ISO 27002 security audit (analysis of the security level by means of questionnaires, interviews and document reviews as well as suggestions for improvements with prioritized measures)