Inspection Readiness Pack

When the inspector walks in, hand them a USB.

One click. Every batch. Every signature. Every sensor reading. Cryptographically sealed into a single ZIP with an offline verifier an inspector can open without a network connection. Audit prep that used to take four weeks now takes ninety seconds.

21 CFR Part 11 · EU GMP Annex 11 · Annex 22 · PIC/S PI 041-1 · ALCOA+

From four-week audit scramble to one-click evidence archive

What is an Inspection Readiness Pack?

A single cryptographically sealed ZIP containing every piece of batch-level evidence BatchCortex owns for a date range — cover PDF, per-batch inspection records, ALCOA+ Original approved reports, raw sensor CSVs, events log, signatures, and an offline verifier. Hand it to an inspector. Walk away.

Why does it matter?

Annex 11 §9 wants an immediate, complete, human-readable audit trail. Annex 22 wants AI model lineage. Part 11 §11.10(b) wants both human-readable and electronic form. Most MES systems need four weeks to assemble one inspection. BatchCortex generates it in 90 seconds, with a Merkle root the inspector can verify themselves.

How BatchCortex builds it

Pick a date range and optional product filter. BatchCortex queries every batch, verifies the per-batch signature chain, renders a 5-page inspector-optimized cover PDF, shards every batch into its own folder, hashes every file, builds a two-level Merkle tree, bundles it all into a ZIP, and hands you a signed URL. The QP reviews and re-authenticates to finalize.

Engineered for the toughest audit in the room.

Every pack is assembled by the same deterministic pipeline. No manual collation, no spreadsheet exports, no filename chaos.

5-page inspector cover

Title, scope window, QR code, batch summary table, regulatory framework coverage matrix (21 CFR Part 11, Annex 11, Annex 22, PIC/S PI 041-1), chain integrity attestation, and a blank inspector acknowledgment block. Inter-typeset, PDF metadata carries the pack id and Merkle root for scanner tools.

Sharded by batch

Each batch gets its own folder: `report-approved.pdf` (ALCOA+ Original, rendered from the signed markdown), `report-inspection.pdf` (inspector-navigational), `sensor.csv` (raw long-format time series), `events.csv`, `signatures.json`, `batch.json`. Drill down to any single batch in one click.

Two-level Merkle tree

Per-batch sub-trees roll up to an org-level root. Any one-byte change to any file invalidates the root. The root is stamped on the cover PDF and embedded in the offline verifier so inspectors can confirm tamper-evidence without trusting us.

Offline `verify.html`

Self-contained HTML file with embedded JSZip and client-side `crypto.subtle` SHA-256. An inspector drags the ZIP onto it, and every file is verified locally against its manifest hash. No network, no BatchCortex servers, no vendor lock-in. Works in an air-gapped audit room.

Draft → Finalized lifecycle

QA Directors generate packs as drafts. A QP reviews and re-authenticates with their password to lock the pack — the finalization creates a Part 11 §11.200 electronic signature chained to the existing audit trail. Locked packs cannot be deleted or revoked.

Supersession, not deletion

Need to correct a finalized pack? Create a new pack that links to the old one with a reason field (≥10 characters, enforced at the database). Both packs stay downloadable. The lineage is preserved forever. Inspectors see the full correction history — exactly what §11.10(e) requires.

Everything on the hard drive. Not just the summary.

Most competitors ship a summary PDF and call it a day. BatchCortex gives the inspector the raw underlying evidence — every row, every reading, every hash. When the inspector asks “show me the data behind this chart,” the answer is already in the ZIP.

  • Every batch row (id, number, product, start/end, status, model version, notes)
  • Every signature (signer, meaning, signed_at, hash, record_type, record_id)
  • Every events_log row (occurred_at, event_type, actor, parameter, old/new value, hash, previous_hash, metadata)
  • Raw sensor readings in long format (recorded_at, parameter, value, unit, quality_code, source/server timestamps, node_id)
  • Recipe id, recipe version, and the ICH Q12 Established Condition flag stamped on every sensor row
  • PackML state trio transitions (CurrentState, UnitMode, UnitModeChangeInProgress) with chained witnesses
  • HMI audit events captured at the control system (AuditSessionEventType, AuditWriteUpdateEventType, AlarmConditionType, ProgramTransitionEventType) with ClientUserId
  • Tablet press station-level readings (main compression force mean/std, fill depth, weight stats)
  • Full machine readings (turret/feeder speed, hydraulic pressure, motor torque, vibration, die temperature)
  • Tablet rejection events from the PackML reject chute (root cause code, station, recipe step, source timestamp)
  • ML anomaly scores with ensemble score, failure mode hint, scored_at — plus per-outcome confidence, decision threshold, and model_hash
  • Operator override delta (recommended action vs. actual action, actor, rationale, timestamp) for every disputed anomaly
  • Edge session lifecycle (edge_session_id, start/end, agent version) and full machine identification block (vendor, model, serial, firmware, hardware revision)
  • Scheduled audit-trail review events — reviewer signature, period reviewed, findings — chained into the same batch hash chain
  • PQR reports, model deployment history, escalation log, anomaly snapshots

The offline verifier inspectors can trust.

