — they can only record what operators choose to write down.
Second, corrective action failures. Under 21 CFR 117.150, when a preventive control is not properly implemented or a corrective action procedure is not established, the facility must take corrective action to identify the problem, reduce the likelihood of recurrence, evaluate affected food for safety, and prevent the food from entering commerce if safety cannot be ensured. Paper-based corrective action processes have no enforcement mechanism. A deviation is identified, someone writes a corrective action on a form, and the form goes in the binder. There is no automatic escalation when the corrective action is not completed, no linkage between the deviation and the specific lot of food affected, no verification that the corrective action actually addressed the root cause, and no trending analysis across corrective actions to identify systemic issues. FDA inspectors specifically look for patterns in corrective action records — the same CCP exceeding limits repeatedly with the same generic corrective action suggests the facility is managing symptoms, not causes.
Third, verification breakdown. Verification under 21 CFR 117.155 and 117.165 requires that the preventive controls are consistently implemented, the monitoring activities are being conducted, corrective actions are taken when appropriate, and the food safety plan is reanalyzed at least every three years or whenever there is a significant change. Verification is where paper systems collapse completely. Reviewing 2,000 handwritten temperature logs for completeness and accuracy is a multi-day manual exercise. Cross-referencing corrective action records against monitoring deviations to confirm every deviation was addressed requires pulling data from multiple physical locations. Validating that environmental monitoring results do not show trending contamination patterns requires entering lab results into a spreadsheet and building charts manually. The PCQI who is supposed to oversee all of this is typically also the quality manager, also running the SQF or BRC audit program, and does not have the bandwidth to perform the verification activities that Part 117 requires at the depth that FDA expects.
Paper CCP monitoring logs create undetectable gaps: readings recorded late, missed entirely, or falsified under production pressure
Corrective actions documented on paper have no enforcement mechanism — deviations repeat with generic responses that FDA inspectors flag as systemic
PCQI performing verification across handwritten logs, scattered spreadsheets, and email attachments cannot complete reanalysis at the depth Part 117 requires
Environmental monitoring programs tracked in spreadsheets cannot trend Listeria or Salmonella positives across zones, dates, and corrective actions in real time
Supplier verification records (COAs, audit results, letters of guarantee) scattered across email, filing cabinets, and shared drives with no expiration tracking
Food safety plan documents in Word files are perpetually out of date — new products, new suppliers, and facility changes are not reflected in the hazard analysis
Our engineers have built this exact solution for other businesses. Let's discuss your requirements.
FreedomDev builds food safety management platforms that digitize the entire FSMA Preventive Controls framework — not as a generic document management system with food safety templates, but as an operational system where every preventive control, every monitoring activity, every corrective action, and every verification record is structurally linked to the hazard analysis that justified it. When your PCQI identifies a biological hazard at the cooking step during hazard analysis, the system creates the process preventive control for that CCP, defines the critical limit (internal temperature of 165 degrees F for poultry, for example), assigns the monitoring procedure (continuous temperature data logger with operator verification every 30 minutes), links the corrective action procedure that triggers when the limit is exceeded, and schedules the verification activities that confirm the control is working. Every element traces back to the hazard analysis. When FDA asks why you monitor temperature at cooking, the answer is not buried in a Word document — it is linked directly in the system from the hazard identification through the control justification to the monitoring record.
The system architecture maps directly to the regulatory structure of 21 CFR Part 117. Subpart C — Hazard Analysis and Risk-Based Preventive Controls — drives the data model. Each food product or product category has a hazard analysis that evaluates known or reasonably foreseeable biological, chemical (including radiological), and physical hazards. For each hazard that requires a preventive control, the system classifies it: process control (CCPs — cooking, cooling, acidification, hot hold), allergen control (labeling, cross-contact prevention, equipment cleaning), sanitation control (environmental monitoring, cleaning and sanitizing procedures), supply-chain control (supplier verification for hazards controlled by the supplier), or a combination. Each control type has its own monitoring parameters, corrective action workflows, and verification requirements because Part 117 defines different requirements for each. A process preventive control at a CCP has critical limits, monitoring frequency, and specific corrective action steps. An allergen preventive control has equipment cleaning verification, label review procedures, and production scheduling constraints. Treating all preventive controls as generic checkboxes misses the regulatory specificity that FDA inspectors enforce.
What separates this from SafetyChain, Alchemy, or Intelex is that FreedomDev builds the system around your facility's specific processes, hazards, and organizational structure — not a generic template you configure. Your cooking CCP for a retort process has different monitoring requirements than a baking oven CCP. Your environmental monitoring program for a ready-to-eat facility producing exposed product has different zone definitions, testing frequencies, and corrective action triggers than a facility producing products that consumers will cook before eating. Your allergen program for a facility running 6 of the 9 major allergens on shared equipment has different scheduling constraints and cleaning validation requirements than a facility with dedicated allergen-free lines. FreedomDev's compliance management solutions encode your specific food safety plan into the digital system so that compliance is not a parallel recordkeeping exercise — it is embedded in how your production floor operates.
