GOVERNANCE & DECISION AUTHORITY

Statement of Commitment

Guardian’s Commitment to Governance Transparency

Guardian Assessment Private Limited (India) and Guardian Assessment UK Ltd, together constituting the Guardian Assessment certification body, operate under the documented governance framework described on this Page. The framework is the operational implementation of ISO/IEC 17065:2012 Clause 5 (Structural Requirements), Clause 7.6 (Certification Decision), Clause 7.13 (Complaints and Appeals), and IAF MD 12:2023 (Application of ISO/IEC 17011 to Certification Bodies’ Activities in Multi-Country Activities). It is audited annually by UAF during accreditation surveillance and forms part of the public-information evidence under Clause 4.6.

This Page is the canonical disclosure of Guardian’s corporate identity and governance structure. Other Trust pages (Impartiality Statement, Confidentiality Policy, Complaints and Appeals Procedure, Use of Certification Mark Policy, Code of Conduct) cross-reference this Page for corporate-identity questions; this Page is the substantive source. Procurement teams, legal counsel, banks, regulators, and other parties conducting due diligence on Guardian use this Page as the authoritative single reference for Guardian’s corporate-identity data and verify the disclosures against the public registries (Ministry of Corporate Affairs for the India entity; Companies House for the UK entity).

Why Governance Transparency Matters Operationally

Guardian’s certification activities carry procurement-grade attestation weight. Procurement teams accepting Guardian SecureApp™ certificates as supplier-security evidence are extending trust not just to the certified products but to the certification body that issued them. That extended trust is legitimately conditional on Guardian’s institutional standing — who governs Guardian, who has decision authority, what jurisdictional frameworks Guardian operates under, what oversight structures verify Guardian’s procedural compliance. Disclosing this substantively rather than gesturally is itself part of the procedural integrity the trust framework operates.

Underlying Standards and Frameworks

This Page implements:

• ISO/IEC 17065:2012 Clause 5 (Structural Requirements) — the principal standard provision governing certification body legal status, structure, and management arrangements
• ISO/IEC 17065:2012 Clause 5.2 (Mechanism for Safeguarding Impartiality) — requiring the Impartiality Committee or equivalent mechanism
• ISO/IEC 17065:2012 Clause 7.6 (Certification Decision) — requiring decision authority structurally separate from evaluation
• ISO/IEC 17065:2012 Clause 7.13 (Complaints and Appeals) — requiring the Appeals Committee or equivalent
• ISO/IEC 17065:2012 Clause 6.1 (Personnel) — covering personnel and management arrangements
• IAF MD 12:2023 (Application of ISO/IEC 17011 to Certification Bodies’ Activities in Multi-Country Activities) — governing the multi-jurisdictional structure of Guardian’s operations through its Critical Location in the UK
• Companies Act 2013 (India) — governing Guardian Assessment Private Limited’s corporate existence and obligations
• Companies Act 2006 (United Kingdom) — governing Guardian Assessment UK Ltd’s corporate existence and obligations

Guardian Assessment Private Limited (India): The Principal Operating Entity

Guardian Assessment Private Limited — Mumbai, India

Guardian Assessment Private Limited is the principal operating entity of the Guardian Assessment certification body. It is the entity that holds Guardian’s UAF accreditation (52605385601, valid 06 May 2026 to 05 May 2030), the entity through which Guardian’s certification scheme GSA-PR-01 is administered, and the entity to which UAF’s accreditation oversight is directed. Substantive operational activities — evaluator engagement, scoping, evaluation work, Decision Authority decisions, surveillance scheduling, recertification administration — are coordinated through this entity, with the UK Critical Location supporting UK and European operations as described in Section 3.3 below.

