Approved supplier lists that hold up at audit | Prodara OS
Prodara OS Request Details
All articles
Compliance

Approved supplier lists that hold up at audit

16 June 2026 7 min read The Prodara team

Your finished product is only ever as safe as what comes through the goods-in door. That's why supplier approval is a favourite area for auditors — and why a single lapsed certificate, sitting unnoticed in a spreadsheet, can quietly become your non-conformance.

What "approved" actually means

An approved supplier list (ASL) isn't a contacts book — it's evidence that you've assessed the risk of each supplier and hold proof they're fit to supply you. For each one that usually means a risk assessment, current certification, a completed questionnaire, agreed specifications, and a clear approval status. The standards (SALSA, BRCGS, ISO 22000) all expect it, and all expect it to be current.

The approval lifecycle

Supplier approval isn't a one-off tick — it's a cycle that runs for as long as you buy from them:

  • Onboard & risk-assess. Higher-risk materials (ready-to-eat, allergen-bearing, novel) warrant more evidence than low-risk ones.
  • Collect evidence. Certificates (BRCGS, SALSA, ISO 22000, FSSC 22000), a completed questionnaire, and product specifications.
  • Assign a status. Approved, conditionally approved, pending, under review — so everyone knows what you can and can't buy today.
  • Monitor. Track certificate expiries, refresh questionnaires on a cycle, and review after any complaint or non-conformance.
  • Re-approve. Periodically, and whenever a certificate lapses or the risk changes.
The silent killer: certificate expiry

The most common supplier-approval finding is a certificate that expired months ago and nobody noticed. A static spreadsheet can't warn you. The fix is to diary every certificate's expiry date and get a reminder before it lapses — not discover it when the auditor opens the folder.

Where supplier approval goes wrong

  • The ASL lives in a spreadsheet that's months out of date.
  • Certificates expire silently, so you're technically buying from an unapproved source.
  • Questionnaires were collected once at onboarding and never refreshed.
  • Approval isn't linked to the ingredients you actually receive, so an unapproved material can still be booked in.

Doing it well

Keep a single, live status for every supplier; diary certificate expiries with reminders well in advance; refresh questionnaires on a set cycle; and — the part that really protects you — link approval to the specific ingredients you buy, so the system itself stops an unapproved material slipping in at goods-in. Then keep every piece of evidence filed against the supplier, ready to show.

How Prodara runs supplier approval

Prodara OS gives every supplier a live approval status — approved, conditionally approved, pending, under review or suspended — with a certificate register that tracks types like BRCGS, SALSA, ISO 22000 and FSSC 22000, and reminds you before each one expires. Questionnaires run on a set cycle rather than being forgotten after onboarding.

There's even an online supplier portal where your suppliers submit their own documents and questionnaires, and approval links straight to your ingredients and traceability — so an unapproved source can't quietly make it onto the floor.

The bottom line

A strong approved supplier list is less a document than a living process: a clear status per supplier, certificates that warn you before they lapse, questionnaires that refresh themselves, and approval wired to the ingredients you actually buy. Get that running and the goods-in door stops being the soft spot in your food safety system.

Never miss a certificate expiry again.

See how Prodara keeps your approved supplier list audit-ready.

Request details