Our Accreditation
Our Accreditation — UAF (ISO/IEC 17065:2012)
Guardian Assessment Pvt. Ltd. is accredited by the United Accreditation Foundation Inc. (UAF), Virginia, USA, under ISO/IEC 17065:2012 — the international standard for bodies certifying products, processes and services. This page documents our accreditation in full and shows how to verify it independently.
Transparency
Built to Be Verified
A certification is only as strong as the body that issued it, and a certification body is only as strong as the accreditation body that audited and accredited it. That chain — product certificate, certification body, accreditation body — is the international architecture for trustworthy conformity assessment, and it works precisely because it is transparent end-to-end. Every link in the chain is meant to be checkable by anyone, at any time, without involving the body being checked.
This page is engineered to make that check as fast and as definitive as possible. It documents our accreditation in full: who accredited us, against which standard, under which scope, with which conditions, valid for which period, and where the verification register is. It includes downloadable copies of our Certificate of Accreditation and Schedule of Accreditation. It explains, for procurement teams unfamiliar with conformity assessment terminology, what each element of the accreditation actually means in practice. And it ends with an unambiguous instruction set for verifying us through the UAF accreditation register independently.
If you are conducting vendor due diligence on Guardian Assessment Pvt. Ltd., this page should answer every question on your checklist. If it does not, please raise the gap at hello@guardiansecureapp.com — we will close it.
Verifiable Facts
The Verifiable Facts
The table below mirrors, exactly, the facts on our Certificate of Accreditation and Schedule of Accreditation issued by UAF. Any discrepancy between this table and the source documents should be reported to UAF — but in the normal course, the two will match.
| Particular | Detail |
|---|---|
Conformity Assessment Body (CAB) | Guardian Assessment Pvt. Ltd. |
Key Location | 812 B Wing, CTS NO. 1/222A, Samartha Aishwarya, High Land, Oshiwara, Opp. Samartha Vaibhav, Mumbai 400053, India. |
Accreditation Body | United Accreditation Foundation Inc. (UAF), 1060 Laskin Road, Suite 12B/13B, Virginia Beach, VA 23451, United States of America. |
Standard of Accreditation | ISO/IEC 17065:2012, Conformity assessment, requirements for bodies certifying products, processes and services. |
Accreditation Number | 52605385601 |
Field of Accreditation | Product / Process Certification. |
IAF Scope Code |
|
Issue Date | 06 May 2026. |
Valid From | 06 May 2026. |
Valid Until | 05 May 2030. |
Schedule Issue No. | 01 |
Geographic Issuance Scope | India, subject to UAF Policy For CAB Operations in Sanctioned Countries. |
Certification Scheme | Guardian SecureApp™ Product Certification Scheme |
Scheme Document |
|
Conditions / Limitations | None. |
Independent Verification | Verify at UAF. Search by accreditation number 52605385601. |
Compliance Stack
The Rulebook We Operate Under
Our accreditation does not just confirm that we have an ISO/IEC 17065 management system on paper. It confirms that we operate, day-to-day, under a documented and audited compliance with a specific stack of international standards and mandatory documents. UAF audits us against this stack annually and, where applicable, witnesses our certification engagements to confirm that our practice matches our documentation. The full stack is listed below.
