Cleanroom Monitoring: Audit-Proof with ISO 14644-2 and Annex 1 (2022)

From Static Qualification to Dynamic Control

Qualifying (classifying) a cleanroom "at rest" according to ISO 14644-1 is like inspecting a race car: it demonstrates that, while stationary, it is technically perfect. But the real challenge begins when it hits the track, during production ("in operation").

How do we ensure that the environment remains under control during operations, when the main source of contamination – personnel – is present?

The answer is Environmental Monitoring . This is no longer the task of ISO 14644-1 (Classification), but of ISO 14644-2 (Monitoring) and, most importantly, it is the heart of the new revision of Annex 1 (2022) .

Inspectors (EMA/FDA) today pay obsessive attention to "in operation" monitoring. They are no longer satisfied with an annual qualification certificate; they want to see trend data , the risk-based monitoring plan , and, above all, how the company manages alarms.

A weak monitoring plan or a confused management of the  particles (the most critical novelty of Annex 1 2022) are the fastest way to a major or critical survey.

ISO 14644-2: The Pillars of a Robust Monitoring Plan

ISO 14644-2 provides the methodological framework for building an effective monitoring plan (Environmental Monitoring Program). It doesn't specify what to monitor (Annex 1 does that), but rather how to implement the strategy.

1. Risk-Based Approach

Monitoring is not done at random. ISO 14644-2 requires the use of a risk analysis (e.g., FMEA) to decide ^:

• Where to monitor: Sampling points must not be "convenient", but must be in the points of greatest risk for the product (e.g. immediately adjacent to the filling point, near doors, in areas of greatest human intervention) ²⁹ .
• What to monitor: In addition to particles, parameters that indicate degradation are considered (e.g. pressure differentials, air flows).
• How often to monitor: Frequency depends on the criticality.
• Grade A: Continuous monitoring of particles (required by Annex 1).
• Grade B: Continuous or very frequent monitoring during operations.
• Grade C/D: Periodic activity-based monitoring.

2. Definition of Alert and Action Levels

This is a fundamental management concept, required by both ISO 14644-2 ³⁰ and Annex 1. The classification limits (e.g. 3,520 parts/m³ for ISO 5) are not monitoring limits.

• Action Level:

This is the maximum limit. If exceeded, an alarm is triggered, a formal deviation is initiated, the cause is investigated, and the impact on the batch is assessed. This is the "red line." (E.g., for Grade A, it is often $>0$ particles $\ge0.5~\mu m$).

• Alert Level:

It's an internal limit, lower than the Action. If exceeded, it indicates a negative trend (e.g., filters are clogging, cleaning procedures are deteriorating). It doesn't require immediate diversion, but rather investigation and increased attention.32

What inspectors are looking for: They want to see that these limits are established, justified (often based on statistical data from historical data), and that the company reacts differently and proportionately to exceeding the two levels.

The Annex 1 Challenge (2022): Managing $\ge5~\mu m$ Particles

The 2022 revision of Annex 1 has created confusion about the management of $\ge5~\mu m$ particles. As seen, they have been relaxed for the "at rest" classification , but for "in operation" monitoring they remain ^essential .

The key requirement of Annex 1 (2022):

Annex 1 recognizes that in Grade A, during monitoring, the detection of rare $\ge5~\mu m$ particle events may occur (due to electronic noise, stray light, etc.)34.

However, it requires that these events be investigated. The expectation is:

1. Target Limit (Action): For Grade A, the limit for $\ge5~\mu m$ is 20/m³. However, during "in operation" monitoring, zero is expected. A single event may not be a critical deviation in isolation, but...
2. Trend Investigation: ... consecutive or frequent events (e.g., multiple events in the same batch) are a clear sign of a problem (e.g., gowning, setup, intervention) and require formal investigation ³⁵ .

