Ask HN: Is the ISO 27001 certification worth it?

[Aaronstotle]

As someone who works in Infosec & Compliance, it makes third-party risk much easier when a vendor has a SOC2 report.

It depends on what kind of clients you have, if you are working with customers in regulated industries, then I believe it's worth it.