PIA
Product Integrity

The IFS Wholesale and Cash & Carry 3 Doctrine

The doctrine provides answers to frequently asked technical questions and clarifies specific requirements. Among other topics, it specifies: 

• Which IFS Wholesale/Cash & Carry version to apply in particular situations;
• The registration for an unannounced audit;
• The requirement regarding using interpreters and other professional services;
• The management of the COID for companies in specific situations;
• The audit duration for fruit and vegetable packing sites; as well as
• Additional information that certification bodies must provide in the IFS Database.
   

The IFS Wholesale and Cash & Carry Multi-site Guideline

We updated this guideline to align it with IFS Wholesale and Cash & Carry version 3 and accreditation requirements (IAF MD1:2023). 

The guideline applies only to companies with headquarters and multiple sites that fulfil specific criteria regarding the number of sites, activities, and other parameters. It explains the requirements these companies must meet for multi-site certification and describes the aspects to consider during the initial and recertification audits.

Wholesale and Cash & Carry 3 audits are set to begin in May 2025

We published IFS Wholesale and Cash & Carry version 3 in December 2024. The new version aligns with current market needs and comes with a new standard logo. IFS Wholesale and Cash & Carry 3 audits can start from 1 May and become mandatory as of 1 November 2025. 

Download the Documents 

Discover the essential information and valuable insights these documents provide:

• Download the IFS Wholesale and Cash & Carry 3 Doctrine version 1 in English.
• Download the updated IFS Wholesale and Cash & Carry Multi-site Guideline version 3 in English.
• Download version 3 of the IFS Wholesale and Cash & Carry standard in English.

To ensure the highest level of security, we continuously improve our Information Security Management System (ISMS). Each year, KPMG Cert GmbH, a subsidiary of KPMG Deutschland, audits our ISMS. This year, we passed the audit and transitioned seamlessly to the latest version of ISO 27001: the DIN EN ISO/IEC 27001:2022. 

ISO 27001 is the international standard for an organisation’s ISMS. Its purpose is to protect the confidentiality, integrity, and availability of information and systematically minimise risks. 

An ISO 27001 audit evaluates the implementation of processes and measures according to this standard. The audit involves a review of documentation, an assessment of the management system’s compliance, an on-site inspection, and a verification of ISMS implementation. 

The audit results identify any non-conformities, highlight areas for improvement, and may lead to a follow-up audit if necessary. A successful certification demonstrates that an organisation maintains high-security standards, enhancing trust among customers and business partners. 

A regular training programme ensures that IFS employees stay informed about the latest developments and potential risks in information security. The auditors were particularly impressed by the employees’ commitment to embedding information and data security into their daily routines. Achieving ISO 27001 compliance is a team effort and reflects a significant organisational achievement. 

Special thanks go to our IFS Colleagues Tina Brune, our Quality Management Commissioner, and René Hoffmann, our Information Management Officer, who ensure that we all know and follow the rules and regulations to protect us from cyber threats. 

“In a landscape where customers and other stakeholders demand greater transparency, it is essential for companies to identify and manage associated risks in their supply chains," states Stephan Tromp, IFS Managing Director. "The IFS Supply Chain Processes Check not only verifies that companies have established robust processes to identify risks but also highlights improvement opportunities, ultimately enhancing business resilience and increasing customer trust."

A structured approach to assessing risks 

With emerging challenges and heightened regulatory scrutiny, many enterprises worldwide face significant hurdles in implementing target-oriented risk management within their supply chains. The IFS Supply Chain Processes Check addresses these challenges by providing a systematic assessment of supply chain management systems, helping businesses identify commodity-related risks and facilitating constructive dialogue with supply chain partners.

Validated processes – trusted data 

Key components of the IFS Supply Chain Processes Check include:

• The Commodity List: This comprehensive overview of critical raw materials and ingredients used by the company, their country of origin, and associated risk categories allows for an informed understanding of overall supply chain risks.
• The Validation Module: An assessment by an auditor or assessor evaluates whether the company maintains effective processes for managing supply chain risks. This module can be performed as a stand-alone assessment or combined with the IFS Certification or other audits.

The IFS Supply Chain Processes Check results offer valuable insights into current practices and indicate areas for development, ensuring companies meet both stakeholder expectations and evolving government regulations.

More IFS Supply Chain Solutions to come

The introduction of the IFS Supply Chain Processes Check marks the first product under the new brand, IFS Supply Chain Solutions. Under this brand, we will introduce further process checks and IT tools, all designed to assist companies in managing and monitoring supply chain risks effectively and ensuring compliance with regulatory requirements and stakeholder demands.

For more information on the IFS Supply Chain Processes Check, 

• please visit the IFS Supply Chain Processes Check webpage or
• download the industry newsletter.