Corporate Identity

Guardian Assessment Private Limited is a private company limited by shares, incorporated in India under the Companies Act 2013 (and continued from the predecessor Companies Act 1956 incorporation framework where applicable). The corporate-identity details verifiable on the Ministry of Corporate Affairs public registry:

• Corporate Identity Number (CIN): U74999MH2018PTC307933
• Date of Incorporation: 12 April 2018
• Registrar of Companies: ROC Mumbai I
• Registration Number: 307933
• Class of Company: Private company limited by shares
• Subcategory: Non-government company
• Status: Active
• Jurisdiction: ROC Mumbai I; Regional Director — RD Mumbai, Western Region Directorate I
• Email: guardianassessment@gmail.com (transitioning to entity-specific email addresses at guardiansecureapp.com)

Registered Office

74, Windermere 2C CHS Ltd, Off New Link Road, Andheri (W), Andheri, Mumbai, Maharashtra, India 400053. This is the entity’s registered address as filed with the Ministry of Corporate Affairs and is the address at which the books of account are maintained. The registered office is the legal-process address for service of notices, statutory communications, and other formal correspondence directed to Guardian Assessment Private Limited.

Capital Structure

Authorised Capital: ₹10,00,000 (Indian Rupees Ten Lakhs Only). Paid-up Capital: ₹10,00,000. The full authorised capital is fully paid-up, reflecting substantive capital commitment to the entity. The capital structure provides operational stability appropriate to Guardian’s scope of activities and supports compliance with the financial-resource expectations applicable to UAF-accredited certification bodies.

Charges and Encumbrances

Index of Charges on file with the Ministry of Corporate Affairs:

• Charge holder: ICICI Bank Ltd (ICICI Bank Tower, Near Chakli Circle, Old Padra Road, Vadodara, Gujarat, India 390007)
• Amount: ₹7,00,000
• Date of Creation: 26 October 2024
• Status: Active (no modification or satisfaction recorded)
• SRN/Charge ID: AB1839620 / 101004846

The charge is a banking facility supporting operational continuity and is not security against any certification activity, applicant relationship, or accreditation matter. Disclosure here matches the public information available at the Ministry of Corporate Affairs registry.

Statutory Filings

Last Annual General Meeting: 30 September 2025. Date of Balance Sheet: 31 March 2025. Annual filings — annual return, financial statements, and other statutory submissions — are maintained current with the Ministry of Corporate Affairs. Compliance with statutory filing obligations is part of Guardian’s overall regulatory standing and is itself verifiable through MCA’s public registry.

Directors of Guardian Assessment Private Limited

The directors of Guardian Assessment Private Limited as on the date of this disclosure (09 May 2026), as verifiable on the Ministry of Corporate Affairs registry:

Guardian Assessment UK Ltd: Critical Location Under IAF MD 12:2023

Guardian Assessment UK Ltd — Greenford, England

Guardian Assessment UK Ltd is a private company limited by shares, incorporated in England and Wales on 29 January 2024 under the Companies Act 2006. The entity operates as a Critical Location of the Guardian Assessment certification body under the framework defined in IAF MD 12:2023 (Application of ISO/IEC 17011 to Certification Bodies’ Activities in Multi-Country Activities), supporting Guardian’s UK and European operations — UK-domiciled applicants who prefer UK-entity contracting, scoping conversations conducted from the UK office, and engagement coordination involving UK-based personnel. UAF’s accreditation of Guardian Assessment Private Limited explicitly addresses the Critical Location structure; the structure itself is part of what UAF audits during surveillance.

Corporate Identity

Corporate-identity details verifiable on the UK Companies House public registry:

• Companies House Number: 15450822
• Date of Incorporation: 29 January 2024
• Place of Incorporation: Cardiff (the Companies House office handling England and Wales registrations)
• Jurisdiction: England and Wales
• Type: Private company limited by shares
• Articles: Model Articles for Private Limited Companies (as adopted on incorporation)
• Standard Industrial Classification (SIC) codes: 70229 (Management consultancy activities other than financial management); 71200 (Technical testing and analysis); 69201 (Accounting and auditing activities)

Office Address

412, Greenford Road, Greenford, Middlesex, England, UB6 9AH. This is the entity’s operational office address. The address provides operational presence in the UK for scoping, coordination, and stakeholder engagement supporting UK and European operations of Guardian. Stakeholders sending statutory or regulatory communications to Guardian Assessment UK Ltd should reference the address most recently filed with Companies House; the operational office address may be aligned with the Companies House registered office through standard filings as the entity’s UK operational footprint evolves.

