ࡱ>   ZO\pCarlos USEROS RABOSO Ba= =p/8e@"1Calibri1Calibri1Calibri1Calibri1Calibri1" Wingdings1Calibri1Calibri1" Wingdings1Calibri1Calibri1Calibri1Calibri1Calibri1Calibri1" Wingdings1Calibri1Calibri1Calibri1Calibri1Calibri1 Calibri1Calibri14Calibri1 Calibri14Calibri1,8Calibri18Calibri1>Calibri1 Calibri1Calibri1Calibri1<Calibri1?Calibri1 Calibri1Calibri1h8Cambria18Calibri1Calibri1Calibri1" Wingdings1Calibri1Calibri1Calibri1Calibri1 Calibri1 Calibri1 Calibri1 Calibri1Calibri1@ Calibri1Calibri1(T> Arial Narrow1Calibri1(h> Arial Narrow1( Arial Narrow1>Calibri1 Calibri3#,##0\ " ";\-#,##0\ " "=#,##0\ " ";[Red]\-#,##0\ " "?#,##0.00\ " ";\-#,##0.00\ " "I"#,##0.00\ " ";[Red]\-#,##0.00\ " "q*6_-* #,##0\ " "_-;\-* #,##0\ " "_-;_-* "-"\ " "_-;_-@_-,)'_-* #,##0_-;\-* #,##0_-;_-* "-"_-;_-@_-,>_-* #,##0.00\ " "_-;\-* #,##0.00\ " "_-;_-* "-"??\ " "_-;_-@_-4+/_-* #,##0.00_-;\-* #,##0.00_-;_-* "-"??_-;_-@_-k3_-* #,##0\ _ _-;\-* #,##0\ _ _-;_-* "-"\ _ _-;_-@_-{;_-* #,##0.00\ _ _-;\-* #,##0.00\ _ _-;_-* "-"??\ _ _-;_-@_-"S";"S";"No"$"Verdadero";"Verdadero";"Falso"(#"Activado";"Activado";"Desactivado"],[$ -2]\ #,##0.00_);[Red]\([$ -2]\ #,##0.00\)                                                           ff  `  P                       , * !       "  # $ % & P   ' a> ( 8" @  "P  @ (*8" @  (*8" @  (*8""@ @  (*x"@  *p"@  *p" @  ) x"@ @ * x + x"@ @ ,(x"@  ) x * x"@  - x"@  ( x"@  p p"@  * x" @  p  p" @  ) x  - x  * x  ( x  ( x  + x  p  * x  p   x  - x  P .x""@ @ > .x " @ >  H   8" @   8" @   x    x    x    x    x    x    x   x   x    x    x    x   x   x  / x    x  0 x   x"@ @  x"@   x" @    x   x   x  / x    x  P  8" @  8" @   x  x  x"@    x" @  !   x   x  x   x   x    x"@   x    x"@ @   x"@    x"@   `"@   `" @  (0"@ @  x"@    x"@    x" @   x   8" @  p"@   x"@ @  8" @ , H ( x"@  1  `>>  `>  ` > 1  1   `>  ` > 1   `  `   `   `   x"@  - 8" @  2 x  1> **8"@ @ **8"@  **8" @  * x"@ @2 * x"@ 2 * x" @ 2 ( 8"@@  ( 8"@  ( 8 " @  4 x"@ @ 4 x"@  4 x" @  * x"@  * x" @   x"@  3X8 3x 8 ( 8  (*8"@  (*8" @  + x"@ @ + x"@  + x" @  -8"@@  -8"@  -8 " @  (8"@@  (8"@  (8 " @  * 8"@ @ * 8"@  * 8" @  - 8"@ @ - 8"@  - 8" @  - 8"@@  - 8"@  - 8 " @    x"@ @   x"@    x" @    x"@    x" @   8"@  8 " @  x  @2  x 2  x 2  x  @3  x 3  x 3   8"@ @   8"@   8" @   8"@@   8"@   8 " @  x"@ @2  x"@ 2  x" @ 2   x"@ @   x"@    x" @   x"@ @3  x"@ 3  x" @ 3  x"@ @  x"@   x" @   x" @   8"@@   8"@ @   8"@   8" @   8"@@   8"@   8 " @   8  x"@ @3  x"@ 3  x" @ 3  x"@ @2  x"@ 2  x" @ 2  x@@3  x@3  x @ 3 !0"@  !0" @   8"@@  8"@  8 " @   8"@@   8"@   8 " @  x"@   x  @  x   x   8"@@  8"@  8 " @  x"@ @  x"@   x" @   8"@ @  8"@  8" @  8  8"@@  8"@  8 " @ || ]'Z}-} 00_)}-} 00_)}-} 00_)}-} 00_)}-} 00_)}-} 00_)}-} 00_)}-} 00_)}-} 00_)}-}  00_)}-}  00_)}-}  00_)}-}  00_)}-}  00_)}-} 00_)}-} 00_)}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef [$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L [$ -}A} 00_)23[$ -}A} 00_)23[$ -}A} 00_)23[$ -}A} 00_)23[$ -}A}  00_)23[$ -}A}! 00_)23 [$ -}A}" a00_)[$ -}}# }00_)[$ -##0.?\ _ @_-@ }}$ 00_)[$ -???##0.????\ _ ???@_-@ ???}A}% }00_)[$ -}A}& 00_)[$ -}-}' 00_)}A}( 00_)[$ -}A}) 00_)[$ -}A}* 00_)[$ -}A}+ 00_)[$ -}A}, 00_)[$ -}A}- 00_) [$ -}}. ??v00_)̙[$ -##0.?\ _ @_-@ }(}/  00_)}(}0  00_)}A}1 00_)[$ -}-}2 00_)}-}3 00_)}-}4 00_)}-}5 00_)}A}6 e00_)[$ -}}7 00_)[$ -##0.?\ _ @_-@ }-}8 00_)}}9 ???00_)[$ -???##0.????\ _ ???@_-@ ???}-}: 00_)}-}; 00_)}-}< 00_)}A}= 00_)?[$ -}A}> 00_)23[$ -}U}? 00_)[$ -##0.}-}@ 00_)}A}A 00_)[$ -}A}B 00_)[$ -}-}C 00_)}-}D 00_)}-}E 00_)}A}F 00_)[$ -}A}G 00_)[$ -}A}H 00_)[$ -}<}I 00_)[$}A}J 00_)[$ -}A}K 00_)[$ -}A}L 00_)[$ -}<}M 00_)[$}A}N 00_)[$ -}A}O 00_)[$ -}A}P 00_)[$ -}A}Q 00_)[$ -}A}R 00_)[$ -}A}S 00_)[$ -}A}T 00_)[$ -}A}U 00_)[$ -}<}V 00_)[$}A}W 00_)[$ -}A}X 00_)[$ -}A}Y 00_)[$ -}A}Z 00_)[$ -}A}[ 00_)[$ -}A}\ 00_)[$ -}A}] 00_)[$ -}A}^ 00_)[$ -}(}_00_)}A}` 00_)[$ -}A}a 00_)[$ -}A}b 00_)[$ -}A}c 00_)[$ -}A}d 00_)[$ -}(}g00_)}(}h00_)}(}i00_)}(}j00_)}(}k00_)}(}l00_)}(}m00_)}(}n00_)}(}o00_)}(}p00_)}(}q00_)}(}r00_)}(}s00_)}(}t00_)}<}u 00_)[$}(}v00_)}<}w 00_)[$}(}x00_)}(}y00_)}(}z00_)}(}{00_)}(}|00_)}(}}00_)}<}~ 00_)[$}(}00_)}A} 00_)[$ -}(}00_)}(}00_)}(}00_)}(}00_)}<}  00_)[$}(}00_)}(}00_)}(}00_)}(}00_)}(}00_)}(}00_)}(}00_)}(}00_)}(}00_)}(}00_)}A} 00_)[$ -}A} 00_)[$ -}-} 00_)}(}00_)}(}00_)}(}00_)}(}00_)}A} 00_)[$ -}(}00_)}A} 00_)[$ -}A} 00_)[$ -}<} 00_)[$}i} 00_)ef[$ -##0. ?\ _}U} 00_)ef[$ - ##0.}i} 00_)ef[$ -##0. ?\ _}P} 00_)eff[$##}d} 00_)eff[$## ?\}U} 00_)ef[$## }i} 00_)ef[$##  ?\ _}P} 00_)eff[$ ##}A} 00_)ef[$ }U} 00_)ef[$  ## }U} 00_)ef[$ ## }i} 00_)ef[$ ##  ?\ _}(}00_)}-} 00_)}-}_)}<} _)f[$}-} _)}-} _)}-} _)}A} _)P[$ }A} _)P[$ }A} _)P[$ }-} _)}-} _)}-} _)}A} _)[$ }A} _)[$ }A} _)[$ }A} _)[$ }A} _)[$ }(}_)}A} _)[$ }A} _)[$ }-} _)}-} _)}-} _)}A} _)[$ }A} _)[$ }A} _)[$ }-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}-} _)}(}_)}(}_)}(}_)}(}_)}(}_)}(}P_)}(}P_)}(}P_)}(}_)}(}_)}(}_)}(}P_)}(}P_)}(}P_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}P_)}(}P_)}(}P_)}(}_)}(}_)}(}_)}-} _)}-} _)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)}(}_)20% - nfasis1O20% - nfasis1 ef %20% - nfasis2O"20% - nfasis2 ef %20% - nfasis3O&20% - nfasis3 ef %20% - nfasis4O*20% - nfasis4 ef %20% - nfasis5O.20% - nfasis5 ef %20% - nfasis6O220% - nfasis6  ef %40% - nfasis1O40% - nfasis1 L %40% - nfasis2O#40% - nfasis2 L渷 %40% - nfasis3O'40% - nfasis3 L %40% - nfasis4O+40% - nfasis4 L %40% - nfasis5O/40% - nfasis5 L %40% - nfasis6O340% - nfasis6  Lմ %60% - nfasis1O 60% - nfasis1 23 %60% - nfasis2O$60% - nfasis2 23ږ %60% - nfasis3O(60% - nfasis3 23כ %60% - nfasis4O,60% - nfasis4 23 % 60% - nfasis5O060% - nfasis5 23 %!60% - nfasis6O460% - nfasis6  23 % "Bueno=Bueno  a% #ClculoyClculo  }% $Celda de comprobacinCelda de comprobacin  %????????? ???%Celda vinculadaSCelda vinculada }%& Encabezado 1M Encabezado 1 I}%O' Encabezado 4? Encabezado 4 I}% (nfasis1Cnfasis1 O % )nfasis2C!nfasis2 PM % *nfasis3C%nfasis3 Y % +nfasis4C)nfasis4 d % ,nfasis5C-nfasis5 K % -nfasis6C1nfasis6  F % .EntradayEntrada ̙ ??v% /: Hipervnculo  0 L Hipervnculo visitado  1 IncorrectoG Incorrecto  %2&Millares3. Millares [0]4"Moneda5* Moneda [0] 6NeutralANeutral  e%3Normal % 7Notasd Notas  8* Porcentaje 9SalidawSalida  ???%????????? ???:Texto de advertenciaO Texto de advertencia %;Texto explicativoI5Texto explicativo % <Ttulo3Ttulo I}% =Ttulo 2ETtulo 2 I}%? >Ttulo 3ETtulo 3 I}%23 ?TotalMTotal %OOXTableStyleMedium9PivotStyleLight16` kCover Index F Compliance with art. ENS&b Compliance with Annex II - Org%ܰ Compliance with Annex II - Op& Compliance with Annexo II - Me""_ftn1:_ftn2:_ftnref1:_ftnref2: OLE_LINK1:v OLE_LINK13:I OLE_LINK17:Y OLE_LINK19:a OLE_LINK21:f OLE_LINK23: OLE_LINK25: OLE_LINK27: OLE_LINK29: OLE_LINK3: OLE_LINK31: OLE_LINK33: OLE_LINK35: OLE_LINK37:C OLE_LINK39:; OLE_LINK41:P OLE_LINK43:y OLE_LINK45: OLE_LINK5: OLE_LINK7: OLE_LINK9:ffP@ oH R݇N*W6u?i(/FN*W6u?i(JFIFC     C   !" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((?;XKCg yq1-q5ϊap8yWԌ!\bvݒNJPmWoi\/= ?x|(OWo :$ve (O>g(]x7XO|OeQCޟ}Aω2#?^ ?{QCޟ}uau?H?O?_uW' Gz^ ?{C,?^i>'x|(OQ Gz׃e ?Q\/= ?x|(OQo :$y/:+??G/= ?^ S/4eGYEr>g(??G2e (O>g(]x7XO|OeQCޟ}Aω2#?^ ?{QCޟ}uau?H?O?_uW' Gz^ ?{C,?^i>'x|(OQ Gz׃e ?Q\/= ?x|(OQo :$y/:+??G/= ?^ S/4eGYEr>g(??G2e (f=N6Ɩ2q* j.p&)Z>;[Lp] ^XWX>5/kU&QrM{#?0\ֽ](O>g+uau?H|OeQCޟ}Aω2#?^ ?{QCޟ}uau?H?O?_uW' Gz^ ?{C,?^i>'x|(OQ Gz׃e ?Q\/= ?x|(OQo :$y/:+??G/= ?^ S/4eGYEr>g(??G2e (O>g(]x7XO|OeQCޟ}Aω2#?^ ?{QCޟ}uau?H?O?_uW' Gz^ ?{C,?^i>'x|(OQ Gz׃e ?Q\/= ?x|(OQo :$y/:+??C|qP;C,?^i>'׊=&<7Cy IZ5qXln5SԢԢt^Ju)MiOGQ[QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEVGuۿ x+X#MW0,}+ OЉd|/qg,O׻|qK|jok_oT~Q_/Ov~?B';^CN(XH|?'3R~"x?i<s?qGAo?~Q_/Ov~?B';GCN(XH?-gJ+OЉDhi E E~Ui<s?_9 8c ?U(ʿ~?B';G? ?!,$3~OgWDh~"x?4" T*_9/OvQ[?W_? ?OЉӊ??|?'3R~"x?i<s?qGAo?~Q_/Ov~?B';GCN(XH?-gJ+OЉDhi E E~Ui<s?_9 8c ?U(ʿ~?B';G? ?!,$3~OgWDh~"x?4" T*_9/OvQ[?W_? ?OЉӊ??|?'3R~"x?i<s?qGAo?~Q_/Ov?!,$3~Og79_GֱG!IaG`8*NNqM:MN;4QPXQEQEQEQEQEQEQEQEQEQEQEQEQEW~\M+?l/ +MNm^A¿Pa3j(s((((u-QEQEQEQEQEQEQEQEQEQEQEJW9i/oK\mJW;JW9i/oK\mJW?2x+?SJ\N(O ( ( ( ( ( ( ( ( ( ( ( ( ( (>QV)QV{5Oy(/ (N<(((((((((((((((((((((((((((((((((((((((((((($̽{/'G׿!<$wҧ+p(((((((((((((((((?xR(u~/o]qO:SOg Οc + ( ( ( ( ( ( ( ( ( ( ( ( ( O D=7[$C.*J59zۢ} Aϝ)( W9BSEn/xSA\Rx3ET%6t376~b>iJ0fǛIѭK5, 59q5#h~7fֶGh-sgl`!X[U |y[Pk-»W9[=Oy{~.Tke<~%iRp[8$ ✖wŔpu9:oc1Df\9'&o"b\I5b,WEJ5/m্U׫/ݦ&ו1vj;#ЎiUzG'IU몠<5z٭vC ʺ\=dSA/E-oۚ-^u fNW}̳E!EPEPEPEPEPEPEPEPEP)^Ji,zq+\)^Ji,zq+_`?>|O*)יq8 ()>((((((((((((((;EwwaFZEwwaFZ?e???xJ G(8B((((((((((((((((((((((((((((((((((((((((((((wؽ{/'G׿!<$wҧ+sؼkMm?[[*ÚU~c4>~8JK ;Kƿ`~-x u N-TMZsI&II{#qeNznɶrdVX?uT/ӿ*S ßkp9W?2x~~K?_|g[QMST oo'Q@Uz;eW<" c[RUЋ_du-9K)'g9FV漟G~?eCq1+:=pJܐqr¼:_SctoՈYЬ-{8}@ӯt[_5:ۤ6012.b#Mr 4Nj b(p@g|0X*ՌqzJ14Gf*㾫P(E.jǕNVV~s?Ms?b%a1tubO㬐X/࿷&4kC6~W?3z5bOg#i\oϙ^G~M[5 &\5ō s$G.?j?׬0* G'[xueZ<>%-HKwQ 5#'?MG8{h`?imR4=zcZN$$)^}O~.x/OzNUBA\6㬆Q|Ԋ]u=98JJhi:rsRnmUޓ?1n_%׃dr|\,jz[Z}N4ąەx߅| ҿg]ݼA_i>ҭFK1T$힕 ŗ_Fy5^v-fGF"rg$*υ %xO 0j/gQFg?K ;?uUvg߉; 4 sq&V 8{+Q++P1m$pc+ƍ 9NN(ɶ#:_85U^e_|eߋ𭭲\LgR8"vwl8ۄbXqd%OaQIMR5@Ufm͑Aq?_2}2ų6v0J8NLхRAl_W88lJGm"Qz%_qê|X}>ϒOޛ^e.uzZ?u3*h<7OZjЬmP<8:TZ=gqp)gl-[ =pgZOb?:Nj ^krE ;zov@-?g'q}wN:D˒?.E=mra/ )aݼW>3~?d k:,vw+s5{J>?OWi"ŸiksYAeu+ s$$udu ygoQ揫j&)wXǜ,D`p(G+YigU,RutF vj6r ? ⱘL4oRd'[M{>?' |Qhx{[?i󜭺ͽҦ>8vgOO-ڞb.ȞCðPS+\:}ןE=~TG-bZJTVM,~/K4sQ씛RiK^o>+'iq/(?d?i.jZ^pAm%KiqY|c*XgiW?;ᧄ>/xTm!/t^ՠy V~3 U*wQNNۭa 8L4cV|_6g_)~_¿|Nc|l׭>,^\e%oZ= H7 ~/ग़Ï2x>}V}PNzO +,09#bۥ(FI.x ,r01URPis+rۧ7QO8{h? uCW|YAO"}wC 8 <~^ |s' ]OTǤhV'd '$qZ7[?>>KV SCYwF@' + s5]O7I=vFo2_u +} f2+vN_# Oe/ c\{zy o{'Ɲ'&hpC$v7\Q"0$N9ڏ*zW7sleNy*&ZrD|Uth)*q5&nJ ?xR+O?M'KvUοo?MX벯gO?͟X/:䂊(c(((((((((((((+?l/ nM+n+%_>v+?(O[L~8ϗ7o~f@$ P[E}m-KFNr%J4qTV,dOrz>),]/Tu='Mޡi'=ĩp¼yEľҦ&\QsQc(ӄRU~N\)W ԥrxY^Oiry~K&{*_φ>ç]LʠD$'9%O2SF}+oxF8q@`;%0r_~` Ƽui?%#xSRuJ]KON|ŶTrIKdTwPմ=%|7~N~(jrB* <9R 0YFYFյu%Mur[K#8exX+IGm5+8JIr稜_.4~,7.4?[c |#ڸ2+׮1A~ӯ|3:3FQgE V旸;@'/\SG+PyAF3WN2R-ZWVgvms,-J*-hihͪi?''CR-FjP]9F|Cge]s~Χve.cωa*[bH26RO -զx:>mz͢PGߴ`k?%|!LVXFw,+ %X՘(p9gĎ_\]<(:}qy䛼Qy`r:y*MVOI[U$ѳW)=4 ( ( ( ( ( ( ( ( (7>J-?rWGMcԿ덿J>J-?rWGMcԿ덿Z[&Oa?cQOKQEIEPEPEPEPEPEPEPEPEPEPEPEPEPEP߲/ 7?/ 7x1&)1Pb?AEWǂQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEs{I??^_~'/?0>?8Q__0?H׿¼U֓z{]jZBݏS'ר%}EAoozJ#ihUdケz㳊yEVTQ]$?FIxL .'