A structured hazard analysis module where your PCQI evaluates biological, chemical (including radiological), and physical hazards for each product and process step, as required by 21 CFR 117.130. For each identified hazard, the system captures the hazard identification, the severity and probability assessment, the determination of whether the hazard requires a preventive control, and the justification for that determination. When the hazard analysis identifies a hazard requiring a preventive control, the system automatically creates the linked control record with its monitoring, corrective action, and verification procedures. When ingredients change, suppliers change, production processes change, or a new product is introduced, the system flags the hazard analysis for reanalysis and tracks which specific elements need PCQI review — satisfying the 117.170 reanalysis requirement with an auditable trail showing what changed and when the PCQI evaluated it.
Process preventive controls at Critical Control Points are monitored continuously or at defined intervals through IoT sensor integration and operator verification. Temperature probes, pH meters, metal detectors, and other monitoring instruments feed data directly into the system. When a CCP reading approaches or exceeds a critical limit, the system escalates in stages: a warning alert at the approach threshold, an automatic deviation record when the limit is breached, an immediate corrective action workflow assigned to the responsible operator with instructions specific to that CCP and that deviation type, and a production hold on the affected lot until the corrective action is documented and the PCQI or designated authority reviews and releases it. Under 21 CFR 117.145, monitoring must be adequate to assure preventive controls are consistently performed. Continuous data logging with automated deviation capture is the strongest evidence of consistent monitoring that you can present to FDA.
For facilities producing ready-to-eat foods, exposed products, or products susceptible to environmental pathogens, the system manages your environmental monitoring program as a sanitation preventive control under 21 CFR 117.135(c)(3). Define monitoring zones (Zone 1 through Zone 4), sampling sites within each zone, testing frequencies, target organisms (Listeria species, Listeria monocytogenes, Salmonella, coliforms, E. coli), and action levels for each. The system schedules sampling events, tracks swab results from your laboratory, and triggers escalating corrective actions based on results: intensified sampling around a positive site, expanded zone testing, root cause investigation, production environment assessment, and hold-and-test protocols for product produced during the contamination window. Trending dashboards show positive rates by zone, by site, by organism, and by time period — the exact analysis FDA expects during an inspection of your sanitation controls.
Allergen controls under 21 CFR 117.135(c)(2) require procedures to protect against allergen cross-contact and ensure correct labeling. The system manages three interconnected allergen control functions. First, ingredient-level allergen profiling for all 9 major allergens (milk, eggs, fish, shellfish, tree nuts, peanuts, wheat, soybeans, sesame) with automatic inheritance through recipes to finished products. Second, production scheduling with allergen sequencing rules: the system prevents scheduling a peanut-free product after a peanut-containing product on shared equipment unless an allergen cleaning procedure is completed and verified. Third, label verification workflows where the label allergen declaration is automatically cross-referenced against the production recipe's allergen profile before a production run starts — catching mismatches between what the label says and what the product contains before product reaches consumers.
When your hazard analysis determines that a hazard will be controlled by your supplier — such as aflatoxin in incoming peanuts or Salmonella in incoming spices — 21 CFR 117.405 through 117.475 (Subpart G) require a supply-chain program. The system manages supplier approval and verification activities: reviewing supplier food safety records, conducting or reviewing audit results, sampling and testing incoming materials, and reviewing supplier compliance history. Each approved supplier has a verification schedule with defined activities, and the system tracks completion, flags overdue verifications, and blocks receiving of materials from suppliers whose verification is lapsed. Letters of guarantee, certificates of analysis, third-party audit reports, and testing results are stored against the supplier record with expiration tracking and automatic renewal notifications.
21 CFR 117.139 requires a written recall plan for any food with a hazard requiring a preventive control. The system maintains your recall plan with defined procedures for notification of consignees, public notification, effectiveness checks, and disposition of recalled product. Mock recall functionality lets your team execute a simulated recall at any time: select a finished product lot, and the system traces backward to every ingredient lot and supplier, and forward to every customer shipment, generating the recall scope report in minutes. Mock recall results are logged with completion time, data completeness metrics, and identified gaps — giving your PCQI documented evidence of recall readiness that FDA inspectors and GFSI auditors specifically request.
Verification activities under 21 CFR 117.155 and 117.165 require that the PCQI confirm preventive controls are implemented correctly, monitoring is conducted as specified, corrective actions are taken appropriately, and the food safety plan remains adequate. The PCQI dashboard consolidates all verification activities into a single interface: CCP monitoring record review with statistical deviation analysis, corrective action trend reports by CCP and by shift, environmental monitoring program trending with zone-level positive rate tracking, supplier verification status across all approved suppliers, calibration records for monitoring instruments, and food safety plan reanalysis tracking. When reanalysis is triggered — by a new hazard, a process change, a new product, a significant regulatory change, or the 3-year mandatory review cycle — the system guides the PCQI through a structured reanalysis workflow that documents what changed, what was evaluated, what conclusions were reached, and what modifications to the food safety plan are required.
