Verixa AI Governance Statement
How Verixa governs MIRA — what the AI is for, where the hard lines are, and how every inference and human decision is controlled and evidenced.
Advisory + human-in-the-loop. Verified under our SDLC; the customer validates intended use.
The controls behind MIRA
Six controls govern how MIRA is used, classified, changed, and overseen — each one evidenced.
AI Intended Use
MIRA assists — natural-language query over your QMS, review-assist, and drafting. MIRA does NOT approve, close, sign, dispose, or release GxP records. MIRA does NOT make critical GMP decisions. A qualified human is always in the loop.
EU AI Act Positioning
Verixa MIRA is advisory with human-in-the-loop — a limited-risk / advisory classification under Reg. 2024/1689. Verixa makes no claim of EU AI Act compliance. Obligations are role-specific (provider / deployer) and obligation-specific (transparency, GPAI dependency, human oversight), phasing in 2026–2027.
Annex 22 (Draft 2025) Internal Control
Verixa treats EU GMP Annex 22 (Draft 2025) as an internal-control reference. Generative / probabilistic AI is prohibited from making — or being the sole path for — critical GMP decisions in Verixa.
Model + Prompt + Evidence Change Control
Verixa logs model name and version, system-prompt version, retrieval-corpus version, and guardrail version on every inference. Material changes go through change control.
Human Oversight
Human-in-the-loop is a workflow object, not a checkbox: decision gates, escalation paths, review events, e-signature workflow linkage, and decision evidence are captured in the audit trail.
Data + Provider Governance
AI providers — Anthropic and Azure OpenAI — are listed as subprocessors in the DPA. Customer data is not used to train shared models. Per-tenant data isolation applies.
Last updated: June 2026 · Reviewed by Vimal Veereshwarayya, PhD, RAC + CSV/CSA Contractor.
Ready to See Verixa in Action?
A focused walkthrough of Phase 1 GMP Core. 30 minutes. No obligations.