The organization should have policies and procedures in place ensuring that appropriate and adequate measures are taken against possible contamination. These measures should be in addition to the physical control mechanisms which are described in relevant standards (e.g. positive air pressure of computer room, sticky doormat etc.).
The policies and procedures should include, but not be limited to, the following:
Standards which are followed by the organization (e.g. Local regulations/code, ASHRAE IAQ, ISO-14644, ISA-71.04.2013, etc.) and the acceptable levels described in those standards. The levels chosen should be in line with common best practice in the industry and at least at a level which is acceptable as published in the documentation of the ICT-Equipment manufacturer.
Regular contamination level measurements to be conducted in critical areas such as the computer room, telecommunication rooms etc. measurements should include, at a minimum, contamination factors relevant to the data center location such as dust particulates, corrosive compounds (e.g. H2S-Hydrogen Sulfide) etc.
Handling of packing material and restrictions of where packing/unpacking should take place and be disposed of.
Controls for possible contamination brought in by individuals (e.g. dirty clothing/footwear) such as sticky doormats etc.
General cleaning practices to include any area under scope of the data center including raised floor voids, suspended ceiling void (if applicable), equipment rooms etc.