Does ISO 9001 require a product recall procedure?

ISO 9001:2015 Clause 8.7 requires control of nonconforming outputs, and Clause 8.5.2 requires traceability when required. While the standard does not explicitly mandate a written product recall procedure, industries with regulatory requirements (food, medical devices, automotive) typically require one. For manufacturers supplying under customer contracts, a recall procedure is commonly required. Auditors in regulated industries will expect to see evidence that you can identify affected product and notify customers.

What should a product recall procedure include for ISO 9001?

A robust product recall procedure should include: triggers for initiating a recall, escalation and notification responsibilities, product identification and traceability steps, containment scope determination, customer and regulatory notification process, product disposition (rework, scrap, return), CAPA integration, and recall closure criteria. Records of any actual recall or mock recall exercise should be retained.

What is the difference between a product recall and a product withdrawal?

A recall involves retrieving product from the end customer or market, typically because of a safety or compliance issue. A withdrawal involves retrieving product from the distribution chain before it reaches the end customer. Both require traceability and a documented response process. The distinction matters most in regulated industries (FDA, USDA) where recalls may trigger mandatory reporting requirements.

? Back to ArticlesQuality Management

ISO 9001 Product Recall Procedure: Free Template & Step-by-Step Guide

By the Training Tiger Team•February 2026•12 min read

Nobody wants to think about product recalls. They're expensive, stressful, and they put your company's reputation on the line. But here's the reality: if you manufacture or distribute products, a recall isn't a question of if - it's a question of when. Raw material contamination, supplier defects, labeling errors, assembly mistakes - any of these can trigger a situation where product already in customers' hands needs to come back.

ISO 9001 doesn't use the word "recall" explicitly, but the requirements are there. Clause 8.7 (Control of Nonconforming Outputs) requires you to identify nonconforming product, contain it, notify affected parties, and determine its disposition. Clause 10.2 (Corrective Action) requires you to investigate the root cause and take action to prevent recurrence. Together, these clauses form the backbone of any product recall procedure.

Auditors expect to see this documented. During a surveillance audit, one of the first things an auditor will ask about nonconforming output is: "What happens if the nonconformity is discovered after delivery to the customer?" If your team looks at each other and shrugs, that's a finding. If you pull out a documented recall procedure with clear roles, escalation paths, and communication templates - that's a system that works.

This guide walks you through what ISO 9001 actually requires, gives you a step-by-step procedure you can adapt to your organization, and includes a free template you can copy directly into your QMS.

In This Guide

What ISO 9001 Says About Product Recalls

The standard doesn't have a clause titled "Product Recalls." Instead, the requirements are distributed across several clauses that, taken together, describe exactly what a recall procedure needs to cover.

Clause 8.7 - Control of Nonconforming Outputs

This is the primary clause. Clause 8.7.1 requires that outputs not conforming to requirements are identified and controlled to prevent their unintended use or delivery. When nonconforming product has already been delivered, the organization must take "appropriate action" - and that's where your recall procedure comes in.

The clause specifies four ways to deal with nonconforming output:

Correction: Fix the nonconformity (rework, repair, regrade).
Segregation, containment, return, or suspension: Isolate the product so it can't be used or shipped.
Informing the customer: Notify anyone who received the nonconforming product.
Obtaining authorization for acceptance under concession: Get approval from the customer or relevant authority to use the product as-is.

For a recall, you're typically dealing with a combination of all four - containing remaining stock, notifying customers, recovering delivered product, and determining whether rework or disposal is appropriate.

Clause 10.2 - Corrective Action

Clause 8.7 handles the immediate response. Clause 10.2 handles the "make sure it never happens again" part. After you've contained the nonconformity and notified affected parties, you need to:

Determine the root cause (not just the symptom)
Evaluate whether similar nonconformities exist or could potentially occur
Implement corrective action
Review the effectiveness of the corrective action
Update risks and opportunities if necessary
Make changes to the QMS if necessary

A recall without corrective action is just firefighting. The standard requires both.

Clause 8.5.3 - Property Belonging to Customers or External Providers

This clause is often overlooked in recall planning, but it matters. If your product incorporates materials or components provided by the customer, and those materials are found to be the source of the nonconformity, you're required to report the issue to the customer and retain documented information about what happened. This adds a layer to your notification process - you may need to notify both downstream customers and upstream providers.

Step-by-Step Product Recall Procedure

Here's a nine-step recall procedure you can adapt to your organization. Each step maps to specific ISO 9001 requirements so your procedure is audit-ready from day one.

Step 1: Identification & Initial Assessment

Every recall starts with someone raising the alarm. That could be a customer complaint, an internal quality hold, a supplier notification, a regulatory alert, or a field failure report. Your procedure needs to define who can initiate a recall assessment and how they do it.

