Free ISO 27001 Clinic

Home / ISO 27001 / Free ISO 27001 Clinic

Got questions about ISO 27001? Get them answered by the ISO Ninja, for FREE!

Where else can you access up to 40 hours per year of FREE, in-person ISO 27001 consulting with the ISO 27001 ninja?


At High Table, we’re shaking up the industry.

Get FREE ISO 27001 consultancy and advice from the ISO guy.

Zero sign up costs.

Zero fees.

Zero bullsh!t.

Just straight-up ISO 27001 advice, and all of your burning implementation and certification questions answered. 

Introducing: ISO 27001 Clinic.

ISO 27001 Consultancy for FREE? Is this for real?

It sure is, my friend.

ISO 27001 Clinic, a breakdown:

  • You get one hour a week to jump on a video call with the ISO 27001 Ninja to ask ANYTHING about ISO 27001
  • You’ll be part of an exclusive group of up to 6 people
  • You drop in when you want
  • You ask what you want
  • As many times as you want
  • For free.

It’s unheard of, we know!

Sound like a bit of you? 

Better book your slot before they fly out!

What can ISO 27001 Clinic do for my business?

As a business owner considering implementing ISO 27001, you must have a thousand questions about the process. Am I right? By coming along to an ISO 27001 Clinic, I can give you the tools you need to boss your ISO 27001 certification, and guide you through the process. No question is out of bounds. Hit me!

  • Want to know how to implement and manage an information security management system (ISMS) effectively?
  • Need advice on ISO 27001 documentation?
  • Want to know how to meet the requirements of the the ISO 27001 standard?
  • Want to know the difference between SOC 2 and ISO 27001?
  • Want to know how to conduct a management review?
  • Want to know if you’ve got the right security controls in place?
  • Want advice on how to boost your security posture?
  • Want to know what to do how to protect your data?
  • Want to find out the best way to up your data security game?
  • Want to know how to guarantee your ISO 27001 certification?
  • Struggling to get to grips with ISO 27001 compliance?
  • Need advice on preparing for an ISO 27001 audit?
  • Want to know inside ISO 27001 information?
  • Want to find out how to identify and manage risks?
  • Want advice on whether your business needs ISO 27001?
  • Wondering what’s the fastest, easiest way to get your ISO 27001 certificate?
  • Want the lowdown on our ISO 27001 Toolkit?
  • Want to know how you can get ISO 27001 certified without having to put the work in? (This one’s worth its weight in gold!)

Whatever it is you’re desperate to swat up on, bring yourself, and your ISO 27001-based questions to an ISO 27001 Clinic session, and I’ll consult my expert-ninja knowledge to point you in the right direction. 

Why are we offering FREE ISO 27001 advice?

If you don’t know me already, I’m Stuart Barker: information security expert, founder of High Table, and ISO 27001 Ninja. 

High Table is fastest growing ISO 27001 company, globally, and we’re disrupting the market.

We want to make ISO 27001 accessible to people just like you, helping you achieve ISO 27001 certification up to 10x Faster and 30x cheaper

I successfully built my previous cyber security business from the ground up and sold it, and now, I no longer need to hustle to make a living. Instead, I’m transforming the information security space to make it a better, fairer place. It’s about time someone did, right?

I’m going to let you in on the ISO 27001 secrets that the industry don’t want you to know, as well as giving you FREE access to my 25 years+ of information security experience. I’m a great guy, I know!

I’m also a bit of an ISO 27001 YouTube sensation, so my mum tells me. I’ve created a channel brimming with ISO 27001 walkthrough videos and how to guides, to help businesses like yours, for FREE

I’ve also written countless FREE articles surrounding ISO 27001: from ISO 27001: Explained Simply to ISO 27001 Certification: An Ultimate Guide To Success, you’ll find everything you need to help you make sense of a dull but important process. They say the best things in life are free, don’t they? (OK, maybe not all of them, but I’ve been pretty generous so far!)

The unrivalled High Table ISO 27001 toolkit, used by industry professionals around the globe, isn’t free. But it’s the cheapest, fastest, easiest toolkit on the planet that guarantees your ISO 27001 certification, and it’ll only cost you £497. I know, I must be out of my mind! 

