Information Technology.

GDPR, ISO 27001, ISO 20000, ISO 22301

With the most experienced IT consulting team in Greece as an asset, and its deep knowledge of IT technologies, PRIORITY can evaluate your current infrastructure and procedures, extenuate your weaknesses, change your practices and support you in complying with regulatory requirements (GDPR 2016/679, Hellenic Authority for Communication Security and Privacy, Hellenic Communications and Post Commission, Hellenic Data Protection Authority, Authorized Economic Operator), ISO certifications and restructuring your IT infrastructure to state of the art standards.

GDPR- General Data Protection Regulation

The GDPR (2016/679) comes into force across the European Union on May 2018.  The GDPR introduces substantial changes to European data protection law with IT security aspects and privileges’ protection, along with severe financial penalties for non-compliance, up to 20 million euros or up to 4% of the global annual turnover, for the companies that use personal data of European Citizens. Therefore, it is important for businesses to start taking steps now to prepare for implementation of the new rules. PRIORITY can assist you to evaluate your procedures and infrastructures, reveal your weaknesses, change your current practices and support your compliance with GDPR.

ISO 27001

The international reference point for Information Security issues. Our IT experts, having undertaken the first ISO 27001 certification in Greece and the most prominent information security projects, can increase your security level by proposing affordable solutions and offer a wide range of services from penetration testing to specialized personnel training on the most recent threats.

ISO 20000

It is the most comprehensive ISO standard which specifies the optimal IT units operation under the principles of ITIL v3. PRIORITY possesses unique experience in Greece on this ISO and can undertake the standardization of your Information Technology Services, restructure the relevant operating procedures, configure the required software and transform your corporate culture in a service & customer oriented direction.

ISO 22301

The appropriate methodology in matters of business continuity has been transformed into an ISO standard since it was required by the international market. PRIORITY has unique experience in the top Greek organizations and can perform your company’s risk assessment, define the business continuity strategy, draw the disaster recovery plan and procedures and verify them by participating in your readiness exercises.

ISO 27999

A specialized standard integrating best practices for health information security. In combination with ISO 27002, it provides guidelines for ISO 27001 implementation in health organizations and in any organization managing such information of any format, storage or transmission mean. PRIORITY, being experienced in implementing this standard, undertakes your practices evaluation and the implementation of improvements until your certification award.

Information security training

The company’s high information security level is not only achieved by applying appropriate technical solutions and procedures, but also by the personnel’s training. PRIORITY, with a vast experience in training corporate employees in information security, offers three (3) training programs: Information Security for corporate users, Information Security for IT Administrators and Secure Coding.


It a specialized standard issued by the credit card industry (PCI) and it is compulsory for all companies processing credit card data. PRIORITY can undertake all the process from the initial diagnostic study and the definition of the exact certification scope, to the audit support, the vulnerability assessment and the certification award through the cooperating ASV and QSA.

Vulnerability assessment -penetration testing

The vulnerability assessment on the IT infrastructure and your online applications is a critical requirement of the ISO 27001 standard and it’s necessary for countering threats from malicious parties. By using reliable and industry-standard tools and our expertise we can locate any vulnerabilities of your systems and propose realistic countermeasures.


The Authorized Economic Operator (AEO) certification allows significant simplifications in customs controls and constitutes an international recognition of your credibility. PRIORITY can effectively help you in complying with the AEO requirements regarding the Information Security and support you during the audit by the GSIS of the Ministry of Finances.

HACSP Regulations

The Hellenic Authority for Communication Security and Privacy (HACSP) formed a series of regulations for ensuring Electronic Communications Confidentiality (PD 165/2011 – 2715/Β/17-11-2011). These regulations refer to a framework of requirements on Information Security for network and electronic communications service providers. PRIORITY’s experts can undertake the compilation of all the necessary documentation and can guide you through its efficient application in order to achieve full compliance with the requirements and the audits of the Hellenic Authority for Communication Security and Privacy.

ISO 27011

Telecommunication services require the implementation of a series of specialized controls to ensure the security of the enabling infrastructure and the information transferred. The ISO 27011 standard is based on ISO 27001 controls and describes the best practices that can be followed by telecommunication organizations to protect infrastructure and secure the services offered. PRIORITY can help businesses providing telecom services develop the proper mechanisms needed for ensuring the Information Security level of the services provided and assuring their continuity.

ISO 27015

The operation of organizations providing financial services depends highly on their IT infrastructure. Information Security is a key objective for ensuring the integrity, confidentiality, and availability of the information they process. The ISO 27015 standard describes the controls that can be implemented by organizations offering financial services to mitigate the risks that threaten their IT infrastructure and the financial data they are handling. PRIORITY, having significant experience in Information Security consulting, can help these organizations adopt ISO 27015’s controls in order to safeguard their IT infrastructure and ensure their business operation.

ISO 27017

ISO 27017 standard is addressed to organizations that develop and offer or use Cloud services. It based on the structure of ISO 27002 and describes specialized controls that can help mitigate Information Security risks stemming from the use of Cloud services. PRIORITY can help organizations that want to develop or use Cloud services to formulate an operational framework, based on ISO 27017, that will guarantee the secure use or offering of these services.

ISO 27018

The increasing number of data leakage incidents causes concern to organizations who are have to decide if it is safe to use Cloud services for processing personal data in the context of their business operations. ISO 27018 contributes to the formulation of an operational framework that can guarantee the security of personal data hosted on the infrastructure of Cloud services providers. PRIORITY, having an in-depth knowledge of the new European regulation for the protection of personal data (GDPR), is able to use the tools offered by ISO 27018 in order to help Cloud services providers develop and implement the structures required to secure the personal information hosted on their infrastructure.

ISO 27019

The extensive use of IT and digital systems for controlling the energy production and distribution processes requires the implementation of measures that ensure their normal operation. ISO 27019 provides guidance for the controls and principles that can be followed by organization in the energy production and distribution sectors to eliminate the risks threatening their IT infrastructure. It is based on the structure of ISO 27002 and incorporates 42 new additional controls related to the energy sector. PRIORITY, taking into account the guidelines of ISO 27019, is able to assess the risks that threaten the proper operation of energy production and distribution and define in detail the actions needed for their elimination.

ISO 27031

ISO 27031 has been designed to ensure the operational readiness of the IT and telecommunications systems of any organization. Its concepts and principles gather the best practices for drafting and designing recovery management procedures, as well as constantly monitoring IT systems readiness. ISO 27031 also provides guidance for compatibility with the organization's existing information security and business continuity principles. PRIORITY, having vast experience in business continuity and information security management systems, is the ideal partner to undertake the strategic planning, control and optimization of the processes, that will lead your organization into achieving its goals.

ISO 22316

ISO 22316 provides a framework to help organizations future-proof their business, detailing key principles, attributes and activities. PRIORITY, having vast experience in this field, is the ideal partner to put organizations in a better position to meet the challenges ahead and achieve their goals.

Back to top