Document Reference Framework
| Document | What It Covers |
|---|---|
| ISO/IEC 17065:2012 | The international standard for bodies certifying products, processes and services. Governs impartiality, structure, resources, processes, certification process, complaints and appeals, public information, management system requirements, and decision-making. |
| UAF-CAB-PrCB | UAF Accreditation Requirements for Product Certification Bodies. UAF-specific operational requirements above and beyond ISO/IEC 17065, applicable to Product Certification Bodies. |
| UAF-GEN-CAB-01 | UAF General Accreditation Requirements. Common requirements for all UAF-accredited Conformity Assessment Bodies regardless of accreditation type. |
| UAF-GEN-CAB-02 | Conditions for the Use of UAF Accreditation Symbol. Governs how Guardian, and certified clients where applicable, may display the UAF accreditation mark, in what context, with what disclaimers, and with what restrictions. |
| IAF MD 4:2025 | IAF Mandatory Document for the Use of Information and Communication Technology (ICT) for Conformity Assessment Purposes. Governs when and how Guardian may conduct evaluation activities remotely, the safeguards required, and the equivalence with on-site evaluation. |
| IAF MD 12:2023 | IAF Mandatory Document for Accreditation Assessment of Conformity Assessment Bodies with Activities in Multiple Countries. Governs how Guardian operates when certification activities are performed across borders. |
In addition to the documents above, Guardian’s certification activities reference the technical standards used by the certification scheme — OWASP ASVS, OWASP Top 10, OWASP API Security Top 10 — as the normative basis for the technical evaluation. The procedural integrity of how we conduct that evaluation is governed by the international stack above.
Scope
What We Are Accredited to Certify
The Schedule of Accreditation issued by UAF — Issue No. 01, dated 06 May 2026 — defines the scope under which Guardian is permitted to issue UAF-accredited certificates. The scope is reproduced below in the same structure as the Schedule itself.
Guardian SecureApp™
Product Certification SchemeThird-party product certification for cybersecurity of Web Applications, SaaS / Multi-tenant Platforms, and APIs / Microservices based on OWASP ASVS, OWASP Top 10 and OWASP API Security Top 10. Evaluation conducted at three assurance levels: Level 1 Basic, Level 2 Advanced, Level 3 High-Risk / Critical, per ISO/IEC 17065.
Web Application Security
SaaS / Multi-tenant Platforms
API / Microservices Security
Reading the scope statement
The certification scheme is Guardian SecureApp™, documented in normative document GSA-PR-01. The product categories within scope are organised into three Modules: A, B and C. Each evaluation is conducted at one of three assurance levels: 1, 2 or 3. The IAF Scope Code 33 indicates that the technical scope falls within Information Technology. There are no conditions or limitations on this scope.
Accreditation Authority
About Our Accreditation Body
United Accreditation Foundation Inc. (UAF) is an internationally operating accreditation body headquartered at 1060 Laskin Road, Suite 12B/13B, Virginia Beach, VA 23451, United States of America. UAF accredits Conformity Assessment Bodies (CABs) — including Product Certification Bodies, Management System Certification Bodies, and Inspection Bodies — operating in jurisdictions across the world, against the relevant ISO/IEC standards for each conformity assessment area.
UAF’s accreditation activities for Product Certification Bodies are governed by ISO/IEC 17011 (the standard for accreditation bodies), and its operational requirements for accredited CABs are documented in UAF-CAB-PrCB, UAF-GEN-CAB-01 and UAF-GEN-CAB-02 (referenced above). UAF maintains a public accreditation register at www.uafaccreditation.org on which the current status of every UAF-accredited CAB — including Guardian Assessment — is published.
UAF audits Guardian’s compliance with our accreditation requirements annually. The audit cycle includes office surveillance audits (verification of our management system, records, decisions and impartiality arrangements), witness assessments (UAF-appointed assessors observe Guardian evaluators conducting actual certification engagements, to verify that our practice matches our documentation), and a re-accreditation cycle at the end of the accreditation period that re-validates our status against the then-current version of the accreditation requirements.
International Recognition
How Accreditation is Recognised Internationally
International recognition of accreditation works through a specific institutional mechanism: the International Accreditation Forum (IAF) Multilateral Recognition Arrangement (MLA). The IAF is a worldwide association of accreditation bodies; the MLA is a peer-evaluated arrangement under which IAF-member accreditation bodies recognise each other’s accreditations as equivalent — within defined accreditation-type-specific scopes.