*[~G׿o5; 7\XvqNzԒ3$s a#|m_CHfFgyGpú8X8xbq[ִh/M?1gsdLe'a_[Sc[WYz6֝H׍sj|~:i}wnf{wGA_1x+%72N}u k&u'G?lhGg]67ú4cT4L@ ;u #g3+ֺ1P|,`dI|`W.Izm&;nmy{_'|3rVG7*ߗNuk%.ۻZ=Nɕa ~׿]}bˌ,?G< _um_p0/7#$O"uşu96{}َ2OfcN/fԮ&<뭼y$m?87IuYxCn&cQ_@WGTYF_[K{?(w쏤i`r՛Wj70O9o~ϟ-a- X[z5-PᗺXf1/x]goVP<}=̅F%*1ך֏iqKAtwE{'s؁yUarY??OOcN>wĕc/ѩѵu)yOGQ_Bknدi4{6?u- |Z'q3⡉˖qwMZ[58&g(MYhS_H߄G^$|?6[{uK=a#;Dqqu$cz4(Zhఀs\Ɲ _W*giԄ`Ji֯}ϋ̲:\;3Jҩg'vD~lɊU.?tK_>k"1]?ʥ k'_ySyo%eSe^)" Eum/|A4~,iS~̰HSF|;׵ 9wOSYXIk"Õ`}AOOG>ƫu>0U!&.GrX#jZ)u4[Yq5lR*2mzף/~?-eoxvPm?PX^y$m-aؘ+ּ Hvj^h67P>Ua#AW˿Z/,\/{5g]r$w 鷮@ Oh<<ƽ/ 6+է)& O5v}lx01NԪ/f}^M.?U(T  &I'&Ukc.%q]O7I=vFo2_u +lVu_aK^j?_aK^ŸHύQa ZC~~6~οo?MX벮7u~/o]c?*l $QEsAEPEPEPEPEPEPEPEPEPEPEPEPEP^Iaȇ]Tu䟶zoEI_&6_tO_(0Q_9~?| 7|y9hfBpm9b>pϰ1PJqRZRq7}mKS:TWN޶v|oa-"\m-!qu1@Ȓ"YO$_R| ^M7TBho̮;A>c,S:|쫢b>c|Wv8cYc3D'M ,4θNO99559^OFGBQgkrv/hkey$ԅmuiIun|B~5힥k ;cI|F7.v8H<?c~#SvR95 [-DLge$d:U??>|sWBds# ट~/kDA-JQG]f8=21_]᷇(dq^ }JTUE׿Tpbm\IJ1Mn]hw-|8`]YuxY L"䲯˴ Œl ď-mdXq ,0"Qqcs_+@S=Fk9,WyOv4AW E<|(|sb~ x6;Heܼ_8^ Nu'άQn7y=Yh0~c-\1Qӌ]FײQuI'kݿwUXx7PTn5MByL s9Wt_ uI5+A v|r0?*F=OȻKZ£Ӭ{OZ8e?Kw?<]yz~,KuiacR~X-2dy䵻pWVG昼hb=]V8u7$h|0ЬOkqčq2"Rij$j0UHT~ 𕷊4 >}ea_!avrx Teմ__xoSE4vWR76q!៊X -n#WF-EZ,e%F1M讗>)⌫2G JrIJtJ߶oī~"t.>o v8cVo_R?KߊBzԅ&Grr1^s߇%xSx 9 FwY$-p.vo}ܓ!j4h*'ڌUJRvcޭ1//,T\'ekji$ţ}€׋|'PUlK m*FxbS# ݲ$ܮA#"oL;?Se֭umGiqkVB_vĀ ObޮbjXZ\UګSiC(9rپifr,=hw嶫[[Z[z7 w];~ן~!h˹IGPI>2L{eO_'o~A7ᮭ7z6'l\)who _fݚm/_|DA48&rX!Wq+Z>.){MkVF7Jӡ\KQ4 Onv'8c b!8(QKז2{#s*-IVY:ϫ ;WSkF{Z_c]֓x_L) k_~۷=/k6 417j[K]UX@Lv|t񷇿:}s[Nz\Gxmߑ+q<ќwdy#.8R:QnQK4xef a1XxVѦNAp+SݟRO^~ 6֯'?3}R%hk9BVBz5?m C~JcCiEdYSx/(CF+JPW)ʒMԌ&Qebq tͥYk)tmv}iE l=srG%t=K蕮srG%t=K蔯հdCLV>~Q_@xkcrI⯈ˢGIEJ+۹J8WkxfO\ڶ\AՀ>ahj &w>ISIk{J<>I-Sq3ZU.{|WI=ު8<%Y:W]w%}Ac3Ze ?y~o5KU|toP|t:D'#C/4y6(cg4Qݙ1R1Ѻ_֩R Ӝ QM?cxW^*䬗^ F3i7}4=޻%}7Sph+?j;g7oZE /jd5Kv$W뿶OGھ0xRM[W $zUX64眫H5fX5 a$~mnumngnQgC(8 _G]S@>##?>H:DZ~,iB< IrvVUFXaөTJN N)5\KŤSaS%NM(7mu[\@sK_{AEPEPEPEPEPEP߲/ 7?/ 7x1&)1Pb?AEWǂQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEs{I??^_~'/?0>?8Q_0/H׿¿XaQ|,%ev >t|_6{Il+Jt}.=@B~B (h-ZYL uxEzJoHCuk:T] ,>5-դ.MROI$ƿ}$#z8ԖmϔuxKN6ϯ^]IS}F?OW~QOt_7WS|'>?悊(Š(೟e39+//>*ھɖ\a䯂_ wG»y'mi[RڿnWn?$y?z'o=o̾P7W =ҽFQoo%ٿ!U1A"*Dbn]."U<115NG~ SMiV_ O/>.j1Hk?!εbYW}=ֿ@*Ɵ c-<RUx 9n]~QEaQ@|?1B5Ls\Ɲ ^ Iґ\e$;OIgeRMM/v)뙽\:}ןE=Af?O3Se^)[vxY_gهcMYɲɘwĐ_~vxY95p+FT'4٧&{^%>:zq65c oEP3iڧlX+I9 NA ,:c^/ ~̿ihh.(X盼s: 1T _ xfFhd] ؃{3a:5s囒]Td-#XJn>xM]b]?VnXHAiUxS7gDoi.7SPE~Q ebfKJ];=;gX?\Mh(>Ͽ]O7I=vFo2_u +?:$&Ukc.%M6Tۍpv:v_T/0?g_T/0?g_kOk@ƿ(s C-!¿O??|g_7؟,uW:ɿx7Icʿ1?6y`? (((((((((((((($C.*JO D=7nSׯ'p~ڊ( 'xr?1uu$1ZRI'~ k$>o.xKBt #s3ֽĘ({֧w<g5]|D +%In#\z/)ZE^N*+t-~53XjQM؎5rH$2Mr~iVV_@}n?;AoS5:gQv3ĬccƟ}8Ӗ*SM++F53o)K0V1|ԚqI죥ퟧYOOGm7WP4]&Z%[M$Jɑ#guw!q< ^=~ |Aշխv-oXQ 2J#%d(h]>'izmB+Zu]$[wI|ٕHUO)dແ>|s>jp77kt[Ndue|Ìąݹ| R?x^U){N_ik$WdR\׳Vߨ%s~,/>ov/N# )ΕKJzF)lW S(ӕ6QUw'm"/ϚWǿYj^%V4 n\uy:sOK,u+_^6wBܡc$ 0ty l{#QhnN }ĔO?Gyt&{{I]X*#Xp Ŀ|}kxc^ f$nJΟ}miUDrWk|Sx^e|_RI4˶4A)F <zWp3pTRЭJp\'AIQwI-JJQw<ʕ:u]UNqo[Ufm]5枛$~ƾR}W1~j 5k]{P377h#;@ 9;_1 gV ׇ|%]EG|%skT4Qζ[ܧPL[x?oxN״:w0MHةS~~ntmOռ(I"X# A-̸[W*^(ʚXNPƛFTr.ܩ5ShcF3nM;%kEMY>!3n־ _ ~xEe=OZ"Zok|32,_xO8ϊ>;ߵW#xUk _ ;$_mB8"̂FG 5mu wΊȭFA5:Gu;_πn@ YKpA؊*P)ӧaTF%SީNru')wmG$ⲜDQƙjs a{2f4,|k>|7}О cx=k:D ՠQ@`M=V.Xbe~yjM9|:t_9_GLZ֢k \Ozw?ڧxA~;cB|EIj:v*mT_ZV:j%^iJO/e(M(;s{ݭHQ_o'imE̛[~~|=^4]#'K)4Z{;6d\ 1 ̿),H ~2|-/<%Guv3FiYgį|D:^񞟫bjizn_ŏ2MsʞE|aƙlyF+ ?S(J6RU֧ZMrՋۊRQ𱮱m4ZkZ}C{@oiixխu .W[_9T07=Ո m$XMt$vXW=O Y]~?|o&gxvm ]ELλf0ƑTɸ>Ik\aX9'C)N5iάJsY(;8&p4P34^SOdKn͟!'?4 k:o5䀸W{{W ˏ=zo_nOۏ ? ~>u5_jWy3^=;63`e_|k |1Ds6j"mYؐ^լt-Y"rʌ+A c8Νoft2OU!:rpXڳMBu#6yEMF)er% Me}֚+V'QE~t{)^Ji,zq+\)^Ji,zq+_`?>|O*)יq8 ()>3 9x_Q-ksX2YA9W͕d3޽ 7Pg=N 4VkVT"]?1@7s^w:M➇[BYk[GxGĺF\h hZbs 9,:jRRy*GۺMhʹTZx0<-dx^]:ݯ #!u\Y7+x&f 쒙syoSj_@[ xV캭(`T*N"+~6?2gWNGm/nݷzp~?h 2V'[Be:A}qQܥ *1Bv 5f]Y=lBΝ*UswSJKUG|Bi:4t>KZj|k=_O?~̧C|ak?u-o>8d}M"ѯ\<d!GMλ#o |W#⾓yhNXQ-p䢗mp6WoxIy\ WhLJߤZf.2L/k<_aYO} ֥tF>Ȣ7a@MV7 9 FrJmˊĪr|UgBn ^\Vw4Z8y9Se9+k-UY ~~WK ||xOQ+G~\*)`<Uou+'KNj#Ե[{Ѥ5P6Xsƾ6π|-x#&5-KQm 1VtMwIkiw6wvx]C$G H 5# #NssSRӪy5}ʭ+rBsWK$Fɸ>*;C&><;x7G񖓣fVA Y tl&>>'&KcQc|/[}6|h3rwNkꯋ\_hO _R5t}vn67F1$kYhρ|5_gDPC%I4O9XfB9`:%4imiw}Ź s/ nO+/O4 M*j.g@#cdq e4|>4w+1ykgkQ[K,%*YgO;L?fst~iqqFrr"U3Vui֣ ϝN9_Rn X[њ J.2qx7k̭=zo/ j/^8<-jO<KbSӮ.$HnZ[{2*P8^mߴDIOmxM6:5kV6;Fmkm,Hy!~Y]%+=W4/ύYxXlY$xR3Ƹ%3LU| bάe9Ge}ڵbo9GY8B6\4i…ZRQvNi}cnw߼NS>~?}}<)_uI0O渓'lj{zGt{kڌ6v66\^]H8!E,x I_bT14g Z2Ѥ{QhI54jw+ 7>khiڕHnbataִ떥:8M4ӳOF5Ѣ(7[QR0((((I@ZjI@ZjWYטl}(1 + ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (9ߋIQbzk$/^臯lGߎJ(jkKa_gc?I99| |kKa_rhKo ]/՛lfb$ާ2WydZRoQ?<9)8`m(SKr>Ͽ[sF`x'SΏX+ bHda0Z!?Őg Sqpv=Ey^G3)X#/|~K_)|'_؟s#'+v䧗#τGsQEXQErτGx~4_\Yվqv432Pqp3Vԫuewe{%3Z9++]}೟e39+?n=~ȇ >J߻j 6b?hrW__ }׿U~ D܏$O׿V?~Gt$z[ЮnR;kΊH>u".)|{kڞymmݾf_PrX_<9d_4~y<""8Ii%i'_{K֮Y}6J+!εbYW`'7/Y֭-.ElX/Gg_GZw:Ye_gXyN=.Njr_Z³_-ljQE6Ehిc4(Zύ ߈|"Լ{{Tn.'6$)@~%O'ۥx/ 5cN҅u) -^2wG}Zu8O$Jvwz>ٽ\:}ןE=s7bK7G]7OH'JK?)\?G< c,NkN?G< c,Nk䕥)LTʯa"D'+~XWz}?q؞$!1*Ib}Y5]*[Ӯ4V;[yr w_+8:R]%}>&x:^e2IYuWG^־&1Ů.t;¶$"?xǘ\ƺ(OSݝľ m",nIs~J[yO2UߚiG5f'rµh&K?L~5oG})d uo#7Uow:|B5}5%rZCȉn# ԏ#7Ux%`ܹt cW,=I8'o+꼼 &޿ &޿D5 |׍Qa ZC~~6~οo?MX벮7u~/o]c?*l $QEsAEPEPEPEPEPEPEPEPEPEPEPEPEP^Iaȇ]Tu䟶zoEI_&6_tO_(0Q_955G'z߀4jv S4k]RE[-.s09X^I2w=~>? >.T5]SJ|6O1wځ7+8<⌇x ֟iƢ47$VFWjV}.zY~eG+j"+;]I]5K?]f??t+=#Ğ4נZBN漎hI>cDD<f$8rڟ~2kI#]hbB,v~bǂM}mf~?CƐE8cͱiCٷNrOt>1\#o|:5ŵKdv1HKeK(8 bg?d?sPյya$i5PA-͸2x8csR @ןS񧃾#wN}{;{ZYh91sxh~K 7ⶰ߳ tIA$>}%d>MفHrơXzF>|k񿇵O?ef.-ofdK|qmдnb$EXXߚ?>)iW $FDJHZ .""Xc'']żokN~S޾ʦ"y]U \%FRfRpSWZ7FMxۉZac9Tu)t"=)8MXTM>]c$R=x'Zdw=ֻfpꭰ\ACr~?hOZk+i$I̷,Q͆1\+o3It!Fd"WƠpI$bk?~:"x;škge%$LeHe*kT)I+;V=#쏊mN$;-lx;NѣtHcv `EN@^S_~:G D&nZc4|s4_8\aP)τeO'hhxgeu{V}6?:Aq _c~>MqJ KM̾\acv׳B_NugV1~P4g9< b'ZNyZJ\I64'y?'|ou&ķ _ y$42aELlbNˌdaҸ߁_~|:;yi&<3>7#c8*6:8 >J2iEY&b$\11R5hdww،{ +O;Es λk?*34.I85 ~>+|QOJ|1/?<~$Eիͅ gE8U^'Oqt)9#V%'R)ՌN3Sf|iNrB(]$Ѵ¿Og2=<j~(>ll5C C HMޙ |G5Uğ|Z+exgIPo"Ke:FxeطUA'V~>[c^NUƚvfXX[!"3'߱'fѵ|~ZwTv'2u|/p# ө[`Ֆ"kΓ5:Q3N.`x5rt*Bij1PuikٽOvJ`ҿ*a?gxHU/>dΠ߹.IxS>b7)TKdI SO٧K>~ |7xUm]\-3#H'Pq:v)eZgRT=ӌnfA9sF;=LRdTʢڽb? /e߶şj/ŸWNҵoèj^]㵙H@)O=ǿw| oG%OOKmۈ(.H\G_<+z5i~՞|Mm/d-\}Cq5(CH"VnÏ' _f}?>YpRmBYR;bi$!A8L% /JԩUNUeWMUU:F3)M٧9y]J!Fe(Qm?i]rj[5o%'?k;ս\-<:N/%#jWR$|/+ִ|M'|E᫛VMn(!&)u`wsd >x7ᮛ7~e;V:4qN)1(b ѳ*}ZYqxu\(œU7uԕIw2ZF$l}փwv|ӵ~T|R~ο~5U<_|P{cC| yu1W[F|'Ư~?koᮾ$h>ME߇40?z6C5ڧ>*n^lVKk'pXbU;יK|L3Gĺ'G,mSccpBnXlIS\eq Ͳ>gQ((u'vFz^T+g3Jna5F:Ԕ7E%׺t#  |..T<'?k N5 Qm@l:[o'qtI$tF?#ÿg[r>Oල'#4-_HRN}Џ/+>~ҿiZ_jKGv|9r9\+1YOWG o?!xrNVͲRx,޸#g> V!9sSѫ%':ܜ&ɷ:ri-WEecU Ѯ~E_Pn|0Z䮏ǩ|0Z䮏ǩL3y Z+xzy+Bft6S]`}"?࡟o1x_>t6 ѝF)sq]JOK~%h_/8%j^&kꚧt6I.4wHj3NB2E}xN_F.> 94][GR`nr08??KwC> վŕ=%嬐C;R8H2^2oՎk[)hN'7.Q$0z^'r<Ӄpʔ%I:|H_Z`T''kQF.3MRiZ<ĵOEO⟈~ Ff/x_wyk#߅bgo`HʸPw -f|To#[ra/YڥldFLrnn+J~Ӗ>*kxKioN hQʻ $7î֟ to>M6_;yp@zףü_˜gj',=;NT?ך\j2g25X2´qS}r w5,?3j_ at PumCRoO~ȩ _y/гE7~2տg+=Z?}b4ad 5c>#~_dQqK;ztXthz2;4'ڪ.-~O:z^?|5iR2 E1'sb89(.>H»kKy8ۓ9So {7ͫ.`ͥ6:6-m%կ#ο~ʾ/|J#e?jwWCd24F'aT8Ot[5+;D[kZlm ~T%"A|:֯aۯQ][Iq'g&]സUv9fT~v99cC~<ƞ( |MJ#֗ßbӴ{;KAlX;rZ^xK:\50R_4U$O8e'j|o RY\E Gݳvԯw<=?^/?dmS2'K'S!ۑ|5_ xc?>eS|y曩x:-$m @]X᳻Ykc3}gxNŞPYS4#?>'h??h _:惣]jt6+F |opI s/>#Yg_EĚۮ=A@ծxb?M|3l /@'x6M6ZjsM#C}\3% x~jl!@F]H\K#e)$CS Q!KrB'V Yp8j4unS4`񸪒xz>N*_H{˲G 4NLGQEqQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@$(zD=?|^OC_xI#OEWxL_R5%gVQ-|j~,xjIdO'VWٱl' ʧt4 ~-x3W`kЭS}f?lE r4FUK~k }j֫=p=QUu?+)k$ߵg_ [|UᖒA/mmS8#<}LSkfݫ 1\>xI@=0lE|xQvˋF~daӞPH6=8O˳Rx%% hԔm8__Bq{oa擪Iouk[-Bqe`yA_0~׺ֵؗ{>_+Jp$ЎIi?/,s_Gndh:^9`8t2?Rd//x&gQrXBͨNnPvHP{IܾqSU1USOm,?N)T2:_M4Iybu@+i NSɯ#<j 8.0?grWOkc]3/7#Jl_GODe?+ğ'߇77,8OfU<w⇃>1KXIխVkil=Q𺜫)E?zcu⦲xռͻWL*ǟ?r@8#}EbVǷO?<7]nIm9K]uAڳktg6ZmIu^@|mL4'Vc-շo2*<_h_"o[0sjmţwIc?20>$`׏ڷ؇0zw5O}q*+Zp,N&3 Yn#kSK'itc>rFm5bJҨֱIݥm~ ;e_l;_i~%B3߅w_2'P>?xBvo sC_#[(p*&aGQBQ~z\E|9>|L0[- cߢ h-}+ॅ׍5@Gq彭mؗp@e\G^aS>2s5vK#htrB@'e܁#rNVkqrMvI>'? RqS*S۲~-F|/ů)o6]K/uA٥i (XӹlF[i?VY-.( 6՝<^$~ɟdOOW[f5ucqERI'?జ~Ú4(Z4.RǗFps+tKK6 ̪ωNr}y]}[}?6/t*no%gO\\:}~ןE=~?zVYW%6UґoH灿eI~cm)s3,Nk䕥)LTʯa"T'+$T>FA_J)^%q'Dh?j iP7i8W|6?O6MVMY,嶘[4-kvWF տf_6 PC7@ hw8zfE(taQ 9S[i{5+YhٖoC(R' ӝJ\%uJQiJWIO 痧_4oq4jfX<*a2@2=_7O{&:Eŧ4s63c4mC\ͅw>.񦹦-ٵ,rvA3R< aMjڥ[I䴈n10#MPg9ce+q_;GބmSQV>/elJ)ϖ){Ws6M'nd[ҼEAWIEփ4D$V #̸l2#P%}ɓ[_5b?^$/zL"EEg+s F.> >+1mya\:Et]-mm kʓ~뎶ҿE޺?`?ljm]]G ,Jr.# C`2_PlOVsd2H6s0  #Go(+H\z[s$d<+/ a)fb[滋'WݒV?ǜEc!5S 9SNH&~^ݻ'kx}7\3 r.4Yd '$Eq3$V/TқqJ%et)4I%c0'B x ||:}WDlM:7Gq G  /wBHoxU}wU̗7f^F%G (ڿ1$x^y:yF**J*uf*U/Z51# I+^*QZY9-^?_g߀~2qգouBbmmvӌ5EZ|e%1T_Z x?cdbS~O EmH??kE-y7.aŸG>غXM]3ljqf+edEՓc]\[?nʜO7eJ2J8O:kt,elo)RrMי7kt~?E:i_ZZ..?mbݍN2y?~v>o%W4;鶗 _?L7WG@|Dx[GSN;_x/ƞ!6uriiJ yדxσRԣ|9i^j&[yN8uI] $WuSõZ).iSBJ\ח5 Tm;%Tq_8z(-JroKii%=b[7>'a'ALѯA0 GR~^>.![iZƻj$70ܽUV#n_s+;π|/ot MgE?hY@#F\&N~xIn?/u!/&}%K/9hX`g#;sؼ^n87R%)IagZ$*}1n]D5~qEGM((h]Ax#In{D~xbk@J^^_NRqo=uZW*MJ=b\.8|a瓊iZXe{jToX|b|׾)|TԴICgf w}{:6H%U'oM[7ӷj+\UX-nj2qy hm)'Eட<G>+Xh:ícVaUXW™#݃p*+]{Gh~ ޛ2xGA3BZ( 3pMz~OG2Ԝt*)SJm5ES9.3/|RwqXQum:nQPmd[&>3M~~Ͽc?Molu5VSO$0Υ̪@_;k%"q5VnAKq.򏝛m͌dg5_>|>J' :~vza#uItqV^ eU7|"?F{]G7>!5eoݾM p_|xg:2>-p?nGy? i~/[>oHR(ŻG:6cx[x |K^otۏjZ^mu>t|\+, 5m|:|<{? :ۣ⾺y~d)~lůhV,ilVMIR&9<8,59BdiN9=Vk6Ob*$j(-)Ɨ??ŋov ƕmOemu/l2K ЇHb-8xGiD(2Z0W'8n9K'u Z 喯Zo 궙kY&xՐl#>U8 X_2. O ~Z?ޚUžVukD 19ݒkq\UB8jn,BiUe9U~cin8fٌT-:TQv\^m[c[/46ڲ?ip!7bmcvӌy_o<3^xO[¾#n۬ f`>տ`vVcu"+יI+?z[\kaq&kSm+CI[K(e<&Hȯs\])JYrŵ*Յ5ʚhibpRV厶syxr|c eA(ү%igIb6%psײe_*>Ko h$%0 h$0 t=+SĿ~ 7?|3q%:λnFosȟR_mT|3?g:qo/Im:1M&Ry[ `p02ghUS:ME׫5 mO+9vo\V"]gRn)uz'c w;xgΏ&hGo2M69)\_9T/O?S> 3]xխcԣؚw c|mϗaT~VQ^d8|'K J'sEN-9)Riw;2d5*}]Yu]ZIvbE}"; ^^S"; ^_k2͟ϼQ%#_QE~x!EPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEP;{I??^_@_aH{SQE9Dڄs< NiCIJS)FI*Ѻ1s7oG=lxx9z7gdeOB 59J'֩ f5IǧQQNkTԫhe7E~zݝ^Z_-WzP.xv`@+{h^~_x3Yc wyN&\9t\0~T%wISG^cU3i)4remz/?Qfxv>:?jl9 #~,z.6WP>p=(xʱ_tN`j*P_Ϊ}ί/~x# Uio?>hmt~ߒ{<_Y?~5vdup?b G;x/oş鮚5ϑ s`ᱞxyvRSm۫/S1arc}^>2MYuMaKm~Xx95v|#xO=GZ;k[˟9=goe7oxTM7}+3r.SJ9ewuqfs+VhSpmstRf=g4hDk?^CF{? Rg*_}o\{wß(e۶b|#ؕ{{G|o/Ayi u_ *82>p9# CFpxv.+U'8;\?eǥF<=<9j=׶3յޠjfnQ?g˩G8`306?Zͣ9C8n d_>gRAYkDmwԎ~w{hNX?X .1=;W%p8WdO~>G>xGT𽡺4}@`w`cw3𕾱)T,z6}>mì.JԒpos?g-Hŵmu N h_6%ܓ]gVJ=@[Q޾W4Dk?TfrV<156}oI.#fOFv < [ɭm㹎9YcX, P+'ym9e,MDՠͮgNy֤s<I)^&Hj#+HGZڽh?en!j`gcQہFqfXTӂy(/ь.ݚv}O{_E GS_ _QzmҼ|;?*Q[#OϚ? aGy>'G_o'iF"_'ڛNQWv[w?#爬ORnf")K#q\+G -nzz׫$~cq2°ݤ,Ht?!W]obޱDF[[)'I!O˿ UKGKmRh{)uYyLV1o~* <,٧$ӼF| $j6jҶ E0r.-<ܹ\>&K_^#Ή[kSGflέeEϘ1bQ3ƽooώ7aZ]xQFԡtibhHȒ# ]7όZ.x\]5kuoH04Do C!.pkx.)u#)FJI57ҌOӲ$'oR9eNR9ERi5u/u[5Oz"}"9&eH[.p 2/?G'P< xJOfa%hsꆾ{I!4×tv&Ȓ=bഒ38vR1ßi ~zfb'=Bw8νYU_2 oݦs涛&o 0Ua06.WuQҵmh8__vx*=*=4éG~$o'xU2ᶪSFyړ^%exEodIWUB]~d#?>-5KI=f, &b1UE_ޮ⟏7v|A+\[{^V4&{DJ1_d>x48n8 *r׵MWk)Y7{4FlNu$ٵEvSJZg u_u4Eqq7Ҥ}2> y8ڿ'uV*N[kqvm&ӵ}?rt48+jmuQEAEPEPEPEPEPEPEP)^Ji,zq+\)^Ji,zq)_`?