V
VISPEXIO
Safety & Compliance
DE | EN | ES
Expert glossary for audits, hygiene & evidence

Safety & Compliance Glossary

Terms, methods and metrics — explained so auditors, QA and operations teams speak the same language.

# What is an Audit Trail? # What is HACCP in warehouses and food processing? # What are control rounds in warehouses or commercial kitchens? # How do you document in an IFS-compliant way? # What are compliance KPIs in warehouses and gastronomy?
Why this glossary?
Compliance rarely fails because of missing intent — it fails because of missing evidence: who checked what, when, where, and how deviations were handled. This glossary translates “standard language” into daily practice.
  • Audit-ready definitions (no buzzwords).
  • Practical examples for warehouses, kitchens, HoReCa and technical environments.
  • Evidence first: photo, note, QR checkpoint, accountability.
  • KPI thinking: from “a check was done” to controllable compliance performance.
Claim:
VISPEXIO is a Safety & Compliance software for logistics companies, bars, restaurants, hotels and catering (HoReCa), medical, machines and equipment.
Who is this for?
  • Warehouse managers, shift leads, operations managers
  • QA/QC, HACCP teams, food safety teams
  • HoReCa: head chefs, F&B, hygiene officers
  • Auditors (internal/external) and certification support
  • Facility/engineering: maintenance, safety, fire protection

What is an Audit Trail?

An audit trail is the tamper-resistant evidence path: every action, every change, every deviation — with time, person, object and context.

↑ Back to top
vispexio_glossary.images.audit_trail_alt
VISPEXIO sets the new standard for digital audit trails: every action is time-stamped, user-attributed and fully traceable – tamper-proof, transparent and audit-ready at any time.
Deep dive

Audit trail means you can answer, without gaps: Who checked what, when, where — what was the result — and what happened next?

In logistics and HoReCa this is the difference between “we always do it” and “we can prove it”. A good audit trail is tamper-resistant, complete and context-rich (e.g., photo + note + QR checkpoint).

Not only the event matters, but the deviation chain: actions, owners, deadlines, effectiveness checks. That’s often where audits are won or lost.

Key terms
Audit-ready / tamper-resistant
Records cannot be changed unnoticed; changes are versioned and traceable.
Timestamp
System-generated date/time per event — basis for chronology.
User ID / accountability
Unambiguous link between an action and a person/role.
Object reference
Link to a specific object: trap, cold room, machine, checkpoint.
Context data
Photo, note, location, device, language, measurements — increases evidence quality.
Immutable logs
Logs are not overwritten; corrections are appended as new entries.
Versioning
Checklist/process changes are tracked as versions (who/what/when/why).
Change log
Documents what changed (before/after).
Access log
Tracks logins/access — relevant for integrity and privacy.
Exportability
Audit trails must be deliverable as reports (PDF/CSV).
Retention policy
How long evidence must be stored (depends on standard/sector).
Permissions / roles
Role-based rights prevent unauthorized edits and strengthen evidence.
Photo evidence
Image proof for an event; strongly increases credibility.
QR checkpoint
Unique marker at the point of control; reduces “paper checks”.
Run log
Chronological set of checks within a control round.
Nonconformity
A requirement is not met; must be assessed and handled.
Correction
Immediate fix of the issue (e.g., adjust temperature).
Corrective action
Eliminate the root cause to prevent recurrence (CAPA logic).
Effectiveness check
Proof that actions worked sustainably (follow-up).
Auditability
Data is structured so third parties can verify it.
Real-time logging
Records are created automatically at the moment of action.
Integrity
Records are complete, correct and consistent (no gaps).
Evidence chain
Logs + attachments + owners + reports as an auditable whole.
Deviation workflow
Defined handling: action, owner, deadline, verification.
Practice: how to make it audit-ready
  • Use QR checkpoints on the object (trap/cold room/machine).
  • Secure each check with photo or note (context beats ticks).
  • Deviation requires action + owner + deadline.
  • Version checklists: changes are audit-relevant.
  • Export reports by time range, location, object and deviations.
FAQ (10)
What makes an audit trail “good” to an auditor?
Completeness, tamper resistance, object reference, accountability, and a clean deviation/action chain.
Is a scanned paper list enough?
Often not equivalent: it lacks context, change history, accountability and tamper resistance.
Why are photos so important?
They add context (condition/location) and reduce interpretation and manipulation risk.
Correction vs corrective action?
Correction fixes now; corrective action removes the root cause to prevent recurrence.
How do you prevent “fake checks”?
Object QR, timestamps, mandatory fields (photo/note) and plausibility rules.
Minimum fields for an audit trail?
Time, person/role, object/location, result, evidence (photo/note), measurements, follow-up actions.
How to handle corrections in audit trails?
Don’t overwrite — append a new entry with reason/reference (versioning).
How does privacy relate?
Role-based rights, access logs, and clear retention/deletion rules.
Only relevant for food?
No — medical, technical, safety and fire protection also benefit.
Most common failure?
Gaps: missing checks, no actions after deviations, or unclear ownership.

