Inquiry & Quote — ISO Certification

Accredited · Recognised · Verified

UAF United Accreditation Foundation USA · Management Systems

IAS International Accreditation Service USA · Management Systems

IAF MLA IAF Multilateral Recognition International · MLA Signatory

QS Qatar Standards RB066-26 · ISO 9001/14001/45001

Step 1 of Guardian’s certification process is the inquiry and quotation phase. The prospective client provides scope, sites, headcount, and applicable standards; Guardian Middle East LLC’s Client Affairs function identifies the appropriate certification tier (Tier 1, 2, 3, or 4) based on stakeholder requirements; an indicative quotation is issued with audit duration calculated per IAF MD 5 and IAF MD 11. Typical turnaround for a quotation is 3 to 5 business days.

What Happens at This Step

The Conversation

Step 1 begins with a structured conversation between the prospective client and Guardian Middle East LLC’s Client Affairs function. The conversation is designed to understand the client’s needs sufficiently to recommend the appropriate certification tier and to calculate an indicative audit duration. The conversation is non-advisory — it does not constitute consultancy, gap analysis, or implementation support. Guardian Middle East LLC does not provide consultancy under any circumstances. To see how this inquiry stage fits into the full journey, go back to the 6-step process overview.

The Tier Recommendation

Guardian operates four certification tiers, You can also compare all 4 tiers before deciding which certification route fits your stakeholder needs. Each with different accreditation chains. The right tier depends on three factors:
Standard availability — not all 20+ standards are available in all four tiers. Guardian’s Client Affairs function checks availability against the Master Tier Mapping at about accreditation.
Stakeholder requirements — public-sector tenders requiring QS Recognition (RB066-26) require Tier 1; international supply chains requiring IAF MLA recognition can use Tier 1, 2, or 3; voluntary or internal initiatives without external recognition requirements may use Tier 4.
Risk and stakeholder appetite — Tier 4 (Guardian Approved Scheme) is appropriate where accredited certification is unavailable for a standard or where the organization has made an informed choice that non-accredited certification meets its needs.

The Audit Duration Calculation

Audit duration is calculated under IAF MD 5 (Audit Duration of QMS, EMS, OHSMS, FSMS) and IAF MD 11 (Sector-Specific Application). Inputs include effective headcount, scope complexity, sites, sectoral risk, and integration of management systems. Standard-specific Mandatory Documents (e.g., IAF MD 9 for ISO 13485, IAF MD 22 for ISO/IEC 27001) apply additional rules where relevant. The output is a defined number of audit days for each cycle (initial, surveillance Year 1, surveillance Year 2, recertification).

The Quotation

The quotation issued at the end of Step 1 includes:

Recommended certification tier.
Standard(s) covered by the quotation.
Audit duration estimate per IAF MD 5 (initial cycle and surveillance cycle).
Indicative timeline from contract signature to certificate issuance.
Total fees broken down by stage (Stage 1, Stage 2, certification decision, surveillance cycle).
Validity period of the quotation.

Information on how to proceed to Step 2 (Application & KYC).

Information We Need from You

To prepare an accurate quotation, Guardian Middle East LLC requires the following information from the prospective client. This information is collected through the inquiry form, by email, or during a structured discovery conversation.

Information	Why We Need It
Organisation name & commercial registration	Identifies the legal entity and supports CDD at Step 2.
Standard(s) of interest	Determines the certification tier, accreditation chain, and applicable Mandatory Documents.
Sites in scope	Number, locations, and activity at each site. This drives multi-site sampling under IAF MD 1.
Effective headcount	Direct input to IAF MD 5 audit-duration calculation, including employees, contractors, and seasonal workers as defined.
Activities to be certified	Defines the scope statement on the certificate and identifies sectoral risk per IAF MD 11.
Stakeholder requirements	Identifies whether QS Recognition, IAF MLA recognition, or sector-specific accreditation is required.
Existing certifications	Identifies whether the engagement is initial certification or transfer per ISO/IEC 17021-1 §9.1.3.
Authorised contact details	Identifies the named contact with authority to receive the quotation and progress to Step 2.
Preferred timeline	Helps prioritise scheduling and identify whether tender deadlines or stakeholder commitments apply.

What You Receive

Within 3 to 5 business days of receiving complete information, Guardian Middle East LLC issues the quotation pack to the named contact. The quotation pack includes:

1. The Quotation Letter

Tier recommendation with brief rationale.
Standard(s) covered.
Audit duration calculation summary (initial cycle, surveillance cycle).
Total fees including any applicable taxes.
Validity period of the quotation (typically 60 days).
Conditions of the quotation (information assumed; changes that would invalidate the quote).

2. The Audit Duration Calculation

Detailed calculation per IAF MD 5 (and any applicable standard-specific MDs).
Adjustments applied for sectoral risk, multi-site sampling, integration of management systems.
Notes on remote audit applicability per IAF MD 4 (where appropriate).

