AI in your eQMS: seven prompts for Claude, ChatGPT, and Gemini
Connect Claude, ChatGPT, or Gemini to your QMS via MCP. Exact prompts for SOP drafting, CAPA management, internal audits, and Part 11-aligned audit prep.
For most of the last twenty years, quality teams at regulated companies have run their eQMS the same way: a quality manager owns a stack of SOPs, NCRs and CAPAs move through review queues by hand, and management review is a quarterly scramble through spreadsheets, dashboards, and PDF exports. The work is real, the rules are real, and the cost — in hours, in salaries, and in audit findings — is real.
That’s starting to change. Connect Claude, ChatGPT, or Gemini to ArvoDocs once, and from then on you stop typing into your eQMS and start typing at it. You ask. The AI does.
Here’s the gist: pick a use case below, copy the prompt verbatim into Claude (or your assistant of choice), and you’ll have a real draft document, a structured CAPA, or an audit-ready summary in your tenant in under a minute. The AI runs the same tools your auditor would — through the same controlled audit trail.
What is the Model Context Protocol?
The Model Context Protocol (MCP) is an open standard, originally introduced by Anthropic, that lets an AI assistant connect to external systems through a uniform interface. Think of it as USB for AI: the assistant doesn’t need a custom integration per tool. It speaks MCP, and the tool — your QMS, in this case — exposes its data and actions through the same vocabulary.
You connect once. After that, every prompt below works in plain English.
Which assistants support MCP today?
- • Claude (Anthropic) — native MCP support in Claude Desktop, Claude Code (CLI), and claude.ai web connectors. The most mature integration today.
- • ChatGPT (OpenAI) — remote MCP server support through custom connectors on Team, Enterprise, and Pro plans.
- • Gemini (Google) — MCP support across the Gemini API, Gemini CLI, and Gemini Code Assist.
- • Cursor, Continue, Zed — built-in MCP clients for IDE-based workflows.
The regulated boundary: what AI can and can’t do
The rule that shapes every use case below: AI can author and edit drafts. Humans still approve. An LLM can write your CAPA root-cause section; it cannot sign the approval. An LLM can draft a new SOP; it cannot move it from draft to effective.
ArvoDocs enforces that line by design. Twenty MCP tools cover reading and drafting. The regulated state transitions — submit-for-review, approve, reject, sign, make-effective, close-event, activate-supplier — are deliberately not exposed via MCP. Those still require a human in the UI with password re-authentication, exactly as 21 CFR Part 11 expects.
Seven prompts that pay for themselves
Each one below is verbatim. Paste it into Claude (Desktop, web, or Code) with the ArvoDocs connector attached, replace the bracketed details with yours, and watch the work happen.
1. Draft a new SOP from a sentence of intent
That SOP that’s been on the "we need to write this" list for six months? Stop staring at a blank template.
"Draft an SOP for incoming inspection of injection-molded plastic components from contract manufacturers, ISO 13485-aligned. Use a standard Purpose / Scope / Definitions / Responsibilities / Procedure / References structure."
The assistant picks the SOP template, drafts a complete document in your tenant (lands in draft status), fills in every section with proper formatting, and populates the change-description and reason-for-change fields ArvoDocs needs before submit-for-review. You review the draft, edit anything the AI got wrong, and approve in the UI with a re-authenticated signature.
Under the hood: list_document_templates → create_document → update_document_section per section → update_document_compliance_fields.
2. Open a CAPA from an incident description
An issue happened. Stop the empty-fields-for-two-weeks cycle — have the AI structure the record while the investigation starts.
"We had three failed ATP swab tests on Filler Line 3 over the past two weeks. Open a CAPA, propose containment actions, and outline initial root-cause hypotheses."
The assistant opens a CAPA from your template, activates the first stage, and fills in the problem statement, scope, immediate containment, affected products/lots, and detection point. A human picks it up, refines the hypotheses with actual investigation data, and submits the stage in the UI.
Under the hood: list_event_templates → create_event → start_event → update_event_field_value for each stage field.
3. Walk a clause of ISO 13485 (internal audit assist)
The traditional way: open the standard alongside your QMS and cross-reference each clause by hand. Hours of work, easy to miss things.
"For ISO 13485 clause 8.5.2 Corrective Action: list every procedure that addresses it, summarize the CAPAs we’ve closed in the last twelve months, and flag any open CAPAs past their target date. Highlight anything that would be a finding."
You get an audit-finding-ready summary, with links back to every source record in your tenant. Use it as your internal-audit working paper, or hand it to the actual auditor.
4. Audit "did we do this right?" review of a single record
Useful for both pre-audit prep and routine quality reviews.
"Did we follow our CAPA process correctly on CAPA-42? Walk through each stage, check the required fields were filled, surface anything that looks weak, and draft a finding as a new quality event if appropriate."
The assistant reads the event in full, checks each stage’s required fields, and writes a clean finding. If everything looks clean, it tells you that too.
5. Audit-prep show-me-the-data questions
The first thirty minutes of any external audit. The team that walks in already knowing where everything lives is the team that walks out clean.
"Show me every CAPA opened in the last 18 months. For each, give me the root-cause method used, the close date, and whether it closed late. Group by event template."
You get a single readable summary you can hand to an auditor — or hand to yourself five minutes before the auditor walks in.
6. Find inconsistencies in your QMS (gap analysis)
Some of the most common audit findings come from internal inconsistencies. SOPs that reference retired SOPs. Templates that point at people who’ve left. Documents past their periodic review.
"Walk through every document referenced by our Quality Manual. Tell me which aren’t in their effective version, which are past their periodic-review date, and which have an owner who is no longer active."