The initial assessment determines severity. Not every nonconformity requires a full recall - some can be handled with a targeted correction or a customer advisory. Use a severity classification to guide the response:

Class I - Critical: Serious health or safety risk. Immediate recall required. Think: structural failure in load-bearing components, contamination in food or pharmaceutical products, electrical hazards.
Class II - Major: Temporary or reversible adverse effects, or a remote probability of serious harm. Urgent recall, but the timeline may allow for more coordination.
Class III - Minor: Unlikely to cause adverse effects, but the product doesn't meet specifications. May be handled through customer notification and voluntary return rather than a full recall.

Document the initial assessment: what was reported, who reported it, when, the affected product (lot numbers, date codes, serial numbers), and the preliminary severity classification. This becomes the foundation of your recall record.

Step 2: Containment

Before you do anything else, stop the bleeding. Containment means preventing any more nonconforming product from reaching customers while you figure out the scope of the problem.

Stop shipping affected lots or products immediately. Place a shipping hold in your ERP or warehouse system.
Quarantine stock in your warehouse, distribution centers, and any in-transit inventory you can intercept.
Notify production to stop manufacturing the affected product until the root cause is understood.
Alert your warehouse and logistics teams so they know not to release quarantined stock.

Speed matters here. A Class I recall that isn't contained within hours can have consequences that compound exponentially. Have pre-drafted containment instructions your team can execute immediately - don't make them figure it out under pressure.

Step 3: Notification

Three groups need to be notified, often in parallel:

Customers: Anyone who received the affected product needs to know. Your notification should include the specific products affected (lot numbers, date codes), the nature of the nonconformity, what action the customer should take (stop using, quarantine, return), and how to contact you.
Regulatory bodies: Depending on your industry, you may be legally required to notify regulators. FDA, CPSC, NHTSA, and equivalent bodies in other jurisdictions have specific reporting requirements and timelines. Know yours before you need them.
Management: Your management team needs to be in the loop - not just for decision-making authority, but because ISO 9001 Clause 5.1 requires top management to demonstrate leadership and commitment to the QMS. A recall is exactly the kind of event that should trigger management involvement.

Step 4: Investigation & Root Cause Analysis

With containment in place and notifications sent, you need to figure out why this happened. ISO 9001 Clause 10.2.1(b) requires you to determine the cause of the nonconformity - not just the proximate cause, but the root cause.

Common root cause analysis tools:

5 Whys: Simple but effective for straightforward problems. Keep asking "why?" until you reach a systemic cause, not just a human error.
Fishbone (Ishikawa) diagram: Useful when multiple factors may have contributed. Organize potential causes by category: Man, Machine, Method, Material, Measurement, Environment.
Fault tree analysis: For complex, safety-critical failures where you need to map out all possible failure paths.
8D methodology: A structured eight-discipline approach common in automotive and manufacturing. Overkill for simple problems, valuable for complex ones.

The investigation should also determine the full scope of the problem. Is it limited to one lot, or does it affect everything produced since a specific date? Did it come from a supplier change, a process deviation, or an equipment failure? The scope determines how broad your recall needs to be.

Step 5: Corrective Action

Root cause analysis without corrective action is just an academic exercise. Clause 10.2.1(d) requires you to implement corrective action to eliminate the root cause. The key word is eliminate - not work around, not mitigate, not monitor more closely. Fix the underlying problem.

Effective corrective actions target the system, not the person. "Retrain the operator" is rarely a sufficient corrective action on its own. Better: "Implement a poka-yoke fixture that makes the incorrect assembly physically impossible." Or: "Add an automated inspection step that catches the defect before packaging."

Document the corrective action with specific details: what was changed, who is responsible for implementation, the target completion date, and how effectiveness will be verified.

Step 6: Customer Communication & Product Recovery

The initial notification (Step 3) tells customers there's a problem. This step is about managing the actual recovery - getting the product back and making it right.

Provide clear instructions for how customers should return the product (prepaid shipping labels, pickup arrangements, drop-off locations).
Offer replacement product, refund, or repair - whatever is appropriate for the situation.
Assign a dedicated contact person or team to handle customer inquiries. Don't make customers navigate a phone tree during a recall.
Track return rates. If you shipped 500 units and only 50 come back, you need to follow up on the other 450.

How you handle a recall defines your relationship with your customers. Companies that communicate openly, act quickly, and make things right often come out of a recall with stronger customer loyalty than they had before.

Step 7: Effectiveness Verification

You implemented a corrective action. Did it actually work? Clause 10.2.1(f) requires you to review the effectiveness of the corrective action taken. This isn't optional - it's a requirement, and auditors will ask for evidence.

