Yes, AI outputs can be included in audit trails and electronic records, but they should be treated as generated content with documented provenance, not as inherently trustworthy evidence.
In practice, the safer approach is to record that an AI system produced a suggestion, summary, classification, draft entry, or decision support output, along with the surrounding context. That usually means capturing the source data used, the model or service version if available, timestamps, the triggering event, the user who invoked it, the user who reviewed or accepted it, and any later edits or overrides.
What should not be assumed is that putting AI output into an audit trail makes it compliant, reliable, or suitable as the final controlled record by itself. Whether it is acceptable depends on intended use, validation scope, record criticality, system configuration, and the maturity of your review and approval workflow.
The original input or source reference, subject to data handling constraints
The AI output exactly as generated, or a controlled rendering of it
Date and time of generation
User identity, system identity, and any service account involved
Model, prompt template, ruleset, or application version where that is technically available
Human review, approval, rejection, or override actions
Subsequent edits, with reason codes where required by procedure
Links to the governed record, if the AI output is only supporting evidence
The main question is not whether AI content can appear in the record. It is whether your system can preserve traceability and whether your procedure defines what status that content has. There is a material difference between:
an AI draft saved as supporting context,
an AI recommendation reviewed and approved by a responsible person, and
an AI action that automatically updates a controlled electronic record.
Those cases do not carry the same risk, validation burden, or review requirements.
AI output is stored without preserving the exact version shown to the user
The model changes over time, but records do not show which version produced the output
Users copy AI text into the official record with no review checkpoint
Summaries omit critical exceptions, qualifications, or source references
Audit trails show that a field changed, but not that AI proposed the change
Generated content is mixed with approved record content without status labeling
Retention, access control, or export-control rules are not aligned with the AI service used
These are not edge cases. They are common implementation problems, especially where AI features are added on top of legacy MES, QMS, ERP, PLM, or document systems.
In most plants, AI will coexist with existing systems rather than replace them. That means the audit trail may be split across the AI application, an integration layer, identity systems, and the system of record. If those links are weak, traceability degrades quickly.
For that reason, many organizations keep the governed record in the existing validated system and store AI output as referenced supporting content or pre-approval draft content. Full replacement strategies often fail in regulated, long-lifecycle environments because of qualification burden, validation cost, downtime risk, integration complexity, and the need to preserve historical traceability across legacy assets and processes.
If the AI output affects product quality, release decisions, maintenance disposition, configuration, or any other controlled outcome, require explicit human review and make that review visible in the record history. If the AI output is only administrative assistance, the control model may be lighter, but you still need provenance, retention, and change visibility appropriate to the record.
So the answer is yes, but only when the AI output is captured with context, clearly labeled, governed by procedure, and integrated into a traceable review and approval flow. Without that, it is just ungoverned generated text inside a record system, which is usually where the risk starts.
Whether you're managing 1 site or 100, Connect 981 adapts to your environment and scales with your needs—without the complexity of traditional systems.
Whether you're managing 1 site or 100, C-981 adapts to your environment and scales with your needs—without the complexity of traditional systems.