>|O*)יq8 ()>kO~i FBl[]6ќ+K!?4שQ[GTڄn7|5JI7RdAMU}l2<_ OFǚzXj|.mBFJpHO hޟ ig60iqlD#A*>EX| _O[=;KO;`52sNxo?? i.N&ӣ(vjrqMvW c*AT[s;Nϙs+֖s_cI/{iM;iOL/]Ƴy&BekzttI. =]6\Ožஃix}Kx"p,ǜNIFJQթRSZQ'VmCGu9Z>q69c)5J)uk]5S: <%GǯZ/Փ̂W5)8xe>._\k>zt.5/? `=(jywG-]OR8yjSo 4 *ʳurkŹ>; utѥ7?_8A|3>?hV>O Amnm) A"+fY;?ϳ:x]Z4ӝIɦNM٥{]<j8$>y MI`εnmCGm3(AZO)xK~!VWv˄1f8TO*GuV$,V|'+\Oem{G cZ}m|Sǿ~|O'|c[uCcPvtO(Q2NUPkO:bqBI&mE6QODmvݝ$Ϧ +d_'wokիd_'wokի^cMfS^c?(ӏ((((((((((((((((((((((((((((((((((((((((((((~/'G׿! ؽ{O|_?)~8`}*~p (`?>W ,쑈|gk?eƩO8M[m kV[-ުP :qTg?ړſݾ3ĞEcot*CG =}@#r{iе_pì]^]Ѹ^(I{INN~U3_iσooxoN Zxo[h[n$<%LG }o U'AeՋ[.q,ۘ* ^=pGG>־|hzfkQS].r\HUpqGF*Xܣڅd۔dGf\Qהƥ65$暜%*iFq.[&}}Zo?e6zjxVե3SQYbKr q?o^~ tCC^kyK9%Xc;X ۳ۚK?l>Yjw+C~KgYFH5c>GJDo4ɬ֮c[ >ݧFSf!7<٧Z[߿y7olcxYc%r:կ5X%\}U<Oڇ__xVx>፜05༖u(+, < o2?fV,ccT1TyRɹ8=o'KKF+ R?O3,:SX`@3!6xgIZsx;ۉag]u&aՎG^>fK#ΩДST5mUQR&\KõB*(4麼ܥR {%N\׳|\nӉ:6jubi R+ЊXt=_ S tɿU>gGmx棩wy5O5Ԓ#[qrz'׼߶φ~*izE7>6&f&V>08'Sa*8ڛi;̹VmY|f MQUR 8)GI4qviꝯs?eoxWljxOڧ/~ PH4[g{p;CeQ)cv}CO exmgi%o%XiV5WgI<'-<;ZGaT223dYS|r41sXfMoI ӭrMofѰ1ʖbGn'oŸ.i2̭Y ʪa^U?/𥾵&z.l.n$iزs ָ^՝x2\ܰRZHԚiI6jWόl-}xyP|_bn &mzw)Z@%58t=6![8S36wy_K'T> w|/x{pƂ&$$`$0@d qO~ٞ+?- lCNn{+'g'*퍠h?^S{.uFwY`QkefW-*n8˟JviM9}~_#^"\ժuuFIiʹ~.YG'&Ο yY8o!|G >Z1UWV&^@09[\d`xOVxVӸo@W#UB/OTa]Atu [ Y/;#s܌b|<i[^jN)E+4-d3=l?ps/mF~ʅ-.GMJVRܲQiE#'Ѽ < &#f/ ߛHCn!U1|^t[|;aMҼ1jp_icBc'I\`_Wq=g+Wt>ZݔHg*l/\MŶ>#_oz/< m? Ǥ}5g$Gt[QTs%ryfrӽ+2~\b杣[eIr'fY+kb}rݜoK#[>1~Şti>7%xoĖ dE$r'|R_O |Z{T|#gqjd]FՔ> ~2x;ÿ 9?~ tI"4wK!ƭϟׅ>7gkfoL!6^j"ڍE7 q+Ֆ]y)9sN j~KJ\#eVPgQFIJqsQyӿ*nM&}E2Ľ_hCwMr:r):6`Vu8pÉ_Mj񧊭[kۥ)ogwn3 hT\1Z#Yexv| "9*u-M:/m%t8<5c\%F(F hZGayU2n"MũBz6NI=r٨"2E|3CǢc|?i}hpZkWVX& rs&R|] _nxJt[ORxLɒ~vb#Y>qSL;ӗ:wNee YZR4kϖTBmͩn#>-@U:Zq7I?Q]}d_?)qWeTеTE|Cn=5gYgypl[9AࠖZߍ􏍞>7|D-"S_\GġbO$Cd`o)#a9&oK mp.Wb-c(B)i"Υ* *TTT䦟5E/lZ;JJ\B|Mð*R Gn7gO??ƿmZLJ#"GoRN ϐ~a]?e,|;}=:GwZҢ->aqjѝVé Xr|oRcg۟-/ G~3]Nh$)0Tvף#3y+zo$6ڦqx$c bF]Y_,3qMIY7QIKK$7*wm\RUex|T y1EO|jm4;"E0Y֋0Ɠ*( \nkܼsY|4mxK_Ѵ=[Lk۷WsFi[1Ĭ{@xhexe 9l[iEk[K?0)#u(VUyܤRI7'e(v C-!½?|g_7؟,uW:ɿx7Icʿ1?6y`? (((((((((((((($C.*JO D=7nSׯ'p~ڊ( ?~* ܺ[t+]Bgi8qoGo*[ШS)f& ..T(KN9qaKbƤnk2M5[|~\m-jeA6O߳?- 65Փ[Meg}0Ύ̶hrʠ}k({0 ,6;6ե(JVQSORiOTsuZJPwN0iM+|":^[}T-0ϯ=T5865Og(QW(&XckjqދeU}g=w/Q_ G**x$WQ_e1xTٵnUR緧:G~J}v7^i{iZ[qqO *gh1ڷöwr,"8>d%W?<;.#f9iwXǖ/捰\?+6Jd62E|.~zcY]+K˖:u.te2yGm1/K[ ^lˆxJ^ag0[F,AVglN0+r+1fcTu*ԓ&ܥ);RoVmlѣTJ%ItK (((((((( φR;aOX/oVφR;aOX/oVVɓ}1XTS3pQE~R}QEQEQEQEQEQEQEQEQEQEQEQEQEQEw$-zyO$-z ɬ6>GQEqQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@< Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@$(zD=?|^OC_xI#OEWEPG^ P(((((((((( QEQEQE(() ߼ b~e\o&_%*<TsH(:(((((((((((((M+ix>|)5BI#Yp[w"5̼3JRRT.R掊)6ߢ=N{Bu$-[vKGgtWh?g2T?]??Iw 1_OW?r&8+yBLG3Oe?BWk'' 2T?]??Iw 1_OWiq3Og$Pt.}{2]ZK"95<3zW^ H?^6=NwFrQ廊m&dMݞL,Y)RW捯k(~?S?_4Q?#A?_Q E@LU~GDn,B $~gÈ>(~?S?G83UcE/? x'|? E@LU?_WF)9Gw83TÈ>(~?S?_4Q?#A?_Q E@LU~GDn,B $~gÈ>(~?S?G83UcE/? x'|? E@LU?_WF)9Gw83TÈ>(~?S?_4Q?#A?_Q E@LU~GDn,B $~gÈ>(~?S?G83UcE/? x'|? E@LU?_WF)9Gw83TÈ>(~?S?_4Q?#A?_Q E@LU~GDn,B $~gÈ>(~?S?G83UcE/? x'|? E@LU?_WF)9Gw83T?_LU~PU[?#A |)?xWiq&Zq4Pe=+ܢJrݻ%8F5앗(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((< (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((Z]xn֓Ggp,3Y?~#6R0M~&C ?l!꿲ia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPi< a; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=~#6g(?{?~#6l?ЛcG^3XN=l?ЛcG6M/,'Ex6M&C_~&C ?l!/K gQ^ ?l! ?e?A3ߨ ?az?wWaz?GBm=xPia; +GBm=e?A3%O\3]7o*z:iz((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((3S? MJaf/ҷ0+S0(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((%O\3]7o*zʇc#JƗŠ(LŠ(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((7=s\tzk*+^ (3 ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (AyI@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiP7mE;yy@hiPU$e9:P((((((((((((((((((((((((3S? MJaf/ҷ0+S0((((((((((((((((((((((((()_RPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPNNrtQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE|fA뙮7=s\eC1_oKaEVaEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPRRޤ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((()@(((((((((((((((((((((((((%O\3]7o*zʇc#JƗŠ(LŠ(((((((((((((((((((((((((?ޤI@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q< @9:SiҀEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPMJafoT=s5~F/WQZQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@ IJz ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( rtӓ:(((((((((((((((((((((((((7=s\tzk*+^ (3 ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (z%QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEM'JuQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@7o*z3S? T?EV4_QEjfQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE1%+J((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((()қNN( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (:oT=s5|fA뙬>4iz((((((((((((((((((((((((((k)'"E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ hiPv6u݆E7aaQ@ iT9 ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (:oT=s5|fA뙬>4iz((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((3S? MJaf/ҷ0+S0(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((%O\3]7o*zʇc#JƗŠ(LŠ(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((b9|F?uOie{2km> Sj+#bm<[>iU??*TjZlW//| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?< gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| SU??kb?ʿ?gZe_3_KQG+/| S[^ ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ($ov%į>5tQrZIqF{*{F2bإ(7n옜q\ď iG[+C;XԢ 5w[u,Ÿ<)Q&Ԯ9C_@C|A𧋼o/Z(u-kRm}%w:,'**ϕvOzo}_O\؃OcM[_dVF^(wAL[PTk58Px_`o::!}e~^z>\}DҮ/& #~J JAb^䑟4OEe4?[lfUU­s[{f{]?ٯVX<_:u?~|NOۣGμ\v-t;cclf?/:?8ִ ^OQsGFK[H[+?3Z?m#So4㞓`'[-nv\1enU*x"տ_ً ;WʍjrufrDas|\$pbxkwB'k?+ڼ>k< WʟG-|?!4?qd>d#8R#AkarUTkS(MB(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((N:Q^kW~^ j~ ݯjVɨ2?i$ 1MT!*Q{9Ɯ\'؛W'; K}2܅I]2+~2֟u66Xml"1 =Oc&~пďo⾧▫KRb$IGoapN旞%g9  ~h>v:6 ٨N]wSR۹줢zMQxdxf2=|C-c//~*е'^f'HǕ)iћЊߴ'<'n3cnWRr|uϘux (#=E&=Ezx<_b)k>Gf#{[$Xܬ#zk .6XtHB7SHcnu/)C6|amǑ\iZP G9$[{isYjuԖw 0= =E}\*`s-}~_ֽOx\ wJ'w> CQ\PQEQEQEQEQEQFj=:K븠%-$HQGRI PWοY;Y[][Q11#+p!_|QZc#)O1?yTG-):Q~E~V:_ϡŸݸDʣfTS?ʺs?Wyoj+_q'km-s vQ> QB1ũxV/hOeO{zNcGZW:)x E:xi1Tu(,:،㨭 FQvgjjJ(4RQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQA8_G?ζKyƍ#!U7$+g#5QK*&R#'dwԛֿ=>2?+߁nUu-rt|dھm|nm 6I4}ngǡk*jYmyy}_2uӚ@`k ?Q۟%O9e[eaTVgk3$lKu#EO )ŀ_ώy~ ]30%~LHD+ K-c"ЭfFG1k.{~T5Fg_=ӗ-4Gf[k8SKH5C'UOٯ,k6 a7=Ϳ/Fm|?ۭ-y&WHWMcR:ʄ$A(99ok/ W.#Чp(jsЁ~~_PD |DlȢ]Y;1ՂDiy̧Uh0g=Š枀QEQEQEQE?˽hۯxgVY<@>Hר GbO?h?cxRΥ ].r f^'M"m39 =MO 1=u= kH|d::ߋ5H|_@ۃxWῄtxB4.m 8G j8̞O&S 'Y~GKkɔE-b\F13:/e7xt9,yCD ܣ$m9slmLp[C+a=迮ny>"_u r~2vxT~8{Y-IeA6a⋾G5o7TTޏpiI&;ڛUVy]("Uvh%d|hE]G?ҟ[~/oGf7Z|gோt- ,V_WwIԥ.IDe/W)JѱJGƊS EW>p񪦕9<=ySpngc҂JvdjYQ/Xa⧺??GQw+Y??:?|zXZEMDZ2reA9L\E,<)x7+H?kmU1+Kbg}_ ?kM+}x~H!GdR.8イɯ*Qw? WƄ-;-84}^8dMQMg[efmXuA'x_MѧeOt:>w+S/ 7g]:)E: (((('k^:go x,tm#O̼Ե+, RH$|] WױxVuD@LBW (b?ŏͿJ݆tdrI<]1a߿yYmCe۷sڻ xKKdz[Zoocn6(r=~7տ_ɩ|eK# ]|=^yF+%6|xufѾ -ռA,r*O-`A$DqqJ >Ú)+}>R;+mߢ%p)7 fE> 5Xu?4Pϥn̝>V@v&aK<h> <]v"צ㠎\eck}7/EvGEWV}_\N3]ֿ# QzwKI7'Y]^ e8#_+f_?~'z'$R#'da慫][?j`lUb88S,2qϖqt}W\竐K_|D\O|7񦩠&Ky>G}0v9|<ÿc񶒌M^88vk; [˦PE747&02d,tJ;ǧ5ڻPTҒ֧:쾥q}s? UeMSo>]nhO̙פE6?~%AA0񖡡/*q)ʰ*q5S՟5æя.Y v18\-|cV§R~uO:GݔSwiQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQFE;K^{W-t]Kv;o]G܆%H: 9U>6|8y!Mcns^wq!%A%\bU*{_.aR^?z# M_ `ړmT^{@ G_vuow{'ypM;wbYM8I?d_'֗G'TqH+oS$\sXI?_GEu1}Oy>2=k}{gY>0wM qH[ѮeR{a_Y|7d~ 6g/M6x/ yJVBC;G}_^[ J؞k>7gM]?c<9YEkenFEPn y_ݥ;qS5|{%Wg-XisAQY!kfǭyĿRq{q'-|,Qܜ}Y9zKK" Typj`|{e%2Lj&7OJCb3Ѹ9fxןŞw>}#9mz\v=?~'qUw_?-Kj>M$ּ7oo G;o-Vԏط <~&wwxFT_lGMdr+a҄gE7*r}jq>wnYw_V6`ݯ}?#h'Z?E]j:0|u s"U4-{E&kj7w "6WVRC;nQz> :657꺢Q\g`QEQEQEQEQEQEQEv[>,O0|CzCiI|~'ď\|k%kƩtZH,t%7$gnG'8_0qrge4}>of2ދvnyYk m#I@% SǸCUݷسϦ6עkGoiOjPvv\I<';O-03lk1Gג\Nl^n_V:'Ļ;VfBw'ZֿId8wV=/>UlsW'=k>~߿ xeF3<XykA$n5#pX` 5U0Xsuy4ou90 ܆?{RNkolZ|Ewúd[29p)9 A09+k'(=}=/lyX̷ \Z֩ߞ.ग़guŭ-4n<w(p_=+wʱ<3%uȣ]'˘C+U9އ~7P| XuV<'<+q24<;zÞOAXꕔVῚ= (((Ҁ?/៊ 7> nO \zs_.->7g>f5Ǔk@Ac 9ÓxP?y~:>ʗ'z7|A< iM7|d~G_q.[_}s>ۛI?S$(Z~W)ʷ?^.M~hoǟ3s><5ۧ&fA/ɂiqA=/W1OZnvnۿE#֣oʾ :Pn۵%igo)| "d िٛ# '+F^ܙ deg?x".iGB=ZOS::a)ImokZß$Uu_zg% |;sĚaN"ʰLU >Hv>;⿉>ZV O}P[v>p ܾnFWvWJo5c'(WewW|GFG~i?KW: [_þվKls".lJd ch^4xšӼQkku3#E)~w>vl-2{-oK'߲vGE6=}GQ?vy{Z_n?oIg'Ixe@Of< ɓj>_=yٻ[= <.{O_T,mjգYrl"'>V-¶74R+`?k_1BMxF@O1O_ʰxïF\ּ;SJZfϫxXo=^G=WaBj~ǿ5?.x渏CҼ>z{r?>1|A'TG]mGZ.<۩ڪƋTUd_g*| };.m}NΟ%'oյREkkn<$_O'دP6׏.%x6`~I!Gf-.7fn˫gKd}Hh| cpDpd?;v竰? 7>xf𵆏Y&]?MXa{*2O$'Z01K_ bq+t^gapx|yiF}_ ڀ1:(J(ц@A Wy_8| bi-c{p0?ߏiP+j{V|M|-NzRc_GOnW>3~>_ atcK$Cǡ9^;WYC~Ϳj/7 2xZ-Bln,eIcg$_ۣF_;vn9^7.pA3xI̲/~^}_joNxY}1g ir)p 0SohϘUXba?Pۏ7 $6-JmkV@y'4\,[Nyƚx+Oydl=gG(>(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((c y˥I/vo7poY@9haP!Pޟ,tد^Wvx PEy~3'5xŞ*է5-Jon_s+fr}I5Y&S{z[.x9ixO{Gjڶs}}y3Myyy3K,1;ĜI$;]4[KREgcen<%Ҵ|2oi ~h3jzֱtYZB:z*3{6~ž: ] K`ܛ{`r1ж>2p0ʎ]O]d_/T:~ßC]/K[k*ln?u4mOo.3wv迆<%~~ °iuC V u5v'Sez#0<>V(E׵{,{ ƊY`$:tW坏}b|S~*Fj~-5xWN%-Fb7a~h#P~rGyi58mR43($ ؊e.nO.Xiپ~QFG\\'`iNj{hx?1ᆵifne8}׸\o_ h7 .x^OJLma-O!+˳F TO0c=rHz <7{_uC6$ ۼG$Xx_o/; mo]W:爖< ț$:!~\ h(bI~?.M*^o}cy gyg2ʺ2Hpj~Qࡷ^_cfsX1,m9v`GZ:s>26QEuQ@Q@Q@Q@Q@Q@ 7 QE7``Q@ 1)j$a]k~ioxo%wxY `ʯ})ET*NbgN#i+3[4xV]2*~g1cF9h@`V~q|ziكSxW+ &ڦ }s{4n{=+/ w xzfcuk`OUhR=ztsj5Q{26*2Oɖz~6-V;6mR15fe4"SgǓ}|*Ծ!)|4]9e9;Bg"xگ Ζ#7>&h6l̷~oy͋1G<7WfY}` e:`vz'CX4hTKMIm!Q_Q~a/|r~1Ē\ikcnG! 1w_̆xKW,/4BٶX6 7YSEwDr/L48y 㢺tєfE_پ?~(?W[>mKtCհY-nN0n(2p=+s G)n}SJխFkVg%˓qlPH!Zw=<[ClMEu:z]{)Οpu#JB:Rzק~?W_ X'S}682{ʃ<2GR)Ss[m:s5+~W?⭿/v .%5?gm$w=,x#c?d&߈? k\giIk2Tlٔ>ۻi[wSr~} uRe{Wua?wDIp3]Sp|17u[GP\_^H^Y}Jgf)<\yoUxJQK~v~~ p~>8\˯xR~Imr#'.|;z[y6ŎcuF֒HD{^v_Z+Q~= d~QT~E"o4GQ@Q@ Ӛ)~XJBX8m}sq_`< BU#m[L 1|mτ^&.?Iu+~?l~=W+{wEqkFFj+?OSdMUQ'SGo-F|3ͿG _sRh񷆵o-ZiՃ0@X8 3zd/kv `"?t]4;Z8tY[$fk\ZFe`zWTZN\s%tGJQO7~Vxs' ׂuY[3ks$"Jx,T̵h/mS%߇Gk$(d,k=*+ͿiON5Y䕯m%ʦ6JIE]<_ {oƓA-^cg$2TVmQ![ Hے/#~ΰۋo8b<|s4J<J0y|q8&[[7g{30$ѻtks /< Hg R!WShc-~{SYԨhTଐQFGy?nZG[[YZ+Y|SnBࣀTBJA7\B=bes/u؛?%+c_í㈡%yRFRoSG"Q[|3siČ麝#1Dž`˿uJ)nv0+7O7>?d)ė |L~-|;d4平7+4mYz2M~a?c(i_{byebo$~)OZ-G2^[%tg9eGm?f> h?|'.ikYkpl:pG]z ~~ Auw|?W(}n# |kpt̰o>GX,,juEW QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQExou/xWOҴ{o5 ۆڐf' =+ T?>h.x5F+\yqMeeF.>/.U_Oϡh~Ծ.~=@m6㒆(6½ .칠~?nMS4[ IP$İ:Gp8y5O7]Xдإs$m[8Q*e*II_Nժ2 Fn~w?74o;ĭvړ4;]Vh. 0Vr9p+W?1B {|IY'icN>v>[6*r:WV7VzQ&ˎy׏eRZxyg$rkmh\=(Eޭǃ5K,[Ei1H§Ax$?ٟp^~_s$~OuKvuk}0۳28# 3 471yv'VcVm[ R5&{w |4Nu=Vmy^ykʷ6hʲ09 ;C?5,8f {~Z?