Imagine a scenario where your organization is gearing up for a regulatory audit and you have been tasked with supporting their preparation of a Cleanroom Contamination Control Strategy (CCS).

The CCS outlines the key decisions and scientific rationales for contamination control, and is based on a detailed understanding of the process, contamination risks/hazards and contamination source strengths, i.e. the application of QRM. The CCS is focused on where the product or process is exposed and at risk, critical control points (CCPs) and mitigation controls, applying the best available technologies and in an integrated and holistic manner.

The CCS will address all aspects of the control measures, (Physical, Organisational and Procedural) under the following fundamental categories:

  1. Engineering Controls
  2. People and Material controls, Gowning and Behaviour
  3. Ongoing Cleaning & Disinfection


There are many views of what a CCS should look like.  It could be a separate document file, like a Site Master File (SMF) OR Quality Management System (QMS), while others, including myself, take the view that the CCS is a high-level document, is not expected to be a Bible but does reference other parts of the SMF and QMS, thereby avoiding unnecessary duplication.

It is important to demonstrate to the auditor that you understand the critical quality attributes (CQAs), the critical process parameters (CPPs), the critical control points (CCPs) in the environment, the hazards at each risk, the consequences and what we need to do to protect our patient:

There is a logical sequence as everything starts from the patient safety and wellbeing.

  1. Drug product characteristics (or combination medical device), i.e the CQAs
  2. Process Flow chart (how it is made), i.e. the CPPs
  3. QRM Summary table (based on High, Medium, and Low impacts with CCP measures), i.e., the Hazards, impacts and control measures.
  4. QRM Risk/Hazard Assessment and Gap Analysis (where the risks/hazards can affect the product)
  5. CCS (our risk/hazard mitigation strategy narrative and scientific rationale to protect the patient)

Like a Site Master File, this CCS should be a controlled document approved by a Quality; and to avoid confusion the CCS document should not repeat details in other documents.

An example of a CCS opening statement could be:

“This CCS-Document summarises how our company approached each of the elements and how we maintain the standard to ensure an adequate level of contamination control. This document considers quality risk assessment and the overall approach to managing microbiological, particulate, and cross-contamination of products manufactured in the sites. It refers to relevant documents, where details are defined and documented to avoid mismatches. “

From a GMP Cleanroom perspective and the Engineering Controls, i.e., the cleanroom facility the auditor will want to see a clear reference to Clause 2 in the new Annex 1.

The CCS document should consider the following key elements, as listed in Clause 2.5 on Page 4 & 5 in the new Annex 1:

  1. Design of both the plant and processes, including the associated documentation.
  2. Premises and equipment.
  3. Personnel.
  4. Utilities.
  5. Raw material controls – including in-process controls.
  6. Product containers and closures.
  7. Vendor approval includes key component suppliers, sterilization of components and single-use systems (SUS), and critical service providers.
  8. Management of outsourced activities and availability/transfer of critical information between parties, e.g. contract sterilisation services.
  9. Process risk assessment.
  10. Process validation.
  11. Validation of sterilisation processes.
  12. Preventative maintenance – maintaining equipment, utilities, and premises (planned and unplanned maintenance) to a standard that will ensure there is no additional risk of contamination.
  13. Cleaning and disinfection.
  14. Monitoring systems – including an assessment of the feasibility of introducing scientifically sound, alternative methods that optimize the detection of environmental contamination.
  15. Prevention mechanisms – trend analysis, detailed, investigation, root cause determination, corrective and preventive actions (CAPA), and the need for comprehensive investigational tools.
  16. Continuous improvement based on information derived from the above.


The high-level steps in preparing the CCS are quite straightforward:

HACCP analysis 

The process flow chart is examined and the activities and workflows, as well as linkages are analysed using Preliminary Hazard Analysis (PHA), an Ishikawa fishbone diagram and Hazard Analysis and Critical Control Point (HACCP), to ID the contamination sources and the impact, likelihood, and severity.

The relevant Cleanroom stakeholders should be involved, so Process, Microbiology, Quality Engineering and Facilities.

Hazard Impact Assessment

This should be an EXCEL style workbook with spreadsheet TABs for each category of contamination source from the Ishikawa fishbone diagram.  For each contamination the Likelihood, Impact and Severity is summarised, along with the recommended Control/Mitigation measure, and an assignment of a priority (High, Medium or Low).

There should also be a high-level summary table of the Gap Analysis carried out against the relevant clauses in the new Annex 1 to show a clear compliance and alignment of your QMS.  The following table gives an example of this gap analysis structure.



Contamination Control Strategy

The CCS section in QMS gives the overview and high-level scientific rationale of Cleanroom control measures, (Physical, Organisational and Procedural) under the following categories:

  1. Engineering Controls
  2. People and Material controls, Gowning and Behaviour
  3. Ongoing Cleaning & Disinfection


The high-level scientific rationale for the CCS includes:

  • Process workflow charts (People, Materials, Consumables, Product, Waste, etc ),
  • Flowchart of the linkages working backwards from Patient Safety to Product Quality to CQAs to CPPs to the CCPs (Critical Control Points) in the Cleanroom Environment,
  • System Level Impact assessment (SLIA), according to ISPE Risk Based Qualification, i.e., direct vs indirect impact systems,
  • Summary of Impact Assessments by High, Medium, and Low priorities,
  • Gap Analysis summary table showing alignment to clauses in the new Annex 1, (example attached),
  • Summary of the Holistic and collective measures designed to ensure product quality for the most effective patient safety
  • GMP configuration, with expected airflow patterns and Room Cleanliness Classes (ISO 14644-1),
  • Airflow schematics with Air volume flow rates,
  • Pressure Differential Cascade control,
  • Environmental bands (T&RH), Lighting & Noise and other Environmental control attributes.
  • Initial Cleanroom facility Commissioning report, Performance Verification report and Cleanroom Certification
  • Final Qualification report
  • Periodic Re-Qualification reports


The GMP Cleanroom CCS acts as a central QMS document section and should reference documents, as evidence including:

  • Risk Assessments, Risk Analyses & Risk Mitigation measures
  • Qualification and Validation reports
  • Preventative Maintenance (PM) programmes (including calibration programs)
  • Process Control documents, rationales, strategies, etc.
  • Environmental Monitoring (EM) Trending results and reports (e.g., historical EM, Continuous Process Verification “CPV,” etc.)
  • CAPA and Adverse Events SOPs related to potential contamination during manufacturing, e.g., foreign particulates.


You want the auditor to leave satisfied that you understand your process and have a comprehensive and documented contamination control strategy (CCS).