United Accreditation Foundation is a member of the IAF, and a signatory to the IAF MLA. However — and this is an important nuance for procurement teams and regulators — the IAF MLA recognition scope is granted separately for each accreditation type (Management System Certification Bodies operating under ISO/IEC 17021-1, Inspection Bodies operating under ISO/IEC 17020, Product Certification Bodies operating under ISO/IEC 17065, and so on). An accreditation body that is an IAF MLA signatory for one accreditation type is not, by that fact, an MLA signatory for every type.
Note: Accordingly, before relying on the IAF MLA scope of UAF’s recognition for any specific certification, please verify the current MLA scope by accreditation type directly on the IAF portal at www.iaf.nu. The IAF portal is the authoritative public source for current MLA scope by accreditation type, and it is updated as the MLA peer-evaluation process progresses.
Guardian’s accreditation under ISO/IEC 17065 is recognised through the international accreditation infrastructure operated by IAF and its member accreditation bodies. Where a customer, regulator or procurement team requires a specific MLA-scope confirmation, the IAF portal at www.iaf.nu is the source to consult.
Why It Matters
Why Accreditation Matters to You
Accreditation under ISO/IEC 17065 is not a marketing claim. It is a structural property of the certification body. Five concrete consequences follow from holding it, and together they define why an accredited certificate is worth more — to you, to your regulators, and to your customers — than an unaccredited audit or an internal review:
Independence is structural, not declared
Our impartiality, our separation between evaluation and decision personnel, and our prohibition on consultancy in respect of products we certify are not internal policies we have adopted; they are accreditation requirements verified annually by UAF. A breach of these requirements jeopardises our accreditation, and through it the validity of every certificate we have issued. The structural consequence is what makes the impartiality real.
Repeatability across applicants
Every applicant goes through the same documented process, the same competence-screened evaluators, the same ISO/IEC 17065 Clause 7.6-compliant decision-making. UAF auditors test for variation across applicants and require corrective action where it is found. The result is that two products certified at the same level have, demonstrably, been held to the same standard.
Public information and verifiability
ISO/IEC 17065 Clause 4.6 requires the certification body to make defined facts public — including the certification body’s accreditation status, its scheme rules, and certified-product information. The public accreditation register at UAF, our public scheme document, and our public directory of certified products together make every certificate verifiable by anyone, anytime, without our involvement.
Continuous oversight
Accreditation is not a one-time event. UAF audits us annually; conducts witness assessments of selected engagements; reviews our complaints, appeals and impartiality records; and can issue corrective action requests, place conditions on the accreditation, suspend it, or withdraw it. This continuous oversight is what gives accredited certification its durability over time, in contrast to the point-in-time validity of a private VAPT report.
Recognised methodology
Our certification scheme references OWASP standards (ASVS, Top 10, API Top 10) — the international common language of application security. The scheme document GSA-PR-01 is published in summary form. Customers, regulators and procurement teams can read it themselves, and they can interpret a Guardian SecureApp™ certificate without having to ask us what it means.
verification
Verify Without Asking Us
If you are conducting due diligence on Guardian Assessment, the verification path below is the canonical procurement workflow. It does not require any input from us, and it provides procurement-grade evidence that satisfies the vast majority of vendor-risk questionnaires.
1
Open the UAF Accreditation Register
Navigate to https://www.uafaccreditation.org/ in a separate browser tab. The site is the public register maintained by United Accreditation Foundation.
2
Search by Accreditation Number
Search the register by accreditation number 52605385601 — the unique identifier issued to Guardian Assessment under our ISO/IEC 17065 accreditation. The register entry will display Guardian Assessment Pvt. Ltd., the standard of accreditation, the field of accreditation, the scope, the validity, and any conditions or limitations attached to the accreditation.
3
Cross-Check Against Our Documents
Download the Certificate of Accreditation and Schedule of Accreditation from the Downloads section of this page (Section 3.11 below) and confirm that the facts on those documents match the register entry. They will. If you ever find that they do not, please report the discrepancy to UAF directly — that is what the public register is for.
