Utilisation of Artificial Intelligence (AI) in auditing
1. Introduction
AI is one of the core topics in industry today and one that is playing a big part in the world of pharmaceutical manufacturing and distribution of medicinal products.
A key element of auditing a pharmaceutical Quality Management System is the ability to perform audits adopting a systematic, independent, documented approach through sampling and review of audit objective evidence against a specific audit criterion.
Over the years, QMS processes have seen significant transformations. While this initially relied heavily on paper-based data, this approach has evolved significantly with the advent of digital technology leading to digital systems gradually replacing traditional methods. This evolvement has also seen increased data recording that can be a challenge for auditors to fully review.
Artificial intelligence (AI) is rapidly becoming a powerful driver of innovation across various sectors in the pharmaceutical, medical device and biotech domains. By leveraging advanced analytics, AI-driven QMS auditing approaches can enhance data accuracy evaluation, streamline documentation reviews and ensure regulatory compliance, to provide efficient insights throughout the manufacturing and distribution of medicinal products.
Typically, during an audit, available data or information is sampled and evaluated to determine whether a process, system, or dataset is conforming or nonconforming. Auditors should consider whether the information reviewed provides sufficient objective evidence to demonstrate that requirements are being met.
This can be achieved through human interaction, such as conducting interviews, observing activities or reviewing documents with auditees' participation. This can also be achieved by non-human interaction such as document reviews, analysis of data recorded in forms, logs or batch records etc., however both approaches are typically resource- and time-driven, which may impact on the sample size and data quality.
The evolution of AI in the audit process enables the processing of large datasets, facilitating the evaluation and verification of information to support compliance with regulatory or internal requirements.
Recommendation
Berlin, Germany5-7 May 2026
The GMP-Auditor
2. AI-QMS Audit resource Guidance
2.1 Techniques
Document Review: Utilisation of AI technology to scan QMS documentation for compliance and flag missing clauses, outdated procedures, or inconsistencies.
Checklist Generation: AI creates tailored checklists based on supplied data, documents, previous non-conformities and process changes.
Evidence Collection: In conjunction with IT departments, potential selection of data from internal systems e.g. ERP/SAP/LIMS systems to verify compliance.
Non Conformance Detection: Assists in reviewing internal data bases to analyse operational data and identify patterns that may indicate potential risk areas in the supply chain.
2.2 Reporting & Follow Up
Automated Report Generation: Compile findings, scores, and recommendations into a structured audit report.
Predictive Action Planning: Forecast impact of corrective actions and suggest priority fixes.
2.3 Continuous Improvement
Trend Analysis: Monitor KPIs and predict potential future compliance risks. Analyse and assess external data sources to identify trends and risk areas.
Learning Loop: Feed audit outcomes back into AI models for improved predictions.
Internal operating procedures: Determine the level of compliance and obtain suggestions for improvement.
3. AI Tools Used in Audit Activities
The most frequently used tools include ChatGPT, Microsoft Copilot and Google Gemini, however there are more specialist tools emerging e.g. Claude, Perplexity AI, data analytics platforms, or company-specific AI solutions.
3.1 Audit Activities
Some areas where AI is currently applied in auditing, including self-inspections and supplier audits, include:
- Audit Planning
- Audit preparations
- Checklist preparation
- Document reviews
- Report development
Key considerations in using AI tools are to have policies over using open or public AI platforms, such as ChatGPT or Gemini. The use of public AI resources carries risks such as data privacy breaches, disclosure of sensitive information, biased or inaccurate outputs, intellectual property concerns, and security vulnerabilities; therefore, careful data handling and verification are essential.
Recommendation
Wednesday, 6 May 2026 9 .00 - 12.30 h
The New GMP Implementing Regulations for Veterinary Medicinal Products and Related APIs - Live Online Training
The main concern is the risk of encouraging a checklist-driven approach which may give auditors with limited system knowledge a false sense of completeness, potentially leading to superficial coverage of complex processes rather than a thorough, risk-based assessment. In addition, the use of AI systems to classify audit observations is raising questions about the appropriate boundaries between automated support and professional judgement.
4. Professional judgement in AI auditing
Auditors should apply professional judgement when utilising AI tools as part of the audit process at the expense of human evaluation when evaluating the degree of compliance or achievement of a system or process conformity level.
The use of AI in auditing should always be balanced with an auditor's professional judgement to determine whether the intent of the clause/requirement or criteria has been met and there is sufficient objective evidence to demonstrate that all expected con tent is contained in the documented information, the content con forms to other reliable sources such as standards/regulations and that there is consistency to demonstrate the degree of control in ensuring medicinal products maintain safety, integrity and efficacy.
About the Author
David Abraham is Principal Consultant and Director at QRS-Associates Ltd with extensive experience in both business and Quality Management. Chairman of the ECA GMP-Auditor Association Board of Directors.
