# AI for Certification and Audits: How to Run a Management System with a Multi-Agent System

> On 8 July an AI audit agent reviewed my own quality management system and found three major and nine minor nonconformities. One day later the external auditor recommended maintaining the certificate. Why management systems are the best field for artificial intelligence I know of, and which rules an audit bot needs before its verdict counts at all.

*Published: 2026-07-10*

*Source: https://vellmerk.ai/en/blog/iso-9001-ki-agenten*

Ask someone who looks after an audited management system, under whichever standard you like, what they respect most about an audit, and the answer you usually get is: the weeks beforehand.

Gathering evidence. Catching up registers nobody has touched since the last audit. Checking whether the manual still describes what actually happens. And the quiet suspicion that somewhere in the system a contradiction is sleeping that you can no longer see yourself, because you wrote it.

This year I did it differently.

## The day my own AI took me apart

On 8 July 2026 an AI audit agent audited my quality management system. Not as a demo. As a regular internal audit under clause 9.2 of ISO 9001:2015, with a written assignment, predefined audit criteria and a report that was transferred into the nonconformity register.

The result: three major nonconformities, nine minor ones, four improvement suggestions, two best practices.

The overall assessment the agent wrote about my own system amounted to this: documented, but some things not effectively implemented. That is not a sentence you enjoy reading about yourself. It was correct.

One day later, on 9 July, the external auditor of my certification body LRQA sat in front of the same documents. His report recommends maintaining the certificate and contains two notes for further development. My quality management system has been certified to ISO 9001 since 2024.

I am fairly certain: had I commissioned the internal audit externally for preparation, as in previous years, these deviations would not have come to light on this scale. One or two perhaps. Partly because a service provider rarely has an interest in being inconvenient. Partly because, in a few hours, not every document can be examined with the necessary depth. What I built here goes deeper in many places.

Between those two days lies the answer to the question of what AI in a management system is actually good for.

## An audit bot without rules is a greeting-card writer

Ask any language model to audit your quality management. You will get a friendly report. A few suggestions, plenty of praise for the exemplary structure, not a single nonconformity. The report is worthless, and not because the model is too weak. Because nobody told it that it is allowed to be inconvenient.

The value comes from the shackles of a sound architecture, not from the model and its raw capability.

> With the right architecture you connect artificial intelligence to the management system and map roles and functions that, in almost all cases, can be filled better than by a human. Not because the machine is smarter, but because it fills its role a hundred percent: without the fear of being inconvenient, and without a single unfocused moment.

ISO 9001:2015 requires, in clause 9.2.2 c), objectivity and impartiality of the audit process. It does not require the invoice of an external auditor.

In practice, a few people in an organization look after the management system, not seldom just a single person. And that person faces a dilemma: either be audited by someone who often does not know the subject in the necessary depth, or audit themselves. Neither is inadmissible as such, but both are frequently inexpedient. Especially in a small organization like Vellmerk.ai ApS, it is even more delicate in principle.

That is why, in the past, one often resorted to external auditors, even for the internal audit. The ambition this year was to go a step further, especially in automating the system itself. An agent can take on the role of the internal auditor, provided it must obey rules it cannot change. I anchored six of them in my governing document. Four are decisive:

**The audit criteria are fixed in writing before the audit starts and are not changed during it.** That prevents the examination from being tailored to the desired outcome after the fact. The agent receives its assignment before it knows what it will find.

**Evidence is exclusively an existing file or record.** Verbal assurances are not evidence. A plausible assumption is not evidence. And the decisive sentence: evidence that cannot be found is itself a finding. That removes the most comfortable of all self-deceptions, namely the memory of having done it after all.

**The agent works strictly read-only.** It may not create, change or delete any document, register or record. No write access, no exception. The effect is simple and fundamental: the auditor cannot remove its own findings.

**The complete audit trail is kept as a record.** Questions asked, evidence reviewed, assessments made, all of it. A third party must be able to retrace the run without having to ask me.

These are not all the adjusting screws. For such a procedure to work at the necessary quality, further configuration and settings are part of it, which I have refined. But the point is: it is possible. And not only for ISO 9001. With the right rules and the right workflows, AI support can be used for practically any management system and probably any certification: for maintaining the documents, for internal audits, and for preparing and following up external audits.

> Detached from the individual standard, in knowledge and document management and around certifications, artificial intelligence becomes a support that, in a few years, will be impossible to imagine doing without.