4
Verify the Specific Certificate, If Applicable
If your due diligence concerns a specific Guardian SecureApp™ certificate (for example, certification of a specific product), proceed to our Public Directory of Certified Products at /directory and search by certificate number, product name or applicant name. The directory shows current valid certificates as well as suspended and withdrawn certificates.
5
Verify IAF MLA Scope, If Applicable to Your Requirement
If your specific procurement, regulatory or contractual requirement asks for IAF MLA recognition of the underlying accreditation, visit the IAF portal at www.iaf.nu and verify the current MLA scope of UAF for the relevant accreditation type. As noted in Section 3.6 above, MLA scope is granted separately by accreditation type and is the authoritative current-state source maintained by IAF.
Conditions
What We Must Continue to Do
Our accreditation, like all accreditations, is conditional on continuous compliance with the requirements of UAF and ISO/IEC 17065. The principal conditions, paraphrased from the UAF Schedule of Accreditation and the underlying Accreditation Agreement we hold with UAF, are:
- Continuous compliance with the terms and conditions of the Accreditation Agreement signed between Guardian and UAF.
- Satisfactory completion of UAF surveillance assessments, witness assessments and re-accreditation engagements per Guardian’s surveillance program.
- Compliance with all UAF policies, including the policy on CAB operations in sanctioned countries (we do not operate in sanctioned countries).
- Use of the UAF accreditation symbol strictly in accordance with UAF-GEN-CAB-02.
- Maintenance of the impartiality, competence, and management system requirements of ISO/IEC 17065.
- Notification to UAF of any material change in legal status, ownership, organisation, scope or other circumstances that could affect the accreditation.
- Payment of UAF accreditation fees in line with the Accreditation Agreement.
The Schedule of Accreditation Issue 01 lists the Conditions / Limitations field as ‘None’. This means our accreditation, at issue, is not subject to any specific conditions beyond the standard accreditation conditions above.
Ongoing Compliance
How Our Accreditation Stays Current
UAF subjects Guardian to a defined surveillance program over the four-year accreditation cycle. The program comprises three categories of activity:
1
Annual Surveillance Audits
UAF assessors conduct an annual review of Guardian’s management system, certification records, decision documentation, complaints and appeals, impartiality records, financial information, evaluator competence records, and other elements of our compliance with ISO/IEC 17065 and UAF requirements. Findings are issued; we close them within agreed timelines; UAF verifies closure. Surveillance findings are part of the public accreditation record.
2
Witness Assessments
UAF assessors observe Guardian evaluators conducting actual certification engagements. The witnessing tests not only compliance with our documented procedures but also the technical competence of our evaluators in applying the scheme. Witness assessments are scheduled across the four-year cycle to cover all material elements of our scope (Modules A, B and C, and Levels 1, 2 and 3).
3
Re-Accreditation
Before our four-year accreditation cycle ends (05 May 2030), Guardian undergoes re-accreditation against the then-current version of UAF accreditation requirements and ISO/IEC 17065. Re-accreditation is a comprehensive re-evaluation of every aspect of our operation, not merely a renewal.
Where any of these activities identifies non-conformities that we cannot or do not address within agreed timelines, UAF may suspend or withdraw the accreditation. The current status of our accreditation is always reflected on the UAF accreditation register; if you ever see a discrepancy between the register and a claim made by Guardian, the register is the authoritative source.
Downloads
Documents for Your Vendor File
The downloads below are sufficient to satisfy the standard procurement and audit-evidence requirements of regulated buyers. All PDFs are signed where appropriate, are dated, and reflect the current accreditation cycle.