How to avoid critical deviations on $\ge5~\mu m$ particles

• Typical mistake: Setting the particle monitoring system (PMS) to Grade A with an "Action" limit of 20 particles/m³ (for $\ge5~\mu m$) and ignoring all alarms below that threshold.
• Inspection Finding: "The company does not investigate Grade A particle events. The trend for Lot X shows 5 $\ge5~\mu m$ events (all under the limit of 20), but no investigation has been conducted to understand the cause, in violation of Annex 1."
• Corrective Action (Audit-Ready):

1. Contamination Control Strategy (CCS): Your CCS must define the strategy for $\ge5~\mu m$ particles.
2. PMS Setup: Set a very low "Alert Level" (e.g. 1 particle detected) and an "Action Level" (e.g. 2-3 consecutive particles or a total of >5 in the batch).
3. Procedure (SOP): The monitoring SOP must define:
• "If 1 event $\ge5~\mu m$ (Alert) is detected: the operator visually checks the area, checks the correct functioning of the instrument (e.g. probe not obstructed) and QA reviews the trend at the end of the batch."
• If multiple/consecutive events are detected (Action): the operator stops the activity (if possible), notifies QA and Supervisor. A diversion is opened to investigate the cause (e.g., video review, operator interview, gowning check).

The inspector wants to see that you are not ignoring weak signals in the critical area.

Audit Readiness: The "Contamination Control Strategy" (CCS)

The ISO 14644 series (in particular -1, -2, -3, -4, -5) provides the technical inputs for the key strategic document required by Annex 1 (2022): the Contamination Control Strategy (CCS) .

Your CCS is the "umbrella" document the inspector will use to evaluate the robustness of your site. It should describe how all the elements work together.

Documents to prepare for the audit (Monitoring Area):

1. The Contamination Control Strategy (CCS): The strategic document.
2. The Monitoring Plan: The operational document (based on ISO 14644-2) that lists:
• Map of monitoring points (particulate and microbiological).
• Justification (Risk Assessment) for choosing those points.
• Frequencies (Continuous, Daily, Weekly).
• Alert and Action limits (for $\ge0.5~\mu m$ AND $\ge5~\mu m$).
3. The Monitoring SOP: What to do operationally.
4. The Alarm/Deviation Management SOP: What to do when a limit is exceeded (distinguishing Alert from Action).
5. Trend Data: Reports (e.g., quarterly) that show graphs of particulate and microbiological data over time.
6. Examples of Deviations Managed: Have 2-3 cases of limit exceedances ready (both Alert and Action) and the complete investigation (cause, impact, CAPA).

📦 Box: Typical Error (ISO/TR 14644-21) vs. Corrective Action

The new technical guide ISO/TR 14644-21 (2023) offers practical insights on sampling .

• Typical Mistake: Installing the monitoring system (PMS) with very long sampling pipes (e.g. 5-10 meters) that make sharp bends, bringing the meter into a convenient technical area.

* Risk (Highlighted by ISO-21): Heavy particles (especially $\ge5~\mu m$) settle in the pipe along the way and never reach sensor 36. The system will always read "zero" even if there is real contamination.

• Corrective Action (Audit-Ready): Follow ISO-21 best practices:

1. 1. Use tubes as short as possible (ideally < 1-2 meters for large particles)37.
2. 2. Avoid sharp turns.
3. 3. Place the sampling probe at the exact point of risk (not "near").
4. 4. Justify the choice in the monitoring plan.

Conclusion

Classification (ISO 14644-1) is static. Monitoring (ISO 14644-2) is dynamic. Modern GMP, and in particular Annex 1 (2022), focuses on dynamic control, because that's where production takes place.

Being audit-ready means shifting the focus from simple "annual compliance" (classification) to "continuous risk management" (monitoring). A risk-based monitoring plan, which defines clear alert/action boundaries and scientifically manages the criticality of particles $\ge5~\mu m$, is the strongest demonstration that the company is fully in control of its Contamination Control Strategy.

Keep your company audit-ready. Learn how to build a robust monitoring program, manage trends, and interpret the new Annex 1 requirements with the comprehensive " Operational Guide to the ISO 14644 Series " on GuideGxP.com.