What are HACCP, TACCP, and VACCP?
And how do they differ?

Frameworks:

HACCP (Hazard Analysis and Critical Control Points), TACCP (Threat Assessment and Critical Control Points) and VACCP (Vulnerability Assessment and Critical Control Points) are three common frameworks and tools used in food safety to address different types of risks.

In this post, we’ll look at what each of them means and the essential requirements you need to meet BRCGS standards. But first, here’s a quick overview of the key differences.

The difference:

HACCP, TACCP and VACCP each come at food safety from a different angle.

HACCP deals with unintentional hazards to food safety, using prerequisite programmes and critical control points (CCPs) to manage risks.
TACCP addresses intentional acts of contamination or tampering, focusing on food defence strategies. Threats are considered behaviourally or ideologically motivated and can be undertaken by disgruntled employees/insiders or activists/extremist groups.
VACCP targets vulnerabilities covering food fraud (e.g. intentional adulteration and substitution of raw materials and products in the food supply chain for economic and financial gain).

All three frameworks and tools are complementary and necessary to ensure comprehensive risk management for food safety, authenticity and security.

Using them in a robust system helps you address critical areas of concern and adhere to the BRCGS Global Standard.

Now, let’s take a closer look at each.

HACCP

Army Natick Laboratories.

Their objective was to ensure the safety of food HACCP is a globally recognised system designed to ensure food safety by identifying, assessing and controlling potential hazards in the food production process.

It involves taking a preventive approach to eliminate or reduce (to a safe and acceptable level):

Microbiological contamination
Physical contamination
Chemical and radiological contamination
Fraud (e.g. substitution or deliberate/intentional adulteration)
Malicious contamination of products
Allergen risks

HACCP was developed in the 1960s by the Pillsbury Company in collaboration with NASA and the U.S. consumed by astronauts in space, where foodborne illnesses could have catastrophic consequences.

Subsequently, The Codex Alimentarius Commission (CAC) — an international body that sets food standards — adopted the General Principles of Food Hygiene, including Pillsbury Company’s HACCP principles and application steps.

All international HACCP standards are based on CAC principles and are a legal requirement for companies involved in food manufacturing in most countries.

HACCP has been a legal requirement for most food businesses operating within the European Union (EU) since 2006. The UK retained this regulation after leaving the EU.

Key BRCGS requirements for HACCP

The main clause in BRCGS Global Standards Food Safety Issue 9 covering HACCP is ‘clause 2.: The food safety plan – HACCP’.

Here are the key steps you need to follow to meet requirements:

2.0. The food safety plan – HACCP: ‘The company shall have a fully implemented and effective food safety plan incorporating the Codex Alimentarius HACCP principles.’
2.1. Establish the HACCP food safety team (equivalent to Codex Alimentarius Step 1)
2.2. Develop and implement prerequisite programmes
2.3. Describe the product (equivalent to Codex Alimentarius Step 2)
2.4. Identify intended use (equivalent to Codex Alimentarius Step 3)
2.5. Construct a process flow diagram (equivalent to Codex Alimentarius Step 4)
2.6. Verify process flow diagram (equivalent to Codex Alimentarius Step 5)
2.7. List all potential hazards associated with each process step, conduct a hazard analysis and consider any measures control hazards (equivalent to Codex Alimentarius Step 6, Principle 1)
2.8. Determine the CCPs (equivalent to Codex Alimentarius Step 7, Principle 2)
2.9. Establish validated critical limits for each CCP (equivalent to Codex Alimentarius Step 8, Principle 3)
2.10. Establish a monitoring system for each CCP (equivalent to Codex Alimentarius Step 9, Principle 4)
2.11. Establish a corrective action plan (equivalent to Codex Alimentarius Step 10, Principle 5)
2.12. Validate the HACCP plan and establish verification procedures (equivalent to Codex Alimentarius Step 11, Principle 6)
2.13. HACCP documentation and record-keeping (equivalent to Codex Alimentarius Step 12, Principle 7)

By systematically managing potential hazards, a HACCP plan helps you protect public health, comply with regulations and build consumer confidence in your food products.

TACCP

TACCP is a risk management framework that identifies and prevents threats to food. BRCGS defines TACCP as ‘Food defence protecting products, premises and brands from malicious actions while under the control of the site, which can compromise food safety, integrity, or consumer trust.’

TACCP builds on the existing process of HACCP. But where HACCP targets unintentional hazards, TACCP deals with intentional and malicious contamination that can harm food products, systems or supply chains (behaviourally or ideologically).

