Auditors found problems with the security program for information resources, with access controls and with system development. They found no problems with the physical security of the University computer center, with operating procedures or with the system software.