[contact-form-7 id="3224" title="Events Join Form"]

Email Us: guardianassessment@gmail.com

guardain logo
Get In Touch

Rights, Duties and Mark Usage

Guardian Certification > Rights, Duties and Mark Usage
Rights, Duties and Mark Usage – Guardian PrCB

This page sets out the rights of organisations applying for certification and the duties and obligations of certified clients throughout the certification cycle. It also describes the rules for the use of the Guardian SecureApp™ certificate and certification mark. These rules are derived from the Guardian SecureApp™ Scheme Rules (Annex A to GSA-PR-01) and are binding on all applicants and certified clients.

Rights of Applicants and Certified Clients

A Rights of Applicants

  • Apply for certification without discrimination on the basis of size, geography, nationality or membership of any association;
  • Receive a clear explanation of the certification process, scope definition and applicable fees before entering into a contract;
  • Receive written reasons where an application is refused, deferred or discontinued;
  • Lodge an appeal against any certification decision, including a decision to refuse, suspend, withdraw or reduce the scope of certification;
  • Have all information submitted treated in confidence, subject to the Scheme's confidentiality policy.

C Rights of Certified Clients

  • Use the Guardian SecureApp™ certification mark and certificate in accordance with the Scheme Rules during the period of valid certification;
  • Make accurate and proportionate claims about their certification status, scope, module(s) and assurance level(s);
  • Be listed in the Guardian SecureApp™ Public Certified Products Directory;
  • Receive advance notice of changes to Scheme requirements that may affect their certification, with adequate time to implement those changes;
  • Lodge a complaint against any decision or conduct of Guardian Assessment Private Limited in relation to their certification.
Duties of Certified Clients

Certified clients are obliged to:

  • Maintain the security controls and processes at least at the level demonstrated at the time of initial evaluation throughout the certification cycle;
  • Monitor vulnerabilities, threats and incidents relevant to the certified product and implement timely corrective actions;
  • Promptly inform Guardian of any significant changes to the certified product, hosting model, architecture, legal status or key service providers;
  • Report security incidents affecting the certified product, particularly those with confirmed or suspected compromise of confidentiality, integrity or availability;
  • Cooperate fully with Guardian's surveillance evaluations, including providing access, documentation and personnel as required;
  • Retain relevant records (e.g. logs of vulnerabilities, patches, incidents, changes) for review during surveillance and recertification;
  • Ensure that all claims and use of the Guardian SecureApp™ mark and certificate remain accurate, current and compliant with the Scheme Rules;
  • Immediately stop using the certificate, certification mark and related claims when certification is suspended, withdrawn, expired or the scope is reduced.
Change Reporting Obligations

Certified clients must promptly notify Guardian of any of the following changes or events:

Type of Change or Event Examples
Product Changes New modules, major refactoring, changes to authentication or authorisation mechanisms
Infrastructure Changes Change of cloud provider, deployment region, or identity provider
Integration Changes Payment processing modules, personal data handling, critical integrations
Organisational Changes Change of legal entity responsible for the product, mergers, acquisitions
Security Incidents Confirmed or suspected compromise of sensitive data, significant vulnerability exploitation

Changes are classified as minor, major or critical by Guardian, and the appropriate evaluation response is determined accordingly. Failure to report relevant changes or incidents may result in suspension, withdrawal or reduction of certification.

Use of the Guardian SecureApp™ Certificate

The certificate issued under this Scheme remains at all times the property of Guardian Assessment Private Limited. The certified client is granted the right to use the certificate solely in accordance with the Scheme Rules and the certification agreement. The certified client shall:

  • Use the certificate only in relation to the product, scope, module(s) and assurance level(s) specified on the certificate;
  • Ensure that all statements and representations related to certification are accurate, complete and not misleading;
  • Not use the certificate in a way that suggests certification applies to products or services outside the defined scope, covers the entire organisation, or implies endorsement of activities not evaluated under this Scheme.
Rules for Using the Guardian SecureApp™ Certification Mark

The Guardian SecureApp™ mark is a protected certification mark owned by Guardian Assessment Private Limited. Certified clients are granted a limited, non-transferable licence to use the mark in conjunction with the certified product only.

✓ Permitted Uses

  • On marketing materials specifically and clearly referring to the certified product;
  • On product web pages and documentation where the certified scope is clearly indicated;
  • In proposals and communications where the context makes clear which product is certified and under what module(s)/assurance level(s).

✗ Prohibited Uses

  • Imply that certification guarantees the absence of vulnerabilities, incidents or breaches;
  • Claim equivalence with any law or regulation not explicitly covered by the Scheme scope;
  • Use the mark in connection with uncertified products or services;
  • Suggest whole-organisation certification or endorsement;
  • Continue using the mark after suspension, withdrawal or expiry;
  • Use on legal documents or contracts as a warranty or guarantee of security.

When used in digital or printed media, the mark should be accompanied by: the phrase "Guardian SecureApp™ certified", the module(s) and assurance level(s), and at least a reference to the certificate number or the public directory (URL).

Guardian monitors the use of the certificate and mark through review of public information, information obtained during evaluations, and complaints from third parties. Misuse may result in suspension or withdrawal of certification, reduction of scope, or legal action.

Permitted Claim Wording

Example Statement of Conformity

"The product identified in this certificate has been evaluated and found to conform to the Guardian SecureApp™ Product Certification Scheme Rules (Annex A to GSA-PR-01) for the module(s) and assurance level(s) specified in the scope of this certificate."

Claims made by certified clients in marketing or other communications shall not exceed or distort the content of the statement of conformity and shall comply with the Scheme Rules.

Consequences of Non-Compliance

Failure to comply with the duties and obligations described on this page may result in:

  • Formal warning and requirement to take corrective action within a specified timeframe;
  • Suspension of certification pending investigation or remediation;
  • Withdrawal of certification and removal from the public directory;
  • Reduction of certification scope;
  • Legal action where warranted.
error: Content is protected !!
Call Now Button