ISO 27002 security audit with focus on access security (user administration & authorization concept), logging, backup and change management processes); verification through interviews and document review; customized improvement suggestions for information security including risk-based and prioritized measures