Share Capital

Issued share capital: GBP 100 (one ordinary share with nominal value GBP 100, fully paid). The share capital structure reflects the entity’s role as a Critical Location supporting principal-entity operations rather than as a stand-alone commercial entity with substantial independent capitalisation. Operational support to UK and European engagements is provided through coordination with Guardian Assessment Private Limited (the principal operating entity) under common procedures rather than through independent capital deployment.

Director of Guardian Assessment UK Ltd

The director of Guardian Assessment UK Ltd as on the date of this disclosure (09 May 2026), as verifiable on the UK Companies House registry:

• Name: Pragyesh Kumar Singh
• Full forename(s): Mr. Pragyesh Kumar
• Surname: Singh
• Country/State usually resident: India
• Nationality: Indian
• Date of Birth: January 1977 (full date is on the Companies House register but not publicly displayed beyond month and year per UK confidentiality conventions)
• Occupation: Business Person
• Service Address: recorded as the Company’s registered office

Pragyesh Kumar Singh is also the founding Promoter Director of Guardian Assessment Private Limited (India), making him the common director linking the two Guardian entities. The common-director arrangement supports operational consistency between the entities and enables the multi-country structure to operate as a coordinated certification body rather than as independent commercial entities.

Persons with Significant Control (PSC)

Companies House requires UK private companies to disclose Persons with Significant Control. For Guardian Assessment UK Ltd, the disclosure as on the date of this Page (verifiable on Companies House):

• Name: Mr. Pragyesh Kumar Singh
• Country/State usually resident: India
• Nationality: Indian
• Date of Birth: January 1977
• Nature of control: holds, directly or indirectly, 75% or more of the voting rights in the company
• Nature of control: holds, directly or indirectly, 75% or more of the shares in the company
• Nature of control: has the right, directly or indirectly, to appoint or remove a majority of the board of directors

The PSC disclosure reflects the entity’s ownership and control structure as on the date of registration with Companies House. PSC changes — additions, removals, changes in nature of control — are required to be filed with Companies House and are reflected in this disclosure through the documented editorial review cycle.

The Multi-Country Structure

How the Two Entities Operate as a Single Certification Body

Guardian’s structure as a multi-country certification body — one principal operating entity in India holding UAF accreditation, supported by a Critical Location in the UK — is governed by IAF MD 12:2023 (Application of ISO/IEC 17011 to Certification Bodies’ Activities in Multi-Country Activities). This framework defines how accredited certification bodies operate across jurisdictions while maintaining the procedural-quality identity that supports a single accreditation covering the multi-country structure.

What ‘Critical Location’ Means Under IAF MD 12:2023

A Critical Location is a non-headquarter location of a certification body that performs activities affecting the integrity of accreditation — such as performing evaluation work, scoping engagements, interfacing with applicants, or supporting certification decisions. Critical Locations are subject to the same accreditation oversight as the principal location; UAF’s annual surveillance audits include witness audits at Critical Locations and may include unannounced surveillance visits where surveillance findings warrant. The Critical Location framework is what enables Guardian to provide UK-entity contracting and UK-coordinated scoping while operating under a single UAF accreditation rather than requiring duplicate accreditation across jurisdictions.

Operational Relationship Between the Entities

The two entities operate as a single certification body through common procedures, common personnel discipline, and common governance oversight:

• Common procedures — both entities operate under the same documented certification procedures, scheme document GSA-PR-01, evaluation methodology, Decision Authority structure, and Trust framework. The procedural-quality identity is what supports a single accreditation.
• Common personnel discipline — personnel of either entity are subject to the same Code of Conduct (per /code-of-conduct), the same impartiality declarations, the same confidentiality agreements, and the same anti-bribery commitments. Personnel may be engaged through whichever entity is contractually appropriate for the engagement, with consistent conduct standards across both.
• Common governance oversight — both entities are subject to the same Impartiality Committee, the same Appeals Committee, and the same leadership accountability framework. Governance decisions affecting one entity affect the other through coordinated implementation.
• Coordinated engagement handling — for engagements involving both entities (UK-domiciled applicant with substantive evaluation work conducted by India-based evaluators), engagement coordination is documented, with clear identification of which entity is the contractual counterparty and which personnel are participating from each entity.

