top of page

Does ISO 27001 certification make you more secure?

You don’t need ISO 27001 to run a secure business. It might however help if you’re selling services to other third parties who need assurance that you have secure data practices in place.

I love driving! Cars and motorbikes have been a real passion of mine since I passed my test back in 1998 (I know, I don’t look old enough..) I’ve had my fair number of cars, driven some lovely sports bikes, and even dabbled in a bit of track day riding to keep things safe. Driving is a crucial part of modern life for many people, but it also comes with its fair share of risks. According to the World Health Organisation, over 1.3 million deaths per year worldwide are caused by road traffic accidents. The majority of those by people with a driving license, who are qualified to be on the road. It does beg the question, does having a driving license make you a better, safer driver?

You might have seen a news article last year which discussed one specific example, where a man was found to have been driving his car for over 70 years without a driving license (Man says he drove without licence for more than 70 years - BBC News).

While it's unclear how he managed to avoid detection for so long, the story raises interesting questions regarding the role of a driving license in keeping drivers and other road users safe. The process of obtaining a license involves taking a test to prove the driver's knowledge of road safety rules and their ability to operate a vehicle safely. This training and testing process is designed to ensure that drivers have the necessary skills and knowledge to minimise the risks of accidents on the road. Afterall, dynamic risk assessment is something we all do, every day. Whether that be walking the dog, crossing the road, or driving a car. As humans, we are inherently designed to assess risk.

While having a driving license is a necessary legal requirement for operating a vehicle, it's not a guarantee of safe driving. The skills and knowledge gained through training and testing are important, but they must be continually honed and applied in real-world driving situations to be effective. Ultimately, it's up to individual drivers to take responsibility for their actions on the road and to do their part to keep themselves and others safe.

You might ask why I’m harping on about an OAP driving his mini around the roads of Nottingham, but it draws an interesting comparison to data security. We work with companies every day who are either ISO 27001 certified or are looking to ‘sit the test.’ Does that make them more secure than companies who are not certified? It probably does, but not necessarily. For every company who is certified, there are probably a hundred who aren’t but are managing their data security absolutely fine. They have no need to ‘sit a test’. Their business does not require a shiny certificate on their wall and cost to implement simply outweighs any significant benefit they may see.

‘But wait, don’t you sell ISO 27001 services?’ Aren’t you talking yourself out of business by writing this? Well, no, not really. The companies who need ISO 27001 will always need it. In much the same way that bus drivers, taxi drivers and lots of other professional drivers will need to show they have a driving licence, those companies that need ISO 27001 will always be there for us to work with. The news article serves as a reminder that it is possible to be safe and competent without holding a particular certification. Similarly, organisations can achieve robust data security without necessarily holding the ISO 27001 certification. By taking a risk-based approach, implementing best practices, leveraging external expertise, and focusing on employee education and awareness, organisations can ensure that their data is adequately protected. Ultimately, it is up to each business to assess their unique security needs and implement appropriate measures to safeguard their data.

Want to know more about ISO 27001, read our "what is..." article here

35 views0 comments

Recent Posts

See All


Commenting has been turned off.
bottom of page