What is HACCP in warehouses and food processing?

HACCP is prevention: identify hazards, control critical points, monitor limits and manage deviations — documented and verifiable.

↑ Back to top
vispexio_glossary.images.haccp_alt
HACCP executed the VISPEXIO way: real-time temperature monitoring, structured CCP control and seamless digital evidence – raising food safety to a new operational standard.
Deep dive

HACCP is a system for controlled food safety. In warehouses it covers receiving, cold storage, cross-contamination, pest pressure, and sanitation — treated as risks and controlled via checks.

HACCP is not “just checklists”. It’s risk management: hazard analysis → CCP/OPRP → limits → monitoring → actions → verification/validation.

In HoReCa, HACCP lives through temperature logs, cleaning plans, allergen management and pest monitoring — where documentation quality defines audit ease.

Key terms
Hazard analysis
Systematic assessment of biological, chemical and physical risks in a process.
Biological hazard
Microorganisms like Listeria/Salmonella; risk increases with temperature failures.
Chemical hazard
Residues from cleaners, lubricants, allergens, pesticides.
Physical hazard
Foreign bodies like glass, metal, wood splinters, packaging.
CCP
Critical point where control is essential to prevent/eliminate a hazard.
OPRP
Operational PRP controlling risks (between PRP and CCP).
Critical limit
Measurable threshold (e.g., temperature) that triggers action when exceeded.
Monitoring
Planned surveillance of CCP/OPRP (e.g., measurement, visual check).
Deviation
Non-compliance with a limit/requirement; must be handled.
Corrective action
Defined response to deviation (e.g., block, discard, rework).
Verification
Proof HACCP works as intended (reviews, internal audits, trends).
Validation
Proof controls are suitable in principle (process assessment).
Cold chain control
Monitoring temperatures in storage/transport.
Goods-in inspection
Check temperature, date, packaging, documents at receiving.
Allergen management
Prevent cross contact; correct labeling and process separation.
Cleaning & disinfection plan
Defines what/when/how to clean incl. owner and records.
Personal hygiene
Rules on clothing, hand hygiene, illness, behavior in hygiene areas.
Pest monitoring
Systematic checks of trap/bait points incl. findings and actions.
Traceability
Batch/flow evidence: where it came from and where it went.
Hold status
Block goods/areas until clarification.
FIFO/FEFO
Stock rotation to reduce expiry risk.
Temperature mapping
Identify critical zones in cold rooms for sensor placement.
Cross contamination
Transfer of microbes/allergens via surfaces, tools, people or flow.
Self-control system
Company system for continuous control and documentation.
HACCP plan
Documented hazards, controls, limits, monitoring and actions.
Practice: how to make it audit-ready
  • Make CCP/OPRP explicit and capture critical limits as mandatory fields.
  • Temperature checks: value + photo of display + note on deviations.
  • Receiving: packaging/temp/expiry in one auditable record.
  • QR trap points: findings + actions captured immediately.
  • Verify via KPIs: monthly trend analysis instead of “folders”.
FAQ (10)
Is HACCP only for production?
No — storage, handling, HoReCa and transport are often more critical than manufacturing.
Most common warehouse HACCP failure?
Temperatures are guessed or filled in later without objective evidence.
When is something a CCP?
When control is essential and later steps cannot reliably eliminate the hazard.
How to prove cold chain compliance?
Defined limits, monitoring, deviation handling and auditable reports.
Why is pest monitoring HACCP-relevant?
Pests are direct biological/physical hazards and a strong audit focus.
Is “cleaned” as a tick enough?
Better: object reference, time, owner, evidence and deviation actions.
How often measure temperatures?
As needed to control risk — depends on product, process and risk analysis.
What is verification day-to-day?
Reviews, internal audits, sampling, trend analysis and effectiveness checks.
How does QR scanning help?
It enforces object/location reference and reduces backfilled “paper logic”.
What do auditors check first?
Hazard analysis, CCP/OPRP logic, monitoring records, deviations and action chain.