Why the Multi-Country Structure Exists

The multi-country structure serves substantive operational purposes:

• Jurisdictional convenience for applicants — UK-domiciled applicants who prefer UK-entity contracting (for procurement, legal, or commercial reasons) can engage Guardian Assessment UK Ltd while still receiving UAF-accredited certification through the single accreditation
• Time-zone and operational coordination — the UK office supports scoping conversations and engagement coordination during European business hours, complementing the India principal-location operational hours
• Data-protection-framework coordination — UK GDPR + Data Protection Act 2018 considerations for UK personnel and UK-domiciled applicants are addressed through the UK entity; Indian DPDP Act 2023 considerations through the India entity (per /confidentiality Section 3.8)
• Stakeholder accessibility — Guardian’s UK presence supports engagement with UK regulators, sectoral bodies, and procurement audiences who legitimately prefer dealing with UK-incorporated counterparties

UAF’s accreditation expressly addresses the multi-country structure; the Critical Location is recognised in Guardian’s accreditation Schedule and is itself subject to ongoing surveillance. The structure is not an accounting arrangement or marketing convenience — it is a substantive accreditation-recognised operational framework.

Certification Decision Authority

Who Decides Certification — Independent of Evaluation

ISO/IEC 17065:2012 Clause 7.6 requires that certification decisions be taken by personnel structurally separate from those who conduct evaluation and from those who review the evaluation. The structural separation is foundational to accredited certification — it is what prevents the evaluator who built the assessment from defending it through the decision, and what creates the procedural integrity that distinguishes accredited certification from commercial assessment. Guardian’s Certification Decision Authority is the operational implementation of this requirement.

The Three-Way Procedural Separation

Each Guardian certification engagement involves three distinct roles, none of which may be performed by the same individual:

• Evaluation Team (per Cl. 7.4) — the personnel who conduct the technical evaluation work: scoping, evidence gathering, finding identification, technical assessment against the certification criteria
• Reviewer (per Cl. 7.5) — a senior Guardian evaluator who reviews the evaluation report independently of the evaluation team for completeness, methodological soundness, and finding-handling discipline
• Decision Authority (per Cl. 7.6) — the personnel who reach the certification decision (Grant, Defer, Refuse, Maintain, Suspend, Withdraw, Reinstate) on the basis of the reviewed evaluation

These three roles are populated by different individuals for every engagement. The structural separation is enforced through engagement-assignment procedures that prevent role overlap, through impartiality declarations submitted by each role, and through audit trails that document the separation. The /impartiality Section 3.2 describes the operational practice of the three-way separation; this Section documents the governance structure that ensures the separation operationally.

Decision Authority Composition

The Decision Authority for an engagement comprises one or more senior Guardian personnel with:

• Technical competence appropriate to the Module and Level under decision — Module A (Web Application Security), Module B (SaaS / Multi-Tenant Platform Security), Module C (API / Microservices Security) at Level 1, 2, or 3
• Authority within Guardian’s organisational structure to take certification decisions in the name of the certification body — this authority is documented in Guardian’s internal authorisation matrix
• Independence from the engagement under decision — Decision Authority personnel may not have been members of the Evaluation Team or the Reviewer for the engagement
• Submitted impartiality declarations specific to the engagement — Decision Authority personnel disclose any personnel, financial, ownership, prior-engagement, or other relationships with the applicant that could affect or appear to affect their impartiality

For Level 3 (High-Risk / Critical) engagements, the Decision Authority typically operates as a panel rather than as a single individual, reflecting the elevated stakes of decisions at the highest assurance level. Level 1 and Level 2 engagements may be decided by a single Decision Authority where the engagement’s substance does not warrant panel deliberation, with documented escalation criteria triggering panel involvement where individual judgment would benefit from collective deliberation.

