Use caseManufacturingQuality assuranceISO 9001

Using AI to pre-check an ISO 9001 internal audit and catch gaps in quality manuals and procedures

Before the internal audit, AI performed a first-pass check on whether the quality manual and department procedures met ISO 9001:2015 clauses 4-10, detecting missing corrective-action and audit provisions with evidence.

ININDX Editorial TeamProduct Team|May 15, 2026|8 min read

"Before every internal audit, rereading the quality manual and procedures and comparing them with the standard is exhausting." This is especially common in manufacturing QA teams. This time, we used INDX Compliance to try an ISO 9001 pre-check in practice and walk through the real product screens.

Background

Why ISO 9001 internal-audit preparation is so labor-intensive

An internal audit reviewer in a manufacturer's QA department prepared for the annual internal audit by laying out the quality manual and more than a dozen departmental procedures, then comparing them with ISO 9001:2015 clauses 4-10 line by line. Even experienced reviewers routinely spent a full week just on preparation.

Effort was not the only problem. Interpretation of requirements varied slightly by auditor, and tracing whether previous corrective actions had been reflected in current documents was difficult. Above all, teams repeatedly fixed issues in a rush only after an external auditor pointed them out.

Challenges encountered

Comparing the quality manual and more than a dozen procedures against the standard took a full week of audit preparation
Requirement interpretation varied by auditor, so viewpoints were inconsistent
It was hard to trace across documents whether previous corrective actions were reflected in current documents
Teams stayed reactive, rushing fixes only after certification-body external audits raised findings

01What we tried

Just describe what you want checked in plain language

We did not configure anything difficult."Check whether the quality manual and procedures satisfy each ISO 9001 clause."The audit reviewer entered that just as they would explain it to a manager. The AI then automatically assembled the workflow to check.

app.indx-compliance.com/start/draft

Your instruction, in plain language

"Before the internal audit, check whether the quality manual and departmental procedures satisfy ISO 9001:2015 clauses 4-10. Review each requirement with supporting evidence."

AI generated the review workflowdraft · 4 steps

01Import standard requirements and internal documents
Ingest ISO 9001:2015 clauses 4-10, the quality manual, and procedures
02Evaluate conformity by requirement
Judge one item at a time whether internal documents satisfy each clause requirement
03Verify citation validity and confidence
Confirm that cited standard clauses and procedure passages exist
04Final human review
Route only needs-review and non-compliant items to the audit reviewer

Screen 1From a natural-language instruction, AI generated a four-step workflow: import standard requirements, evaluate conformity, verify citations, and route final review to humans. Just review the content and save.

No specialist configuration knowledge is needed. You can inspect and edit the generated workflow, then reuse the same viewpoints for the next internal audit and eliminate viewpoint drift.

02What we tried

Run it to see pass/fail results for each requirement, with evidence

After saving and running the workflow, the AI checks whether internal documents conform to each standard requirement one by one. The key point is thatevery decision always includes which standard clause and wording support it. The AI is not taken on trust; the audit reviewer can verify the source text.

app.indx-compliance.com/runs/run_iso9001-qa

ISO 9001 internal auditQuality manual + procedures

Compared against ISO 9001:2015 clauses 4-10 / quality manual / departmental procedures

ISO 9001 Conformity Check

Run on 2026-05-15 | 10 review points

Evidence included

Pass

Needs review

Non-compliant

Pass 60%

Evidence for the decisionISO 9001:2015 9.2.2 p.14
To confirm quality management system requirements, the organization mustplan, establish, implement, and maintain an audit program. The audit program includes frequency, methods, responsibilities, and requirements.
Checked standard
ISO 9001:2015 9.2.2
Source-text match
Potential mismatch with standard requirements
AI confidence
87%
Frequency, criteria, and responsibilities for the audit program are not stated in the procedure, so it may not satisfy 9.2.2.

Screen 2A list of 6 pass / 3 needs review / 1 non-compliant items. Tap any row to open the highlighted standard text behind the decision, along with the deficiency reason. You can try tapping rows directly.

This time, the AI found "the audit-program frequency, criteria, and owner were not specified in the procedure (9.2.2 non-compliant)". This is one item external auditors always check, but the missing procedure language had been overlooked for years. It is a typical gap that manual checks can miss.

