Stay updated by subscribing to our newsletter.
© 2025 Leave a Mark Consulting Group ApS
CVR: 39411458
The NIS2 Directive (Network and Information Security Directive) imposes strict cybersecurity requirements on companies within the EU. A NIS2 Statement from Leave a Mark ensures that your organization meets these requirements through a comprehensive GAP analysis and formal declaration.
The NIS2 Directive (Network and Information Security Directive) sets strict cybersecurity requirements for companies operating within the EU. It introduces new obligations for a wide range of organizations, covering both organizational and technical adjustments. Below, you can learn more about the NIS2 Directive and how to implement its requirements.
A NIS2 Compliance Statement is based on all the requirements of the NIS2 Directive and ensures that any organization receiving the statement meets the directive’s key areas.
The GAP analysis is the first step in the process. It is used to assess whether the organization is ready to receive a compliance statement. Developed by our experts in information security and law, the GAP analysis is designed to identify any weaknesses that need to be addressed beforehand.
The analysis assesses key areas such as IT infrastructure, network security, access control systems, and internal procedures for handling security breaches. The results of the GAP analysis provide a clear indication of the organization’s current level of compliance with the NIS2 Directive.
Once the GAP analysis is completed, work on the compliance statement begins. Our experts prepare a detailed declaration confirming the organization’s implementation of the necessary security measures — based on the documentation collected and reviewed during the assessment.
The statement is based on the same core principles as ISAE3402 and ISAE3000, but it is tailored specifically to the requirements of the NIS2 Directive. This declaration serves as confirmation that the organization complies with the key areas outlined in the NIS2 compliance statement.
The first phase involves a comprehensive review of the organization’s current level of compliance with the areas covered by the NIS2 Statement. This is carried out through the completion and subsequent evaluation of the GAP analysis. Based on the results, it can be determined whether the organization is ready to proceed with the compliance statement.
Following the completion and review of the GAP analysis, the organization’s readiness for a compliance statement is assessed. If any gaps or weaknesses have been identified, the organization has the opportunity to address and improve these areas before proceeding with the statement. Once the organization is deemed ready, the process of collecting and reviewing documentation is initiated.
In the final phase, a comprehensive assessment of all implemented measures is conducted. Our experts review the documentation and carry out interviews with key personnel to ensure that all requirements have been met. Once the evaluation is complete, the final NIS2 Statement is issued.
The NIS2 Compliance Statement improves vendor management, increases credibility, strengthens cybersecurity, protects against threats, and provides a competitive advantage by documenting security measures.
Holding a NIS2 Compliance Statement demonstrates your organization's commitment to cybersecurity. This builds trust with customers and partners — especially critical in an era of growing data breaches and cyberattacks.
A NIS2 Statement signals that your company protects customer data in accordance with the highest standards. This can strengthen relationships with existing clients and attract new ones who prioritize security and reliability. It is particularly relevant for companies directly subject to NIS2, as they must demonstrate strong supplier oversight. Being able to present a NIS2 Statement can therefore serve as a significant advantage.
Achieving a NIS2 Compliance Statement confirms that your organization has demonstrated a comprehensive level of information security. This ensures that key aspects of your IT infrastructure are protected against potential threats.
The NIS2 Statement covers appropriate security measures — from access controls and network protection to crisis response and business continuity planning. It also proves your organization’s ability to manage and mitigate cyber threats effectively, increasing resilience against attacks.
A NIS2 Statement from Leave a Mark makes it easy to demonstrate to current and prospective clients that your organization has implemented proper security measures.
By complying with the NIS2 Directive, your organization significantly improves its cybersecurity posture. This reduces the risk of cyberattacks and data breaches — safeguarding both your business and your customers.
A NIS2 Statement shows customers, partners, and investors that your organization takes security seriously. This can strengthen your brand reputation and provide a clear competitive edge in the marketplace.
Leave a Mark Consulting Group offers more than just NIS2 compliance statements — we provide ongoing support and strategic guidance to ensure your organization remains compliant with the latest cybersecurity requirements and standards.
We work closely with our clients to identify emerging threats and develop forward-looking strategies that protect against future security risks. Our team of experts stays up to date with the latest trends and technologies in cybersecurity, ensuring your organization remains one step ahead of evolving challenges.
© 2025 Leave a Mark Consulting Group ApS
CVR: 39411458
