While conducting a check imaging audit, I discovered that when each branch processes the teller work thru the image capture system each employee uses the same password. No one employee is responsible for running the work. I see this as an internal control weakness, as my internal controls work program states "determine if each user has a unique login". What are some risk involved in this set up? Was wondering how this takes places in other banks? When doing this audit should my main concerns be adequacy of backups & business continutiy planning?