Managing of subcontractor

One of the major challenges that is the companies own control and maintance of subcontractors. Both ISO 27001 and GDPs are to make sure that one's subcontractors stands up to the requirements that the company have setup for them.

By GDPR you have a data processor agreement that gives the instructions for the data processor, but it is still you as a data owner who has the obligation to ensure that the data processor meets the requirements of the data processor agreement. This can typically be done by requiring documentation in the form of an ISO 27001 certification / ISAE 3000 GDPR statement or a physical check of the data processor.

Leave A Mark can often with an economic advantage do the controling of subcontractors / data processors. 

Kontakt os på +45 535 27000 for at hører nærmere om muligheden for kontrol af underleverandører.