+@fll)= :=>(((((((((((##Q@aF~kɼ/Cb\qpSzUJ~tmt< NoI< Ay#k 2>7yue3|?Z_H_5@/~ZGGlRx>:fB?ew? hm$^=q k Qg ĬƒodQեQr-?SĬ)F +y|,?kֿ i,6%5IPMV`X=_ >ͿĽfrDul0h姉|O?*. SPkBbM+fk߰hg!ç\%*'uڍq>6G3#|˻¿Sۿ~_cɁmm.amKbi`wp6^#O]oZԮ3_\4K!9.IbNjed}*[r}M<>ߛꕏş#޳[P'|I{-Ə %˱ܾN.y2?'lL}> ?n(ԯ/V QM!*@wHqȐ~|IKࡿ F9O jCGnBL% : s x](*F&I[u6Zr NX6h؟.~<׼y;-]_2cpG#$ SԊEO֋c0~6I}_kҖ:~4QEQE ?.Ꮕ_KoxυO~?FnVZM31ڲKo8'' U;L*juoM-\ibĤW΃~,O淼 x7^NּYjl3,SI2oQl\pOZrQʽQfhѭB<ԸZw9 eE]j_^̬sXi_O___(Y>x'Q~߶ڼiO `d)B {2Lc Kk_VEO|iΦJ59ЂpT*7fˣ'gFkdfV?fO5?|m\X#6nK!TRpp!'Q^am~><(AΗ&,H~(lo۲id 9>Zoڪ4'}?OIK`n]}E&#+So6?şڂ_m!ܙY G ͗2G^_켝՞_7_p*qY|?`++'ڬ:]6p#41((( (( c~2q?/ҥΛ1,[ked ~=& ¢)fco7)1R_ ?50ޱ/jZXp=H{c٧G nA,:u7Wb;c v#7$oh֥N]Ҳ^TVM*H3Dk:VIr e{~;Q*jݗ:PK))6#cGȯ>?C_u=zB?g&kxŋe o+G~VfKGRitJpn Ff$Tx^Ӿ?> ^8|E CI4nZ7_Б b`rz_ Vw$L%ӼA/[MĮvωUÎF@'WJ4iM^ڻ[9I~<)*;_EřMJşL6𨼒M7|OoghUc&ݧ`ubtxkRkg^Ծ.xoOG>&1B*^ht d* kK_#"G"GmKߊR~Crʩ #[#>?m[]R^(2/N3.W$lg˧tet֝W$(ofqKY=?MiJ/8xN/>&x#gĐx3RtюH ˰o6SQӯ#dxd # R8 Au9=džt8-hpi#x'WXJC8a6g9? v0i6@ƹ@WJ _{ww= 2\ݿOk=VjƝQ^IQ@Q@ H92ᕆA!&,et߲w.;c$d{G_,p+ Ae1OK+[VHX <ՏR}޵dG=|dI ׇu{1㒮uf2߈4x{O6'kYEuk ?z9:Ȋi~$,^Yw\ -dhOֽN&zp;?ypkT'_hR(>(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((l$qUW,ǰ}J~>2Sm?C1*6ɈMLzVۋ(+!e֟[ȀD'nY&pγ_*BMOx#Ŀo=f[[am`<ҸD<Úg k࿅~1-Mt3j?l6ZoӼ~d` o]i 1ȼA >=J+-z\B#t Va^I9c$*:Ne|)mJu\L, 쭪꯲_|+[67g@ l7g@o_>9c[Ű-,6۞w7cr__>?;3 S[ mv?}W'-x}<B{ }WE BՉd#AL8R63JyFSWHJ᧋ nQ%T,L3;x + c]W_fZʺeMV,[TDw 89V  _WzOjrMf hw5s QTWwg@m_T?c}`~=my?-Ehd]ܬC,ʿLej}Eg_6}\,c'ʕXЙV>MI$ǴC xwH\}܈3Q{_R+nLZ RK;jzcהq.ul'amݰn%P\V(,\{~9on_Z? ptZک+$UyS+TZf- ጶ'&[@.3c`I'##SwkV~ОYx;`+Yz #hff] ֖mxZ쿯Z( ( ( (+o{5~ѷ^?Ɛ#n$^v#~c(>־3q ZthmO[K_1ɲAF>Zě،g&@1cԴky]υ߷_W< U< -A=2wx^!9 ie92:C)A1_?((?7W> ~$xᡞ:٦r0=f .~Moe`xmӟFGJ.<>G//ax2obkiHOοN+78?e^]|F3m gӓҼ\Gܑe1+k|{JdRkyx;-4M=R?c, ==T4 #.lPT\).Mz'C7?a/|+ǚ6Z$۳w"dfvWlO:ӷ~%=L୿Nzt|mWYor.P`y"γE+|wGS]ye+k+RoftӃiNˢhoj؏u>0"мS߉qE:5KO#(a_31UooS<>.?̂8 dG :>Vf|/{7^*]G߈u/r;J* Pcw_e95O ;&?vKWZF%( vIrCfʥ:R{Ie51JYIVR{}ϱxY> @e[ESt1L!Ϟclgt쉁$JC%/oomSv~ѷR< vscs{Oڻw__^2_j>Y˭6#%w(yy @R#dbqWWovv~NQms={iufw9Mw>'/F4H;Xfz5_dk^!%A7?2G3~H*qFϸҿl5___s⯇^1)4. 8'@mȤrc%{&ik-Rk~#*16vI诽M֛Hk?J< G'&3ApEuH~TH$[A.W|>0\||kOz爬fe4X/<),9MKot4E=]Ꮝ [gğ}'m&׬>".c!;m˃J]F>r׼kֶCol3o91 Prc'i5׆?j^(~϶>񶏰^r43hlIVJ2\TީE{ew{#hZ-lz%|fy c 5xX.Lb9oo$_Fj_:/do&Z 7O ._&*q}SzWwԿfZK~22GkhF9}~72?~*Zcg~(+e}>3#.a?$+ ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (>.;:]ѕ}t h0+c֦ï =G[ο)m%x=/zf|gkfE-чvs_@w&VEV.K|7 3}I_!TWݧ}V[Oi?P+?}dE%~|:&o*VC+t#^+ q'[I?RWont߄zNiw- ;Xqf[u!=}ks,7roG#~=?eOh|:[-ztamM,}ؤpHg#|6?ſ~#rVuX|>;%\:A +?Q!ä7-rKy-DžͽcP۸>ŭxS?dx]/MCiկ&3^jWJ '>\A;Wq",g4]VSz?%}]S咦.^n9u'K˟;G: Fߥe྾ )x@:4;!LORO'$F uK[|gχ1XxnG_)JrF^FA=G2Mݠ%ZG+Ͽݰ"y/#_.QEgQ@_~*oyͭn>i ׏"oC"q_? Y#㇍<[y6?++xyq]I>@ኟŇ/Ĕ?UK|`|;wX}e_xoP2F.[ڊXs P}&5;g9<_:~\&IH( ( ( ( ( ( ( ( ( ( ( (kkؓGG>+wno.%~G3ɍS5UөRTEJtj韉GkO{6c>/}d8/ 66~hˮ:'߅XE#2֬HdG6m%6]Wy_ƺw7TM4gEwRѰ`*Ayk ]%?>ץy< Quz6"âp!4P {n?Z){k_Yͧ|:|#v+Y/no(LG#%ׇ*z~&g.TAMCEkX1Y .0F+O*׿vi·O 'mi(4n߸ Ժۨo )A nn>|lBq3m>>Qs:NR2wC[ , !k~׼c [IT.mtHR5bex_gm=ޝy3OCeu>T~??moR? 8&'fu AAy ( ?*={>2ɿ{Z9ӵ(Tl 0J2 xO$Ay~v>ǨxVv[b:d!t7_ {?<gi77 cqNH#'5,T1 ZU_<507~,ĿT/߱o7}'%hNrv'+~~_T+O{^$߉dKk! QRq_Bo?|WWúwTs;sp7_io|?d׏|'1YluKAf:<8^Ҕ/-kNx)~Ϊ|?Q(`z~å|1-?O-/Ŭj?ar t  uj cԖ5mW0b7$޿)Kߋ_]AƝO nꐅc$.ӌ>>~?`֗t , to]c廊*\Aɿ??43?4bjwI9‚yO 4 t?kVvkf`1:G+BT $W^<ݻy<[oQ_6C4LRhaO3Cs-|4Cyx-l7Kzÿw=<'Ool,k 6k'I7j^C̬vU5o trz\I+$cTN2II%g|;Ğ5sFom-{-o~ymn& c;2ۈh}'%ϭxVCυ-kJ5ͫ fTnB#+o @v~|-I<''[I"Ftݲ@ r2oۻ;~$xGR~ZFج&Y2_U%CHpÁjJ4>T5֊]~ǟJ)ԧJVXWCW?e>4 |NuieDX?Oßڋ>!Țk]jx/k ΊہOXZW|?x:z~z]ơQ-1|y_ 6ZO㷂L(mKBy E傒Yl,@ƕx֫RRis5fMtJ2NIU=:=}nnG w yA}'tVIPEr+ڹ1~9꿵>Bм/y5ݻu~3坼Zg|Dm:K-BxO3ko>L1U&# H?ړ-Em}?[iܩ$d,Co9_ , ;IZZߛ^d蕭H*YM;;[ݾ:/ٸU_IdL*m?HpFBF~߲'Zλ.|I՞N1Œdw>[^7[]=8 obJʧbr kUƬ+&ߺIj?+*V_wjͷo3tڛW.2$ L/đL첓Tvm□66XcrרtYk?vpͲ7:UAlN::%%Sj|{??7H˹m#U9'sx+@|AۄbF$HpdqWqrֻd1?Sj(p(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!1_FV?_M߲_G NI9-#8 6[ٿ~$x67e.T2Ŀ^!o3þ$ԬfKG.@_aWU_s`(:)wo$I_wï0[_G8c$)+S? m+PRxvh 7#e~$m5k4RׅQKoJ`3"R/W^\I$qjZMw621GPJ x [OC5/⯉E/A[8b2q'x/gQ+xڔ:,v>f;V^F !d 7, nx(Bm]:-biJ0i.;~YiC~L"+eW77MoR&tg"?Gg)$ac*hc@0@+7 x#'?$6,:Ʒguoy~2=h (u_;گu $6:_Zi:mƩNB,DQIx78nmV0ZƧq}r $42ƾ"Iy%\I%5S[G+⨥W (t(((((((((((( & h=#(MݛY8zNwzEuoxYW'Q=zt[ $kF.5Uenk緙. IEA?l]M翍7f_I7Q_2}PQEQEQEQEWT_OooTusk7Em?<͓y2ra~CTi?Aľo[rL9.-KPX`5.B*ʼnI? +ݥ/AߧxLJvakS-fa3]/kk1U?z|6:Nh$@䞤zY)Sa<j{y}_W-WϟH\σ ~3h-Ꮛ?_7?f4Ox;Xva;騧J2v?2ଟJ?omϏg/zk$mn3Fݹ<_:οk}[nny~||C''[m-=n7njv[yhCV"ߋ |I{vLbw<e@8;< r=}WRMۻJteӊIemO'Ld_6__|z՜ik9gg?7  Ҿ'.i ==zWoeo!EQxG}_ٿP[lmwQ&Qlzǽ~634̩֕?h-:jہxjk{z+>_Cxfڝ0jڴf&4弶@b 8ZuTVIzӥX$(̰((((w濟(W™~ ~? /Tt b\q W? sqkJ-|?Mٛs:={w#J=|>ú.u][?>SY|mou'M֮CU$ 8C\>3p\ZOݝ,N9cl209~߲dž~*^^.īFUBY.CSq+TBowr M,uukmKV!'mݫg5mS}bZx,ܭmw :e\pT+iOؾ?g7*i\"z qkIc8ۿڠx8zNGtީ>r:Nt4k^k{~Ͽ x^?LSM;e{2U/Օlm6/ٳ˳.5~ÿ5уN9&Z.?)N:t[} j}`m#xMBɔo[f`|qqzONo_5ѭ] tuؑs=kՌg%[9E(8cZTޓ}uo-55|m'_ñSڋ ɿT7Y d?2A>O Ǵ|\-7_׎o-|#_78Vr 2JHU(a? WGWcf܌V*k;Y-6QPFM{>*X~_?,O-/qd|2y pv,QbE'Q},J*_8ʫ|6J\HkG /#db|G>5f Z! s^Lz^-ZQ]|V8ҦQYQ@Q@-~a./|87.FuNۆ#O 1[A/5,tY.o.m H_кIGx]2Coj 4i1 (+/{W?7Y؟cky~KsbYe[x"i**XW5-D6T_-tkWιoI5lo OQi4mkZʛ{bFt_.3Ӈ8֠&^Pj%;>/EQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@8X~\M<}eai\10ܕ[YVYX{V^_濥NW ,ֺQ8xB؂kT?kĿ 5y#sa"ȼ*VP:pkҝ>Sڤ*v?Dޯmڭµc n^3& z)3]~+G w#_Q[]'S:>4 *'= ú8>WיduC]UyQ^쟀S>2Iw>GAwm4KRI?)wo$I_ t{.j=` >쑼 ؂E}.y"|MYS?j>&;N;Mfn8rTua3a־#~1LxBK4[RGkKM3AxvH$?/= ?Y'VO 7_ 2vv]j $RY+#|dխju9XºuMEAQ[)#7%G~h}g>Y#Ix8d!4_̋+*+U]y.uUWmгψ/^ծcr}kC?"|3բ׾xXoa`h)X5 w+OL.0\.e|- '+ =sP;ox?*p \+m*D_V';_~ xa|'hڥM!F9W]\ AoM:/YY}Zdˎf;Wph^5x؊uӒWOGQE㞱P_Vb8C"xnkKVnܑmr?)&Q^oݥMk <6g3S{ M},;N%OϫLb+zPS Ot:mfhT}JG7NfNOUcd\% ԅN+lxW'qgQ_2}PQEQEQEPHhਟDžr]x:[q T(2>;%RJ1ݓRiOD|%Ja;ĊMha8x4㏺\mAoq׆uxOkGT/ct8s<#EYo/Hڎ_{_ŝԓtW/iUP_< ng}Ci2x0T~-Z>ML/>H<'c(d񷈼KZre[Tq,_@౑55cE|J7)nϫN4Eh(,(+gkRoxWINdu0\8 Bp'<{_?u7{oGL>ȣHnac[*rk*{ZԒE9cqQ78GkOY=K<:7ZvnU.{_xk⇂~ӣF4m"Yclv85ќS9ZeOͪ(s ( ( ( ( ( iρ?%#=Kxa=q\"qW{AU JԙF3g]+S_᷎4=B[-BݿDmd{H_NX|Iw;]FFv7" =2|#+9}f״c/ЙmxoRS܎v81˜+*(}YT|juuyFM "2++g=N_#?z5]f.=bۢf':5_@zBTyajૺU?sx*:"ہyy.idOssZW5#%5,qU(8 x@Fŕ@r}iQ@Q@Q@8cO'M_jyR"rZad)n("F"M]UFݒ>m~۶ @>koIl5w%a^Reuda[_6>$x\RuǺ/&$rp Q %E~-&2'GwkecV7HGDaAQ=維ֈ\Ejٮ;[ejϾ??Dgپ6E{˞q׷&Y?S~诶Ggoogk Q HE¢+X-_#xahFvAEW9QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQ:5 % o*u/jMFn [au TU&NRvH-OE>kqglMŵ`T>`#gsUX¿վ:_Zw/닭&N\~i( $_hϊzƏ^+ּCݵA#QT }W>H]m=\&aU&b3 *J}V4|8ճJܑZt_[m{lPJG2YHlWjoG5/3='H)X¶rT7Oχ^%<}%5-[+'\%2~b fki뻉$𮳲Ŗ*[uQ-"'pI]>zٶ ?sY-WǕc>y+٢/=-Vscyk h2kB=C' s?#۴nxυXo"?ZŻ>";BR6RAeXؑ\qӿj7>|Oz֥ iYj&kk#]e(C# #5# ?+˚:QQ[ODGxp8MII> o'/># EѿA}k7YsGC¿,t}o>+Oo. 3](7Ox ks9팱.>7 I'78o s9|SiM㯈~9hMt+5m,>F#:u]iCʴUJIF} 'wf-q{{m_9co߱ůOZ&PTIdr,g$/__S]x&Ia#s Ӧ 9 df#;>5~=_4ՖL swinjrH:]ަ5,!,nWўn"TpYĥ^뽵j"1oχzeljEҠH b7y`?F;~f)^ ioV'y_+ @6,_M'·Vn4QufGV@w pT~_Jࡾ$#6K% K `?Rp1bxaK3ͫF"0Kÿé*nWE֡g)m_mϋf)4黠΂[Xs4fG (xϻogn_ZfjYuwypgG!UG% 9$k?o;^8 Us} rЂnI9]߯Cګ7-1xŚv:^g%֡y3|ŠY֋0^M~gpncfc_> +<`BzI1E'Zl;G.}&3 ԗ>hmK1縷/cVkFq/{<>_qrOJ_?0jI~IVF}3Ro~xtRy!i#Ϛ^\mW2y@VRE'5K+kgN5Y[Kd[UinHԞzT,%e==v煿eGI1f$p*?OT~Q^m:~UH~ B Q+Ϙ,X[ IO 0'~tNN3Vk=5#u-QRPQEOm!I..$ ƥF'I1V(> oyuϗc%?khꂊ(((((( k:eƑXsku Cso:7%KP?kh[}{3؏#@ C.*eGakg_^W]ܶV$VHR]Xr#E~6[?fm4HTV<(Y݊rqpIY* ~:į^ w48@dFs 0Nn_iZ 9¦5U>%WGw?2בN?ؗ \EOx>= z?霁iA~?WiUjBod[j2Tv1X m>q]*)8ךzEPEn@-|u?#|avʼnKݬfb:_A5hu-~P{i3fmRkh/<|sNlN:w{/NJaqIkۯ}wxG~>N\ոm'¶ vvp>T\3c :Of[׈d5KEkIX!Lp$IE?x^W5KRyVfc~~h5rG\!d,O%o\3+09~)ImdOS1NiUB+N~Ց1~_?jZOZcIqt NJGEPzuc_߲O3w5//EYeĘy@+4~~ſ ?%ԮU_^ qL;]:,`G%W٤9!~o>+c=f_(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((+|+>#mCTnlvf=$$@zw_T|"k?4;+I˵z:rN$1߷W[5o?X|}EBi mzovfQ?V)?^Lxv_#m#k^NH3! ?ȟW/c㦏঄Z&-E#ͺ,hyPʧ08XiJ_fc**[_Ǥ0__~\g,vc?u$" Dž50|=' h,M*Kً;1噙$\_Q|$~i?>i-lMj7*n#*Qz=c%¶3`5gh^:!U ]?![~_Wu:VK,a.44eQ@>P &uZ]ן_RrS]~^}+32🏼9iV} {) ֘ 54ϬAEPEP}_Lӵ2F,a4sFFS=A۳z5}F_4. v$8}~Q]ZG_ɣxج]hW 瞩o.joZGß%fM&/M6{lQr\M[Jjxˇ(kQ_ ˚տƏzx0M3YhY#y(?5}5.T )\5_|*{g/f9.#"k H?ct+Enzy^bVtS(cM/j0|FmXi"1BA➷'nG JkrM+fv'$_?x_5Z5 BMO!@ovQ|V)ZL\2es$ z'tG㱵,BIi_S{~'9I":K%5L# dTqx+~t43KOlvơR5PW~߲w݇ŸZ*S*ܜ *d\ IZ1a~Ϭ B{(H() KEGuek{o%M RHPzW? IZM|q׀iDJݏ5tTסJtIAx:\52!C;ew_?cڟ^ _ ,RmwiVl ppOBCv&JZfϣ:mMŭ+$r*pAףG6CI/_#˭ak!sֽn~d6o7Z^h+y3mp4䐪9$9ݏG`~Z`Hk}~v?ks+csV{}6'P{ @[L3p=(f)11Df:CѿkkK׼uC'<.[txϞzt6WއG7^tW_RsOg ˆUſ6:9i !B'5ּFPzQg Eh((;x{. wi@;Mp1{tPy#Gx[mCjLg d}>:?"o S_>7nj>%xǾ?ޭj =}1y&sܓtpNM,]WL8_Rl/_ϋĿi5ռs~l; rnˑՍy;x#5|/~ڦ3q&vAgyi~N0Yc#WOyf_d,01"BZIHT_I0Y]5"qG>dO [~ԏo{4gĚp7?9~z*yw?M̱_~P0¾_ܴWx*+\o>XgpXT5B;GT(D?f/7:%ި6Xlu%ю 8H'߉!x~|7VZouf/{^ffK=e"^xE!c@i)yx7T5UM|#;~_"[Ѽ-o}5-&Y Bz[8R+{;5 i!Fx&B _6+k'b{Ÿ`_,9Yu ^$&?5k+y?? |_ Wiφ,ukiNdupTVyf<5{ zdAxTqdo3lARUS,̛tiv98`sK+ap9kKuuLbq]nWttMJr($VLiJx?MBp,9H'k+= |.3[Yө}>)f\1._ }8IQ !Be޼G'u|K:ږS Y.%r9>]lrmĻKk/v7;&2?$r!3gO> hKgaa,,tac$ ͞ ~]m#῁48tAal-j[ā O3{*~pnOo=o6J(xP(((~P_=~!V?\څLۛ@:}5o߳wᏏ%tC\֔U `? ?>|Nߍ:4  S]`ŤGr'{V>{WF.oiowgpFhF b{l X#_0|l?h.p饅Ul`կ~=ÿ vk8e$cbX9u(fXtx>6EWQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQH2K8cB#TP2I'. c@KRܞ&r=d,r<`̞(FEk_  gMn V;m.9..'c x˼NI''5e_T^#sL5S~?e> xrV׵>2L{N5*(r F;=K K_CY-a'[:ol!WǿI _د?-w/mjO_ e.+g6]+1{i{8?u~?#j/y  QEVo'j0--/R{{ ȃ{b~.ԟ( 8<>]đoӦ9$*t|#qԗ?(g:#7¿p쵪,i⯆4d+[{kձ3}+O.82Ht|s+ϖWgts,+w n2nǕ }^K75ٷk0aoms9aWO'̪;*mz~d6髺~?foWG{o BvA?}V p|pn* YJYo H22A5ޣu%w,Jۥi 3RO$ׯ᩷|DEM+Pg?Z W~ǁ|+4f):\y*G#˰8Lbr}KK;4I.& 1wc5'SOx7_f](F-Tx:l=M_[*x~o |O-. \i) J~QͫGJVhOZm_$N%YNUG_Q?Y(iox3uBá&FcPL_'u~k k ɹI96F8];i63WL:ĭ*h7bz\)$OGvՏ2X .h}߳G;[?kRuU[kS_/ݫ?rd/FX?xw 0#_Nxmx8܃8ȯc/ |'SRݶͦI3rql/o˸ 6k{ts[Q9LSZnߊ4b;TW?mo6W oIv9`v&;r0@9*2r_j-ZG:E \pI(럶s4|Lէ`zmK ]3Q򪪌F#SOj|άFyF8fM<i|RIk:\]IXUUUQһ=h|Upz*Xp OčG-5r-l71 (3t QwOOK/Fn6V0Y/y-~Y׈$dz&ot;cu*r3_Gc⯇'Aumcc;G,R)k 71x/Uŷuhap6hgϛ}^^i1etg0fO~W=gi: n$x۪=+ qd-~_ /:XimVA9ddFTFF+' O>rZ7 'RQ l0掱{N~:,kg<7@h_7kXic0~uqM^pM ǒU; )qI.? -?I//T}"L[ [sGjP?īF*"q-;p2 ]S fs#>bITgӧT# (((((l_q߲׏4*xw6ʹ}>I'9_s4BȌVHR:;_ˌ_x<iOimO& Һ8q׵Ox9+>G9wuWY5?,k64\Mʣ;"L/E+7 ~m|1hsķvLgQI<)<\m_kwh;Š((((((((aFo|dզY=Fg9j2TjhKWW +3c--a~Ԛx5~O?xqi}F::5xjK$e܅IP; oOJ:%ijw"EbOlo8{6R4b{*mtOn| ZGgºno,,c? U ӨmϨ`)QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEPHh'51~%kj.mZm'{H-8ln#*U+TP}*S9${f!w~ϧUߢ*2t{Ix>ùV =G~id_B.1$l}{Ś徇&SԯmegnOq! ;}5^6"v_|#"ˇo~2<}{k[]:ĞYC*j ~/_  W|xnTuܧ\ǺL wI<59loGR?ZSO__ZG_&|(#Dku M@a2.{ S؋}:'~9:mN7U3GcXʟ#?o2| RDc mV;Y7>ٯ1[JM?Zӥ)$Pp{`)M?p0Ɔi#eUeael=k oK9 Y)O_L#vnSrO'"^ )#j+!2BjR\|HI۶_v,1|ѕ<`dh+ߊ"$xW%K#€>PqjasMEvQlӌ9.u+'y,99,y$I'M~_G]'(, |?|VSRhJ` "6(D\׾4?~DcZmݹ ke9Xad;($qFU tv|z4߫ r5^/+>(((~'!cx+ǀtiw CZjk* 6C |E|Gq~̟n4Cu͛z {ǹъ+ `I.qˈqKOϯ~ c\~ksnXFb́q%+o4˖Ԭ巚6$SQy"9`G?)FS|{WGZ4kp9kJmzb7g|Mc^3 1ӬM}9\GO'T?,uEQ]\K4qˇq]%<'Š)?(l?f&bPΙפ?Z~<`|9m:Bg5 mQGښ^~ |iGC:,y!;U&؁ݓW'Ocտhzt_Kꥎءx=W4p(D 0qE4Od:zn_??