ISO 27002 security audit; analysis of the security level by means of English and German questionnaires, interviews and document reviews as well as suggestions for improvements with prioritized measures