## What an agent finds that humans overlook

The twelve nonconformities of the first run were not spectacular scandals. They were exactly what arises especially with many documents and more complex structures: small, silent inconsistencies that can appear even when you proofread carefully and in good conscience before release. Four patterns, described generically:

**A released process demanded a form that did not exist.** The agent found one case. A check script written in response found the same point five more times, in documents released shortly before. Nobody reads a multi-page process document with an eye on every single form number. A machine does exactly that.

**A record overrode a provision of the governing document it is subordinate to.** A form cannot override a manual; clause 7.5.2 of the standard settles that. But there it stood. Something like that is only noticed if someone holds both levels in mind at once and takes the hierarchy between them seriously. Humans stop doing that after the third document.

**A governing document referred to a matter said to have been dealt with in the management review.** The matter had indeed been dealt with. It was just not fully documented: the evidence in the minutes was missing. The agent does not distinguish between a good intention and a proof. For it, only what is recorded counts.

**A register carried a due date that does not exist in the calendar.** 31 April. This date had already survived several internal and external audits without anyone noticing. Only now did it emerge that the date does not exist at all. A small thing, granted. But also proof that something can go undetected for almost two years and across several reviewers.

None of these findings requires intelligence in any emphatic sense. All of them require something humans structurally cannot muster for their own documentation: tirelessness without mercy and without any contextual knowledge of how it was meant.

## And when the AI gets it wrong?

It does get it wrong, of course. After the first run my agent classified thirteen months without a management review as a major nonconformity. But my governing document requires the review once a year, not within twelve months. In every calendar year a documented review had taken place. On this point the finding was too strict. It was put into context and qualified in the course of the management review.

Top management assesses every finding before it is transferred into action tracking. Acceptance, downgrading or reasoned rejection, documented in the management review. What expressly does not happen: the audit report is not changed. The overly strict finding still stands unaltered in the record to this day, next to management's reason for downgrading it. Both versioned.

This is not an AI principle. This is audit logic as it has applied for decades. The difference is that a machine does not circumvent it out of convenience.

And this is exactly where the strengths of the human combine with those of artificial intelligence. In pure examination work, in knowledge management, in preparing a management review, the AI plays to its strengths: tireless, complete, along predefined check points. But the critical appraisal stays with the human. That is the central point.

For such a system to hold, like almost every sensible use of artificial intelligence, we humans must preserve our critical thinking. Whoever confines themselves to nodding along and clicking through will contribute less and less to an organization in future. What is needed are the critical minds: people who read a finding, understand it, think it through, and then accept it, send it for correction or reject it with reasons.

What I combine here are two strengths from two different worlds. Therein lies the real magic.

> The magic does not lie in the AI replacing the human. Full automation is neither the goal nor in the spirit of most management systems. It lies in the AI taking over the data maintenance and the preparation, so that the human can concentrate on what only they can do: the structured, critical thinking about the decision.

## Why management systems are ideal terrain for AI

And here comes the point that reaches far beyond my own house.

Most AI projects do not fail because of models. They fail because of what lies underneath: data without structure, knowledge without order, processes nobody ever wrote down. I call this the information foundation, and in projects I regularly build it first, before any AI comes into play. Why data is not the new oil but the foundation, I described [in this article](/en/blog/daten-als-fundament) in detail.

A certified management system already is that foundation.

It has exactly the properties an AI needs in order to work reliably. A clear document hierarchy: governing documents rank above records. Defined intervals: monthly, annually, after every change. Binding evidence obligations: what is not recorded did not happen. And an external yardstick against which everything must be measured, the standard itself.

Put differently: whoever is certified has long since done the laborious groundwork for using AI and simply does not know it. The order your auditor demands of you every year is exactly the order that AI projects elsewhere founder on.

This does not apply to ISO 9001 alone. The same structure carries ISO 27001 for information security, ISO 14001 for environmental management, ISO 27701 for data protection, TISAX in automotive supply, and accreditation schemes in further education. It also carries the documentation obligations the EU AI Act is currently building for high-risk systems. Everywhere governing documents, records, intervals, evidence, an external yardstick. Everywhere the same work, done today by humans who stop looking closely after the third document.

## How the system is built

Naturally I cannot describe the entire system in detail here. In the end it is many rules that interlock and complement one another. But a few central points I do want to open up.

**The sources exist in machine-readable formats, not just as finished documents.** Every governing document exists as Markdown with header data: document number, version, status, approver, date. That source is authoritative, everything else is generated from it.

**The change history is the version control.** Every substantive change is exactly one commit in Git. Who, when, what, why, on which line. That is not a technical detail but the formal record of change that clause 7.5 of the standard demands. Only gapless, instead of a hand-maintained table at the end of the document.