Decision Authority Independence from Fee Status

Per /impartiality Section 3.6, Decision Authority decisions are taken on the substance of evaluation evidence, not on the fee status of the engagement. Decision Authority personnel are insulated from awareness of fee-payment status during decision review; the engagement is presented to Decision Authority on its substantive merits without commercial-relationship context. The structural insulation supports impartiality discipline at the most consequential decision point.

Decision Records

Each Decision Authority decision is documented with: the decision itself (Grant, Defer, Refuse, etc., with any conditions); the reasoning supporting the decision; the evidence reviewed; the personnel involved in the Decision Authority for the engagement; the date of decision. Decision records are retained per Guardian’s confidentiality and retention discipline (/confidentiality Section 3.6), are reviewed during UAF accreditation surveillance, and form part of the engagement record subject to confidentiality protection.

The Impartiality Committee

Independent Oversight of Impartiality

ISO/IEC 17065:2012 Clause 5 (Structural Requirements) and specifically Clause 5.2 (Mechanism for Safeguarding Impartiality) require certification bodies to establish a documented mechanism for safeguarding impartiality, including stakeholder representation. Guardian’s operational implementation is the Impartiality Committee — a structured oversight body documented in /impartiality Section 3.3 and described here at the governance-structure level.

Committee Composition

The Impartiality Committee comprises three roles representing distinct stakeholder perspectives:

• An independent chair — drawn from outside Guardian’s operational management. The chair brings external perspective and procedural authority for handling matters where Guardian’s internal personnel would have inherent interest. The chair is appointed for renewable defined terms with appointment criteria documented in Guardian’s governance procedures.
• A technical evaluator representative — a senior Guardian evaluator representing the technical-evaluation perspective. This member brings evaluation-discipline awareness necessary for substantive Committee engagement with operational impartiality matters.
• An operational management representative — a member of Guardian’s leadership representing the operational-management perspective. This member ensures Committee decisions translate into operational implementation.

Names of Impartiality Committee members are not published as a matter of practice — this is consistent with industry practice across UAF-accredited certification bodies, where Committee membership is treated as internal governance information. Membership is recorded in Guardian’s internal governance records, is reviewed by UAF during accreditation surveillance, and is accessible to UAF for verification of the Committee’s actual independence and operational reality.

Committee Mandate

The Impartiality Committee’s mandate covers:

• Annual review of Guardian’s certification programme for impartiality risks and the operational adequacy of impartiality safeguards
• Engagement-specific impartiality assessment where the Decision Authority or Evaluation Team identifies impartiality concerns that warrant Committee deliberation
• Investigation of impartiality complaints under /complaints-appeals where the complaint substance falls within Committee competence
• Oversight of impartiality declarations across the engagement lifecycle
• Recommendation to leadership of changes to impartiality procedures or training where Committee findings warrant

Committee Operating Discipline

The Committee meets at least annually for the programme-level impartiality review and convenes additional meetings as engagement-specific or complaint-specific matters require. Committee deliberations are confidential per /confidentiality, with Committee output documented through formal recommendations to leadership. Committee decisions on impartiality matters take precedence over operational expediency — where Committee recommendations would adversely affect engagement timelines or commercial considerations, the Committee’s impartiality-protection function takes priority.

The Appeals Committee

Independent Authority for Certification Decision Appeals

ISO/IEC 17065:2012 Clause 7.13 requires Appeals against certification decisions to be heard by personnel independent of the original decision. Guardian’s operational implementation is the Appeals Committee — a panel-constituted body documented in /complaints-appeals Section 3.5 and described here at the governance-structure level.

Panel-Constituted Structure

Unlike the Impartiality Committee, which is a standing body convening as needed, the Appeals Committee is panel-constituted for each individual Appeal from a standing pool of qualified Appeals Committee members. The panel-per-appeal structure ensures independence verification for each Appeal — the specific personnel constituting an Appeals Committee panel are demonstrably not the personnel involved in the original certification decision. Panel composition for an individual Appeal is communicated to the appellant in the Appeal acknowledgement letter.