ه 0~V'pͬ%1u9Y~x,aT${eWRJmgN:QIyQYQEQEQEQEQEQEQEQEQE`zQEr |-oSMI,ʟA"}F_ѿlEI5O'K4pNڥ9ܿVe*+jX~ 4c[FH7gUnGb!J+⏅_|? bݶv;\իt5>1N8JO9k" |ebV9#F2H6  Dǵa1}ោ4_> >ipi @XbII=r3*K<4px]7|5E?ނJ(密_gZIw[e_1gȾ?*6袖 X٢m1SSs?F$UI}+g (o^W/?_d6PI2WS2+x?_>%JQE'?I?d]7O Yi'TmKw BD?tIB?H6GV"e# 53 ?G\iN^#ABG\:}W 4_~x c^+|;ZXxG~}ô.` ^Rrι†a|7wτ~|<-l6NlH ^$䓒I$>3_ RʏOעP&~H8=HHrwBpE:rztGQEgЅQ@Q@Q@Q@Q@~(- i*i4^O[1:NqGǟ&}>ɫxĺi_@.>,큌!=+Sb_yǘR9v?Pk?t'xwmh\O`=2|WFsb3p'c~_\i4υ@,t z_Ĺ*Gᇇ<',[KlF818ۊzzM)ڏ0w!SCG :E`)h((((((((((((((((((((((((((((((((((((((((((((((((((((((q+m_ڣ[]BCM@|F؎B#n9֨vDԩps[M8?o!OVRCX\^>~0d" 'm/.|_]sPg2Ou3>P8'Ŀ:TVmS\ow gvQG?**ҿO?`?;8či>%Ecr1 |ʪ~ڝ<.GMԗo$SbN_r]<;*^m?x7Em+u7TԎ6گN3۶W ]<7?b߅~Cif; j>h3g~ռ7akZҔ.^CqnVnpz}~NY$nI7Q[z|n;=\pE;9?(~oڗWW軗 ^8>Q55ş. Fcg m~i{lºk 鶧Ggku:\I++G+K'ia+\B%iqYJ]T=C$mκ=wF8^f־n7N,W*}6zy#7__ڗGO/ (\+qf$uWktTUgӼ]glalz=y5j_6mZu]."(bA $$'{񭭓~|1yC$GiB!PϘ##$Qr7ѧo䌰g)5]>tC'omrYmRF6_ c+?< Kx uM>coiI!lE~~ǖV?v7x32ov$9\[!UN}U|= s1߈Vv+&\ݘǹKabhfU05*H=l뭖SuhAkxd?<'޹xtJU-AP-.f iyl^G_}y闚/4C˺f5r*z`q_J_۞?ƺI   c_C y\i^tUΜ2_z>+ϡ ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( 3E5Am/?g_⫋h otD_"|"nU ֯ \o=tFl>$x7^w<~?dKR쏄[&>:=>+/tiu%|79п~K28s?>a;/cC/O Sl'iFOI,C8~N_.gkxtm;icbi#$ے׭6{+Foǟ|3xkKXL_jiED2U}=`0i.;P/.bQx~M$2,[m;Nݤ2 *j+i(M5CaJӌmVzZïAtjKO ,aLyWiea+LaGA:|┞" K8OiFC6u*F~# s? ُ?/n-U|=5 |8%sڿ+oU?`+ZUu/xCP0 982k8b(Өli;ku6<J~̛Vi;iLO|0k7k;Ӻ9M?cT$ڵT}EWɟN|8?,m3RK@5)_+f-2-i7]}z]OeS_~ÙSɿ_=pO~1?w*ε >\(0'z 7¿PFjwHYKӨ}SO vvXúJQEQ@Q@Q@Q@Q@aMOνqA׫w4Mr3J6ğ >$Wm>ϫxg\ҵH3fA7!~$k/oQ|$U-}gO^M4?ZPhea{yNIZ_nH>J?J[xF$g`cDKn=YeI'd̹<tҊs((((((((/}d>x|Xu8Tdդn> =CZ[$rX*2ۂ]PW^UK.gkox{R?mtf_G2Die1_^65|)XhN^̘p8QQB-t]F&+3}O >'f!vk]&d_6ф@'ivG1To s[୿ŋɚOxvFܺolHiH ׿h(xg/"o+> GRy9[;=LpApo¨U[_H&ݏ/_HXJ7oZ|TLwW"?Vl+\, =|i渰leθ" $wK̲|\zրRą;QOͩ_O/2YxYqb *8Yy\W?ǸZ1tiYY:ƾ}TkK7?h`9$dFQM|ɨXiiַV-b1([fnbms $_t~*CjQ"YmonXgCёԕ`}A~߷k^2l)u6i,.?7ɜl$d S-s8w3Bh#^FpN3YOޏut|o˳\(4WzEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEP>q-_Pi>kY3xwԛj|wd`!1'{$_jV3B@cs 1趚~6w q~,Mp`U~U$@Ⱂ5UybGt g\o؊^_މ ^brB^ORs'h$#?iWL;N JkcX7|?ڍ{doxgCunV[Kg"u?U$WF~;xơrӷu!u1HGbєcN8)0 =Wĸ|+eU)%{VNviUvbVwVំZ'ae<3i |Wo!.B|sX;'wqN tw|7MCNWUiBduWsw|>+㏬ "E6;ϩm@k ȼ)j^yIitj;gů]|\Ԓe(7?#oqi.O? 4*PeneG(wY{g_֤(((((((_:E!.-jAԮ1McԄ{y6ZlIVK[4)+ WzӤƿ+9_3Q[Zvǹby2yM>+sP8*^GgK.x} iprXx<c^w~_ ZXQ/4].lMk61ιNW @V>!ȯ/?| ~G]7\mm;v 袾X[mIwl73Og= $$g>#Ox/<5׏4Kmxg<8g۸drbT+okOFrQwj>5/4~ZlSG<>]X50>\KvY/z揬:adAꬤUNJ59kR:M>?7$ @(* bp#$!Ox<}wzN&,f)$MA$A"oxwAfyֺn_XBE|H>,|4eӵg4nލԕe<2~~ǿk߁O/7%ƚ~a>$2FSβ׸ӷz>e~ΣTQExGQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE|\~ʶi,7QG" _Mχnou>$PJ@T+$ûqQvE݇ }a3:[ߒ>W3uJ/ow>ߴ?:v:5]jMDiãmW–kˏk}WWڵΥgL\[# +0|o,O?U_?duCzu]=VhQHPo͆!Hƿ6U~xZ?4;}Zյ=>%ܮYhel;JJ*VO٫+isJI:Smݮ]}|)kOE+࿃5GgL7xvI.ceH$8Ka$r4RFUÐ}+ءcJI=l=|_)S3'N:*{j|xZ⯈_ ][TЯbKkIcpR\npv ]e(F2VjL~|5PʞǞ Ǩh^n.4]aѾPO`TOU9k*7_𽏅Q{mgH\YJG)B\ @G5'3Kۮ3{޻~1{~X<ҜZI-_7u<POᄮJ>!SP4McJuV_ߋˡ@':g< Q//#ol(L((((((((((((((((((((="YxxTu_Ty zPeF{ɡjq=:E#}}⯄;,O֊ܳ#dfUO?^:ݵOkqގD`_ea>/35s]ԗ_/h[ڋoƋC jjo݂?$WWԧ*u%vgq8A_ ~δ?䯆G0A?%we_1q/~=JFWZW-|׵Z0R,$$ف8~)J*7oգInn|~âx?/aTHk: CyGnaψZwZ῀o<;bXkNe'CAQos)i*~?z xGW6ʺ|I&XIYJnLs&acռi~>sڽί? M!c8# Y+sBsu'4&1a;F>fDY%88$~ W4iN4MVO*-d]-+F.G+ԭ*VU-Q~},s֧Gӣ(_'w}{t~̤s) :W;Q59]W_OzƯk uBml{ZC?!^Ng`Nu?u\|G.lΞ\ٯ' (,8Kݝƻ]Ҵֶޡ@B?﮵:5;S~u+R9%{֥ci\BMtta?k5~?'_ .)ZHf _Ѓq?`qIf=B^A3K4/;e)"aHprFxo,0Z9$gj\E4}Gj,6i5 {Pi;n"bَ0=W Gez6No#Dmwg8|S"ixUդRR"f𩯳4he_ϱ?7ua+Ok]QdK > LGsx]b?*f~ `>|1ZŸz^eh*. 叩&J&|n:{ :Sfhd?9lFIاF^\~՟)ş7_]jI,|mGּSC}gח?lkyFaɅ_#k)ѿE3^ xZ,-᷎hx%Fǵ Wӣs|nRgSAr:t=ߡr wj߉W+k:甖0(a[,3q_GxJweckt_?ū6u=*Pz1ΡcD"7A"8enT5s1~_#᷅a?KWK>>i(J1K62UX//H)GgQE%Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@-ds''I[HG%#do`>{r?,?>qw6ֵ^ḽqH~*,'-b%{_wzm·MBѓn?VӼI ΓpY֞[Tet%FWV_՝Sڿ?m|FҌR5-]5kY$\ywwG}e_>(u JUo Z.Yp-ʓ$tEsWM.?bK7ž]'^ms M+I-*Q_ƞ#?m鯟lVS(o"D'ĜmvT،Vz8{>u?-SUSZo տi=+Iö*Ǎ㲗S*2l4WVCsnȡe#)q5puJ{Sqzx.MDin CچY>ۋ JFxe=C)*ks,-+|זRxgK- Fk +ox'ͭƽupB<;T ĭ;9#FzPTbAW)Յn?P8SfU5) ?z,v#kk rQUfo㞹J~~]>_[m5DB%Iɯ睺W߳o4iZѝ%}ߟ<˰p*tf枟乆"1¬>߷wbOMcv WE*[͔ ą<䏡+ wo0 z]%m-,H{ Iq8ZXbGM;i9SZ%8$'1CU0]$F,Tu$ZG%=|ꤴy_j׿^۟ү< {}փ#} 帜g"~):b>&_gT\^ټo;'٤o&I?Nyd25U}xB_QrU&~j0j<9 _?G'7o.e,dмa~Wx+ռEnEu+T<xQ#/̻  ~x3 ;G>GkerZӴJaB̩m\VxCݩG\]N <-dme gYOJwOWkoS6&1%ˢnw /?S_BW1?ao.,6j ,g SuN3/|ŷQI"W|1[4Jo&U0 qɩ'v[AʱON-lqPu~p? %tҷvҕ1HG Wl ?:>4aڵmjaNEU{+$g3uT|m?#6 17˵ 'RhQϦ_>ZmJl՟?7Fİx:m.=bCmuȋsZB`xvҿ:T=+ڟ ~אMs7&+y~$Ko3BGP&Yɯu&XjGK^~߲!7^-}>%};g`GIt安Y|[. 4?نfF?_CÖx>eHы x?m;E#g:D1bOF[o'?3K7/St.݂2kٿ YtGI.e妁oz.y|`u$Gs>z$npHkD)PK*6]~|. . shiۂ7FQÊ㭓/?uX?? Z+V4 |=e|Z5SO7|-'pʘ,; #wc~ƿ-A5&] }J4%] W<a1>8fK=nN=+ (P_Wo ~[AB|o)Ϟ2?t+vo_U|kX5=V\Iٸ)<;NAE%H_ vxok֓滟Cw l_[ŻCt]}VU«ϫ~}|GM+Y|GFLXgECkGmȪWa fpxgV"M:$RGuϧ?٣|cv:=Fqqa.ҟF>``Wx+JAR> 1[l)dTf'??n/_GF?/6;^cC]kx9$|5xcMThnGBcDPOwbeo;w;=H`3_Z fbH_2kZ'6KI6埇n^b tWx.w^G |>=5Oڄ ^ 2~tLQv"[؂:m֧7,~;Ԭkhƒ''&@?޿ i[09}h-D~on}q T_>3 9>o?C+Ᏻ?? cR?~/6>kOL;3Oݭ/N_ !'yhEg`OYD;H!k6m;Wl* i ?~(1oxŖ~/mI|Uˉ#hBcoKrkCg?|3٭ZJdOe+w9%+y-Nsk'|I-z>.5MJO2P.Zio3$9w+еfhynk^^3Oض߱6j%|?i-m%խh4PY$e3_>*>gq-x7ǾK8ux+4C*L9`OH<_ ύ~?|Yh~Ϩiw`Ѓ8#jxk;^ ó ]9IW89<+`gRkW{NhVG tz+Y4WoTӾ+T? /.K 7ZZ1k*Mm ' P_ix+Qb+,~ iώz2u0tduoN?5d?_> E׵/.5DifeZ63k͌L_}[{kux-ndlG y?3;q2Ow6~kөߖr̕4kӗ?AJ((>h 4-RKm}k%l27R?M9> υZlxwWw̧XtWP{_~e!?࠾0cXU鹭#^&'pgLW縊6;;} _4]Ɩz7cy} VlPLe/Jqu)7#]5BZTWq_@ϋ:ߌfO|;sy'|Q9n&.-짷)Xlto> |s9=?GӦ," sp=kc/_ş>"M.'PP2,Q"10JಿQ/Կd>(Z9,lV;KˎBERܳ*±|3,Vq*t֒iߥM谸ᲘԩM[i#OȽ;bMNbt.[3 -0Z&<[Fxbݏ/,oX߁߳'46/a]G%;Z+q") 9Ab+/ ?_εmFGщ})Q_}xQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQPjZj m%ġ#fc€:k?/G_ӴM.T792][B04JYZ u*ӣͥ}ā\GK7_?==y3kzp5V$cV@O~r9|5?iwfCL"W}q_F'&ŏk$'MK[$I!rI 0Nzr֣kTc%= }_ x9[=7J{ ,߲7xL="oU _ܩ8u9]A]ס>+_^eqҴonE>~N|;pMZQw˺yQ8zǵVb+RӶ(`:݉uu +=B[ H緞6xf2Ȍ0U=EOErGc ~ʾ3'3{1Cpퟳ,N#lpB'/OX:֗i =g& ЌkD3 x/Zvocuh捇*IſUii5ր3ZHpggEP?{d~Lנݥy~G؟No+Gi:OƽBT$# ' 1=a8avJC8濙tHdYdtm#־[xǎ7 0#a̸~\Φ/7x {?f/v ~Zoof;hR}#h$e }_rԧRf~g¤*GZ(3ѸzQQg>,|pE;A}#xcePN<_˾7y摶?vTKkf4s2:a0lJ:wvԗ˯}g?bɫS[zݛD+TY400pO_ET|X(|O1d4Xm:?,1/`;Ěs|OU׎>!Zuj7 ,z Pa#<=kpx#m=1:2R>k$rYv)zoq+4SZt]de_gXɮM ht\ҹ 7o߳O}=<æi6<n?~yHtܓve t},2wVKG 4aS:Al8w{H(TS|;H[]GOuc}nC2E\>&?O/f95]b[!I-X4 3*g?l/+/?g/?tƝD)\(u1<}=(9*Һ8keJZ?2|Sx'wsºV\dyM ?Ĥzo/4ȵ6k{$Y!BÐAG"?_mĞ E6#nm?\c6$#<+j?boMڞWh]6Cy&Ib)QNsQKJߊ<-hJW_qq+q} o3я>V2@ěyV?~&_'Ý[miԴ?lQ %0xŖq*u8{}%@wNx57 ÿ_|iXf-א G B3['K|  |MUmIm:qm8ZGPpy0_ϱN+GᆖKxom/z(9v˺820?}+vƼ3?)|mC<5s$zFemwyg~r߻ gL4N~R=kfGb!:'׍s?z(!:'OݿD>T?gE/OݿD>T?)۷_G^3[袿)۷_GE?vKSv_xk`{WE?vKSn" S}xlw3f?)۷_Mo:)>ge1_ńpfkg5g3ĖK/"z+ZZ=C?O|x񗇴+Rqyycl H%X007;y'H<]NPU%%XbE}>m,D|S(ۯ53(>/ ?axlkZ.3mv4lI8=˿Wؿ㟄~2XuQY>N1@ Yrb/!;?<oisef][ɂ8qHGhJd<# 2N F{YhSN6jǚѫq?i' 3+Y';h~ZE}ud,ߋ7s[w/HxxW8vleh.tm lJI۱򕰸3JZNmUaB#UI&?-$hV>%2X}D12ȧ6Ӑ F+W%PbjQlC~ſlCgwWGT֮<T1-+LbsxࡿWſ_oq[jЌ<%OpJ9گFӿjڛ;|= o+`TF`ʲ\A`@w-|ed <K#-#,Ĝ:(9knp!ݾ򵝻%s( W yšoj ~ V>"|L>!deECnZAp\q%Kg6w2~Ѿ8R"a"9gB7_ҿ5ݟ \[hu"JB27Z*|\ٜtaw+=@(((((((((((((((((((((((((((((((((((((((((((((((((((O(?_!|gB3o0~&?Rŏ? >5ž8 CYd;nRFU9W~ҿw|hT:?R4a6 !8meyO/#̲c?yM3wm|>xwK4{?x~F<3n FrC7DH,rj&oZ?8Rj wuVQͤ1 pN'%7<;3 ju#a=v(|O|h|jڏ>Ѹ^Wl:)?u~g^=ƿNZA5/n{vA +]~RAa__?jG[ xcV6vE(@U_O&WԼ)'|:7k^'x^U89Ix9 BkG6yϟxD,VR0sg>FHqb3^}Lf]{7Qw}=Sf䦶V/՞?X_텿ƿ6 CY2h"7! ʮFYJ+8غΥGv$}FK < ISp+((((((((((((((s |Yz^?}kBBڀ6 7~x՟r_;2Ծ)kɢAr?Hr ڟ  /4 |Bᾃ32}Ǟޖ3\]rUmme\xJ:^I߲c- AѦ춸7q6GL.+CAu~ƿoO9 ~۸'ZJޚwߴ# iH$ŽrZ"GbTxm k[bjY|9ͤ*zNHg-?Zφ Erŕ$]JH?墡U7H*f<:冾KbiLil~ ~?KۛŻ?~jIe]u?أ86<r:)OC je/2SCIk46/^ssx/V+[\i=Bšu>naV[>N}7s[OuB_nC~|9oo~ }z.RN$qK,XI$"[bҽWE]> jkaEWQEQEQEQE!3?c_wӗN~w^T{-5-=~8uıVMe(aJ1W?(j5g'R|noG|I,CvXgzyF0~ ~ПO|741'.}KGԖw)tdL6T#J$d`C|/mbf0mfXPGGھ%W:v}O7aვZqVmC$6k<~%jPlRvzWEo΋o*dž=GM z18,Mkǩ,uTgq_ʿ#i'_o^]G&1tٮm˝Ą@y5s$i~rMyPub Qj~- P-oT| ̦!˙xؚs+-,v9BrsŢh${v'w煵".b\<$@ _ O~ x^-=OrgE,HUw*]9gj"g`=KD0Q?f [^߉-/|_.χtKGIyAPΤ k?Oƭ{[[vd="m˟G?e߅MGA_Xyvn%lk ?~(mrMIuR6=o&4_t=3HG嶾/,6GVm/n 1g3t? pWo/Z8;0z/x#-xdۧLdÄI'r=K y>,Qw߉ůދ_Σ DŽQaTvU{;uq?}T_w߳GFtxK&g5ꚔYAbdf!IRr }ۣv,/'E7f)tyda4p|ylƟLقOڛX::Y6GG#α"vvQwZ֝6MGZ=}4Oի~u\o_nu] JKBpdَ1|Hg5ƞ2Y\LAu)a?,I0MAOH]r~TeeZ|=-Ic{c9I`S֧#akb}m5oN_nQés7D||so~&N 6-bo[7m@:b7twğS5մF+ѳUGpHWuO?෇4-cX,Ipo/ݖ?I!v*x]m-WqQt^ z9t? EOķqcv` >0FbfV&,!؞?/OacK|/o5"N![Eaƚ (6 ( ( ( (ƷhMzLXF e+A?a׎tBe+~JT(IX2WQE%Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@q~c_Oxϗ3H7F)޻ *)FW&Qf|"⋏>ޭ?& _V~ƿ:i7<~?5%0/_|{_!%#S KOGc{c_?<;]*l҇OY/xMě#^EeS9fZ._$`c~Q\@QEQEQM)Kc-(((((((((h'kI|<)/=[ؔZㅦ gdHN\D ǰ5Xп.|=$-mne\ו2>~>&t\mGZFT0$D% ~ƅ { c£J#,ۜ?7oךG- xG:uG̸%wdY$ydidr͖fMzr~e_x?Tk_:㧍On Ԥn8 y<_ NaA|d/1Iß.;cU\oٿ0k}_^kk̲ܴ*r"]gFq;Wcs 2Je'C,wzys/A_;Coo_ fڽ} _Lr \ܯѣSUSjӣMn{?i}??to^H_*/A6do<o$?b mRɡPp8"HEDEW@+ͪC Yz.WSZG$+Ox(((((kk# O.~Гv/|mq%gt~kRzpȝy;7|>> ~#c= <+9ץ<w^O?%yeooDĐg #KGBGwKt]Na$SF*He#A~ҟ[Ρ▐mP~KXnz} ?UmK^{CHE, 1*z9RK(< ,X,NWmmw^e9+~?_ w'xN[ L#dBG9A+ rA i)[))!Wυ<]x~Ş M/Pf4#!ԐGҬk6 6m\m,c1Z@G*bg잪>ⰴq\dnHOٛl>.ŷ|t:nm Wge

UTp)kEzҫ=Jap|sE4]xº4-HS{/EP r衕G%@:~=zjѫ j0Q9k8u5JDͥȑZB62伢@7g@Gޯ߄_>|x'l|?vOcUfUVsr" tM'útZ>[@Ckk89U[c1ձ)7fWv1`)F1JjY?/|X,kRu$J=37EPO/kσ?é|{c_XEet{v wLĝq zg>*&!;5s3x&rpʲr w~L2 ,uvgߍ:|K>,|G$5ָڙEUGT >~r9Y C-k&ֶw|Ӆ<3yHCNWU??t׸mAEF ek,mtXllm#X5ڨ`( sRo7$u>W~QEGQ@Q@Q@Q@Oozonk=%8i08A =~Nx~&0><0ooi1f<"'LcswSN?őihţ$*%LPIb}h<< ^wzz^-VUNѵ]{Mkq SA A+S _ktυo-Rֹ wȄ$s_J;Skx˜mm,% FWRsZ]>8_B0zIٮ*+(((((((((((((((((((((((((((((((((((((< ((((((((((((##-(Wti7 +V`WΣ% |ҷ#8 sUNbDLEN__3Y iuyT=0AE~_ן[?^ò3G_UZ^V#çFsN>"I%oVf$5>Q)b%~>i37_ெ#>|Ե+Ken?X<f1\۟ō*[Wbe1" k0O_RoQ8׽G'h?]=?íoM?(k{>2ʅƓ91堉s'6Gg7 GW9?%۵Ï+1&;ux( =p}+,*|FUL ?v_r0Ty?(jI"յC'L}˱"8]3u_4TR[;_0x?,>ѷܓ]͚2d2X _81][; gȺgkR<;t/grD?2_f|?g_Oŝ'Z qa]/E98p*ƍ`׼=\ZɾvXYH +pzX|OJI}`cFkD|u:^dׇcQ6p\D srv9̝Jiߵ VVTrr.hc=A#|n[-;I0={=J+;((($QIv5 ~Vy>:C{6<|k2߷nxHe9Z*J0aC{{k[pCi*$Ǐڷ ~l$?K(_;{#)Oo dZǽsY!tXf|KB"ԩcIz4rEMg<Q|W7|@픅Ft܇b0x'Sƈo4/FJ܉.jB3>hw(֣듗IF|cW^ǁ4 _ x3öZNeg 0U,SpFi_^S;E}÷r\M!W }>ILgcgaW qWr');{a$QEIAEPEPEPEPEPMFIn c(߇-#o 3mH > ҕ9V֩4?i4q<3eu[&oܝ*ݙPs$9G^3yk!XV7_#?Ǯ+<_ч sKWƯz_T ΍E(xhPl dy>6ߩu3Jw?<d/(k%xn%ǻ0O~~̿Y?#ե?xtO$ʶN;ObY? ï?d_lYnfº¥C IG/y|/Wį~'| xUeu[6u0{2Ƶ)Η<Pf;䚼|_'lo+Xl/"tr ea4:|uo?E g譴^,-elxv͛4c&/sONay,?q2=h+.yjx&ћ[[xvBNW|@~mԿh}KNcF q_7F V3O߆?<;/~*xI޻կ-]cAcK|?Ŝ:!ԟr5+oC'Nyj2ȯ˟x;՛\񿊵-^jw{,"ESlG9Omg^/Z:FlXY8FI䜒I9(mݟPQEQEQEQEQEK^ѼUxk|wV7ݴ˕6e?PkS t?A@L ᫻ 8l/U\6pÞ@xǿ;@?XmsNM=O>x79z;?VtoC#: S5(,4[=A&i'A#-a_o쓥~~ ;oI,mjvإ䁀3~ YZmB4vե?r=JZ&_QEGQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@#P_!Qg}W566{I@x/qA*K kVT髶c^<='RFC 2e?+ANV\eX0V0C wWƟ?ho|G+cTcˇ L">q^kkמ*VqjZ__]dyX坘I5s?|q[fXֵI:=Jϰ Ā$5~[iyu_>b3 =N^/9jcL>&טYm ?뚷[y񏬾Wc i-mv#ԞO5 .xZ|?_lVV ]\{<xf8sSEݒ|뿿r(.r+8.E<@?.Pie$:7_+SN'POM?I]RLaV;"_E#0i:Em|mQBA5B z+XeEeeʲA`s,.2>Z3]$j%v~M? oγ :$Kc`79|vߵ7|:2a|Q\0=hhxLôE{acYͧq\[FцI`x =k7e7μ狊0xx.WV?Y[Ov>Eխu|&sʇu`G~ݿDLo젶 Oi.0u1f?6/x|3y|]@c&8 dW1LʓQ׼^Q+/MZ3 AsfQ+)k߈~ѡ Y;$<?x]g j~ܥō9`NUՇ _K)&`;;/z-U b}%;W-?v+$~! CQE 1N:e=TpX t8㰸ZZ^8]'-Vֵm$(sɯk_9+$]K▼%M {W/#ߎMx|OTd Q "8e-i$GjK;I5Q)Z[/Pڌ͢h>;χ$BGJ3LnLy#ѡTk[T5J[5;˩LWws431%'56w|$vaOx鍔`q[ta g?