**The key registers and figures run in a local dashboard.** They are maintained there, no longer in scattered forms or Excel sheets. Risks, nonconformities, suppliers, offers, all local in the browser and directly editable. Every change lands in a change table with timestamp, field, old and new value. The pretty table is not the point, the trail is the point.

**Released documents are produced as PDF snapshots.** A draft carries a draft banner and is expressly not a controlled document. Only once I set the status to released does the generated PDF carry the release mark. For the auditor, a clean set of documentation is thereby available at the push of a button.

**Check tools hold the dependencies together.** When you change something in a process, something elsewhere becomes untrue. A reference points into the void, a form is demanded that was struck, a key figure appears differently in two documents. That is what the check scripts are for: they retrace these cross-references and report them. You can have them updated automatically. I prefer the second option: the agents propose, the human decides and releases.

This is an excerpt of central elements. Beyond them there are surely further rules. But I hope the idea comes across.

## From the management review straight into implementation

The most noticeable difference is not in the audit, but in the management review.

Key figures, risks, customer feedback, audit results and open actions exist as structured data, not as a hastily assembled slide deck. Instead of reading numbers aloud, you play the topics through with the agents: what does the trend of this figure say about the goal behind it? Which risk has shifted because of the change? Where does a decision taken today contradict a provision from last year?

And what comes afterwards is the real gain. Every decision is captured immediately as a task. The agents then update the affected process documents, forms and registers, rebuild the PDFs and submit them for approval. What used to be an intention in the minutes that occurred to someone again in October is, the same evening, a proposed change with a diff.

Release stays with the human. In my system the status released is set exclusively by me, never by an agent. That is not a technical limit but a deliberate one.

## What this means in practice

What preparing an audit used to cost in weeks is today the work of days, sometimes hours. Internal audits and the preparation for external audits run partly automated, partly fully automated: at the end the report is there and shows exactly where there is still something to check, where something is not right, where one should correct.

And it goes further. Increasingly, such a system can be connected with knowledge outside the management system. When something changes in the course of other projects, that is often information that does not by itself lead to an adjustment in the management system, even though it should. This is exactly where the path opens to holistic knowledge management: the management system is maintained, across the requirements of different ISO standards and external inputs, so that it continuously does them justice.

But more important than the time saved is something else: a few more critical, incorruptible eyes. Eyes that do not know how it was meant. That do not tire. And that cannot afterwards delete what they found.

I am not writing here about a concept. I am writing about the system with which I run my own certified quality management, since this summer, with every nonconformity it found in me.

And fundamentally it is only logical: whoever builds an AI-first organization also runs their quality management AI-based. I can only say that one profits enormously from this combination of two worlds.

If you run a management system, have an audit ahead of you or are aiming for certification, then you are already sitting on the information foundation that most organizations must laboriously build first. The only question is whether you use it.

Talk to us about what an audit agent would find in your system.

And by the way: even if you have no certification yet, but are only heading toward a first certification project, it has never been easier to build up the necessary documentation with AI and to start, from the very beginning, into an AI-first-run management system. Feel free to get in touch with us, we will support you.

## Frequently asked questions

### May an AI agent carry out internal audits under ISO 9001?

Clause 9.2.2 c) of the standard requires objectivity and impartiality of the audit process. It does not prescribe who conducts the audit, and in particular it does not require an external auditor. What matters is that the procedure is impartial. An AI-supported audit therefore needs binding provisions: audit criteria fixed in advance, exclusively documented evidence, strictly read-only access for the agent, and an audit report that is not altered after the fact. Where these safeguards are documented and demonstrable, the procedure conforms to the standard.

### What does an AI audit agent find that a human overlooks?

Above all, silent inconsistencies across document boundaries. Typical patterns are a released process demanding a form that does not exist; a record overriding a provision of the governing document above it; a claim in the manual for which no evidence is filed; or a due date that does not exist in the calendar. None of these findings requires special intelligence. They require tirelessness and the willingness not to accept a good intention as evidence.

### Can AI maintain a quality management system on its own?

No, and it should not. What works is a clear division of labour: the agents review, find contradictions, propose changes and update documents after a decision. Release stays with the human. In our system the status “released” is set exclusively by management. That is not a technical restriction but a deliberate boundary, because responsibility for a management system cannot be delegated.

### Which standards and certifications suit this approach?

All those built on the same structure: governing documents, records, defined intervals, evidence obligations and an external yardstick. That holds for ISO 9001 as much as for ISO 27001, ISO 14001, ISO 27701, TISAX or accreditation schemes in further education, and increasingly for the documentation obligations of the EU AI Act. The more a certification rests on curated, structured knowledge, the greater the leverage of an AI-supported procedure.