Effectiveness verification might include:

Monitoring the same metrics that flagged the original problem for a defined period (30, 60, 90 days)
Conducting additional inspections or testing on product produced after the corrective action
Reviewing customer complaint data for recurrence
Performing a follow-up audit of the affected process

If the corrective action wasn't effective, you go back to Step 4 and dig deeper. The cycle continues until the root cause is truly eliminated.

Step 8: Documentation & Records

ISO 9001 Clause 8.7.2 specifically requires you to retain documented information about nonconforming outputs, including the nature of the nonconformity, actions taken, concessions obtained, and the authority deciding the action. For a recall, your records should include:

Initial nonconformity report (what, when, who reported it)
Severity classification and justification
Containment actions taken and their timeline
Customer and regulatory notifications (copies of all communications)
Root cause analysis documentation
Corrective action records
Product disposition records (returned units - repaired, reworked, scrapped)
Effectiveness verification results
Management review of the recall

Keep everything together in one recall file. When an auditor asks about a past recall, you should be able to pull the complete story - from initial report to closure - in minutes, not hours.

Step 9: Management Review

Every recall should feed into your management review process (Clause 9.3). This is where leadership examines what happened, evaluates whether the QMS needs changes, and decides if additional resources are needed to prevent future recalls.

Key questions for management review:

Was the recall procedure effective? Did it work as documented, or did we improvise?
Were response times adequate? Where did delays occur?
Did we have the right people trained and available?
What was the financial impact? Could earlier detection have reduced it?
Does the risk assessment need updating? Are there similar risks in other products or processes?
Do we need to update our recall procedure based on lessons learned?

The management review turns a painful event into organizational learning. Skip it, and you're likely to repeat the same mistakes.

Free Product Recall Procedure Template

Below is a complete recall procedure template you can copy into your QMS. It follows the same minimal-header format as our other Training Tiger templates - document number, title, and control line. All revision history, approvals, and metadata are managed in Training Tiger.

Italic guidance notes tell you what to customize for your organization. Remove them from the final version.

Free Product Recall Procedure

Word document (.docx) — use immediately, no sign-up required

Download Blank Template

Worked Example — ABC Precision Manufacturing

Download Example

How Training Records Support Recall Readiness

Here's something that catches a lot of organizations off guard during a recall: the auditor doesn't just ask what happened and how you fixed it. They ask whether the people involved were competent to execute the recall procedure.

"Show me the training records for your recall team." "When was the Quality Manager last trained on this procedure?" "How do you know the warehouse team knew the quarantine protocol?" These are real questions that come up during post-recall audits. If you can't answer them, you've got a Clause 7.2 (Competence) finding on top of whatever triggered the recall in the first place.

This is where having a centralized training management system pays for itself:

Training records in one place: When an auditor asks who was trained on the recall procedure, you pull up the record instantly - who completed training, when, on which revision of the procedure. No digging through filing cabinets or email archives.
Document control ensures current versions: If you update your recall procedure after a lessons-learned review, Training Tiger's automatic retraining flags affected employees for retraining on the new revision. No one is working from an outdated procedure.
Skills matrix shows recall team qualifications: Your recall procedure assigns roles - Quality Manager leads, Production contains, Customer Service communicates. A skills matrix shows at a glance who is qualified for each role and whether their training is current. If someone leaves, you can immediately see the gap.
Audit trail proves the system works: Every training completion, every document acknowledgment, every assessment result is logged with timestamps. This is exactly the kind of objective evidence auditors want to see - not a signature on a paper form that could have been backdated, but a system-generated record.

Recall readiness isn't just about having a procedure. It's about having a team that's trained, documents that are current, and records that prove both. That's the connection between training management and recall execution - and it's a connection auditors understand deeply.

Key Takeaways

ISO 9001 Clause 8.7 requires you to control nonconforming outputs - including product already delivered to customers. A recall procedure is how you do that.
Clause 10.2 requires corrective action to eliminate root causes. Containment without corrective action is just firefighting.
Classify recalls by severity (Class I, II, III) to scale your response appropriately - not every nonconformity needs the same urgency.
Speed of containment is critical. Have pre-drafted instructions your team can execute immediately.
Customer communication makes or breaks a recall. Be direct, be transparent, and make it easy for customers to respond.
Document everything - from initial report to management review. Auditors will want the complete story.
Training records prove your recall team was competent to execute the procedure. Don't overlook Clause 7.2 during recall planning.
Feed every recall into management review. Lessons learned only matter if leadership acts on them.

Ready to simplify your ISO 9001 compliance?

Training Tiger keeps your training records, document control, and skills matrix in one place - so you're always audit-ready, even when a recall hits.

Start your free 30-day trial →See all features