%Wf[i*ަ(ɚR?ڔ)tKǖ6_s c;? Ax uCe\4HNDi B~~lGV^;~l.3zvAE? |)!h{΋&ܺ~mlsXrkkfե5oŞ =j>o%D'kk{シOv]BbC\j}Kk5*vS2J%y:tG QPXQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQERmihFNQ@Q@Q@Q@Q@Q@Q@Q@X8?__B<-+7~F"1qr0f0GXU`~T?kbo|in_/K6mNoquˍ{6]qqq+Kqq3yYI=(^NO :rQ]u;'Sоs^b2DS@B 8v_62/uDx*\-մn<M:[]0bH_: ̫lEμ0O6;Do|E^X&VMX~'4zGOۚºƽOİT+7ᴬ?\]*_hˁV\WwsJѨzw8je Z~V?o?#e+xҾ2!f27&bF&4˧~i@d>$.cvGvHp %ۡJL@qݫs,V&veG >}lG*k#|7# <+g_k)ҩ34q0ڪJ:LҬӴH@a5=|+|_OL$q_ H9_Gy+ל}L|2u&`IaEW)QEQEQEQEQEQE`}k ~W _6ݗG_?,b;P4, Kb;P4, ?FqdŸQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEG=VѴʱwcI!?k ~ƿ5zIu-SO}G!T+O7_[ޫ/6kWs^\HY TU說 bI\ח^e>i4 +@/c+#ď8#󍽵V6V4HRN:{Wd|px~y~Z%χcGG/?υ? |=&jӈmЅU#GxW mx`TnJэȇ#1 /V+cӭ[< 4`39b@ȯ9ͥI=̧+ EAk zѸ`-6ԃ+~(8F $&h0T|s}ni..df2\LZIbXckGo<$kԤIvwX~Ӻq?Hxb>*"E_zi?,y /G-lXxs8OKqy6}p\N3qu3@9@s_5h-j>׀t^ڲèFڅzqZ?"O`Yu*5}OK? 4xf'tzvK?ʑ$gwMo8̋*Plo3#q%5(g^Qik({}_\Z{[[j~~G?h 1vږnde8i]e*KV\ߴKWVuMSR:"i\^x~8(%9d.d۸9~z_~lq5懯Xۤ:guM4b'` < ~ž5x{ڄ:䩥qO} Ņ;\4i"6x]1w#iW.5*Ʈ&m&M^-vi:[iZ}n7KEy>~ޯ|O7:G؞񡼆KIcJN$jYEu~_<7?_F ɶ7bsbOr{5^ OީO忈]6-SZo {eGbbJ)HfivVϲsstfw^^H/wZipG>KQ*uW5%(RJ-YqI;$[*87Dj~|>b4:z:?| sDZx'=Yj~}.DZ|E}Թ6.fNBqbh*3_▝ G^m:(((((((((((((((((((((((((((((((((((((p2h4i/ȿWho*ZxoG{x荖Ԓ 7dEF2]I_sO?ůڇI+{A>oX\4PA 9-kQD?ꪚ P.gbW+ my<ʑnwjeVӌ,fc| }7#l8  DAVbs낊((bF8YHozHj_K{_%jv>O D8pi TR~#[%čc٪Ph'$潌v(_9琽˳᏷/7>/$sRuxb,xG,,@H _tx |8mq[8!R6ݴ] W@_2>g\c}Ό> >WBE瞐QEQEQEQEQEQEW _6 _v~ ֱWv]pf3~h@*+/@*+8$=ő ~EW{EPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEP_,_?iC-<7{k2K[9F9BAuOj ikv}8VH 4}:>bj_ly'In_?>(.S^4"Ucw}V 20ߞVַZDdi#EN g}'Z<+~M=n5|_b9}F}x\$^gxObu3|;҇|;1]WQY 8O?cއio\)φ |@m6 ^_jWs d{$SUAwbiե9zR XʩOF2rR\JoRs7$Z/R }4t뢳ސx79l!ԣQjJϴlb.F 4[`~=x;A|5gyK˿xeh^4J6rMݣxelTMo#9o3zh(Y>H E+vS-SmGeׂ#Ais+1mݶ8 U<ׅ9(enj JRs3Qtݮ4-֝{U*/?<Jiu-Fi6f5C5vCvD,wE`AԆ h2WM?V5K=b91LR&` :s\_e~#,7^ۈsn>b}F~Dz_ٵkjw ]6Iu ж+m,GyYtfxrqu-#.Uvrկ rp4R/_%۾λ샥^j?>h6/-o.VkuErC2RoP'UÜf,; ]7k˙ɹ%v׼[NJ2j-FM=(ѡ){j}~뿡ǚÏEM.!q g8 q|Qö'n|kCXnCH' *Gb_WZGR-.Aё[#Aĺ>qNzW^jmoKޓ>_2x0M{D_ZO8>8Dk YeXTuPwL AU{.8\1^5~~?Y.lÌ_ 3;1H~exǃFOz?G[XUVē~"idM'OnOx-dTz7=hVx9ne=}%~շ;>:w}l џNc+_]a~r[U丏^;tQE~~}QEQEQEQEQEQEQEQEQEQEQEQEQE&@ Eq?h?~2W;huY S)>󯊿ฟIM7AuVq`WE+N #+ GJK՟`Q_?c3av`? yuռYh{ d^;<ҶWE]җe'eQ}הW'W-G4}R)gI(}]Xl(Vgde+qhV\Z2DӪzj񏄉O?KƟ,Ңn-&Ico$lO*BFM +m+k v&o(vϲk|E~h7g}>베d3dWE,.&ߢf51z:T^#+?Lm?'%Mz/*%^='ߴFgy&6kfI'r*rq:ѩEW5[XȮ-]Ǩ#*rAEPE!lW~ѿ+ZFX[薹zc*j殝:e쉝HS4ݗYdzŏ8S7i?gIG xV[U=DY-K []L<-d*>~kէUmβnL#ֿ t/emp7-k7QD{'8Gq>j~Ԗ2{EF(T/Y}I[ީTW?RhaI wW8d66pHJ&tN\M>8ԏ4]אQE%Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@8:+Κׄ.Ǖ dsel:zk~?kOTcY򦿓ڣYDx>j[6EJdLy9#_S'w_|3?֟oZվxUW ]UXx)w*]/šj0g4mORX_l'`6?[.-Ud38P[U1ҫ6YS[/̜躯y~AEW{EPEP_?uGõ?i߆Ro߃'?yn ֿsB'ݤ~867,1r뵵{Wv]>Ld|838{Le ट|VJI(4_oݫZkex2oXlUhdY:9,{#^YkL6ʼ3F#`k8!/&s#zsgԢ+=((((((ǿ;@?XmcA???gg.dUhW_.dUhW^qHz3#B((((((((((((((((((((((((((((((((((((((((((((((((fjY9W۟?eb*^¬q:>(Y6Ҵ?]=;BWzHL Dn}Rk.tfܺm(l쐯F1"koWMo~ YžFsufYo-Kf:Y2C fҲIQRuf\J4~ےQEM{,;|=zn+ެ;/'Eҷ'\(1,lC1iڵ~|TºMcg"o#4yt6HR d*yt6F-$eww%ubII)пfcB!Gh/h4HSW0FȊyrCF\qr~M28s|rZK)+$ҍy_*uiQ:Zwk˷1z<3jB7][Ʒ˭0% f Km8$ xoZu$E8_Į+R_Iq!o|0>6|7}2Vp3; 0^zW.MfY F>ab5)+X]vKoV蔩Ӵ[{z7?keݕ4\3\ ۢCq]C`*_/i>%__躅"K\}UBnʀ* K?~%IVՒfKZˆ>PFY (@ @SG[Ƣ 5ea r08n@b 灏!a(YӒMIƜbN˙50a#)NVM٦Vm8խws׾!𕆥y|coJIŊF$15&E0.8Hj6̱[2:ʟ7?c_.-o/J  cd+X!b-/u/ |_[¯o야gF6}AGZ_^^/ѦԕNZ\Zyqm9;Yytq|aqiE%/zڽ[wÏ$NῆIi} XXI$Ij u>V[VUjRmoVzޭъbVARX\iffIoGF >" e85(i5qHg>εoOi"VX⸍Xr0ߚȯ7Eoa+HbdZC(/{'^pqO8{ jSӚ*M|n2EO(j@-fyH  }P3|K7C+\yQh&Hㅫ8o%[V٥~q!&U+*ȅpF ~ǁֲ9uqa5GЏdZuq?o> ~Ϟơs\nKhwMvĢ'2kQE# ( ( ( ( ( ( ( ( ( ( (~G&"daiX*Ğ.o-u-Z'q-h/u冚 EasX([ vƿ !- \xl7Ecq$ ¿2̗'*k]^/7BK"< _Mk.icݝb~x_| 7ƱMX}YIa'uVeVDJ1X`|Ϩ_CapQ#X~-F_X㆛o2IZoOr뿳Ż_I- qg;HRѳ{8ڸmIr[3KSoπ|'[ľF292Z:Ÿ.l6^<F‹GP6+/^0OfG,5 8̧AM`GX<.aJIkˆb5=n_?;}B;;h& d0##M_?DOU44-3#]aUӟ#/M5S:C?uSaX|g%?i D8Sʆ8?2r;;/: ؚS-|_wȶ|Vm# ?v?7qw{}r$I/I$ʾUڤZOhuId$d+ bf';T s;~?`ced'tV#WrÄ| ]LH#5ROjy<%+N_wi WkhR|_ksx(uJ\jM![NM|y4Z.o\ǜyHY=Ԝ04+?/HwWr~_/!վxM3po)m>;8Ft{~_ Nj aִ?x~g̖0$'|E\_]HdW=Y,}ɭS⎿oӬI˱"4D\"ʣ`ZZ_Gae I4,pƃ,N~0TWroNr)rS_'Oeo ZIocb2#w:nn0?]{4-f:haU|;nN=RO^~#ty쿯CU"6?L1_?OīW4xU6)-Ia_A|l5kGFXƥ'qilsIfUAU`;?CDž~ <>k1MF-(.Xt+`~#/N+bߏMOޝ~[Y.kHtoQpʬ93L;3+OZublO.<u~v}QEQEQEQEQEQEQEQEQEQEQEU5];B.5^;{[;wV)fb{&?0O?ƇS[٬|B!\Im*㐳\*ٖU[nqդ٠N1L(N21yv# Ö;^uOڏ'أ@_?.7]js~B}<*8{e" K_3)Jrr{#*1QRPQEQEW]?F^|P0Iբ6QHH+hovྡ'žtyXʹoHⴣ?gV23iJQ?Lq_ԟ[?|S((((((heƱj0ZZB]]\#gvlP$|^t~|4H%ƽw#Gy sR ܁Ӆ1K՜V j菿~<b>cְYcm ?QO>.߬[CvOZ? 4Fvd?V4 VIo;:UQpzk#VT?#*Ti~ϐc(n!>2/WFk/O` 8ݼ϶Cộ%y߾4;19o?H-b6 ~k )>ԡFCZTj'ous dZ ]Z;TW?/O_Ļ|Nx~?Hu6itۿw\a^Eqoqoq Dae#9pE|+ϖm?F}>CTMEW1QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEy?[ZHk/XnW3޿gNW'鐃z(k%<ˆz.#5?GnޝxK⦮-&;Dk稯O7gW]⾃~Gu\+^wJͧo?͟'~vqR'Y-a_䢾Ӡ~hv2+7m}u$t-_;D¾S-c_r~2]$KY.e#zzR;Wn{REs 7K7-bfӵ 5ຒSh|˙;BK #V>!E')VV^\ѲIŹ5%V)exVF?J_fs|C/-mSLkm) "@Y n Tej?|Q:ޡqǥϮkI{, 2\H-VYj lT3Kgq}|6E54ZZcwV|D46 !7Cn[DN6_21fm>9|J.Yu tk8VBx2T7'8jYc-?ma{GShp=1XwL>_3JMXI|-̿mIzoke9W9lEt?.οe? q%SY~!cLJ*[ID>J[:M^;wC~AEV&EPEPEPEPEPEPEPEPEPEP\;@>xot1! {'OJ4/|ӵ!jk:7̰pg\{}veo!I޾VrUίeIZaI{Z͖ip0){;&uk48/40UQ'Y+ ooo"55k_٭ ;U8T_ qలmH<&XTizşp=b񩴷Լi[xB m *G@~r7 ZE~mZLEGRgTiSMB !4Vfڟ'Kvzռe?kx4&<4g #kaK~N>GҾǬhou|r#2 _pGe?ڇAӖ+Ƹm  ^L].z Š>'N<ƥ^+ގkkn kh7}LCE4NW5/u?iO^_/^9=tdO}_Ω/7k|i~tᾷ6OV[OǛO=_t5Z6<+bjLmzGi~m# $ԯ"tI'bPprI'eK~̾._СԾ"*^D C#p'<.%)&?kU8RM+EȚɎ~w׬J9E^/fMO{r ~5~ F)hLq Lqa]8] YXM]Iur88#*QWNTS[R +6_x/=kᇍ,SY_E̍=T ~+/tO ~V~+`H'muEw>ƑW'3{ǩ.ձ3ٟKw??`>"̞ Yg6l?H]s?aV. ԂW͟Ag%^bI?*6cƾt?].=Zgx.VSA"?EaoI{lq_}3q;O|Ftrx11"~?e4im&}4{~bg^VH~B%(ѨiGo0xMVڮ۬wRU?e9VSʐA!%jn1z.}d*>{hm:|lbk $O82G.y(Nu<GZfo:|GfлOk޼ _txI,I#Bc'ڼz|EATSF$g?,h/Y|]Wz]XMtTPu7:0s:KerQF^x\?zMմohz>t{hs2ġWϷwsZ+Q@WXg-aG]2x㵍lE =>zQ]I}ʖI\ܓgSK-?:oKZEǩxqz}־T.\ŋ.fmwOa޾'48Rns-"1{\g>-0p>hꚤP`O^o?(o/{_Q~E^h]\4LŧV-#ܱ}} 15Rq7/˔ ~SGLV*s}yT`OӿিUKJqC>Td/ğ|NğUcXmE+c;XU5G*nG J`W1Ꮚ4ۤXɂ)c/$r85˔ϘP.OOSlxfEN/)]}r3+f_ÿg«C +YcsY\|Rz 9,/B\КM53qM>_0+ ( ( (p3?er>VBuAcu啇9 XE$Gz_߱# aG/.4W7(-(DQI*~)hL?/r b>c/q_2F0Wvo_jKK~EW{EPEPEPE~߿?o55{@D6:?H|W{隼| X~?M~oSxV5Ɓcɘ> 9xg+g=7+_)d"x[Tێ$BO6[r?M}=oeO:߱P:Q_0}`QEQEQEQEVwUxrž--/LP$pD ѯ.ˬx QXaM|һ% VVL}!089*~or1PY|vxo oė?>dd gXrlmaO"US.%hjZD-Ў W;hamD87+}Ձar KKNC𕮩=cyE *2 8{wL~WvxxL֤Xl"ml!=Gf0P[012{ 6[doY5J&8C1_[XWRxW''u/kW'Fy|ʫg|Ä>pD{/Vq0xů$~SωT?eغfr},oї#"OIiYaEj%o#8{d_' UgXď d,Mݓdas]On=SWOyt_~(WnTm+dn9bGR$sML$u/U(rb< =n|=s%]įQ=$9,#QBF+9o&/-~|Mno*Mjs$+{~s\Tok(/z|F?T ||{xSB_"/47bi 0ά }6XSlڶٞ6+[n}꧆KAOu8oJ;vWSA{*koxc0~kEWQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEc|ExնSHVC$LkLMfHpU(I [kk_&\VnCw@=WpkUMI~&Bf {@O9BF_$^mgI +i?rL?CO3hY]7VXw~"I~+O:8~ _7Po- }ԀɟM˞c?7/K߇a4y$5:8 n"i@UD[X#}TxHk[^?}obFPr韦k7:փMQlKXF8n^6R/;X zWCI).gp+Y*hEQӡS]$Ǘ#8'3_77QO xHtkV7z٢ͫoXwmEoH2FUO冟SOdwYQ_Uwo èc}Y֟oCaha4$U`FͰ8dyLgFINA;'kmBU9_):uV;ǧ}qV\*Ϸ3|]wӴyo63&k짒#]'ռSq_^f^_\^]xIu5a51{iT 0R,XxOMe`4V1:@k()pf117m4ښJ]8J/&lmZUhnV}ⷅ5߇MFx˕OBF@9ƺi-֚MmoX!ޱ!'7 RDvȡw?lOXǘ-q}E&[y SNMJ-wsWftcB4cS{ɦѽu-x~4xq+6:.qj]`# ?8$&G7 .(r#j#RG.\9'^'Im9GW'nTQV1X)ƕ{.]kmwⓚuVuM/\ӭQQ$sFu`He _J2jaMlkK񷊬|+Y.$?>96cR]^[3*8 ,yUaɤc:ա*vQMD}%8xjÿy0P7,E]tZ[ik 8Lm#*=>[G&0}!MzB*+GḊWYo&~?}<}o/C5'# .iMv;mq_i:N R<^e[G]ԑ^h^??j|UK>T LAyQ%s~++4utjclfV9UT[  sp \x<*7?7N8O[~GQ_ f"=>ocjcQ(j|iS> |@KRnX8deSR#8ͥͮ1V (Š((((((((((Ŀ-&wX<ţ4?L_F;_+JIEt[BḩcEhxN84~L C~߲ G ȴ?pj_4Q`_zCb,?sN8_u_EBa?[;G¯+,t;_FO R0%f1"~Uѫ{#:*9Scf"5O_k/ žyBidb=q5}qG?o]Uvhz;J#͗^Oe˘S~uxWҙk2Gi~f0#C 11'Kp3ֿF+71 I3\mj\ٕO_ae?P+=( 3QxQ}ss5|#_t~Zvs036S"~k# G X~#O}}s|D$p~fr?ƾͿeSE`߷"\Z-hpŔyFO'ޚkA1ֵNr/z=c>9=%~n |pUMBOh cՙ*k柋?owuύ"ܬ58u(z(_"A._GG5>4??5/?~O<SCԡEh[L`=pk쟉A6]>/Ōg_qKv헧O73Z~'K_xo"i{Or⊼_ҊEbzZ<(((Ҁ>]ٖG1⿈f_ka5#rW\r[MW+?^!4Zjhl8M}+؎N|;~QJBJ- yZ#Fi=?ėzpjJJJҿpV߃Yu^SkM~ ? !|EotK;=.?W(ĊN2_\#ۗ3dwXuKy9E{*197(^zXKBQsi^E'Kg>,n&$|_0 |_<;=z4x]'2T# |w?-&C.٬ot{-k!}ѣԎ9wOO%q/fQX0|ܭ]NxxLJ.u̝{wƟأSվٻv7K}JK=ʌ# NA X _k|S-擩xhz҆Y=}t5 }+5;}YI?H-#P (Z9&.U]JWRu#kTJ6Hq%]?!~'x_cj6t^Bhr&JnBɸwA+៎4? f\ml8>(~пi oxMREIo3I2{$-ʝwCh!w*{$0+ÿvzcZ9r<#W )fKOZ?=IOMVFh*靤qSG$K$nXeYNA|UeMĚ5Xnco|i?|^>"pFQntd覒W%t?Usog4 i%\s_ >)xKP>4^wطڍ+ FEfhYud4I?ǝ?㿂o.RRеӵk mnMGYuV tYZYc;x#Q e|̯]IG4L:楌&Ԧ%6gyIZQ?OZ%ֶc0i~3!_.kiX_x$!f.%q+#T #xZWu]?k xgFgy$)]$$föiJ? (m'4XYX\\[ZJ d2}pC)EshbyST+M4{KF^;YFk^tۯng{Z-ab"+I@\B~ٟbvYޓ=w%m"V7oʨ9uFPUIn/UJ{#Uh̓vif08G??w[jr[Q[a1ys#$ ʌU`oUbeS*6Rn-I]__J;O뜋zm㬞8񍿄O_hmxiu m|I>Hll@ss׿3ꟴڄ^9נmQ|I%ȼ}㡷xSBo Bj+ᫍjshViv[~H-gTy0_|Jޗu#%ԯ5e,E<i:8G+`g;6Sm8ٴm4U)E{Yl}Wᶅ{ĖO/t˝>Bij TE¨b<#xLZ7b;-/xd8x!#p=F}=klM߇-xGG'.{IK|+xZ^$v II0)H9_8||K|cB&OXuov,r*(ǘ˅aךd/ bdQN3jWqm];┾54Quuۧ{9{We3FA }=p |KWX-=\L̿Ó _ Ej 0_]z5cř>]ֺ:vimqfuGT_wqaq_6Vi?g7Vmu!д#fI'Fʘ0aAoq*qgvl*9$/*uHM/n'EM2?7ﮀ1cDfA_s]MTe7Rz7%|OPƓSkޡkY%'W'% '7KF%[aSo iK,WeyYۑ]p1YaON0_sܾ5Qvm'9~'hL51ͱ 픓ٰrvɯ??G>kH^Lx&l>S_< @?ޯړW:O^wZ%8<֫.yxs @?>!w6+$r) ;zGC}legzi>ݭafY#OFVRAd؏ f~gLE7> =ޚ(fَNZݻhkNԣc"m/7u>pB[ F$ x{˺#x|Fg4S#hhdWGPUzO<(((((((((lk]~]}_CmgcQ'?5դh5pN\{xy>l7fS KxQ'OZ_t)l`OY0؅d 2I8=+ztJӼC3'|9<D n}C(lJ.5N+ꫫ?x䜏ڇIb_?GC:-' y~Q_%?\?gC:-' y负%E?A'w|uGE//9'UfA'O7{m"XnuTw }ddguy?-}sMߋ5k[Y`aC]>1vii |NAfKƶqW9/ҖUQNm3'2&_e-§O7M;_S.?ۧޕ_J2ʞ~&\c}}_ʧ}W"~EWzEPP~`}gk8"~!x̟_Gi~*zW2(W+XY!_`%׊z ~859eW,/nE&JFk;( b^n6SRZM zGX{Wo)'=_짦ch^>BZF{ldݤߘzGG<1j!(]>ioB\xs_<{|؛Fھۇ4g ~w>7>Մs^v߳o/_ _ Ict94g^&t#c_vyajۣdua*feO7lw27CY!LO3.ZޯY_~f LRnac`_+@?+CMo8i##}C t]LX;X^ V{F7M3' ȬC/9Zf2]7EZDžHD9VW5´m##-Ϋ<ڛ_xOml -¿z[c,͈0`O=׮=lKWQ~Ֆ3lMQͲϋ0Y"1/zoWkyj6N@r}>~ǟஹqo /-~l{ӔFkc[2Go:Lkj6QʐQW<-))5IW8q𞒪g#Ǎy^e!?g0WuU2KX.3ع>}gE}^_gy/o2C3='ٮJ?C3@|. 7y5hn |ֵ,EoĚt?O5֏bo"dVt'TBɜ&@+?*ó٠?<'z}y*lHlǽrqC 8G. EWwRzp?cqv9iUIrINNI+FM%mz+$ҿ 58U&Uǟ洋 H#Ÿ~|Id}2o6=O_x~8>_j}-\6d#ŏo6/| &:OHhtwim8G-_vNE<us)'> #_/^'Ok] º-cTVv'lnf<O&ڿ.<<+::Ҋ(>((((( C͒rjq)la.<⿗`<|H_ {Hӯvcw4M='ּ}K$k}GG&-۬S!D>ᔏ½_|;C_w9/"Ŀ&Odn6+m İWX_0Kw>۴6wк¦h ,zӊqqx3aa/$QEs!EPEPEPɿ[ Yn?%6lCinO}5,?W_n~.;M;FVKO]:G//kHLW^OG2][$H ~X~*7l=ݬ6.Ю6f\F?%Gk0?k[g?sQj=Wڷ_(|xc[&-;[څ|lO־ S!O//I⏃$>X-ݻFMX\]nGwTyi>׊< }cIoiWt6!k_+ړ,{߶[]ZGsp , p=?31n͎ R6ӏS>Yr63Ӝ+*ɧEJrW/F>1,Ծlޗ~$hrO,T)#27fH`a+~^!%d7h淺m{溧^dle3 ?2'?"u x~\4Go7wnXW͏By((((((((((((((((((((((((((((((((((((((((((((((~sstL"k[+>{X[ _ h>/M}jV[_Y9u*+ Ax&ͤqy}z:>W9OA*zÐ~ ̕Jk Q]_9^֏'k|1g*|i Qۈ+>V@q7C4J+pkѵ[újWWs֗E9WV*A_L*h6^L(i8|G@g*8Ty~^vdjEP[>^_5[}BB#2ByHއ<800 WQF9$+ky ?{s|f03YKմnm]4aǡ=xxO-+FUmHλ;. ?2}?#7ϋl\6uu[TpI lM$IhhZ=wWǏ>/n_k7!/<4.ml|-Cl̶"*uxHYI_>2!Ykw6:+]kZmԶloKcF)d-bW[_~1iy? Zh>7>jM agw?K%Urw…%xͦuVMl'dCP_5 5m=XAQS%JMK5({B2Q]ڝn1SugM=}͟φw_ f׵xOI<4?\,YYvlTnWާ+ ,|/sy5/+xp3if;P s_U >"m*eU#Pî;b? ~?O[GP0Ӝ3yB2e.[^Uax6J)\ᭌ#մoWz>xa=$?ie7)cحV"U<ɂTB`q5_o٧]S.i7KG;TƤga>|}o 3F o}+;#ue$ۧݜJ |ϊR$뿡XPevF!*T{R_ N?+=GGCxM^0$r68{pU䍇я%#q8XZnWl?Q?