Annex 22 / EU AI Act alignment (internal control) · core constraint: AI generation is ONLY a drafting aid. Output is always labelled "AI-generated — advisory"; cannot auto-create a real document record; requires explicit human acceptance via HITL handover task before any field write; generative AI is prohibited from being the sole path to create a regulated record. The human is the decision-maker; MIRA is the suggestion engine.
Scenario. Lakshmi needs to create a new SOP — Pipette Calibration Verification at QC Lab. She's done this many times and doesn't want to write from scratch. She uses MIRA's AI-draft authoring (D1b) — pilot's 4th creation method alongside Blank / Template / Upload. MIRA generates a draft based on her prompt + similar existing SOPs (RAG-grounded). Lakshmi reviews the AI output, edits sections that need correction, accepts via HITL handover task. Result: SOP-QC-031 v1 is created as a normal draft with full AI provenance permanently audited · proceeds through standard review/release.
✓ AI-draft authoring (D1b)✓ Grounded RAG with citations (D1)✓ "AI-generated — advisory" labelling✓ HITL handover task required (DEC-32-06)✓ Mandatory fail-closed LLM audit (WP-13b)✓ Outcome label persisted (DEC-32-07)✗ AI auto-submit to review — prohibited (Annex 22)✗ AI sole-path creation — prohibited✗ AI in critical/closure decisions — Annex 22
Workflow · SOP via MIRA AI Generation (URS-12 + URS-32 §22)
23 steps · 5 personas including MIRA · HITL handover + standard review/release
L
Lakshmi — chooses AI Generation
quality_leaddocument_authormira_user
Part 1 · Pick AI mode
1
Click
Open Documents → + New Document
2
Decide
Pick creation method — 4 options in Phase-1
📄
Blank
From scratch
📋
Template
Pre-structured
⬆
Upload
From .docx
🤖
AI Generate ✓
MIRA drafts it
Behind the scenes · permission gate
AI Generate is shown only if user has mira:draft_creation permission AND tenant has MIRA enabled AND tenant's AI Gateway is currently available (per /api/v1/ai/health). If gateway is unavailable, AI Generate is greyed with banner — Manual modes remain available. Per Doctrine Mandate 13: AI availability is NEVER a precondition of authoritative flow.
3
Click
Click Continue — MIRA prompt panel opens
L
Lakshmi — prompts MIRA
document_authormira_user
Part 2 · Prompt
4
Fill
Fill the MIRA AI-draft prompt panel
M
MIRA · AI-draft Authoring (D1b)
Generates an advisory draft · human accepts before any field write
Advisory only
Document type *
SOP — Standard SOP template basis
Title *
"Pipette Calibration Verification at QC Lab"
Practice
GMP
Scope
site=Chennai · QC Lab · all volumetric pipettes
Prompt — what should the SOP cover *
"Verification procedure for QC volumetric pipettes (1µL–1000µL). Cover frequency, weight-based calibration check, acceptance criteria per ISO 8655, logging in QC-LOG-018, and out-of-tolerance handling."
RAG sources to use
Auto: existing QC SOPs at this site (Lakshmi can refine)
Behind the scenes · context binding (DEC-32-05)
MIRA binds context_scope = 'document_authoring' and data_categories_accessed = ['controlled_documents', 'sop_corpus']. Per HIPAA §164.502(b) + GDPR Art. 5(1)(c) minimum-necessary, MIRA can only access tenant's own controlled-document corpus — not other tenants, not personal data. Prompt + context logged.
5
Click
Click Generate Draft
⚡ "Request submitted to MIRA. Validating model qualification + audit chain..."