Panel Composition

Each Appeals Committee panel comprises three roles parallel to the Impartiality Committee structure but constituted for the specific Appeal:

• An independent chair — drawn from outside Guardian’s operational management, providing external perspective and procedural authority for managing the Appeal hearing fairly
• A technical reviewer not involved in the original engagement — a senior Guardian evaluator with technical competence appropriate to the matter under Appeal, but not involved in the engagement that produced the contested decision
• A senior management representative not involved in the original decision — a member of Guardian’s leadership accountable for operational implementation of Committee decisions, but not the Decision Authority for the contested decision

Independence Verification Per Appeal

For each Appeal, independence is verified through documented impartiality declarations submitted by panel members at panel constitution. Where independence cannot be assured through internal panel constitution — for example, where the matter implicates a substantial portion of Guardian’s evaluation function — external Appeals Committee members are engaged for the specific Appeal under terms equivalent to internal panel members’ confidentiality and conduct obligations. The independence-verification step is itself documented in the Appeal record.

Appeals Committee Mandate

The Appeals Committee’s mandate (per /complaints-appeals Section 3.5):

• Hearing and deciding individual Appeals
• Determining hearing format (in-person, video, written) and timeline within the parameters set by the Complaints and Appeals Procedure
• Requesting additional evidence or submissions where the matter requires further information
• Reaching reasoned written decisions and communicating them as set out in the Procedure
• Reviewing the Appeals Procedure annually with recommendations for amendment to Guardian’s leadership

Leadership and Operational Management

Day-to-Day Leadership and Accountability

The Committees described above (Impartiality, Appeals) provide structural oversight; day-to-day operational management is exercised by Guardian’s leadership. Leadership accountability operates alongside Committee oversight rather than in place of it — the structures are complementary, with leadership handling continuous operational direction and Committees providing periodic and per-matter oversight.

Leadership Roles

Leadership of the Guardian Assessment certification body comprises:

• Pragyesh Kumar Singh — Director of both Guardian Assessment Private Limited (Promoter Director since 16 January 2020) and Guardian Assessment UK Ltd (sole Director and PSC since 29 January 2024). As common director, Pragyesh Kumar Singh provides the institutional continuity linking the two entities and the principal operational leadership across the multi-country structure
• Ajeet Kumar — Director of Guardian Assessment Private Limited (Professional Director since 15 May 2024). As Professional Director, Ajeet Kumar contributes operational and professional capacity to the India entity
• Senior management personnel — including roles for evaluation programme management, scoping and engagement coordination, Decision Authority administration, and Trust framework oversight. Specific senior management role-holders are documented in Guardian’s internal governance records and may be identified to UAF during accreditation surveillance

Leadership Accountability

Leadership is accountable for:

• Operational implementation of certification activities consistent with ISO/IEC 17065:2012, UAF accreditation requirements, and Guardian’s documented procedures
• Operational implementation of Impartiality Committee and Appeals Committee decisions — where Committee output recommends procedural changes, training adjustments, or specific engagement-level actions, leadership implements those recommendations
• Continuous improvement of Guardian’s procedures based on UAF surveillance findings, internal audit findings, complaints and appeals outcomes, and operational experience
• Resource allocation supporting Guardian’s certification activities, including personnel engagement, technology infrastructure, and operational capacity
• Statutory and regulatory compliance for both Guardian entities — corporate filings, tax compliance, data protection compliance, sectoral compliance where applicable

Limits on Leadership Authority

Notwithstanding day-to-day operational authority, leadership operates within procedural constraints documented in Guardian’s Trust framework:

• Leadership cannot override Decision Authority decisions — the structural separation between operational management and Decision Authority is itself the impartiality safeguard
• Leadership cannot bypass Impartiality Committee or Appeals Committee oversight on matters within Committee mandate
• Leadership cannot direct evaluators on engagement-specific finding-handling — engagement substance is the evaluator’s professional responsibility within methodological discipline
• Leadership cannot use confidential engagement-derived information for commercial purposes outside the engagement

Governance Oversight and Review

How the Governance Framework Is Verified and Maintained

Documented governance is operationally meaningful only if it is actively verified — through internal review, external accreditation oversight, and stakeholder accountability mechanisms. This Section describes the layered oversight that maintains the governance framework’s substance over time.