/}uTo}YN|mOShcS oPui$/$1;1嘓O$+ 떗W.8DO~2@;<pFWվ#fev_i$o+^4, Ipy=CGڥ~,1& ;OK{;hHU^c*cK} R}|c5po__w?c Kceo;YC0?XQjR9sAٛԧNyf~ٿ#j.xξ,śA.F->e__O5H0:5nj*xWi0Kt=Ɯjyhkgb@*,p';˽6-GNE $(9 9Aꭃ#g~:8f\g?¶ik cϥ(}K>D:YmOP N_\|QiWY kJoB+>{|/=OS?E(ɽK;|5̄. |um· X@KV9ne~_? `6C"c_wW2Cj/+~ҳǧ|!Ϥ]yMv;|֥6}޴:x)?-Y\gXQEQEQEQEQEǏ?d:]qz9WKKA!ǘ`$z _pVğ{⏀5+YsL6c 7パ]WH|_1o8n6n&ek{gk +􊐣øc%S\&!KiE] d9꺢Z(u#co&iUHK;`*¿8X i>~^)]CRKm{V,oiZ+I"InUPQV_[^9X8:NuCਟP/?u] G>CI>Ŭ˨V% ~vmؼ?E=?t˝c'zk.|!rGm4>*l,1ڣ~>IhIWc17w3 3ieM' xėRW9]VM8Xc\dF҅П_#w֏ ]V0/H* үbT)Ŵ'kyG N(}L %f~|?|7cqrn.,=2+X5UVW4);%dQE (?3ំ?~4Z[3Y=މM,Gq|ǯ#Mvšſڴ ԎUۃҿuYƷyYi/oykp^Q0AWp&5p^ˬ__|^}Ó5)4m|s_j{a$>Ƌs:KgFp$]Tǂ4_cnNР}We3oz.h~ԱU2=-9&RZ>>P_^]6q fDPZ+c6JJf6zoՅQL(Wg>*"/ÉE6]U#}ε(W*sWRM?G6֩ ݥ}w_Mnlw7Qe$~-O')}˵X[MI8{{ɑpXkށ ^\m QgFWҩR:QZ6w 3}:_J ^S3"fGO|Hͫh6l 2a qWu_8z8xVIF\V:SPQE#lsO~ KE>`hBv8UfW?h*oS7Q1XP8Q_t{oWeT}V]$|qu+*1 t_Ym ԁZxb)iP+F3^S~zq-/rg"6%`<3fZl]ob%?0t>>^EW1QEQEQEQEQE5WRr ࢿ|1ؔ-}iW0|%OG<M摺L.-8GC ٞ|Gm+;=Ia>v1=Fw=~Wa|[? >?j:g: wk-u7?KBy`P+=@(њ(cfe_G]cۢmg\yJ3{dcpRE~^t5?b1nm㖽>>R_<]:%%Mj;khS䐅Q5i/ ~ {RsAX> dT] %C|B_)I~Ӿ>h|/q`E_:'rFS޽#YѴWZCye{n^ZF9u*x*A #moOMwTDuo{y K˹g,w/? hXn$--T?4rA*zOe憰{?[CK_~Nw4>\]7lS)n[kR]?n8ąBx-W ֲSXlBmXTLA+o Bkc|.>7 Y>ZNt:H8!8aB/]SX*`hI5w JsNh1S(;$4뱅l.2T1կ] к?k?^"x5ϋTF;?_5Im>MŞp2 1_۟<[ov*4s.Vs$ =2p5_~_xwkO3#̏V~U{*YpusLSWH-ˢibuJ{.}_b?~kEKVԴԤ&4 08>_ *~=GG+,l^'caHadW[ETe(IJ.(QjJ韂CfUV}|3!?/F_ky7VF :{&Au :>{$EA25Cx~! ׊G2jQn^=_ mc]ow-6[x,< ^QG Ip+/Ɵ_<%xM#m7Zu-_< K;y!)42VFH<j|d7ī>?<=*k29d\ =Y~_q8,(V\_ zQ__%e@|4|Y*cI7z _Z|$Ÿk9Լx}<߯oP+>a _?4s\ uz~gև'g1%xs~^ Xwx gw. "o^>*5ڪӖ_y~/FJ&>_[GMx-3Փ^/&zѷ_F)S[3gKI{,ipEgbp$s_z~?E_TEw $>u$?&s7`&U?'*_vm_>>'~۾:Rm|>DnX!IGς>~ϟ ? Jj7yfXsI%$I$|neV*v~>/i`i(H(('h'5+K'/jWEo Y8C; UNjWob*T*nsvHh~ZͤzM弶.LXkP/;p;MFw~Gho9who `OLQX4ɸw=|;?yEaiadg7yW%8X:~ٟ~&xxZ%¼e?#-9mF{/sud诉t?>+,ns,-E_ 2{nE'ҼOCԁhj9`UPELA22Mx5̟0ݵI!&R%Q_lWFe{W?9;O{53Mq s}7L&rx1s3_ ~ xRMqf>Tўcqؑ~9J߱K}YE/dV>k5-.vckBL3 #pe' ]XQV5LfX̺&מ>)?kW;_D7 uVe9AR z|uJu)Tp[)ԅH)0* |xǾ'| 4$ Ou5_q1?]^+]?ݶ+*51H7gH62iT[M >(l6W:UY7eecq1u*Qrh +⸌AunrZL,5%YبnWcx7ӣJG얌U~'ȱA,d@fߗmoe Fv2ݱYB0eo7}w7'+~8񕜺?a)JU[IO@BIܧ9UNe+ZO~ 0&bx~Bn V$z($I2zt[{q r־ -tBtTxVnݥ̖wC4-he! ־K>U}bs¿p~̶\wKDI!cޓp5'?fkhnqɪAcIW`i "k?Z#?i)'oUƑ߈Mn8gðn0CfuXѴczZ'ɛl6v,@ '+كZ}Pmi5oFVEmA y'1]Rh/1W/_ ~!|nᇅmgPey wv=;`ֿs?߰焿b?I=eum 5# K_WMjν MT<@tnzc5Nx5$m?i|z41޷q2ZӂbD3g<_1f8aReh.cX .3 Ս[?G7OɧN$ǧ:3af؇mtŶ5 [^k׮n/dA#%"g1VeiRzvZ/?3e<.w(G8\\xPƓxOV0ZmZf'=vgЙT\~Jʑ3Uɯǭ|s |U&K5lv7 ~b܌חԔh.<;K7E8̯v%&47sO eHnaB?Rk"ߍ]4y+ y\~;kg̈́K3|gevj^|sAEW~VQEQE7J)h ?xn?|_Xe.m[WŰ>%%ş\Ru83>IY~QExxKCmx^ecʫm M<4^:y5l h|Ѽ@a,yA~W a+ۭ~ %eټmRS_RkO:m"Y..d ƥFcUPI=l?.o> ~'3gi3y# ua3c![_FUP]OZ4(ʣ~*Fh6;ZXLZŶ[Fݢ2yc_]_r|uniY3xl"[hֱ:2B(q _!Y$jYrMPI&<#C5[4dԮUYE#$+G䎗zu>k-,V3[jzf(>((((((+rH=r;sMiD|| 襽w&{=|'_?M=Gn($rtQhsW^|?;}y=kv/SU|7.%qݼ&ЈQ$OZuuAOXzcߋr{jax^ulZ +#O^G='Fz=VOxV?mxF\[. é^A8 +Ke/7^<+{;XmmYXW_6btagu}lٯt.o_D|' yo:Ϧ(eڿuy3L-~_~?[Buox? ,`pRI`aVaUq@Z< ?_ rMVtmk14pG~w Qxy{j~Ԯ47e gCq.sw88RxZ 4{}ǏS1bOO% x|axž95IR/yoVw%njosZgi;D|F#L_/寋l>9k7"I8asQ{OMºtÁ00JOޙo/-ڷu %.at.=ܡ)5Fz?xW'/ ֗uiM *Ǩ]ޮ/et$pOV /7qc#0Yh{H=}X1~9xFO ⶇiwy_tRGBRXzWw>u&\-d:Mиf'43aA=|/^x|Z/IwHF{J27_͞\c5{k#o=׈k~on#þE2X.{d וv?ikW|j;YX:Oi}68ϰzF#Q^;_4Vux7\{ Gq XP8>R.yU~bHF_#I|c,\(M m n`3=T_L>|S\/^A,ШQ \pQG>#ᧆz~ڌ[]A zz\Xޮ*!u%X<~֣wQE㞰QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQER0KE~<_>+O୅<6̑YNcGމ$P9(pFdb8<+@/\o4ɛџ`Q;ׁ5o}SCtl]>r"e?A"_)'I|#kwK{1ڬ3Dw N@m]3>gSطl/g{:[GO֝yI"0?N0G:kO %)?]Zedž}6;mK"@H ]tJ&ǟ i< a(4Gq $AF+֭QI*v}Vy|.tOO?I!s+ğo~-_Ǻln.#}c\w?w (ɔ<=ޏ܎E~xo +Qvv>0QGLs mbDlbu?Ug>"4㥻KHI|_b?چ}!;=.瑳@M}m7?k/>_~0+øJ2ܼ_q*yi== Z׈iOwCr^*֯.n4rL >  }U?d#Xּ:E\"k{|_*ERHٖe3 踩~8TUN/f^S9I$m k+}?soyXۡcm3Op$~>Q`֋u%]˧ȬܩaȮG"Z7Zӗ&NJob,xkWe1֣ ݋-218 ^$b5q7f=84fF~~i&uV2+VI҅K<3mg[h_SVa۰t9J4B7˜2 &f~[bо2iw:{i:I$2 dn/o؂_w><Ӡ4cik6_[kYC{+ʣ V$VcjyAFi];G#cx/cKAeV ք!%М`g w7 5wABXgAy >j0j_?O. mmA?㟆:K^"#|Ҿq *W^{GKi[."|E'Gsmg}m%sC*)2i!㯈QO1~j^פk㝂d=F8#';QdܮgV]RݏI g9*_ B?sC\wIg',!}/Yhą/ĉv\{|uA"'J{nGRf AKK0(ޭF>Ї&W?BWX~x&r\ˬ]1;tJ$deee`YH#5~-O.|ҼE erbvR݁R'^o{ ¥y\?MI_IkZ,_guo-Yt?%F)%"l/ˌs8Rk[iOZt]F}]}: +>7~>>kzƵ3oOCRK:¤B&/yΤ9. WPy>[Osj<~p;I|Y+9'DLNO6O٫@V:%H&46hR``!SA_?ftψ:uLEށI}_fHb^1p)߳mkSҾy^y/ixQN̅g.2i~ G5~?kC%PH#tJʸڸ@5>_8Bw?Wګ&*;>_ }NuScOnOSob3 +_ޙjzozmԢ;[KHZI&sUT8|nڊ|U>uC6K uA]$~_Nث7WR V7D^1jsbP@wNW0-8Ym_o1ZZj2S|L,;^}[Ʊ$֢N?Y8%a\-㴵XGhQ@IEy5*ԭ+Ͷ{ӣX$(((Ҍ{QEҊ((((((((((((((((((((((((((((((((((((((((((((((((((((?ટO_ Dfkrv.| Bs)@+TWtvUNJ;*SX8IhO|W>u"KMSK5WG~SsIϮFWIqP/9/$s3_1SӦwjA+MpxFԂr*JFFݲ$cۡkzdž?}w6Wp#CGe|ﲼg濯_ 5CfK_q@f\*t]0 P'LT*U%>H֦QEEPEPEPEPMv \?^,SRi~IZ8?Q4]E)r~5@;iwIKgɒCY۟&7o~ g_Y{*>K_p;M s_v뙮$TOvc> x'Lk4[eC흍k(Q^ON__X| <<6WL?XT-|˴o>gsAm5?&FR":[/,LJ0Νuٜ$>s_or`kF@OaEW~pLҸ4/oZg_Ѡ9_ŧC8su=PQEq)54׏ؙJ&5W Ő/ӹ?ְບ< aiO"ݜ_NSvP\YEJxtZH4dx*C+p@5dr[S._&瓝G깄+ǭ?3V_G< ov֥|kٟZ+_ྟ ڧ~դp-f@Ks䁊jO>zxg^{-?SleXYܪXgs2EuFg&WucNUY+ꝶ٦?a5񕧌o$󆟪MԮ-&ls[*{8||*"ՠ d`HLIul>*@ wg|dιq{tşqSX?>k$%#xvkiu'i-!6Q*ݺfNkj;>5ї-g}5ux7>x|=㗇_٬w1:E$ce7_~^8|u[oZ#YJ0b |.x?NV#€ 00m5kZ=tɂB7)R<ֻ~hK^8wzƽ$q)hH0-1E%Tܤ2mϵש4i)%+zOBóSpk⧇'|?ԼA= OCsH-DW$^Xę2cq N^~:*χ%-0[{$ IO ~=_oj\}$5O;SԦb OcƧ]yt4VS>ڷuqQ>c}^ӭ0?.AQ:So ha vo,$h6{wƟV)ouX$$Q AAڛg6|>ctַg\D`t3ɝ5pn_7GGXk;~_|Ný>6f5ip~Ĉp\6pp\h>=/+W[tbv\s$jD8L"?b7'>Z߆^mb nb9,t ƙ?h}Ş0ԼcyjƷmF)rPTeU ƸbQi=mwnvgq}}VZS`A=GN#]?@+ك[P]'w|jm/"deRs$g+}W5"iO٬oM$Jk < h_ h? )fxsGtMIƛsmQ\Ա˺k;tT|Zwϊ ~־ n|R 4CE7-=7c΁rW8%H$vsPQ5i_3wß~di]_jI3u@JŤ"I9,At؇VKjFM{IVmUdUyI5hM+þ =~lI)vzq.Dhcm!Ad9˥wM[}/ӱ8Zk[4~v ~>$kw V0u΢pgQTa4R3y Fk[I$TXY*a>aQ$3\_og[a;jnި5ɉpȬ9# `k~.xvoJW/ DyR 6t3'-׭oEv}>IѭF#wIo]Oi CTu/ZK<kU;mR𯼴|.5tKo.Y.ֳk+h\҆>9XzOMiS_K2;hUcH$8mS*cy;Hr|~%[:|AX[m*ݴ&`$Zx<ܶMاT֞ѭFR|T4ٟ8| /5V_|JkZ{BJ0;[=*Y|yȶ~5{/wW~? X{iZ+q1f𞟦#e{B;E#cssW2| ?AӼd.<Oy_20rGph20Wp CK~ /3xS5;fx^!e[YHb(@|Զ w>;?o^)}Q/cxbhC>Z?̤)6,I/ /؆Mωkw׍4M4Mi% IqFbpz◅_th=o ŶkNUXwLdo,/gz8vߖЉ]UMh;>e{'J/GּLiP7C :6T7O9 x~ž+ >˦Ekm6[ˍ.Os+̾.~_v<'6"]CBV'Hg X.x<.8TۙZO_-h4o_ߴ-# _𝍺"7]F3wu~+%wY?ov5_FK3tcLp}?_+ ܭωu`h|ˆX"Fw| C{ z7A|㯇^,omͤ Gl灎߭a{-ZvM5l5}T{tp}ǟxDe6skOVO,d17[=6e{drM,݋=IҺU+JK;ӤŠ(M(((o__[߃&y6>.֠ڧiHs+WYo'`)|uՕ, 6d2s@ʯ=w8s 2V_?Vo0/ƔbJ]97N-s${[x߰+"kG/>}lzsu?2IAe>?zMZuŝݬͭ-H eH  v*E|\%$/ LTTROTwOTF Z9⎞Apڅz4Nr듍c+㸊xdV^̭ki@)VQm(rz^lAC➛i_.0QJyҴnenX Ù.e(?MCZ&!Mnׂ.0{ ?Uoci(jڔcA^R?f1k5{?]NvOs}$lgĿ7ٿ W rZl"F TUͫmX/Os J ~XƚNz|i&:jZkȇX}T_Sh9>=j?!NM6U"MAcclziGAKO *mZ8Th|}Ta_]|z9B~Кƥqm+jmmt+γKEM=OUu=VGm,z= z3:6A5ю- Y;1O_>g:b_πxnfK=>@?xva+< gj22$!QESG}>OY5/?SECk#iveeǻ;Wv=}{V???e_/~Ys$Qvu{M\Ңl~s 7cÞ ̌ki> e 닣)2| bm[3V]7X>FN[/G=˫;98TqV1URK}?ivn>|VԬMJn,f=A&P15#"v<Sxz? j0|GMF0^Мw,kπ)~c;0qu>P+-%EdQ^QQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@C)<5-.?P0 WFSRPk95'o37;;.pt|7|eG˹c1%}\ S~(cSg3ZD$M-|EPEPEPEP^YoRs.׳ש#/O>0V4/3=(˖[3:?7į8kafL H  =+=ZW29W/Yx:?ۅRҭF$]X }GEޓᷥU7݅./ >$M$ gm>|>Bh&4 8H݈>[<;dܒ)VS~G~ZZE\vu .ldlwr԰uKII_ͰjbʧۋqE}Ân?G}V?a`~<F'VeĞ"{6ȵB+zx-\O Ek5V}p ('_[.08O'WӟhGɺK_P^ Ϣ:+iMQm-]hkWr}/w )#d|)O? jx(p>t_7o3sAI##'__~>6W?|G[ 6D̔ϲm*B-tM6 z""Q+)av2Zbjod]Q#MQh\0M3~P:p+:|y26IhweL/cau{,:]m$2 VsԚሾZs#G~Fv{n(+`/O,b=H]D{|_)R\Vϧ`QEAAEPHQvKEQEQE_U4Lֵmly$ 1gf<* $n/Raؿğt}"x6(l`HaA(9N|>ŏ %)|d?O OX[I Vq[ޝvJk!ks|~Ro ύb^%F$&h̭pT 7p_~J)x^^i]II,pFI #Ncf U5F4'[mmu4^Ti9Un˭QQ_FQm->30=0x-n4#ܦ;hx%7 !r S ~ |5*5i[M>X٣{y2.A bU]˸Ԕfo{ZWר8uֽﶇԔW>; Qw?Cٽlj<iT\2)3*\m8(Gǭg U~7v_YM+c/&/3$orFjk< rBQrQ}_քz3It_ξ>~*|oį%Zl2]I p2~mczglQR }дq}(20Hս5Is7o"yoZאo jIu<ƒl >6f1?n*O<9i7>W$jvgt87EaP+m!B~(QzSx{C=o46-tN_vҟl s]SaRͤݓYt}:!FPMvwOOuϣ+m7D~>>"Z4:BZ D^)d `s{9kw?m//?`_C<|-AZK@B#hػrꛋ~=<x|&0>jm΢!C,!UEB jba kZm{bͩkpH6m2?"J`+~:|V'#x> {hzL6A_'"ɖ`Z/ݯ5o$mkn\C4*]4T5*SSn{|dULe8TqIڻ+~kZ;}7p^]p 9ڣaer6kث s~ɾ0/1]Tmc`Ok uPNVVU- ((((eޖ\~֬|W2i o e?:3WmZ!K$Ҋ+x<-I^Q}Q7XxXEI.MJh~f_m {CCQCḢo5; t6f?kn#tۣ dYs_|RH߈g\Tm+`of۠\<@jr?x!t-{oxZt VZm}kT1@hQ]Jqf9}9KlhBsNB((4?ln?b jj4ۦhnf.([`8ɹlM~_%4|oǿ,Zgt9 Yqj;_.[{=ֳmfRԧ̳H\;Tt l=gQ31Ί䎇I[Z~>(!&島ݺ{|B3H |'}1]m.@Ʊ0g1FU{ہ*Ðý~TnE2|?G.EWzEPEPEPEP7vs_Qom$M Tf'W73 |}ԯ>~Z춾յY$לg*Ќ0+?P˫9?cZ1 jHպ0 _@0+<<YkW_yh?h`ߏ_Cmp*ԣeʤJ(5zG[ 'kޓNm,y`>n~O¶Z.DzOI<溳L8Kң_N|'*jxdK44/G/|ok$õ`矗26O-$Fhg)x + /Oēi>My3#aS 'Xx;/>,|""Zڳ4XJ#Yp @P 8¾#O/! M4ۧ,.)$#;zk/b2ѯs Şh59ciIc3^ mvpT veo?MYjZkIuRyo am9_^h~jiuo2?1v EFHd`gc}2X|~vTQExǬQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE~YſLdnOOxV',,ڦb̷ RVH4nARZŮ--䵻eTd9*F#"/-B _tV8òJ$s0m&.>c_23g akwα6,Zk(e5[QQUp``IE}:q_ɯ][|Gh 2]i75-11ǪX}u%ER_)ߏ_ uIͫyI!vF^̧Z0WG~YY|K](L((()#E='?g? ;=vYe1G OJn;o_//ڇMqVqk?/캳[ΜۡۢSi1|~,fCOkeV=?ROVAٮ3l˓}"?,ge~kFk_,/+]w4'\x+g 7Rk~emo%ąSMՇY(n9F$~$dpoq_ /a,^IKF4qߴgߏ?M?Zrk6?ybn_CéSOSPNh=+;% _kk c#fciJ1##JJ)jϷ%>.koKi._:PS:W8?.k?e ෂ-aWט;fk;㢌((XFi\*噎e2U/OS <,i[_V? c{uǦBn[!Uc̽_NW?mO ŧ\S0vfb:c ՙGRu_U?_ i^hUrez?Lq#1j_jOo7'm2YFyTq-%/|Ijg)GX[C`p1EW\QEQEQEQEQEQEyckş?g|aO-KúK^ç;r*77GZe?3  P1^&1 >uVI7#qvVY_[G43F dR0TpA_%?]x߉~:W] e,W;(;JF+IkkG%eE*iJ6ϟ?w0iЭ#Q24lU䪲J"\]q  ~%^Td<[aiWo!*>U/"H]s%{L~> ?<=-izM݄g@Q`p2zQ̩R!e$־NJw_Re.U{ߧQ«)xx&ʑYjo$!H|e.8N$q>м *~?ěj:È<:ouSC0ITC^O(z5ݯT4?xgHՊ2073x_SuVki% bTX%0erd@Uzb|l'%7x5M>a>\# r{7//}l|y+o?Kn!Er,w?\K"xI=Œ i>;Ode,H{"W ~ؤǍՒX(ʇy.Gk޿i&gJ?j# $G51ks8 yԐ.XqvEo&MiMy7/$f2 x`B VV.rioǡ,.3o ߥﵷ Ku/?O(:׋$#Hq1YAp˃-oq_|^soOG뷑-'m ;?k'?Wa c.4[P[{m:Abu oğZ֡fmQ,uXW#"&3 RRm1XLUoiri%moCi㇈n/GZ# }#nW~ x+>?Y6:{^j0hV.3p`GLg9Ey |Ud/׾.ΕokӆV$12o*1>^FA#8۬2Q׼+k0tbs[޹T!mrWm^𧊡9JO{YguC/+{i~^2Ԭ,mBHm5 Ǡ8e;?ySSjoy d(bl uצW&:1Ԇu`Ύ0k`+ ( ( ( ( ( ( ( ( ( (x<źiz.5u'H ~ ?&"La k ڤAvkb'= yDWȍßx Ꮒ/5jnkin&cEݘWsk#?j_~$oIؼd=D2ێ9/~מ(Ҕ-͎$OA)0InG󏨂X _z#Q2,n%\g?ɿgHmd7W8qpޯ,$eѩK_1)9I}lb@) (((+?_~:U Nw|pr5 #g&ެ;WV|8/wx{mڬnJzpSpG58?e_o<<#V".E-N{뇸XI> k8 gRzkPv@RW+;p|?F54ncrJQG$ d+;tQ]b__ZmΡ" cR@%PH3Z/.|S"c=Ko.m]XY8c'$ɭj p+ܝIYYw1 EmUpGjw1@((((0+,'Wi0AiuKxmj-5$Ƒ8.* =,B5=c sUH"&  fWK'{՝cZBy >f##r<ԯg_MF< Խ|ju2bv{ӫ /o+ⶰ68㸚lɬ*Dq\ɒ,Ruc| |j3Q]ZJvaEVFEPEPEP?Oៃ1:־xJK]䴾uN[9\9~8|hEo?Iԕq̿VöO<^{~>\çMW hw5l`d=%E{>eܳ%Nmz -ٓ㗉<ivwlͪ ,LF9Fy`Hیk: "e90;%CSSx8`@?ke̽hY?Q:/T}Q9p0\Mх/V滯/sn_|VZ&'tm\~Һ|-G۪ipk(ƣ Ժ:.1jZ>Y5mI< ~TӮ}tC*H#_!Aj.<+d/$xOuU9I8;n^..jTlu/ӻJְ=$o`߳׎?&I-9Y~f?+wznt["uwC, 5e]0ل# B~ٚOmEuh;8?u8c'jge8xjN#ROF<<ҴN]4֫c||BE ^jڶ:cdg==2z^:=ZJ!1@5%/z^Sj_M`GjIt Z?ZTԭ2֬C-JWIʄ2^?K>'muugi6u/KE<ll6>W?cgf&_ͺmMy'jIH+N/DIo2ͽ>Vm~Kd4υ~MVĚ1t~w$*r8 O |2FzRYi:-vz}}#(x'^i~ b RRokҦ%n@k?u,OW__hG+=( ((((((((|Y x^񿆬u.?.MԭRx'_GGXgGZҢ3~xOl𭾥m2ku&&6+Y#neWAEJ*M tQEAEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPN:dM?J!}]t+ = 4TJ8C*?H.fc5-$$[?kn|Wuqy6FWuDfWifڽ )=niVϜ,4V/Ly.fXw4w$+_~_Y߂R§[+qR 'ec$DH<4xLO53סcv\v T]Y{R]5ɒ`>/NאQExQEQEQEQA8/$7h7v'DHq!PqꚖ]kW2\]yv,Ա$|V_)[Lk=Ð:̎7C *y?C[kkP[Ķ~voa)&.$jKxujWn1!\-v27}+kmcP5$"(H xjQ*K]|{]`M+fߟWĞ*|-Ik6VbfO^$*>0ֱ_߰e}g;!$9kF-VzM?ER8jc^ftg$3e࿋~}sCjSK9W;m~-|PJ⿎0r?ɧG8khȉY]ijOYeq'u8/㯅~( |yCq=v?8yxTڏ%7x_<3 ![NZ+[oBۘm:^ɻ6]o%sI[x%yWpmSZKE|wڣz?d_?>5N4]wB+{B+XtI v&r>e^671PyHڧ5%+lG@;+ ( ( (>}~O ZoXN=̷0)c?2?b~ 2ax#ֿۧůǿ 4O'O1*mTT'|3t|a k>~<\|a8E%ٸE82}*ß[x-.