Request hits AI Gateway▶ validation chokepoint · model-qualification gate · LLM audit chain (fail-closed) · then MIRA generates
M
MIRA — AI-draft generation
llm_invocationvia AI GatewayWP-13/13b
Part 3 · Generate
6
AI
AI Gateway runs validation chain WP-13
5 mandatory checks per DEC-32-04:
✓ Model qualification gate (model='claude-sonnet-4-6' · qualified per GMLP)
✓ Prompt-template version current (released via URS-13 CC linkage)
✓ Policy-version current
✓ Rate limit not exceeded
✓ LLM audit chain wired (fail-closed) — request rejected if not
Behind the scenes · WP-13b fail-closed
WP-13b build moment. Today (dev-vimal-audit-2) ai-gateway.service.ts:100 declares llmAudit? as optional — inference can run un-audited. WP-13b makes it required + fail-closed in regulated mode: if audit chain isn't wired, gateway construction or the request fails. No AI inference runs un-audited. Audit row written to llm_audit_log BEFORE inference returns. Non-negotiable for Annex 22 + EU AI Act Art. 12.
Per DEC-32-A1, MIRA's draft uses citation-grade RAG — every claim traceable to a source chunk in the tenant's own SOP corpus. Mitigates hallucination risk. Vector + keyword hybrid retrieval. Sources persisted with the draft.
8
AI
MIRA generates draft + creates HITL handover task
Output written to mira_handover_tasks (state: pending_handover) — NOT directly to documents table.
Behind the scenes · DEC-32-06 handover task lifecycle
The handover task is the only path MIRA can influence authoritative state. Task carries: generated content · model identity · prompt hash · source citations · confidence · classification (draft_creation). State machine: pending_classification → pending_handover → pending_execution → completed | rejected | cancelled. No data is written to documents until Lakshmi explicitly accepts.
MIRA returns the handover task to Lakshmi for review.
Hand-off▶ HITL handover task surfaced to Lakshmi · she must Accept/Edit/Reject before draft becomes real
L
Lakshmi — reviews AI draft
document_author
Part 4 · HITL review
9
See
MIRA-generated content rendered with advisory label
🤖 AI-Generated Draft · ADVISORY · NOT YET A DOCUMENT
§1 Purpose
Defines the verification procedure for QC volumetric pipettes (1µL–1000µL) at QC Lab Chennai per ISO 8655 standards...
AI output unusable · reject with reason · outcome_label=ai_assisted_rejected · task closed, no document created
11
Fill
Lakshmi edits §4 — MIRA's acceptance criteria were vague
Replaces §4 with site's actual acceptance: "Accuracy: ±2% nominal (tighter than ISO 8655 minimum) · Precision: CV < 0.5% · per site lab quality policy QP-CHE-007."
Behind the scenes · edit tracking
Edit captured as handover_task.edit_delta — diff between AI output and human-accepted final. Auditors can see exactly what AI suggested vs what human used. Inspector-relevant for "did AI influence regulated content + was human the decider?"
Document created in documents table with permanent provenance fields: created_via='mira_ai_draft', handover_task_id, mira_outcome_label='ai_assisted_overridden', model_used, prompt_hash. Outcome label is immutable per DEC-32-07 — answers the regulator question "did AI influence this · was human the decider?" forever. Audit: MIRA_HANDOVER_TASK_COMPLETED · DOCUMENT_CREATED (via='mira_ai_draft').
Hand-off▶ From here · same as any normal SOP draft · proceeds to standard review/release flow
⚙ Behind the scenes · review & approval process is IDENTICAL to non-AI documents
Once the HITL handover task completes (step 12), the document is a normal draft. The downstream review + approval workflow has no AI-specific branches in Phase-1. Why this is the right call: the Annex 22 control is already applied at the HITL acceptance gate — by the time reviewers see the document, it's a human-accepted record with permanent provenance.