3. The Information Pack

Description of Step 2 (Application & KYC) and what to expect.
Application form template and supporting document checklist.
Privacy Notice and AML/CFT Notice.
Terms of Service applicable to the certification engagement.
Pointer to the Master Tier Mapping at /about/accreditation/.

4. The Next Steps

How to accept the quotation and proceed to Step 2.
How to ask follow-up questions.
How to amend the quotation if scope changes.
How long the quotation remains valid.

What Happens AFTER the Quotation

If the quotation is accepted, the engagement proceeds to Step 2 (Application & KYC) — formal application, customer due diligence under QFC AML/CFTR 2019, and contract execution. If the quotation is declined or expires, no further action is taken. Personal data submitted at the inquiry stage is retained per Guardian’s retention policy stated in the Privacy Notice.

If the prospective client wishes to revise the quotation — for example, change of scope, change of standards, or change of headcount — a revised quotation can be issued. Material changes that affect audit duration or accreditation chain may require a fresh quotation rather than an amendment.

What Step 1 Is NOT

It is important to be clear about what Step 1 is — and is not. Misunderstanding this distinction is a recurring source of compliance risk for any certification body.

Step 1 IS

A structured conversation to understand scope, standards, and stakeholder requirements.
A tier recommendation based on objective criteria.
An audit duration calculation under IAF MD 5 and applicable Mandatory Documents.
An indicative quotation with defined validity.
Information on the next step in the process.

Step 1 IS NOT

Consultancy — Guardian Middle East LLC does not provide consultancy. Step 1 does not include advice on how to design, implement, or improve the management system.
Gap analysis — Guardian Middle East LLC does not provide gap analysis. Step 1 does not include an assessment of the client’s current readiness against the standard.
Training — Guardian Middle East LLC does not provide training to clients seeking certification. Step 1 does not include training on the standard or its requirements.
Implementation services — Guardian Middle East LLC does not provide implementation, system design, or document drafting. Step 1 does not include support for management system development.
A binding contract — the quotation is indicative until contract execution at Step 2. The certification engagement begins with the executed contract, not with the quotation.
A guarantee of certification — the quotation does not guarantee that the audit will be successful or that certification will be granted. Certification depends on conformity to the standard, evidenced through Stage 1 and Stage 2 audits and confirmed at Step 5 (Certification Decision).

The non-consultancy commitment is absolute. It is required by ISO/IEC 17021-1 §5.2 and applicable IAF Mandatory Documents. Guardian’s Implementation Kits at /resources/implementation-kits/ are deliberately generic and do not constitute consultancy. Clients seeking implementation support should engage independent consultants outside the Guardian engagement.

Quotation Validity & Conditions

Validity

Quotations are typically valid for 60 days from the date of issuance. The exact validity is stated on the quotation letter. After the validity period, a fresh quotation may be requested — Guardian will review whether the underlying audit-duration assumptions remain accurate.

Conditions

Quotations are issued on the basis of the information provided by the prospective client. Material changes to the underlying assumptions invalidate the quotation. Examples of material changes include:

Change in headcount of more than ±10%.
Addition or removal of sites.
Change in standards in scope.
Change in activities to be certified that affects sectoral risk classification under IAF MD 11.
Change in stakeholder requirements that affects tier suitability.
Change in legal entity or beneficial ownership that affects CDD.

Non-Binding Nature

The quotation is indicative and non-binding until the certification contract is executed at Step 2. The certification engagement formally commences with contract execution, not with quotation issuance. The prospective client is free to decline the quotation at any time before contract execution.

Confidentiality of Inquiry Information

Information shared during the inquiry phase is treated as confidential. Guardian Middle East LLC’s confidentiality obligations under ISO/IEC 17021-1 §8.5 and the Privacy Notice apply from the moment information is received — they do not require contract execution to take effect. Specifically:

Information shared during inquiry is not disclosed to third parties without consent, except where disclosure is required by law, regulator request, or accreditation body assessment.
Inquiry information is accessible only to Client Affairs personnel and Compliance personnel handling the inquiry.
Inquiry information is not used for marketing without explicit additional consent.
Personal data is processed only for the stated purpose — preparing the quotation — and is retained per the Privacy Notice. Learn more about how we handle your personal data, including retention periods, data-subject rights, and privacy safeguards.
If the inquiry does not progress, personal data is retained for the period stated in the Privacy Notice and then securely deleted.

GET STARTED — CONTACT GUARDIAN

Guardian Middle East LLC | Serving the Middle East
QFC Licence 03870 · Doha, Qatar

Location: Abo Hamour Area, Doha, Qatar
P.O. Box: 23277, Doha, Qatar
Mobile: +974 7770 2602 | +974 7213 7770
Email: info@guardian.qa
Website: www.guardian.qa

Or submit an enquiry: → Contact

Frequently Asked Questions

Q1. How long does it take to receive a quotation?

Typical turnaround for an indicative quotation is 3 to 5 business days from receipt of complete information. Faster turnaround is possible for straightforward inquiries (single site, single standard, modest headcount). Complex inquiries — multi-site, multi-standard, integrated management systems, or sectorally complex activities — may require 5 to 10 business days.

