What Happens and Expect in ISO/IEC 27001:2013 Audit