Certificate of Accreditation (PDF)
issued by UAF, dated 06 May 2026
Schedule of Accreditation Issue 01 (PDF)
UAF, dated 06 May 2026
Guardian SecureApp™ Scheme Document GSA-PR-01
Public Summary (PDF)
Use of Mark Policy (PDF)
Guardian internal policy applying UAF-GEN-CAB-02 to certified clients
Impartiality Statement (PDF)
Complaints & Appeals Procedure (PDF)
Frequently Asked Questions
Common Questions, Answered
ISO/IEC 17065:2012 is the international standard that specifies requirements for the competence, consistent operation and impartiality of bodies certifying products, processes and services. It is the appropriate accreditation standard for any certification body that issues product certifications — as distinct from management system certifications, which are accredited under ISO/IEC 17021-1. ISO/IEC 17065 covers impartiality, structure, resources, certification process, complaints and appeals, public information, decision-making, surveillance and the management system requirements that underpin all of the above.
United Accreditation Foundation Inc. (UAF) is an accreditation body headquartered in Virginia Beach, Virginia, United States. UAF accredits Conformity Assessment Bodies including Product Certification Bodies, Management System Certification Bodies and Inspection Bodies, against the relevant ISO/IEC standards. UAF is a member of the International Accreditation Forum (IAF) and a signatory to the IAF Multilateral Recognition Arrangement (MLA). UAF maintains a public accreditation register at www.uafaccreditation.org.
Visit https://www.uafaccreditation.org/ and search by Guardian’s accreditation number 52605385601. The register entry will display the accreditation status, standard, scope, validity and any conditions. As an independent cross-check, you can download our Certificate of Accreditation and Schedule of Accreditation from this page and confirm that the facts match the register entry — they will.
The International Accreditation Forum (IAF) Multilateral Recognition Arrangement (MLA) is a peer-evaluated arrangement among IAF-member accreditation bodies under which signatories recognise each other’s accreditations as equivalent within defined accreditation-type scopes. The MLA is a key institutional mechanism for international recognition of accreditation. Importantly, the MLA scope is granted separately by accreditation type, and an accreditation body that is an MLA signatory for one type is not, by that fact, an MLA signatory for every type. The current scope of UAF’s IAF MLA recognition by accreditation type can be verified at www.iaf.nu.
UAF is a member of the IAF and a signatory to the IAF MLA. The MLA scope is granted separately by accreditation type. To check the current scope of UAF’s IAF MLA recognition specifically for Product Certification Bodies operating under ISO/IEC 17065, please verify on the IAF portal at www.iaf.nu — that portal is the authoritative public source maintained by IAF and reflects the current state of MLA scope by accreditation type.
ISO/IEC 17021-1 is the international standard for bodies that certify management systems — for example, Information Security Management Systems under ISO/IEC 27001, or Quality Management Systems under ISO 9001. ISO/IEC 17065 is the international standard for bodies that certify products, processes and services. The two are different accreditation types with different requirements and different IAF MLA scopes. A body accredited under ISO/IEC 17065 is not, by that fact, accredited under ISO/IEC 17021-1, and vice versa. Guardian is accredited under ISO/IEC 17065 only — appropriate for product certification, which is what we do.
ISO/IEC 17025 is the international standard for testing and calibration laboratories — it covers competence to perform tests and calibrations and to issue test results / calibration certificates. ISO/IEC 17065 covers competence and impartiality of certification bodies that issue certificates based on test results, evaluation reports and process compliance. A laboratory may operate under 17025; a certification body may operate under 17065; some organisations hold both accreditations for different scopes. Guardian’s accreditation is 17065 only.
IAF Scope Code 33 is the IAF classification for ‘Information Technology’. The IAF Scope Code is the standardised classification used to define the technical scope within which an accreditation applies. Guardian’s accreditation specifies IAF Scope Code 33, meaning we are accredited to certify products in the Information Technology technical area — within which our specific scheme covers web application, SaaS / multi-tenant platform, and API / microservices security.
The ‘Field of Accreditation’ is a high-level descriptor of the type of conformity assessment activity the body is accredited to perform. Guardian’s Field of Accreditation is ‘Product / Process Certification’, meaning we are accredited to certify products (and processes / services where applicable). This is distinct from ‘Management System Certification’ (ISO/IEC 17021-1), ‘Inspection’ (ISO/IEC 17020), and ‘Testing & Calibration’ (ISO/IEC 17025).
