Corporate Governance through Responsible Compliance, Risk Management & Cybersecurity

Description

The initiative concerns the development and implementation of an integrated corporate governance framework that connects PharOS’ operations with international standards, compliance policies and risk management mechanisms. The company has strengthened its operating framework through ISO 9001, ISO/IEC 27001:2022 and ISO 22301 certifications, covering critical areas such as quality, information security and business continuity.

In parallel, it applies policies and procedures related to ethics, data protection, prevention of non-compliance incidents and secure operations. Indicatively, the framework includes policies such as Privacy Policy, Data Protection Policy, Data Retention Policy, Information Security Policy, Access Control Policy, Asset Management Policy, Risk Management Policy, Information Classification and Handling Policy, Information Security Awareness Policy and Acceptable Use Policy.

A central element of the initiative is the SpeakUp platform at https://speakup-pharos.grantthornton.gr/, which operates as a structured reporting mechanism for matters related to ethics, compliance, potential irregularities or concerns that may affect corporate integrity. The existence of a clear and accessible reporting channel strengthens risk prevention, confidentiality, accountability and trust among employees and stakeholders.

A distinctive feature of the initiative is that governance is not treated as a formal obligation, but as an active organizational culture. Through training, cybersecurity policies, reporting mechanisms, certification systems and the integration of ESG criteria into risk management, employees are empowered to operate with responsibility, integrity and awareness of operational and digital risks.

The initiative is particularly important for a pharmaceutical organization, where quality, compliance, data protection and business continuity are not merely internal matters, but prerequisites for credibility toward customers, authorities, partners, patients and society.

more...

Impact on Society

The initiative has strengthened PharOS’ framework of trust, compliance, transparency and business resilience, positively affecting employees, customers, partners, suppliers, regulatory authorities and other stakeholders.

Measurable results include the implementation of ISO 9001, ISO/IEC 27001:2022 and ISO 22301 certified systems. In 2024, PharOS recorded 0 incidents of non-compliance related to product information, labeling or marketing communications, and no warnings, fines or penalties were issued by regulatory authorities. There were no legal actions concerning anti-competitive behavior, anti-trust issues or monopoly practices.

The company also recorded 0 complaints regarding breaches of customer privacy or loss of customer data, 0 confirmed incidents or fines related to corruption and bribery, 0 incidents related to conflicts of interest and 0 incidents related to money laundering.

The zero incidents recorded in critical compliance categories indicate the effectiveness of the governance framework. The absence of complaints regarding privacy breaches or loss of customer data highlights the value of investing in information security and data protection. Similarly, the absence of confirmed incidents of corruption, bribery, conflicts of interest and money laundering supports the profile of an organization with a strong culture of integrity.

The operation of the SpeakUp platform adds another layer of prevention, strengthening the ability to report, assess and address potential issues at an early stage.

Initiative Location

The initiative is implemented across PharOS’ facilities and operations in Greece and, where applicable, at Group level, covering critical corporate functions, systems, processes and employees.

More...…

Working with Organization

The initiative is supported by cooperation with specialized external organizations, consultants, certification bodies and professional partners, contributing to the development, assessment and continuous improvement of the corporate governance framework.

In this context, PharOS works with certification bodies and specialized consultants for the implementation and maintenance of international standards, such as ISO 9001 for quality management, ISO/IEC 27001:2022 for information security and data protection, and ISO 22301 for business continuity. The ISO/IEC 27001:2022 certification confirms the implementation of a robust Information Security Management System covering critical activities such as research, development, design, production, packaging and delivery of pharmaceutical products and services.

In addition, PharOS collaborates with Grant Thornton for the operation of the SpeakUp platform, an independent and structured reporting mechanism that strengthens transparency, confidentiality and objectivity in managing ethics and compliance matters. This collaboration adds credibility to the mechanism by offering employees and stakeholders a safe channel for reporting potential irregularities or concerns.

In parallel, the company works with external advisors on compliance, cybersecurity, business continuity, ESG reporting and the integration of ESG criteria into risk management.

More...…

Workers Participation

Employees participate through training, awareness activities, implementation of policies and daily adherence to governance procedures. Management and senior executives play an active role in monitoring and strengthening the framework, while employees are critical to embedding a culture of compliance, security and responsibility.

Employee participation is not limited to attending training or following procedures. Employees are the key actors implementing the governance framework in practice. Through the daily use of information security policies, access rules, data protection procedures, reporting mechanisms and ethical principles, they directly contribute to the operation of a safe, responsible and transparent organization.

The existence of the SpeakUp platform further strengthens their role, as it gives them a clear and accessible channel to express concerns, report incidents and contribute to preventing problems before they escalate. Employees are therefore not simply recipients of rules, but active participants in safeguarding the company’s integrity.

More...…

Benefits for Οrganization

The initiative strengthens PharOS’ reputation, resilience and reliability in a highly regulated sector. It improves internal organization, reduces operational and digital risks, protects critical data and enhances the trust of customers, partners and authorities.

The existence of certified systems reduces exposure to regulatory, operational and digital risks, while strengthening the company’s credibility toward customers, authorities, partners and suppliers. The SpeakUp platform further strengthens internal accountability and employee trust, as it provides a safe reporting channel and encourages the early identification of potential issues.

PharOS’ commitment to good governance is also reflected in the way it manages, engages and supports its people. The company has been certified as Great Place to Work® for four consecutive years — 2022, 2023, 2024 and 2025. This repeated recognition constitutes international validation of the employee experience and workplace culture systematically cultivated at PharOS. It confirms that responsibility, transparency, trust and participatory culture are not limited to policies and procedures, but are experienced by employees in everyday working life.

In addition, PharOS’ commitment to sustainable and responsible business presence is reflected in the international recognition received within the framework of CPHI, the global pharmaceutical exhibition. The company achieved Gold Level Certification in the Better Stands programme for 2023, 2024 and 2025, reaching the highest level of assessment. This recognition confirms that PharOS’ exhibition stand was designed and implemented according to the principles of reusability and recyclability, meeting all ten components of the Better Stands framework. Achieving Gold level certification for three consecutive years strengthens the company’s credibility in responsible corporate presence, waste reduction and sustainable business practices.