Are popes being canonised just for doing their job?

Pope Paul VI, who banned Catholics from using contraception, is the latest pontiff to be put forward for sainthood.

It was announced yesterday that Pope Benedict XVI has put one of his predecessors, Paul VI, on the path to sainthood. The pontiff signed a decree stating that Paul, who was pope from 1963 until 1978, had lived a life of "heroic virtue" and would henceforth be known officially as "venerable". The next step, beatification, will come when (or if) a confirmed miracle is attributed to the late pope's intercession.

Are modern popes being advanced to sainthood simply for doing their jobs?  It's fair to say that   that being elected pope significantly increases the chances of being made a a saint after your death. Out of 265 popes in the official list, 78 - more than a quarter - have been canonised. A significant proportion of the saints recognised by the Catholic Church - perhaps five per cent - have occupied the throne of St Peter. Certainly, the total is vastly disproportionate when compared with the number of Catholics who have ever lived. 

But the "sainted" popes aren't evenly distributed throughout history. Most of the early bishops of Rome, from Peter until Felix IV in the sixth century, are regarded as saints. Thereafter, recognised sanctity is more intermittent, until by the ninth century it has become a rare honour indeed.  Gregory VII (1073-1085) was, with one exception, the last pope to be recognised as a full saint until Pius X in the Twentieth century - almost a millennium, it seems, of unholy pontiffs. Some were very unholy indeed: Alexander VI, for example, the infamous Rodrigo Borgia who is alleged to have turned the Vatican into a brothel and sexually abused his own daughter, and at the very least had an unfortunate habit of poisoning his political opponents. 

Recently, however, popes have discovered a passion for canonising their predecessors. Currently, 16 popes have been beatified, including two of Benedict XVI's four immediate predecessors: John XXIII and John Paul II.  Paul VI now joins Pius XII, who died in 1958, as a "venerable", while the short-lived John Paul I enjoys the lesser status of "Servant of God". Potentially, every pope to have reigned since before the start of the Second World War might be one day made a saint.

While John XIII and John Paul II both enjoyed worldwide popularity and were considered by many as living saints, other pontifical candidates for sainthood are more controversial. Pius IX, who has also been declared Venerable, has a reputation as the most reactionary pope of the 19th century.  It was he who propounded the doctrine of papal infallibility. Pius XII stands accused of making cowardly accommodations with Nazism and even of being personally anti-Semitic. He has articulate defenders, but to many he will always be "Hitler's Pope."

As for Paul VI, while his personal character may be beyond reproach his candidacy for sainthood is bound to be controversial for other reasons. Arguably, as pope he squandered the best opportunity the Catholic Church has ever had to come to terms with the modern world. John XIII reigned for less than five years but during that time set in motion the most far-reaching reform programme in centuries, symbolised by the great liberalising Second Vatican Council. Under his successor, reaction set in. His 1968 encyclical Humanae Vitae reaffirmed, indeed strengthened, the long-standing Vatican opposition to artificial forms of birth control, insisting that "each and every marital act must of necessity retain its intrinsic relationship to the procreation of human life".

In so doing, he went against the majority advice of a church commission set up to consider the matter a few years before. He also ensured an ongoing split between the institutional church and the majority of ordinary Catholics. In the west, some statistics suggest that up to 98 per cent of married Catholics have continued to use contraception regardless of the church's teaching. The main damage has been to the Vatican's reputation. In other parts of the world, the effects of Humanae Vitae have been more serious, with the ban on contraception helping to fuel a population boom and, especially in Africa, Vatican opposition to the use of condoms proving highly damaging to the fight against HIV.

Paul VI's sentiments are, though, well in tune with those of the present pontiff, who has this year led opposition in the USA to President Obama's birth control mandate. By putting Paul forward for sainthood, Benedict XVI is surely doing more than merely recognising his predecessor's personal holiness. It may be hard to argue with a pope, but it's even harder to argue with a saint.

Pope Paul VI meets with Michael Ramsey, the then Archbishop of Canterbury, at St Peters in 1966. Photograph: Getty Images.
Belief, disbelief and beyond belief
Image: Shutterstock
Show Hide image

Are you ready to comply with the EU GDPR?