This includes things like:

Dilution or adulteration (e.g. adding cheaper substances to a product to cut costs)
Counterfeiting
Mislabeling
Tampering with packaging
Adding undeclared allergens or harmful bacteria
Poisoning food supply
Sabotaging the supply chain
Intentionally damaging stock

While TACCP isn’t a legal requirement in the UK, it is a BRCGS requirement. The Food Safety Act 1990 requires all food businesses to produce food that will not cause harm, meets food safety requirements and is as the consumer expects. TACCP helps ensure this.

Key BRCGS requirements for TACCP

The main clause in BRCGS Global Standards Food Safety Issue 9 covering TACCP is ‘Clause 4.2.: Food defence.’

4.2. Food defense: ‘Systems shall protect products, premises and brands from malicious actions while under the control of the site’
4.2.1. Competency of the food defense team
4.2.2. Documented assessment of security
4.2.3. Additional controls to mitigate risks
4.2.4. Authorised access

By identifying threats and implementing targeted controls, TACCP protects public health, maintains trust in food products and safeguards your business from anyone with harmful intentions.

VACCP

VACCP is a proactive framework designed to identify and mitigate food vulnerabilities to protect the integrity of raw materials as they move through the supply chain.

Like TACCP, a VACCP system also uses similar principles to HACCP. But where TACCP focuses on deliberate tampering, VACCP deals with economically motivated
adulteration, substitution, mislabeling or counterfeiting.

VACCP isn’t a legal requirement, but BRCGS strongly recommends food companies have a system in place. Again it comes down to food safety. Any measures that help ensure products do not harm or mislead the public are worth implementing.

Key BRCGS requirements for VACCP

The main clause in BRCGS Global Standards Food Safety Issue 9 covering VACCP is ‘Clause 5.4.: Product authenticity, claims and chain of custody.’

5.4. Product authenticity, claims and chain of custody: ‘Systems shall be in place to minimise the risk of purchasing fraudulent or adulterated food raw materials and to ensure that all product descriptions and claims are legal, accurate and verified’
5.4.1. Competency of the vulnerability assessment and food fraud team
5.4.2. Provision of knowledge and information
5.4.3. Vulnerability assessment
5.4.4. Output from the vulnerability assessment
5.4.5. Status verification of raw materials
5.4.6. Certified third-party standards
5.4.7. Claims and loss of identity

By identifying vulnerabilities and implementing targeted mitigation measures in the food supply chain, a VACCP plan ensures product authenticity, preserves the integrity of the food supply chain and protects your customers.

While TACCP and VACCP are less known than HACCP and not strictly a legal requirement, a food safety management system that factors in food defence and fraud alongside unintentional hazards is the best way to run a food-safe business.

Want to learn more about food safety?

Check out our range of BRCGS, Food Safety and HACCP courses by clicking the button below.

tolearn inovative Food Safety Management Platform

Book a tolearn Food Safety Management Management Platform live demo at a date and time which is best for you to see how tolearn can assist your company with onboarding of staff, employee competency and improve food safety culture.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	past	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wordpress_test_cookie	session	This cookie is used to check if the cookies are enabled on the users' browser.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_36130860_1	1 minute	This cookie is set by Google and is used to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.

Cookie	Duration	Description
ep201	30 minutes	This cookie is set by the provider Surveymonkey. This cookie is used for statistical analysis and website optmization. It gathers information on user's interaction with the SurveyMonkey- Widget on thewebsite.
ep203	3 months	No description available.
wp-resetpass-ab16250fe658a29e99b4c80a7a6cb0e6	past	No description

See our excellent reviews on

See our excellent reviews on

What are HACCP, TACCP, and VACCP?
And how do they differ?

Frameworks:

The difference:

HACCP

Key BRCGS requirements for HACCP

TACCP

Key BRCGS requirements for TACCP

VACCP

Key BRCGS requirements for VACCP

Want to learn more about food safety?

tolearn inovative Food Safety Management Platform

What are HACCP, TACCP, and VACCP?And how do they differ?

Frameworks:

The difference:

HACCP

Key BRCGS requirements for HACCP

TACCP

Key BRCGS requirements for TACCP

VACCP

Key BRCGS requirements for VACCP

Want to learn more about food safety?

tolearn inovative Food Safety Management Platform

What are HACCP, TACCP, and VACCP?
And how do they differ?