An ISO 27002 security audit is a conceptual review based on the evaluation of questionnaires and/or interviews to determine the state of applicable controls of ISO 27002 (or Annex A of ISO 27001 respectively) with the aim of getting a 360 degree view on information security within an organization.