What stays IDENTICAL
Mechanism
Behavior
Reviewer assignment
Direct named — author picks specific reviewers (same as flows 1 + 2)
SoD-12-01
Reviewer ≠ author · server-enforced (Lakshmi is the author even though MIRA drafted)
Approve / Request Changes / Reject
Same 3 options · same WP-4 substrate e-sig
Comments + iteration loop
Same inline threading · same resolution rules
Release routing
Broadcast pool to document_approver · first-claimer-wins (same as all docs)
Release due_date
5 business days (tenant default) · same calculation
Closure cascade
Distribution + training trigger fire identically via WP-2 spine
What's SUBTLY DIFFERENT (informational, not blocking)
Difference
Effect
🤖 AI provenance badge in document header
Reviewers see the badge throughout review · informs but doesn't force extra scrutiny
Edit-delta visible
Reviewers can see what MIRA suggested vs what Lakshmi changed · helps focus review
Anita sees "Creation method: 🤖 MIRA AI-draft" — informational only
Feeds AI Governance Evidence Pack (WF#5)
This document becomes data in the AI Governance Pack export · inspectors trace AI usage
What is NOT enforced in Phase-1 (potential Phase-2 additions)
Phase-2 candidate
Why Phase-1 ships without
Senior reviewer required for AI docs
Adds approval-routing complexity · tenant operational control instead
AI Owner co-sign at release
Adds Tier-1 role + config · deferred
Longer review window for AI docs
Per-document-type window config not yet built
Automated AI-content compliance scan
Requires separate validation tooling · deferred
Why same-process is the right Phase-1 call: (1) Annex 22 already requires explicit human acceptance — that happens at HITL BEFORE the document exists; reviewers see a human-accepted record. (2) AI provenance is permanently visible so reviewers CAN scrutinise more if they want. (3) Inspector audit is fully satisfied via provenance fields. (4) Adding AI-specific routing now would couple the document workflow to MIRA — better to keep them clean and layer governance in Phase-2 when operational data informs design. (5) Treating AI-originated docs operationally the same normalises the workflow and avoids creating "AI-document" stigma.
P
Priya — Reviews AI-originated draft
document_reviewer
Part 5 · Review
13
See
Document header shows AI provenance badge
Header reads: "SOP-QC-031 v1 · 🤖 MIRA AI-draft (overridden)" — reviewers know it was AI-originated before reading.
Behind the scenes
Reviewers seeing the AI-provenance badge MAY scrutinise more carefully — especially regulatory content. The outcome label being ai_assisted_overridden tells them human edited; if it were ai_assisted_accepted they'd know human accepted as-is.
14
Fill
Priya adds 1 comment on §3 (replicate count)
"Site standard is 10 replicates not 5 — site quality manual SQM-CHE-002 §3.4." Marks Request Changes.
model + prompt hash + sources + LLM audit id all retained immutably
SoD pass
✓ Anita ≠ Lakshmi (author), ≠ reviewers
17
Sign
Sign Release WP-4
Controlled Approval — Release of SOP-QC-031 v1
Signing as
Anita · document_approver
Meaning
Approval — release for use
Effective date
2026-06-15
Note — AI provenance
"Origin: MIRA AI-draft (overridden by author); reviewed and accepted as final."
Password
••••••••••
MFA
829471
Sign & Release ▶
18
See
State flips · AI provenance preserved forever
under_review→effective (v1) AI provenance fields permanently audited · effective document forever traceable to its AI origin
✅ "SOP-QC-031 v1 effective from 15-Jun-2026 · MIRA AI provenance permanently audited."
Behind the scenes · AI provenance immutability
Even after release, the document permanently carries created_via='mira_ai_draft', mira_outcome_label='ai_assisted_overridden', handover_task_id linkage to llm_audit_log. Inspector 5 years from now can ask "was this AI-influenced?" and get a complete answer with model identity, prompt hash, sources cited, and what the human changed. This is the AI Governance Evidence Pack (WF#5) primary data source.
DONE · SOP-QC-031 v1 effective · 23 steps · AI-originated with full HITL + provenance audit.
5 AI governance pillars enforced in this flow
Pillar
Where shown
URS / WP
AI Gateway chokepoint with validation
Step 6 — model qualification + prompt-version + rate-limit checks
DEC-32-04 · WP-13
Fail-closed LLM audit chain
Step 6 — audit row written BEFORE inference returns
WP-13b
HITL handover task as sole influence path
Step 8 — output to handover task, not directly to documents