Services

Leave a Mark offers a wide range of specialized services beyond full implementation support for ISO 27001 / ISO 27701 and GDPR. The most commonly used services are listed below.

Outsourcing of compliance

Leave a Mark Consulting Group can handle your compliance tasks, allowing you to focus on your core business activities.

We have extensive experience in auditing and can manage the entire process until certification is achieved. Our team includes specialists in the following areas: privacy and information security, ISO27001 / ISO27701 (GDPR), various PCI standards, and IT security.

In many cases, we can provide compliance support remotely, which offers a cost-effective alternative to onsite services.

Risk Management

Leave a Mark Consulting Group has extensive experience in developing risk management policies and templates that are easy to apply in the day-to-day operations of your business.

We offer expertise throughout the entire process — from defining your organization's risk appetite and conducting risk analyses (including DIPA analysis), to ongoing follow-up. Our approach is typically based on internationally recognized standards such as ISO 31000 and ISO 27005.

By using a clear and practical risk management model, we empower company leadership to make informed decisions quickly — from a risk-based perspective.

Third-Party Vendor Oversight

One of the key challenges companies face is maintaining proper oversight of their subcontractors and vendors. Both ISO27001 and GDPR require that organizations ensure their third-party vendors comply with the same security and privacy standards they apply internally.

Under GDPR, a Data Processing Agreement (DPA) outlines the instructions and obligations of the data processor. However, as the data controller, you remain responsible for verifying that the processor adheres to the terms of the agreement. This is typically achieved by requesting documentation such as an ISO27001 certification, an ISAE3000 (GDPR) assurance statement, or through an on-site audit of the data processor.

Leave a Mark can manage third-party or data processor audits on your behalf — often with significant cost efficiency compared to internal efforts.

Support for Tenders

If you need assistance with responding to a tender or RFP, Leave a Mark can help you address the sections related to information security and GDPR.

To be considered for a tender, particularly in the public sector, organizations are often required to document compliance with ISO27001 or an equivalent standard. This is an area where external expertise can be valuable, as it requires a clear understanding of the necessary level of documentation and how to present it effectively.

Executive Advisory on Information Security

If you need strategic input on which security measures to implement and how to assess your organization’s operational risk, Leave a Mark has extensive experience advising at the executive level.

We often find that a company’s business strategy lacks a clearly defined information security strategy, or that risk appetite has not been evaluated across critical areas. These are key components in building a resilient and secure organization — and ensuring that information security is aligned with long-term business goals.

Luk menu