Want to find out more about the ISO 27001 toolkit or anything ISO 27001? 

Book your place on an ISO 27001 Clinic!

No-one else is offering a FREE ISO 27001 tool as valuable as ISO 27001 Clinic, but don’t just take my word for it!

What our customers say about FREE ISO 27001 Consultancy

High Table Review 28
High Table Review 23
High Table Review 9
High Table Review 24
High Table Review 29
High Table Review 5

Want some help making sense of ISO 27001?

Spaces are limited.

ISO 27001 Clinic: the details

If you want someone to do your ISO 27001 certification for you, coach you through the process, or just talk strategy – this isn’t for you. Book a Free 30 Minute ISO 27001 Strategy Call with me, instead.

But, if you have ISO 27001 questions, have hit a roadblock, or just want general ISO 27001 advice without the price-tag (no judgement here!), then ISO 27001 Clinic is for you.

A few ISO 27001 house rules

If you book, you show up

These slots go like hot cakes, so, booking one and not turning up isn’t cool, and means someone else misses the opportunity unnecessarily. Don’t be that guy.

Don’t block book

Play nice. You can book as many times as you like, but give others a chance by booking one at a time, or run the risk of having your slots cancelled. I don’t want to see you more than I see my wife.

Don’t record our session

This isn’t only fans. You don’t record the session. What goes on in the session, stays in the session. Capeesh?

Legal bits

These sessions are free of charge, so, be sure to comply with our terms and conditions on the website. You must accept that nothing that is said constitutes any guarantees, warranties and all of that good stuff. We are not liable if you make a mistake – you’re not paying us after all.

What ISO 27001 Clinic is NOT

These sessions don’t constitute training, coaching or structured, engaged consulting. It’s a Q&A in a group setting that will answer your questions to the best of our ability, based on the knowledge we have about you. The answers may be generalist, but enough to move you forward.

Ready to have your ISO 27001 questions answered?

See you on the other side.


All the slots are booked – what do I do?

Yes, that is possible. Who knew giving free ISO 27001 consulting would be so popular? That said try to look to dates further in the future of book a Free 30 Minute ISO 27001 Strategy Call with me and lets see if we can crack this nut a different way.

Do you offer a waitlist?

Yes, but you have to speak to me so I can see if it is worth while increasing the slots. This isn’t only fans. I am not out to get viewers. Book a Free 30 Minute ISO 27001 Strategy Call with me or drop me an email to and lets see what we can do.

How much detail can you really go into?

As a rule the answers will be made generalist in nature as there are too many variables on an engagement and if we are not engaged I won’t know them. I can guess to a level to provide valuable insights though based on 25+ industry experience. You have the bonus of 5 other people on the call to who can share their lived experience.

You are going to send me marketing aren’t you?

Nope. I don’t have the energy or the need. I am not capturing your email for CRM as I genuinely could not care less. If I help you, I help you and if I don’t it you lost nothing.

Who is this for?

This is for people actively engaging with and going or wanting to go through ISO 27001 certification.

Who is this not for?

Look, let’s face it, students and entry level people wanting to break into an industry. If you don’t have an active ISO 27001 engagement or looking to get ISO 27001 certification this isn’t really for you. I can train you. I can coach you. But this is not that. Book a Free 30 Minute ISO 27001 Strategy Call with me or drop me an email to and lets see what we can do.


If you want something a little more personal then we should really talk….

Get the Help of the ISO 27001 Ninja

Book your FREE 30 Minute ISO 27001 Strategy Call and let me show you how you can do it 30x cheaper and 10x faster that you ever thought possible.