What are control rounds in warehouses or commercial kitchens?

Control rounds are defined inspection routes across objects/areas — with clear accountability, frequency and evidence.

↑ Back to top
vispexio_glossary.images.control_rounds_alt
Control rounds redefined: QR-based checkpoints, structured workflows and instant deviation alerts – VISPEXIO turns routine inspections into measurable compliance performance.
Deep dive

A control round is a planned sequence of checks (traps, cold rooms, sanitation zones, fire exits). The core is standardization: same route, same criteria, same evidence.

In warehouses, rounds protect process and hygiene discipline. In HoReCa, they prevent blind spots (cold room, dishwashing, allergen zones). Execution matters: frequency, criteria, and deviation logic.

Digitally, rounds become powerful when individual checks form a run log — with missed rounds, trends and exports.

Key terms
Run
A completed control round as a documented record with time, route and outcomes.
Checkpoint
Inspection point (object/area) to be visited and documented.
Frequency
How often a check must happen (daily, weekly, per shift).
Route
Order/logic of checkpoints to reduce missed points.
Checklist
Criteria set per checkpoint (clean, intact, temperature ok, etc.).
Mandatory evidence
Required photo/note/measurement to ensure proof quality.
Visual inspection
Qualitative check of condition (cleanliness, traces, damage).
Measurement check
Quantitative check (temperature, pH, wash temperature).
Deviation workflow
Rules when not ok (action, ticket, escalation).
Escalation level
When/whom to notify for major issues.
Missed run
Round not completed in time window — key KPI.
Hold / block
Temporary block of goods/area/equipment until cleared.
Re-check
Follow-up check to prove effectiveness.
Audit export
Auditable report (PDF/CSV) for time range/site/deviations.
Shift reference
Rounds assigned per shift (early/late/night).
Zoning
Divide into zones (high care/low care, allergen zone etc.).
Sanitation zone
Areas/tools with defined cleaning cycle and records.
Chemical safety checkpoint
Check storage/labeling/access of chemicals (HSE).
Fire safety checkpoint
Check exits, extinguishers, doors, signage.
Cold room checkpoint
Check temperature, hygiene, seals, condensation, order.
Dishwashing checkpoint
Check wash temperature, chemicals, hygiene, drying.
Pest checkpoint
Check traps/bait stations incl. findings and actions.
Calibration status
Measurement devices are valid; otherwise readings are disputable.
Work instruction
How to check, tolerances, actions on deviations.
Responsibility matrix
Who executes, who reviews, who decides (RACI).
Practice: how to make it audit-ready
  • Define route + time window (zones, order, shift logic).
  • Make criteria specific (avoid “all ok”).
  • Deviations force evidence + action + owner.
  • Expose missed rounds: dashboards + reminders.
  • Proof first: fewer checkpoints, stronger evidence.
FAQ (10)
Are control rounds just “walking checklists”?
No — they are a management tool: standard, evidence, deviations and trend steering.
How many checkpoints are sensible?
As many as you can execute properly — better 16 strong proofs than 80 weak ticks.
How to prevent “tick-and-go”?
Object QR, mandatory evidence and deviation workflows.
Which rounds are audit-critical?
Food safety (temps, hygiene, pests) plus fire and occupational safety.
Does every deviation need an action?
Yes — at least assessment/decision. Otherwise it looks ignored.
How to prove re-checks?
As a separate checkpoint/run linked to the deviation with effectiveness note.
How to connect rounds to KPIs?
Missed runs, deviations/run, response time, action cycle time, effectiveness rate.
Can HoReCa do rounds per shift?
Yes — early/late/night with dedicated zones (cold room, dishwashing, allergen areas).
How do audits become easier?
Export by time range: runs, deviations, actions, photos — no folder digging.
Biggest lever?
Consistent object reference (QR) and clear action logic for deviations.