What used to take a quality manager an afternoon to compile comes back in seconds.
7. Supplier risk + management review prep
Supplier management is one of the highest-yield places to put AI in your QMS, because it’s usually under-staffed.
"List every supplier overdue for re-evaluation, sorted by risk level. For each Critical supplier, summarize the quality events linked to them in the last twelve months and flag any patterns. Draft a management-review brief from the results."
You get a brief that’d normally be a full day’s work for the quality team — in time for the meeting.
The same prompts work for ISO 9001, dental, and food-safety teams
Every prompt above is template-driven, so the use cases apply just as well to ISO 9001 manufacturing teams (where corrective actions, supplier verification, and management review look almost identical), food-safety operations running HACCP / FSSC 22000 / SQF (where the document is a "monitoring procedure" instead of an "SOP" but the structure is the same), and dental practices running OSHA-compliant infection-control programs.
The toolset is the same. The templates differ — ArvoDocs ships dedicated compliance packs for medical devices, ISO 9001 manufacturing, dental practices, and food safety — but you swap "SOP" or "CAPA" in the prompt for your industry’s equivalent and the rest just works.
What it doesn’t replace
Two things to be clear about.
First, AI doesn’t replace the investigation. A CAPA root-cause analysis still requires people on the floor looking at the actual failure mode. The AI helps with structure, drafting, and summarization — not the engineering judgment that determines what really happened.
Second, AI doesn’t replace the regulated signature. ArvoDocs preserves that boundary deliberately. The MCP server simply doesn’t expose tools for signing, approving, rejecting, or making effective — those happen in the UI with password re-authentication.
So you don’t end up where your audit defense is "the AI did it." You end up where the AI did most of the typing and the human did the judgment — which is exactly what you want.
The audit trail still works
Every MCP call lands in the same tenant audit trail your auditor already inspects. Each entry captures the user, the tool invoked, the auth mode (static API token vs OAuth-issued JWT), the IP, and the timestamp. When a section is updated, the audit trail captures the field name, the old value, and the new value — the same level of detail you’d see for a human edit. The audit chain is row-hashed for tamper detection, just like every other record change.
If your auditor asks "which document edits were AI-authored last quarter?", you can answer it. If they ask "which connector drafted this CAPA?", the audit trail names the integration. Nothing is opaque.
How to get started in five minutes
- • Sign up free at app.arvodocs.com/signup and deploy a compliance pack so your tenant has documents and event templates to work with.
- • Stay on Starter or upgrade as you grow — MCP integration is included on every plan, including the free Starter tier.
- • Connect your assistant. For Claude Desktop, Claude Code, Cursor, or Gemini CLI, generate a static token in Settings → MCP integration and paste it into your client config. For claude.ai web or ChatGPT custom connectors, paste
https://app.arvodocs.com/mcp/v1as the server URL and follow the consent flow — no token needed. - • Paste a prompt above into your assistant. You’ll see the result in your tenant in under a minute.
Sign up free, deploy a compliance pack, and your team can use Claude or ChatGPT to draft documents and manage quality events this afternoon.
See the AI integration page →Frequently asked questions
Can I connect Claude or ChatGPT to my eQMS?
Yes. ArvoDocs ships a Model Context Protocol (MCP) server at https://app.arvodocs.com/mcp that connects Claude (web, Desktop, Code), ChatGPT, Cursor, and any MCP-compatible AI assistant via OAuth 2.1 with PKCE. Once connected, the AI has access to 23 tools spanning document search, document read, document drafting, quality event listing and creation, supplier management, training listing, and audit trail querying. The MCP integration is included on every plan at no extra cost, including the free Starter tier.
What is the Model Context Protocol (MCP)?
The Model Context Protocol (MCP) is an open standard published by Anthropic for connecting AI assistants to external systems and data sources. ArvoDocs implements the MCP specification (version 2025-03-26) so any MCP-compatible AI client can connect to a tenant. MCP handles authentication (OAuth 2.1 with PKCE), tool discovery, and structured tool invocation. It is the protocol layer that lets AI assistants operate an eQMS in natural language.
Will AI approvals violate 21 CFR Part 11?
No — because ArvoDocs deliberately does not expose approvals or e-signatures to MCP. Regulated state transitions (approving a document, e-signing a quality event stage decision) require a human in the ArvoDocs UI with password re-authentication, by design. AI assistants can draft documents, create CAPA records in draft status, populate event fields, and query the audit trail; humans approve. This preserves 21 CFR Part 11 § 11.200 compliance — the e-signature remains uniquely tied to a re-authenticated human.
What use cases does AI integration unlock for an eQMS?
Drafting SOPs from scratch or by template; populating CAPA investigations with root cause analysis and corrective actions; conducting clause-by-clause ISO 13485 internal audits against your tenant content; generating management review packages from audit trail and event data; mapping training gaps against role requirements; drafting supplier qualification packets; migrating legacy QMS data from PDFs and spreadsheets; and producing audit prep packages on demand.
Does the AI see all my QMS data?
The AI sees what the connected user has access to, scoped by the user's role and permissions in ArvoDocs. Every MCP tool call is captured in the tenant audit trail with the calling user's identity. Multi-tenant isolation (PostgreSQL Row-Level Security) ensures the AI cannot access data outside the connected tenant.
Further reading
- • 21 CFR Part 11 requirements explained simply — the rule that shapes how AI must interact with regulated records.
- • How to set up document control for ISO 13485 — the structure AI is helping you build.
- • Model Context Protocol — the open spec behind it all.
- • Anthropic’s MCP announcement — the protocol’s introduction.