Stuart - High Table - ISO 27001 Strategy Call
Stuart and Fay - Directors at High Table

ISO 27001:2022 requirements

Organisational Controls - A5

ISO 27001 Annex A 5.1 Policies for information security

ISO 27001 Annex A 5.2 Information Security Roles and Responsibilities

ISO 27001 Annex A 5.3 Segregation of duties

ISO 27001 Annex A 5.4 Management responsibilities

ISO 27001 Annex A 5.5 Contact with authorities

ISO 27001 Annex A 5.6 Contact with special interest groups

ISO 27001 Annex A 5.7 Threat intelligence – new

ISO 27001 Annex A 5.8 Information security in project management

ISO 27001 Annex A 5.9 Inventory of information and other associated assets – change

ISO 27001 Annex A 5.10 Acceptable use of information and other associated assets – change

ISO 27001 Annex A 5.11 Return of assets

ISO 27001 Annex A 5.11 Return of assets

ISO 27001 Annex A 5.13 Labelling of information

ISO 27001 Annex A 5.14 Information transfer

ISO 27001 Annex A 5.15 Access control

ISO 27001 Annex A 5.16 Identity management

ISO 27001 Annex A 5.17 Authentication information – new

ISO 27001 Annex A 5.18 Access rights – change

ISO 27001 Annex A 5.19 Information security in supplier relationships

ISO 27001 Annex A 5.20 Addressing information security within supplier agreements

ISO 27001 Annex A 5.21 Managing information security in the ICT supply chain – new

ISO 27001 Annex A 5.22 Monitoring, review and change management of supplier services – change

ISO 27001 Annex A 5.23 Information security for use of cloud services – new

ISO 27001 Annex A 5.24 Information security incident management planning and preparation – change

ISO 27001 Annex A 5.25 Assessment and decision on information security events 

ISO 27001 Annex A 5.26 Response to information security incidents

ISO 27001 Annex A 5.27 Learning from information security incidents

ISO 27001 Annex A 5.28 Collection of evidence

ISO 27001 Annex A 5.29 Information security during disruption – change

ISO 27001 Annex A 5.31 Identification of legal, statutory, regulatory and contractual requirements

ISO 27001 Annex A 5.32 Intellectual property rights

ISO 27001 Annex A 5.33 Protection of records

ISO 27001 Annex A 5.34 Privacy and protection of PII

ISO 27001 Annex A 5.35 Independent review of information security

ISO 27001 Annex A 5.36 Compliance with policies and standards for information security

ISO 27001 Annex A 5.37 Documented operating procedures 

Technology Controls - A8

ISO 27001 Annex A 8.1 User Endpoint Devices

ISO 27001 Annex A 8.2 Privileged Access Rights

ISO 27001 Annex A 8.3 Information Access Restriction

ISO 27001 Annex A 8.4 Access To Source Code

ISO 27001 Annex A 8.5 Secure Authentication

ISO 27001 Annex A 8.6 Capacity Management

ISO 27001 Annex A 8.7 Protection Against Malware

ISO 27001 Annex A 8.8 Management of Technical Vulnerabilities

ISO 27001 Annex A 8.9 Configuration Management 

ISO 27001 Annex A 8.10 Information Deletion

ISO 27001 Annex A 8.11 Data Masking

ISO 27001 Annex A 8.12 Data Leakage Prevention

ISO 27001 Annex A 8.13 Information Backup

ISO 27001 Annex A 8.14 Redundancy of Information Processing Facilities

ISO 27001 Annex A 8.15 Logging

ISO 27001 Annex A 8.16 Monitoring Activities

ISO 27001 Annex A 8.17 Clock Synchronisation

ISO 27001 Annex A 8.18 Use of Privileged Utility Programs

ISO 27001 Annex A 8.19 Installation of Software on Operational Systems

ISO 27001 Annex A 8.20 Network Security

ISO 27001 Annex A 8.21 Security of Network Services

ISO 27001 Annex A 8.22 Segregation of Networks

ISO 27001 Annex A 8.23 Web Filtering

ISO 27001 Annex A 8.24 Use of CryptographyISO27001 Annex A 8.25 Secure Development Life Cycle

ISO 27001 Annex A 8.26 Application Security Requirements

ISO 27001 Annex A 8.27 Secure Systems Architecture and Engineering Principles

ISO 27001 Annex A 8.28 Secure Coding

ISO 27001 Annex A 8.29 Security Testing in Development and Acceptance

ISO 27001 Annex A 8.30 Outsourced Development

ISO 27001 Annex A 8.31 Separation of Development, Test and Production Environments

ISO 27001 Annex A 8.32 Change Management

ISO 27001 Annex A 8.33 Test Information

ISO 27001 Annex A 8.34 Protection of information systems during audit testing