Q2. Is the quotation binding?

No. The quotation is indicative and non-binding until the certification contract is executed at Step 2 (Application & KYC). The prospective client is free to decline the quotation at any time before contract execution. The quotation is issued on the basis of the information provided; material changes invalidate the quotation.

Q3. How is the audit duration calculated?

Audit duration is calculated under IAF MD 5 (Audit Duration of QMS, EMS, OHSMS, FSMS) and IAF MD 11 (Sector-Specific Application). Inputs include effective headcount, scope complexity, sites, sectoral risk, and integration of management systems. Standard-specific Mandatory Documents (IAF MD 9 for ISO 13485, IAF MD 22 for ISO/IEC 27001 etc.) apply additional rules. The calculation is documented in the quotation pack.

Q4. Can I get a quotation without revealing my organisation's identity?

Indicative ranges can be provided without full organisational identification — useful for early-stage assessments. However, a binding quotation with named scope and audit duration requires the organisation's name and basic identification. Customer Due Diligence (CDD) at Step 2 requires full identification regardless. Inquiry information shared with Guardian is held under confidentiality from receipt.

Q5. How long is the quotation valid?

Quotations are typically valid for 60 days from the date of issuance. The exact validity is stated on the quotation letter. After expiry, a fresh quotation may be requested — Guardian will review whether the underlying audit-duration assumptions remain accurate. Material changes (headcount, sites, standards, scope) may invalidate the quotation before formal expiry.

Q6. Why does the form require explicit consent?

The form processes personal data (contact name, email, phone) and is therefore subject to Qatar PDPPL Law 13/2016 and the QFC Data Protection Regulations. Both frameworks require lawful basis for processing — for inquiry forms, the lawful basis is data subject consent (with legitimate interest as a supporting basis). Explicit, unambiguous consent — captured through an unticked checkbox — is the standard required by the legislation.

Q7. Can I withdraw my consent later?

Yes. You may withdraw your consent at any time by emailing privacy@guardian.qa. Withdrawal does not affect any processing already lawfully carried out before withdrawal. If you withdraw consent during the inquiry stage, Guardian will cease processing your data for the inquiry purpose and either delete the data or retain it only on another lawful basis (for example, where a regulatory record-retention requirement applies).

Q8. What happens if I never proceed to Step 2?

If the inquiry does not progress to Step 2, the personal data submitted is retained for the retention period stated in the Privacy Notice and then securely deleted. Inquiry information is held under confidentiality from receipt and is not used for marketing without separate explicit consent.

Q9. Is consultancy or pre-audit support included with the quotation?

No. Guardian Middle East LLC does not provide consultancy, advisory, training, gap-analysis, or implementation services to clients seeking certification — including during the inquiry stage. This exclusion is absolute and required by ISO/IEC 17021-1 §5.2. Free, generic Implementation Kits at /resources/implementation-kits/ are not consultancy. Clients seeking implementation support should engage independent consultants.

Q10. Can I get an indicative cost without submitting the form?

Indicative cost ranges for typical scenarios can be discussed by phone or email without form submission. However, a written, defensible quotation aligned with IAF MD 5 audit-duration requirements requires the structured information collected through the inquiry process. The form (or equivalent structured information by email) is the most efficient path to a written quotation.

Q11. What if I need to change my inquiry after submission?

Email Client Affairs at info@guardian.qa or contact your assigned Client Affairs contact. Material changes (different standards, different sites, different headcount) typically warrant a revised quotation. Minor clarifications (correction of typos, clarification of activities) can be handled through email correspondence without re-issuance. The latest quotation supersedes earlier versions for a single inquiry.

Q12. Does the quotation include audit travel and accommodation?

Quotations typically include all audit-related fees but exclude reimbursable expenses (travel, accommodation, subsistence) which are charged at cost. The quotation letter explicitly states what is included and what is excluded. For Qatar-based clients with audit conduct in-country, expenses are typically minimal; for multi-site engagements with overseas sites, travel and accommodation are itemised separately.

Let’s discuss your Iso Certification needs—reach out today

Compliance Footnotes

The inquiry form processes personal data under Qatar PDPPL Law 13/2016 and the QFC Data Protection Regulations. Lawful bases are explicit data-subject consent (recorded through an unticked checkbox) and legitimate interest of responding to the inquiry. Personal data is retained per the Privacy Notice. Data subject rights — access, correction, deletion, portability, objection — are available via privacy@guardian.qa. Personal Data Breach notification to the QFC Data Protection Office is made within 72 hours per QFC DPR. Audit-duration calculations follow IAF MD 5 and IAF MD 11 (and standard-specific Mandatory Documents where applicable). Customer Due Diligence is conducted at Step 2 under QFC AML/CFTR 2019 and Qatar AML Law No. 20 of 2019. Guardian Middle East LLC operates under QFC Licence 03870.

Step 1 — Inquiry & Quotation