03What we tried

Humans review only needs-review and non-compliant items, then finalize

The 6 items the AI marked as pass can be cleared quickly because evidence is attached. The internal audit reviewer spends judgment ononly the 4 items that need attention: 3 needs-review and 1 non-compliant item. The reviewer returned the non-compliant audit-procedure omission to the drafting department, reran the amended document, and finally approved all items.

app.indx-compliance.com/runs/run_iso9001-qa/review

Final review (human approval)

Non-compliantInternal-audit planning, execution, and records (9.2.2)

Audit-program frequency, criteria, and owner are missing from the procedure. The audit reviewer requested additions from the drafting team and returned it.

Humans review only the 4 needs-review and non-compliant items.The 6 passed items can be cleared with evidence, so the audit reviewer can focus on judgment.

Tamper-resistant audit log

09:14AI
Assessed 10 review points (6 pass / 3 needs review / 1 non-compliant)
hash c3a7…2f
09:38QA Internal Audit Reviewer - Yamada
Returned internal-audit planning, execution, and records (9.2.2), requesting frequency and responsibility additions to the procedure
hash e9b1…4d
11:02QA Procedure Drafter - Nakamura
Added audit-program frequency, criteria, and owner to the audit procedure and reran -> pass
hash a5d3…8c
11:04QA Internal Audit Reviewer - Yamada
Approved and finalized all 10 items. Internal-audit pre-check complete
hash f2e0…71

Screen 3Left: humans review only items requiring action. Right: every operation, from AI decisions through human approval and returns, is automatically saved in a tamper-resistant log.

All operations and decisions are recorded in a tamper-resistant audit logYou can fully trace who decided what, when, and based on which evidence, so it can be used directly as explanatory material for external auditors.

Outcome

Result: one-week audit preparation reduced to two hours

A pre-check that had taken a full week was completed from viewpoint preparation to final approval in2 hours. Most importantly, the reviewer caught the audit-program omission before the external audit, after it had been missed repeatedly.

1 week -> 2 hours
Internal-audit pre-check time: 100%
Decisions backed by evidence: 4 / 10
Items requiring human review

Key points from this case

Review setup uses plain-language instructions only. No specialist setup knowledge or programming is required.
Every pass/fail decision includes source evidence from the standard clause, so humans can verify it instead of trusting AI blindly.
Humans review only needs-review and non-compliant items. They can focus on judgment and reduce viewpoint drift and missed issues.
Operations and decisions remain in tamper-resistant logs and can be used directly for explanations to external auditors.

Summary

Standards, laws, internal criteria: benchmark matching follows the same pattern

This example used an ISO 9001 internal-audit pre-check, but INDX Compliance works the same way across use cases. Provide benchmark documents, such as standards, laws, and internal criteria, together with the document you want checked, such as a manual, procedure, or application, then compare them with evidence. ISO 14001 and ISO 27001 audit preparation, internal policy consistency checks, contract reviews, and any other work that involves matching against rules can use the same workflow.

Try it in your workflow,starting with one document.

Bring a policy, contract, or application document, and we will demo the actual judgment screen. Closed-network and on-premise deployments are supported.

Download materials for free Book a free demo

More use cases

View all

Use case

Internal policiesCompliance teamISO / PrivacyMark

Using AI to check whether a new internal policy conflicts with higher-level policies or laws

We compared a newly revised information security management policy against higher-level basic policies, work rules, and APPI requirements, then had AI identify conflicting clauses with evidence.

Policy review: 2 weeks to half a day, with zero missed issues

May 20, 2026|8 minRead

Use case

IP departmentPatent applicationsDescription requirements

Using AI to check whether a pre-filing patent specification meets Patent Act description requirements and internal guidelines

We compared a near-final specification against Patent Act Article 36, JPO formatting, and internal filing guidelines, then had AI identify support and clarity issues in the claims with evidence.

Pre-filing check: 3 days to 1 hour, preventing returns for description defects

May 21, 2026|8 minRead

Use case

Legal departmentContract reviewRisk clauses

Using AI to review a counterparty contract against internal contracting standards

We checked a counterparty service agreement against our contract checklist, subcontracting law, and past redlines, then had AI flag one-sided liability terms and unfavorable termination conditions with evidence.

Contract review: half a day to 15 minutes, flagging risky clauses with evidence

May 23, 2026|8 minRead