Internal Review

Guardian’s leadership conducts annual review of the governance framework, including the corporate-identity disclosures on this Page, the Decision Authority structure, the Impartiality Committee, the Appeals Committee, and operational management arrangements. The annual review identifies and implements adjustments needed to maintain alignment with ISO/IEC 17065 requirements, IAF MD 12:2023 multi-country activities expectations, and operational learning from the prior year’s engagements. Material findings from internal review are documented and inform mid-year updates to operational procedures where the materiality warrants.

UAF Accreditation Surveillance

UAF — the accreditation body that certified Guardian under ISO/IEC 17065:2012 — conducts annual surveillance audits to verify Guardian’s continuing procedural compliance. Surveillance specifically addresses governance:

• Verification of the Decision Authority structure as documented, including audit-trail review confirming the structural separation between Evaluation Team, Reviewer, and Decision Authority across engagements
• Verification of Impartiality Committee operation, including review of Committee meeting records, decisions, and operational implementation of Committee recommendations
• Verification of Appeals Committee operation, including review of Appeals received, panel composition, hearing records, and decisions
• Witness audits at the principal location (India) and the Critical Location (UK), verifying that documented procedures match operational practice
• Review of governance changes — director appointments, corporate changes, Critical Location structural changes — for accreditation impact

UAF surveillance findings are addressed by Guardian through documented corrective actions, with material findings potentially requiring procedural changes or governance adjustments. Surveillance outcomes inform Guardian’s continuous improvement of governance arrangements.

Accreditation Cycle and Reaccreditation

Guardian’s UAF accreditation (52605385601) is valid 06 May 2026 to 05 May 2030 — a four-year accreditation cycle. Reaccreditation requires substantive reassessment of Guardian’s entire procedural framework, including governance. Reaccreditation is a structural verification opportunity that surveillance does not fully replicate; it is the periodic confirmation that the institutional procedural integrity remains operationally real after years of accumulated change. Guardian’s next reaccreditation cycle will commence in advance of the current accreditation expiry to ensure continuous accreditation status.

External Stakeholder Accountability

Beyond internal review and accreditation surveillance, Guardian’s governance is held accountable through external stakeholder mechanisms:

• Complaints and Appeals — the recourse mechanism documented at /complaints-appeals is available to any stakeholder with concerns about Guardian’s conduct, including governance-related concerns. Pseudonymous complaints are accepted; UAF escalation is available without requiring prior internal handling
• Public-registry verification — corporate-identity disclosures on this Page are verifiable against MCA (India) and Companies House (UK) public registries; any divergence is itself a stakeholder-flaggable matter
• UAF directory verification — Guardian’s accreditation status is verifiable at uafaccreditation.org; the public verification of accreditation is the structural condition for Guardian-issued certificates to carry legitimate weight
• IAF Multilateral Recognition Arrangement coordination — Guardian’s UAF accreditation operates within the broader IAF accreditation-coordination framework, with Guardian’s governance arrangements available for IAF-level review where IAF processes are invoked

Closing commitment: Governance is the structural layer beneath the substantive trust commitments documented in Pages 22–26. Decision Authority independence, Committee oversight, leadership accountability, and external verifiability are what make the substantive commitments operationally real over time. Stakeholders relying on Guardian’s certification activities — applicants, certified clients, procurement teams, regulators, end-users — are entitled to substantive governance disclosure that they can verify against public registries and accreditation oversight. This Page is that disclosure; the verification mechanisms described above are how the disclosure is held accountable to operational reality. We welcome that accountability.