Auditors found weaknesses in Disaster Recovery. We did not identify any significant weaknesses in General Security, Access Controls, Program Maintenance, Physical Security, Operations Procedures, Systems Software, and Telecommunications.