Our last FDA inspection under the old paper system resulted in three 483 observations — all related to incomplete corrective action documentation and gaps in our environmental monitoring records. After implementing the digital food safety platform, our next inspection had zero observations. The inspector specifically commented that our ability to pull CCP monitoring records, corrective action history, and environmental trending data during the inspection was the best she had seen at a facility our size.
We start by reviewing your existing food safety plan, HACCP documentation, CGMP programs, and current monitoring practices against 21 CFR Part 117 requirements. This is not a generic compliance checklist — our team works with your PCQI to evaluate each element: Is the hazard analysis current and does it cover every product and process step? Are preventive controls properly classified (process, allergen, sanitation, supply-chain)? Do monitoring procedures match what Part 117 specifies for each control type? Are corrective action procedures adequate and actually followed? Is verification happening at the frequency and depth the rule requires? Deliverable: a gap analysis report mapping your current state against every applicable section of Part 117, prioritized by risk severity and inspection likelihood, with a recommended digitization roadmap.
Your PCQI's hazard analysis becomes the foundation of the digital system. We structure every identified hazard, its severity and probability evaluation, the preventive control determination, and the linkage to monitoring/corrective action/verification procedures in the system's data model. For process preventive controls, we map each CCP with its critical limits, monitoring parameters, and sensor integration requirements. For allergen controls, we model your ingredient allergen profiles, production line configurations, and cleaning validation procedures. For sanitation controls, we define your environmental monitoring zones, sampling sites, target organisms, and escalation protocols. For supply-chain controls, we configure your approved supplier list, verification activities, and receiving validation rules. This phase requires close collaboration with your PCQI because they are the qualified individual responsible for the food safety plan's content.
We build the monitoring, corrective action, and verification modules and integrate them with your production environment. CCP monitoring integrates with your existing temperature probes, data loggers, pH meters, and metal detectors — or we spec and install new IoT sensors where needed. Operator interfaces are designed for the production floor: touchscreen tablets at CCP stations with large, clear displays showing current readings, limit status, and one-tap corrective action initiation. Environmental monitoring modules integrate with your laboratory's LIMS or provide standalone swab tracking with result entry and automatic escalation logic. Allergen controls integrate with your production scheduling system to enforce sequencing rules. Supplier verification modules connect with your ERP's receiving workflow to block non-compliant materials.
The digital system runs alongside your existing paper-based processes for a validation period. Every CCP reading is captured both digitally and on paper. Every corrective action is documented in both systems. We compare outputs to verify the digital system captures everything the paper system does — plus the automated escalations, trend analysis, and verification capabilities that paper cannot provide. Training is role-specific: line operators learn CCP monitoring on touchscreen interfaces, QA technicians learn environmental monitoring and corrective action workflows, the PCQI learns verification dashboards and reanalysis procedures, and receiving personnel learn supplier verification and COA validation. Training materials are designed for the actual digital literacy level of your production floor staff — not IT documentation written for software engineers.
After validation, we transition to the digital system as the primary food safety record system. Before go-live, we conduct a mock FDA inspection using the digital system: simulating inspector requests for food safety plan documentation, CCP monitoring records, corrective action history, environmental monitoring trends, supplier verification records, and recall plan execution. Any gaps identified during the mock inspection are resolved before the system goes live. Post-launch support includes 90 days of hypercare with on-site availability during the first 2 weeks, ongoing system monitoring, regulatory update integration when Part 117 guidance documents change, and annual food safety plan reanalysis support for your PCQI.
| Metric | With FreedomDev | Without |
|---|---|---|
| Hazard Analysis Management | Structured, linked to all controls with automatic reanalysis triggers | Word document updated manually, often outdated within months |
| CCP Monitoring | Continuous IoT sensor data + operator verification, automated deviation capture | Handwritten logs on clipboards, reviewed days or weeks later |
| Corrective Action Enforcement | Automated workflows with lot hold, escalation timelines, root cause tracking | Paper forms filed in binders — no enforcement, no trending, no follow-up |
| Environmental Monitoring Trending | Real-time dashboards by zone, site, organism, and time period | Lab results in spreadsheets — manual charting, no automated escalation |
| Supplier Verification | Automated scheduling, expiration tracking, receiving blocks for lapsed suppliers | COAs in email, audit reports in filing cabinets, no expiration alerts |
| Verification & Reanalysis | PCQI dashboard with statistical analysis, guided reanalysis workflows | PCQI manually reviews thousands of paper records — incomplete by definition |
| Recall Readiness | One-click forward and backward lot trace in minutes | Multi-day manual cross-referencing across disconnected records |
| FDA Inspection Response | Records retrieved and presented in minutes with full audit trail | Days of binder assembly, with gaps discovered during the inspection |
Schedule a direct technical consultation with our senior architects.
Make your software work for you. Let's build a sensible solution.