Alan Calder, the founder and executive chairman of IT Governance, discusses the EU General Data Protection Regulation (GDPR) and how your organisation can achieve compliance.

The EU General Data Protection Regulation (GDPR) will supersede the UK Data Protection Act 1998 on 25 May 2018, introducing new obligations for all organisations that process the personal data of EU residents.

The GDPR introduces significant changes in the areas of data subject and child consent, privacy by design, data breach notification, international data transfers and data protection officers, among others.

With the prospect of multi-million pound fines for non-compliance, and less than two years until the Regulation is enforced, organisations in the UK should urgently be considering what they need to do to comply.

The skills and resources required under the GDPR

The GDPR requires certain organisations to appoint a data protection officer (DPO). The role of a DPO includes informing and advising the controller and processor of their data protection obligations, monitoring the organisation’s compliance and performance, providing advice on data protection impact assessments, and giving due regard to risks associated with data processing operations. DPOs must have the legal and information security knowledge and skills necessary to help organisations achieve compliance with the Regulation.

As an expert in information security and data protection compliance, IT Governance has developed Europe’s first certified EU General Data Protection Regulation Foundation and Practitioner training courses to help individuals who are involved in data protection or who are looking to fulfil the role of data protection officer in order to achieve compliance with the Regulation. The certified training programme is designed to equip individuals with a comprehensive understanding of the GDPR requirements and a practical guide to planning, implementing and maintaining compliance with the GDPR.  

Inform GDPR transition planning through data flow mapping and gap analysis

An important first step in achieving compliance with the GDPR is to review your organisation’s data flows. A data flow audit will allow your organisation to map the locations of all personally identifiable information (PII), gain visibility over your data flows, develop effective strategies to protect PII, improve data lifecycle management and introduce efficiencies into your processes, and reduce privacy-related risks. 

Organisations that plan to comply with the GDPR but that lack visibility over their data flows are encouraged to conduct a data flow audit. The process involves mapping out the organisation’s data flows to get a comprehensive understanding of the sources from which the data flows. IT Governance can help organisations prepare for the GDPR with an extensive data flow audit that will enable you to identify the measures, policies and procedures needed to reduce the risk of a data breach.

Implement technical and organisational measures with ISO 27001

ISO 27001 is the international best-practice standard for information security management and encompasses three essentials aspects: people, processes and technology. The Standard is designed not only to defend your company against technology-based risks but also to prevent common security issues such as those caused by lack of staff awareness around current threats or ineffective information security procedures.  

Moreover, the GDPR clearly states that “the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk”. These measures relate to personal data encryption and pseudonymisation; access and availability of data; the confidentiality, integrity and availability of processing systems and services; and regular assessment and evaluation of technical and organisational measures to ensure the security of processing.

An ISO 27001-compliant information security management system (ISMS) is founded on an enterprise-wide a culture of information security, led by the board. It necessitates that your organisation’s information security strategy be constantly monitored, updated and reviewed, and this process is amenable to helping you implement the technical and organisational measures of the GDPR.   

ISO 27001 can help you meet parallel GDPR and NIS Directive requirements

The NIS Directive, which is set to come into force at the same time as the GDPR, is designed to help organisations within the EU achieve a common level of security across their networks and information systems. The Directive applies to organisations providing essential services in sectors such as finance, energy and transport, as well as digital service providers.

Similar to the GDPR, the NIS Directive requires a robust ISMS and encourages a security culture. As a result, more and more organisations preparing to comply with both the GDPR and the NIS Directive are also seeking certification to ISO 27001. The Standard contains information security requirements that, when met, can allow your organisation to centralise and simplify your compliance efforts for the NIS Directive and the GDPR.

IT Governance’s ISO 27001 packaged solutions can help you tackle your organisation’s GDPR and NIS Directive compliance requirements as well as implement a robust  ISMS. The ISO 27001 packaged solutions provide a unique blend of expertly developed tools and resources that complement your organisation’s skills and resources at a fixed price and in a timely manner.

To find out more about GDPR compliance or ISO 27001 packaged solutions please visit (, email, or call us on +44 (0)845 070 1750.

Alan Calder is the founder and executive chairman of IT Governance.