When UAF issues a Schedule of Accreditation, the Schedule may attach specific conditions or limitations to the accreditation — for example, restrictions on certain product categories, levels, or geographic territories. Our Schedule (Issue 01, dated 06 May 2026) records ‘Conditions / Limitations: None’. This means our accreditation, at issue, is a clean accreditation without any UAF-imposed restrictions on top of the standard accreditation requirements.
Suspension or withdrawal of accreditation is the most serious action UAF can take against an accredited CAB, and it is reflected immediately on the public accreditation register at www.uafaccreditation.org. If Guardian’s accreditation is ever suspended or withdrawn, this page would be updated to reflect that, and existing UAF-accredited certificates would be handled in accordance with applicable UAF and IAF transition policies. The register status is the authoritative source — always check it if you have any concern.
The Geographic Issuance Scope on the Schedule defines the country or countries in which Guardian is accredited to issue UAF-accredited certificates as a primary location. India is our primary location of accreditation. We can perform certification activities in support of applicants in other countries in accordance with IAF MD 12:2023 (multi-country activities), subject to UAF policy on operations in sanctioned countries. International applicants are welcome — please discuss your specific country and engagement model at scoping.
IAF MD 4:2025 is the IAF Mandatory Document for the use of Information and Communication Technology (ICT) for conformity assessment purposes. It governs when, how and under what conditions a CAB may conduct evaluation activities remotely (using ICT) instead of on-site. Guardian operates under IAF MD 4:2025; most of our evaluation activities can be conducted remotely with appropriate safeguards.
IAF MD 12:2023 is the IAF Mandatory Document for accreditation assessment of Conformity Assessment Bodies with activities in multiple countries. It governs how a CAB operating across borders is assessed by its accreditation body, including the safeguards needed to ensure consistent evaluation depth and competence in every country of operation.
UAF audits Guardian annually through surveillance audits of our management system, certification records and impartiality arrangements. UAF additionally conducts witness assessments — observing actual certification engagements — across the four-year accreditation cycle. At the end of the cycle, Guardian undergoes a comprehensive re-accreditation engagement against the then-current version of accreditation requirements.
Guardian SecureApp™ certificates may display the UAF accreditation symbol in accordance with UAF-GEN-CAB-02 (Conditions for the Use of UAF Accreditation Symbol) and our internal Use of Mark Policy. The display of the accreditation symbol on a certificate is a visible affirmation that the certification was issued under UAF accreditation. Use by certified clients is also licensed but is subject to documented rules — see /marks-policy.
Certificates display the UAF accreditation symbol where applicable, in accordance with UAF-GEN-CAB-02. They do not display IAF MLA badges or claim IAF MLA scope on the face of the certificate. International recognition through IAF MLA is a separate, regulator-and-customer-facing assurance that is best verified at the source — www.iaf.nu — rather than asserted on individual certificates. This positioning protects you, our certified client, from over-claiming MLA scope that may not yet apply to your specific accreditation type.
UAF maintains the public accreditation register, which reflects current accreditation status, scope and any conditions. Detailed surveillance findings (e.g., specific corrective actions issued and closed in a given audit cycle) are typically not made public at the level of individual non-conformities — that is normal practice across accreditation bodies internationally. If you have a specific concern about Guardian’s compliance with accreditation requirements, you may report it directly to UAF (which will investigate independently) or to Guardian’s Impartiality Committee at impartiality@guardiansecureapp.com.
Continue Reading
Explore Further
Ready to Get Started?
Apply for Certification
Submit a formal application. Initial response within 5 working days.
Apply NowRequest a Quote
Tell us about your product. Indicative quote within 3 to 5 working days.
Get a QuoteTalk to Our Team
Specific question or regulatory driver to discuss?
Contact Us