How do you document in an IFS-compliant way?

IFS-style documentation is controlled, traceable, complete and risk-based — with clean deviation handling and change control.

↑ Back to top
vispexio_glossary.images.ifs_documentation_alt
IFS-compliant documentation without paperwork: version-controlled records, secure archiving and complete traceability – VISPEXIO transforms compliance into a competitive advantage.
Deep dive

IFS-compliant documentation means: controlled documents (version, approval, validity), strong records (object-based, timestamped, accountable) and managed deviations (actions + effectiveness).

Many IFS issues are small: missing signatures, unclear ownership, backfilled entries without context. Digitally you can enforce quality via workflow rules.

IFS is not about “lots of paper”. It’s about controlled processes. Lean and clear beats messy binders.

Key terms
Document control
Rules for creation, approval, versioning, distribution and archiving.
Validity status
Valid/obsolete/replaced; prevents use of outdated versions.
Version
Unique state of a document/checklist set.
Approval
Authorized release (e.g., QA) of a document/process.
Reason for change
Why a change was made — a common audit question.
Record
Documented evidence of execution (e.g., run log).
Risk assessment
Assess risk and define adequate controls.
Internal audit
Planned checks by the organization incl. report and actions.
Deviation classification
Minor/major/critical logic guiding priority and escalation.
CAPA
Corrective & preventive action: root cause → action → effectiveness.
Root cause analysis
Why it happened (5-Why, Ishikawa).
Action plan
What, by whom, by when — with deadlines.
Effectiveness evidence
Proof actions solved the issue sustainably.
Training record
Who was trained on what and when.
Competence matrix
Overview roles/skills supporting audit logic.
Traceability test
Proof traceability works within required time.
Supplier approval
Supplier evaluation and approval criteria + records.
Receiving records
Evidence of receiving checks (temp, condition, docs).
Hygiene records
Cleaning, disinfection, pest monitoring evidence.
Maintenance records
Evidence of maintenance and upkeep.
Calibration records
Evidence measuring devices are accurate and valid.
Hold/release process
How goods/areas are blocked and released.
Management review
Leadership review incl. KPIs and improvements.
Audit report
Findings, assessment and actions.
Audit trail
Evidence path for execution/changes — strengthens records.
Practice: how to make it audit-ready
  • Version and approve checklists/processes; only valid versions usable.
  • Records must be object-based (QR) + time + owner.
  • Classify deviations and enforce CAPA (cause → action → effectiveness).
  • Keep calibration valid; otherwise measurements are disputable.
  • Design for export: filters + evidence + action chain.
FAQ (10)
IFS-compliant documentation in one sentence?
Controlled documents + strong records + managed deviations/actions.
Why do versions matter so much?
Auditors check whether people worked to the current standard; outdated checklists are a classic finding.
How lean can documentation be?
As lean as possible, as long as risks are controlled and evidence is verifiable.
Which records are most audit-critical?
Food safety (temps, hygiene, pests), receiving, traceability, actions/effectiveness.
Typical documentation failures?
Backfilled entries without context, unclear owners, weak deviation handling, unmanaged versions.
How to show effectiveness?
Follow-up checks, KPI trends and documented evaluation — not only “done”.
Training and evidence: how to link?
Train per role, then show execution via records that reflect the training.
Does every minor need CAPA?
Not always — but every deviation needs assessment. Repeats require root cause logic.
How does digital documentation help audits?
Instant exportable evidence with photos, timestamps and accountability.
What convinces auditors most?
Consistency: no gaps, visible action chain and controlled trends.