An inspector who doesn't trust your vendor shouldn't have to. Our verifier runs entirely in the inspector's browser with zero network calls. Works in an air-gapped audit room. No JavaScript bundlers, no CDN fonts, no tracking pixels — just one HTML file, one ZIP, and `crypto.subtle`.

  1. 1
    Inspector receives the ZIP — by email, USB, SharePoint, anything.
  2. 2
    Inspector unzips it and double-clicks `verify.html` — opens in any modern browser, no install.
  3. 3
    Inspector drags the original ZIP onto the drop zone in verify.html.
  4. 4
    `crypto.subtle.digest('SHA-256', ...)` hashes every file in-browser and compares against the manifest.
  5. 5
    Every file shows a green PASS or red FAIL row. Overall status banner in one glance.
  6. 6
    The reconstructed org-level Merkle root is compared against the one stamped on the cover PDF.

Chain of custody that starts before the batch even begins.

Every Part 11 signature in BatchCortex is SHA-256 hashed and chained to the prior audit-trail event for that batch. Finalizing an Inspection Pack adds another link to the chain: the QP's finalization signature is hashed against the latest event, the new hash is written back into the chain, and the pack's cryptographic lineage ties cleanly into the batch's existing ALCOA+ history. An inspector can walk the chain end-to-end without ever leaving the ZIP.

What makes the pack tamper-evident

  • Per-batch signature hash chain (SHA-256, scoped per batch)
  • Per-file SHA-256 in the pack manifest
  • Per-batch Merkle sub-tree rolled up to an org-level Merkle root
  • Merkle root stamped on the cover PDF AND embedded in verify.html
  • Finalization creates a Part 11 signature chained into the same audit trail
  • No deletion path — even in the database schema itself

Pack anatomy

  • cover.pdf — 5-page inspector cover
  • manifest.json — every file + SHA-256
  • verify.html — offline verifier
  • batches/<id>/report-approved.pdf
  • batches/<id>/report-inspection.pdf
  • batches/<id>/sensor.csv
  • batches/<id>/events.csv
  • batches/<id>/signatures.json
  • batches/<id>/batch.json

Engineered to every regulation inspectors cite.

21 CFR Part 11 §11.10(b)

Records available in both human-readable and electronic form — PDF for humans, CSV/JSON for machines, every file in one bundle.

21 CFR Part 11 §11.10(e)

Secure, computer-generated, time-stamped audit trails — preserved through supersession, never deleted.

21 CFR Part 11 §11.70

Signatures linked to their records — every finalization signature chains into the existing per-batch hash chain.

21 CFR Part 11 §11.200

Electronic signatures require re-authentication — the QP password prompt satisfies the non-biometric two-component requirement.

EU GMP Annex 11 §9

Audit trail shall be available in a clearly understandable form — the navigational inspection PDF indexes every event by timestamp and actor.

EU GMP Annex 22 (draft 2025)

Model lineage preserved in the pack: every model_deployment, confidence score, and override is archived with the batches it touched.

PIC/S PI 041-1

Data integrity in audit: Merkle-rooted, append-only, independently verifiable without trusting the vendor.

ALCOA+

Attributable, Legible, Contemporaneous, Original, Accurate — plus Complete, Consistent, Enduring, Available — every pillar enforced end-to-end.

EU data sovereignty

Generated and stored in the Frankfurt EU region (Supabase EU) — no US-based third-party services, ever.

Included with Analyze

Unlimited packs on the Analyze tier and above.

The Inspection Readiness Pack is bundled into the Analyze tier (€140/batch, €48,000/yr minimum, €18,000 one-time setup) and the Guard tier. No per-pack surcharge, no hidden export fees, no “compliance add-on.” Generate as many as you need.

See PricingCompare with PQR

Your next inspection starts with one click.

Join the waitlist. First pilot partners onboarding now.

Join WaitlistTry the online verifier →

No signup required. Drop any BatchCortex pack ZIP and verify its Merkle integrity in your browser.