What are compliance KPIs in warehouses and gastronomy?

Compliance KPIs turn obligations into controllable performance: execution, evidence quality, response speed and effectiveness.

↑ Back to top
vispexio_glossary.images.compliance_kpis_alt
Compliance KPIs in real time: inspection frequency, deviation rates and corrective actions visualized instantly – VISPEXIO delivers management-grade compliance intelligence.
Deep dive

Compliance KPIs show whether duties are fulfilled reliably, on time and effectively. They often indicate a living management system.

Use a mix: activity KPIs (were checks done?), quality KPIs (is evidence strong?), response KPIs (how fast do we act?) and outcome KPIs (is it improving?).

Digital runs make KPIs automatic: missed runs, deviation trends, action cycle times — without spreadsheet pain.

Key terms
Missed runs (%)
Share of rounds not completed in the planned time window — a hard compliance indicator.
Run completion rate
Completed rounds vs planned rounds.
Evidence rate
Share of checks with strong evidence (photo/note/measurement).
Deviations per run
Finding density; supports hotspot analysis.
Major/minor rate
Severity distribution of deviations.
MTTA
Mean time to acknowledge a deviation.
MTTR
Mean time to resolve a deviation.
CAPA cycle time
Time from root cause to effectiveness check.
Overdue actions
Open/late actions — audit risk.
Repeat findings
Recurring deviations — indicates missing root cause removal.
Temperature compliance index
Share of temperature checks within limits (optionally weighted).
CCP breach count
Count of CCP limit violations.
Hygiene plan adherence
Cleaning plan compliance rate.
Pest findings rate
Findings rate in pest monitoring incl. trend.
Audit readiness score
Composite KPI from completeness, action status and evidence quality.
Training coverage
Coverage of critical roles with training.
Calibration validity
Share of measuring devices in valid calibration status.
Documentation completeness
Record completeness (no gaps).
QR coverage
Share of relevant objects equipped with QR checkpoints.
Photo evidence coverage
Share of checks supported by photo.
Escalation compliance
Major issues escalated correctly (time/role).
Zone risk score
Risk weighting per zone for KPI prioritization.
Supplier nonconformities
Receiving/supplier deviations as input quality risk.
Expiry (FEFO) violations
Violations against FEFO/expiry handling.
Complaint rate
Complaints per volume — outcome indicator.
Sanitation rework
Re-cleaning rate — indicates stability of first-time quality.
Audit finding closure rate
Closure rate of audit findings within the target window.
Evidence quality score
Quality of evidence (sharp photo, meaningful note, plausible value).
Rolling 12 trend
Rolling 12-month trend to show real improvement.
Heatmap hotspots
Spatial/object clustering of deviations.
Practice: how to make it audit-ready
  • Start with 5 KPIs: missed runs, evidence rate, MTTR, overdue actions, repeat findings.
  • Define thresholds (e.g., missed runs < 2%).
  • Make hotspots visible by zones/objects — not only totals.
  • Add outcomes: complaints, audit score, repeat findings.
  • KPIs must drive actions — otherwise they are just numbers.
FAQ (10)
Which KPI is most “audit-powerful”?
Missed runs + overdue actions — they reveal gaps and lack of steering.
Why is “number of checks” not enough?
Because evidence quality and response define compliance, not activity alone.
How many KPIs are reasonable?
5–10 core KPIs that actually steer behavior.
How to compare sites fairly?
Normalize per run, per object, per shift or per volume.
What is a good MTTR target?
Risk-dependent: critical deviations should be resolved within the same shift or immediately.
How to spot “paper compliance”?
Many ticks, few attachments, no action chain, no trends.
Best KPIs for HoReCa?
Temperature compliance, hygiene plan adherence, deviation trends, MTTR, allergen zone checks.
Best KPIs for warehouses?
Missed runs, pest findings rate, receiving deviations, overdue actions, hotspot heatmaps.
How to tie KPIs to ownership?
Each KPI needs an owner, target, and review frequency (weekly/monthly).
What convinces auditors about KPIs?
Trend steering, root cause actions and effectiveness evidence — not just reporting.