<ڒ}+{RX⨪[yqRthQLxnaIY#CF j}|AEPEPEPH˺ګ:`#ϋYftj*_iG&)pHS9V8_-׉tOxB9nZKxv^..7F@?x)3^5`yZK{/h+O<;[ccn۸d'k@H>7Cڭh7v1ʒ`c i;(T[߂eŹZwQ*O>Rdߏq&?\D,Z猰J_^ĺ>._[;>qS྿xeA㵴Eȼ~oտ]|zzg{av TԼg;'Ur?9?K;Y_Y ?t_?o"I, |3)_k\@XN)Ws~= ]WS^[mhLGx]x~D^wOތ*w,?횟fI5ޭAbx"as4,%k{~R^_c'e?ߴC=|YM"jsuRm 69-+a~ ~_#5+$I;(¯`2k҂ Exxv=[^].EWzEPEPEPEf *CPҬu;mBOq DEI'+ߍ?XwEK_[Y ڣUr+j8zZ[FUkѡԒ^gK k{N5Gh<'qrc칩CtGtY B4忳W_m?G5,_9Gs; -,{x3hW5iz} ͼyCzÂ=p"ת;(ף^7$=f((((((((((((((((((('4R7ݠ?6~&tBhRU?j<AAc5hpwR~ݚt-Ie}IH_)-ly05H#)wœ4{lm[̲p ` 6 p>yuKpYi#?`h">qO #-uxZ&guƪyTBDpF9|E9b jͽFko$va,.^U%Z_͞Eyß/_!| jJi56 /M.{G yg9ZNrY?IZuuviQFFGfhW~~'|*^y{%׌c_,Hn-ss*#0ˑYGz8k%NQw3HʣZ>{?Ӯ㨣p9Y~7z<?l; i#H@Sc%5ߙkoO{YG+ky99>?ߩJ]z~ {[ئV9+Pc*)_7L5"|K~IoC^GݤCkQz~MEWRQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE(??LnBu3|JKxw>k}'q&a'he:AAcl'U?&ImxOZXI ded?|4}wK?SX~6|23x~\ϓi(?ߓ%"ǖ=+Agǟ(h_ku([$C+ )ᕈ9}Zǯ1i ^9BHxr#fxOcSGg?&V3SS~W(\(((((((((((( xm| ajwv@.uTtvF # =G+@x7a+|iwGj{;b?w g `<5? iUDCE<,X^]XٯeW[kɇ}2NR}/VoxǾ4%Qxտ I '왩@?! g󯺨7[2濵ggnYxME,ld_K#bJ1H^'5۟gۏiwWׁJ py_-I9WiE5 mIaxqx nݒP= 1O5j6*Q}mVg}98t׮cn ]5K%E׼;u 7t<22A 8 e J? TE6O/-?uk6>u68#'A/)j+mխqh{;e$pFp20q+4VJ'zr&ue'Ng}EWzEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEP_<R?l/؋)ƘuXm-?#7OXB\5~ ̿u_F<὿ckSJz7nc]ݞiW=X*X(xGհ]v^suwys%u$#I4HYbrYy$o61yLN+/ %HY`QHe~-~߳6a^ 4T Mi"n--kds7Q'IV ~KL/;}3GѬ!TH8vUPWW妩.O<|Q}4^iQEQ@Q@Q@Q@ p3E8?'=.x>8x[a BT$uɡz4ogu$mF:;Yۯg^iw2d4+4cyO@Y,L5yߣ4 H/ ך音~.iy<7c]hwV*bmrx`*["~)~)R9+௄5vv?>?Wh%[8 n񿉴\:Ǫ^,e2n G͎Ƙ>>[eM;*io3<-eN45{U={'56< Kx7'5?e->giq2E 3,FHq\Om)>jV? 6d[E OyLo䏚B~ڗGYזu Ү!p\pGPAzGOۛG'߇>)Bz=EcT#×W2. p~Tf*PZ$zivng{g=HbZL8rr |kӿk߈l|$w ~EXk˫۶lI*U WuO#Ghmj46I7a34E2TVW7~ڧίºu;HBӴ|w?-Wj'MsСZrJ*ѓmmk^f:kVH'yE$/Nʞ}:WoM8hu[(yX S1㌝߶υk~ lïRR=@OHpH MxO?h z;KeT+WvM+!yĊӑm?f?4V>tQ5/|9KyIoH ?d4aqTURm}5Z։2ܥ5mwKg{TgE; ? |%U-FG60=k9~JXx/~WZ%ǘŎc\~>ddo*r]_Ck#+ᅇW_xm.݅w?$|rof\FbRvncB!!a 8ҽ'#jK~cCŠ(((((((((((((((((((((((((((((((((((((((((((((((((((((((((| vovMRGVʤruPN3M~;ik~^ZÚCu=6Fa vl#xr0Oz|Gys7IM>9c/U $,,_N~ShH`|GW/HTyn@'dʊ8rִ]_Ú:k;:K[;IѹG }F1g3t*eإ:{n´MkHg Q;+y<.ՇJAAU MZ<O써i?}Fb} i'!tï7jE aH\6"*)4q*,pyόlc?hOFHu AUbAk8өQ)CYN0WWڿC z,n(qQhU'ƸƓۋ cyG2ro ޏ-"?  f1ð9L, thdP AXΝJzI5ꍣR&sEAAEPEPEPEPEPEPEPEP>7ˣ|76}Lb78&8 ga5?_> 1?b/kL"X^p^IgQ9$/L#|3nMTotuN$7Gpv0%7¾! |(źǰ'Zcx|;)k.$|*]Htj/.Ɵv:n0wQnQq$2F: ' g:>h75"7vy$1#ܧ#rc# 8_?7M9&m3{uǙs3h$}*NW ?,Z߯߿y3)96>яl:?"/ѱjRk曭O s/jx>9km":iJ !* V4/?OkQ' s.=Xh a^Y+׼Go}{2*.}׵>o877ūch;GëΚVXʉܬlQ+ľm.\Y_Q,ntp7["Lbʸ # ?_Q'; KxRXկYU2x#Uڡq݀55 }xwImWK!_|*S2<?i<V|A21{cjP&P;W$zW_F!#[$"hΣr xAdux[(Wk׋֟S AZwrMJq>E]vB~;?/f/c 8LfaQujKEw䏳/(`zt>j֯4xwn\p}}F5'%l`|v| Oo/w|ik(m=X${c f=I8wR]#zζ!RO͟_kov#ond'V_Ei"y2147 /¿~ u qG2ׇA|uz݉UFFٍ̧~!ȯYҴwJ5(-/- yrKVB; _KFn+xS^9.)T/cwc})W p@#Ѐk SP˵OxF JO)$i;XpyYX\:)jz:O'ӧ|G_|B 4]s<ȿ;F }ip7zk O_q$ww+5՛Z4oRmLg5~_L_&5xwwhW^W]2v/T|]>~_YgYtA15&%-k22qkHTFZ^MfQRߙEJ/-ݬך?fgߏ4(hn`Y:1Gg 찮t}yl>08?gg_Җ? cgkV$kPMlR"O~XaxxwDԭ#4}dh")o~=&Mn{cݎIMN#0w F-r$my|ZW)'WO.%|;şj sIw6mu$-,Mw˟b+C} ^ӣcpŠGPU+/-/cmv[> &"G/YMbIjFG/ώ3|]Mk+g633oE\kօdնؙQ4ԢZ9|);#{fdPX !F?fdٖQ|sEH&|ϻv3skhW6KДRpV[h2|G xK|IK^3]@.c'a\oo7OdTY zǜgq]V9' 4{z:TEqM=SyW7{4};tXp ֺJ(R\w~eF1EYyu_M4sWX-lfhth><.a@| O-G Vw,~ ϥڝ46@u(l /E+Xjj^߇}mVQ'ۛGetVr˕g|W߳=O:ƛ^:Կ&nH@Ҵ͑hWb>JGO篒 o,QExQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE#o2d'ྈ?u)cFk>tN.?NN+|+K}eYM_FM4#P2XrI̿)/3>#8~:VXV$6f.,-Z9A`2(W;CzY],ULR*[sIcjnG/I™SMխ2 #?b+_/C_oxo?A;Ɩ =D*Dx daacYaZG1#%¨*եޡum$L"3Ҫ|u<~*\iJ~Gyh?2_AZn:m֠hLD>kς*t>%m? f=Kŗc޹f#P)L9 w%2>ѧgCfw?XHe5Ε-#Xeٖ-8 SZ?_^mj~"ޡ&s\k!b;uΝbkV|sc!= 0$aW7ŗ߯ۧov hooֿ̱i-IF=,oS_?W%ynwc&f>gn[o 6%DŽ2{YӵtS2Wε9er:-OJF|%K6fP*<@Q '%Ww~̟ńcoWY~ HĠz2i:ˣeŕ {[9#>)4_Uu;msA.,oY,hE 0 2+?qm.wþZ;9)a-߉!qkƹ4dƐǺgHMc1x1|R<- ~,ki+5$3z2_b059j-:>&;MТ+ ( ( ( ( ( GӏJR@k?ľ+4iGZ}RH!z ?@J-??Wl~Y\2~;k8gI7ßBß~"?Gi~%ٵm6d{.?5Nq_q,?R7D%}*:5|~?#e]Fo? \uJF7$Syvgmr+ߥ} |]]/f?Wm& U)jPHdltDOAAǯ^6Nc^6_ʀzԶ7:}wSSA" Wx?hh^-o_X9ݥEO!oxB_,-jHi}AU9#'jp0<,#%gmv_%XƦ*Rl.;a _NW_N%.340;66!?,k^ _8WH?m(n{RvFecV'U?]_?&s_{-~';19Kce9q>:nW] FWjU_m0n~Z?Ӽ|RߍhxO.s|W -i|n$eYch+ lW̗zR|\@?Jm2,em6{IAK[ .3<[E&_uclj*sK ǟb_ [&oXmŗ_^_W.+Q+оO#c,~ 7 i^Qu'Rx\/k~ hz9uyI幚̩$$r2$|2LI;s+&o.28_iJۥ{۾;< $09R;tOkp֗P0.QwuwnP;Ccplaps~:]|sZʕ%v6~|4.hZoIڽϘaR߮kr%58ªUUI_J\l+)QRPQEQEQEQEQEQEQEQEQEQEVO>9^V[zEƥ^:[H;TI$V~^uF<% >!] tA>v7|?`8l=W+GFUOgڳx[ˑ`##{ 6 7ğW:ѝ'"E;.#쾅mnCpB4]cĺ՟=\_jv6V%*F9ff!@$ ~ ,IҖoMJcX}1Ucp{2az>w*,F)՗M~o@Ҋ(>(((((( ?/Gw? hc-Ƌ,b`oP1P%Nk#>|!x3ƺl7>c-kq$ԇ<]XTx]7]N\f8<>y>Zܮ+ oP| @x.on~oԆ@[?w ||Q_i=,u ?R7G#TuN"οOًᎨ&&v#be?kMSO.aaQc 6 屒W3-~+~QJ-/R'vKoϋq+<W|vEoKOnZK,9_$ 9劕{ /Vk//O 7u[#c Ag8a0aU pRlV:M7h_spY^JN*KE垐QER2KEyW#?nŕjEkԟNv:e(Ho|/Fcu/kn!-6sWJ?i$lGZ9++E=.ǟp2O Mػx_ķ7ZFj!fc88,v@8l0 yӼKi~пwϬ+=׈e, }aPJkZm2JY[ 0A[aZ=gVqIϣ?χ_gZo_q[6VXzTHH A_I_(?_uhw.FzD "ȓ߳6A_*eG{>c㡎η[+;((Tw70Z[qF =I=+ ^f;UabQIw@ge+:U+JW3VML1^QN~u_:Ώ}t4LaĎ@*;U''p`/_~-YyRxTs}A(!H䓈21#G Ih%owco40[r 9^6Je<C2*Sw'LgiV>5sWOLOswy,]>GVv}>?9R?E^Vo;[\>՛S^ygڊ>@?CNsq/[>V&#{TrMtG$ ia.ӏ4^|ŧ c~j^#_k}ޟ]]I$3)pCn!~ }higZ.FGԮѶ@d8dW|JFW?k[[}'I5 HA4]=pur^IHY*|~ x!|}.n=}tt嘜 AXʟٸSWyy'}#HR>mWC_KEQ@Q@db(:Z~9F|H_B"UqurVK`) (((((((((((NuxI2XY_n~^25|' n̐c.33z0we/ |9?|Qy4--alLAz% ܮ0pGpe-U/y*+'5A¸Sr.597%#$qGJ'~^y~+jCpq:@"[W}chS/_ Š(3((((EO/>"|m[EPpzPY 7UUĚtA}nMt*rk~>)<)6ŚWG#{K@bsOX@?k[oп]Vvmt y kLjǘ#1JWyx GH{o}BU/~.S!J7o'^]>%fc4[]JsB9Rxld{J>"JTkVs*= ~|>-.|anoDz 8r b;߄^/̲Zuԃ:aV $Wex|Κi[F~2et曏T^-~o] 3NxV?hօ3hO0yS<׆-gƺn]./Ě6%IáS_rXϣ_aq)_˯oFq֌Z:3EQk,9'ҀUukIqkڝM-P,w'KJes^4$].&3˄f;O?/sk<+Ko ䷡7,;A ׭Xƛ\E%Zj쫫.m{Н'!=V:8pviH?+&Z5oڏE.]΋ᛅ6>8<!xi{p_ _x$F⎵aTuЊfq?t7FyQ~*QucCoooooa4UGSWcqIen} OESaEWQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEhPU6oo ^[ m#Bv4cH3yFVy;d=I>?#`kIEC6ϝ//1~9%߂~I>ѭ߄UȵQixF IS_瞍f_n|6i; Rv_w /@2x7CƉcpWW_3w~`Wh#TaU{V¯ 1G]H[C㴰^HDNYI9&Ss{t]>`p3\G/;cIо.M|;q,KָRa@yT19b:NIr6-N)ҏ4K誚.xJ\k}eueT=]I =`tF^(((  ;m/5_Bcq0oiv[UEGUQ/t?> Zm}gph]J0 ]eL!TwG&7 OAӗgFa+~2|x%'RMBM3nk,b}g1>Y,qw~Jk_ fɲ~ӧ[;2ѷQQUb_7Vi ]d*~[>_da w"ix`q2u h쮭l⽵dhO dE;~x} pk? &IW~)jU#&xo[_(<3+Os̐5 X؍Bu$#<7] #UwLjpJZZD| ~=|V'4֯4$GYRB f  ~k~t7xK#xltxAc +wşO'~.|CּKIچs. y> O#x)Υ7:M\\?R4Mzr4皌.&Pt[2eO (6M+hGJg Anxt/[i-# y*˸ =cr[pVtݚgR:&K'>4oeQ93izR<˸}c:^=Osg2"hneh|=6׼=I/ɬ[ 2I{1mi1KOh_x_^So+_֫:~v,˻4ۘ}c_[vk|ʹt6foaƾ[y.-RI ?ºD>.~hn])GI$~poԯg{(o=m b-ahॴL >$dtɞ-qS>*OCZSu_xY<ڡF$sA/|!XNxP 50-=1澯<9WHtk]>=V6Q/ <-`/?dOU_"3h K^N⋸B^ȣ'ʄcԑIfɯrjթZGv:tPAEVfEPEPEPEPEPEPEPEPE$HTeP7 fV?ి.tmx^.vY"W.O]O8wo{I|#_ڱSBϡa|~+U.O?3lIJ~oLn-\ߍ5kKdžpv6:u3ϥ?>>i?S+ ,:> L`ҟyĿO.GS/?ooؖA oZLԤWkI>(+WmmQc֚/括ۭޏBdYOU⿚O~w>ֈv~_߆de'ץrUuV3Q ף9  k}#3xdeY XGnkiv;d$NJY< d~Lu!ᐥհ=  풸'N+e`u㰸7gE"4vhD'9ω[$Z~VA7?2lw19N5&HӃG?Sͳo=xxGX{ x vM߻o yX8n3^-?l6 dEet2:lLVY(qs#\\LI#Gl1}ksc[ٻ( !m|EV=]ihlJNa8@lUH|eg{]43E|EPEPEPE#68bToO ռMb} ;E"ۡΘSIZ*슕)ӏ4ݗ3^ESc.E|h4gvxVWvݠH+G~>]x7zmS;+i ^h/]B$W9OQz^4%>CRy晽Yܖ?[Ԗ]x4?]Ÿ¨coI\z;4-X]ݑ\0~5~??h㟎5jHnA4'lK@M'rNxxkzP[M"ۡ8Jv9=5^x_?C2V~'|&_ z汨MX:=W7jEfcx+C4jkO6)5_>L]kS _}<~~7 x}4஋ eʀ9BN;שyjҒ0-(kU[|#b؆; O oxڃ0cg-Ǵ*ݸ*"gRu%'vzӧX+/ *K< ~~éZrwJ;){K Fa) N~ٿFu+[xB5i|:ԝF; ZG@%KMfiq= f[GV}Oeõut~.|RC/B|?x5-gS >&Hw/9w4FpAi%?g:?nUz̿Z}~}yW9O]o#>cvQpݭʡ>3듓^/8k6Z{ ~@! v̐ck͓߰Ɵ#.t@,^NIef#Y`#e8z1_'c8YIIHї#;s[n/O?fxo>v nd?_K`_[}h~|B,< gE<5oH־]h֒ }5o.Ete /g#<`q^g+\?? A)u4yd1 3W?G{NV2dV\(N: z[G1kn^#6h}d|2$}bOx[ÝCZ6Qww;ml;b8No-W ]CPK3cA8< ?~?M4t45pdu<3\ui]WK>@? g['񏌡[{-t1I"*@j]E|#_S/Nap)+/p+((((((((((((((((((((((((((((((((((((((((((((((((((((((((((+?mύ7?㟊}}r6Gw.!z$@z/ .ß'Xyo,[mk9S< Q] ?XSMr}_ :?"36]Ku5_~z풬D:gJZM 7nݽ֡_>U>+,CTv-_|CCGW3J+|Wg wwyGl4ZG8EX݉0>/ŚoGt&?fⱷ'+J-#`n'Im?~k?3Zk|+em#V/[[ܩr%WpB;St_ړAB֦L^K`.;SxMzq>%mI\BQRgp^)Mh/nsbM7yt|NNS;]j[u:Y3GJ%|P䪜0w^4O/wrMMx_aoiwc"eSᯊ>!j \L^4T4tpÎ?adS{+HOC_g$f_ >1|G»C4}i#eV=z1[ BK{dh緙pѺ2A_mxS *OATW sxW"(7s_}rkov@USN\+? U}~ݦfon¾ gXbIC$}'8Uh?7zh|WR5vg$EP bI`׾@x5x.?VE|gO\Ns ǥcpu9$ﯞKc)p]'9׭̿wqa-/Z K$" [{Ĥw=:W?~߳[FT;2찌dus@8wh^Ѽ1ZzEB۬P*"( ^ulҒ/c䲖o%g?haGKR\xS"r%䫽yhӯ?e XdG<}n'Q%K/@~v<ֽ*+b{Tp|?o>xWҔ: (s((((##QE@F\QEQEQEQEQEQEQEQEQEQEQEBuW-|gwkxcCkLeǂ\NR3ێR0Zʝ%w/6s14pJG~PvWmWCM"Թ&N!vW*_eztg0[p?rq#>c}ׁ?4#Mxۯn1 /*YX+3aar|f+޷*sO?.~~GJE{G_PoOk>YF3Vvu`k?G4ihmcgk(tUU(TlC^{4wmYˡnb7wv>ϩxs!Uo0N7߷4h:Ѝi~&VLw_Wθ0ON`-?9x~߳G|^M>^(mү5[)nam[DRHєֿCp?fşO6Xn5 iS%H»(4surΏkC~1gx$K7kiM gR^L =Lje2h7/_FwcT%>q_g/W5=٘[qh.nU%$_u'\^燊y;|Ϲ?b.>l>v/YGm:}'p%`r'~>_ ,uP̳t)W8GPA ا;rj^xNbm3ċԪ my9CNs.?&w{~'S|s,f k?ڴ7ɔYp͎ 9(Qf ?韰/m&rG[RN軆Pf/x^׊OSTu +ɛsq4$1=K3O+59r3qt#;kW|~^/zH]Qfkl?p~o-YSg\Y?c?7G*!Ŀ⧉znA#RCL〼=69%k3Bt_ i6kP6v660F *y5LE]#=>Sg3~?ѭ.n!,rOs]6WzIEYQ@Q@Q@Q@Q@ьb|G/I0:lSz|kZi}=K2_޿goؿݴmNBf**WG2 x-[kh8PTz: ~\QEfX QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEW=\lF.i!R%_pe{gNl_> [xH/ nq+y~6uQm0-MӾZx |+ &EK朧 $ dVEH Bh~ԣV{mrsB Uct|?kPq}&;?55DJK4Zd+FARFyw}yc{._8w/ib'˄GF=9Mkkٳ_GmZx>wZ?Tv/ K* _p~Q k߆>o |FwB&p] -noQ}:=otFHBU,1 8-Ay]Oe[Q$} 7^x2&0Č8W (VNrJRe;#ʞaU$J)$}S]3^ qXLQWhdK4mԵwwfty8WZ1hN;YZL1"z<]*?n#Vmqm۟]Ȏ2Xס3?x+=K7VIx>MH| دx^\:)%tZKw߳>bbݚMdoV3hS FDc:;9n8[\A M<*vl=s\򌣺:-+ |Z>,<5+;qO5id]#LMD<+ Iq+m IkMjc7®TjE/>~kϦГ~]z|_sRI#CG$mYOB*Mֲ5WuRٿ<=kxP(Ҩa=/*~NAWp̟֦縉{gS׺ i<zmg0 !BFT8 ȯ!Vh7ZÈa_C" (#8xGQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE1 dQ_=Fmm#- qkGIUo𝃮~i8 }N,(ѩ]:aFݒ<; 9i7YU:n6U{|5 R<;O4͹KSW{Ef ( (:f@@z>-c7~-.^i,< q"'0k2dvbc%f(_-߀^%o$ТAb6dڥ]Ġ2kd8C++XpG*>74x{ox6 +-ͺ/7FX,?weߵz}_S3Lí:k-u5[,$ibvGvLlg3^;oj.iuk}=c{1= { 5NO f/'?~#b+8KRٙt@FA[rv3X2N (h£n~M? 7k:zZm> 671Y9$-FB9"Y!6 # u,~l2VVAA$+ |~1Y hl/u9nRاͽʖ>4&#{%aT+Gڿ&{Yy㿉7ռEjoյBKI!,p'U,|sl>7[Fpʱ%̜B}X (xz+xulEgI[gCE~?i\U,Jn@p3W8pW@y_>k+fi[Qf=z|ku^jr.8>kxzp$0ZG5cM Cuu;v̙f@;NeZzmz5Wo]_~,nJKwڶaVs'^df$<+t!k{7+>!غK(gƗ:?,fdS=𦿤]#dzek ,]ysxnRkȘ/ƽ&i_~ߓ<^TO2+~ўc{SxMa9U`u|6%[>$5ˣO۵ŝo$*Ĥ, "|nKEnx`# ;c`19og챬x[;>l/ov y-£ʏi$_-,eQВN橭'~hl.u|VS&5Q8_)Im%'_}.;ƯAIˇ_ ˇSh*iX2U_/|`,| |iU\m<\Wƞ;sx6{/hWAIlFXf*nf0cQ~~~7O]Vsm7RDΆ0MǕ \q\HJ֏}{rﭵV^l쾜cZ7p[_io̒ҹ;@u>HZMvffve^ ;@\ ߿nmX@sai [ۀÏA]w~~T>ӦW/.|C⯴c$27 1T >Bkvh*X2kx$R qիITN-Z0Q^|g/NQyM^WK8G; vkKI&vLRH"<F*/!7N'z];-V|] o F].Ӻ"yF:3~К/߆>%~n4ӵ<d 60ɤK $>rc}ej'+9_IT]u51 iMߖN=k>'?ef?7Y6-QWw;iae:͠*BJ,~(|Aw@Y-{wHÎm`a '#&*o_?2ֵO :A,WI!W57o_ >> |em#nH-+k[R%앵o~ڮ G)ScʮEm5hN^+߶g[yIFeݝ;D{a=ī/QSPtX?_~GeS`_77suypM+Y,NKO5p'R:?W:\ No4Zk&Օ2p+wycn[6-1GR`%ug4o Z7ZҦ=BA Nf8wz`7g~-/|Fi&<"1]9l*Q֚ÄSéSG/B { xԉʗʋG~5?υ|W5/zMA:~?_~~xE{ Z쓮jPw@bcVROxg/٣G/c~Džخ"7:5qq}S.N~+ws{ċq~C^jy`^ Mp,t^(u>_28-@Ğqaeo.tdoF#520fqαQgho>|mɾ)Z+1r+x$Y#atl_MYI)+w)G|:Mχ.3CumbxqӊM?1ڇsFzW [ESm^Pv~&ՙ{y ׵xlsbL#M^s`~jS39[_O2S/*j|LMKI?Meϟw{ׁ?_s_(oG13g¯UZ;= EҰ_tG2iG_%@OA xb>}3Nq^  Xx{`7%:+5X^A"@ @5*EE (z~jNku(ek{pT9W+#`((((((((((=:KI¤jK1<$#olOWTݎ,i`URiұ2FS?Lിe).IRoduԼur+shL/yA>_> kۨ쬭di 0fv'@Ok miI.]z(~Y!.r~$"O"}__Ot?x*ikqnf\0,xM~Jψs 9}VE~fF?Ye?Я566\MR.퉭~Ѵsضn!vow$ W~x᷎3ۧR֋O\4[aHeʐpx#sx|-JujV7-gU0J)r_= q|1;~55溯i^3]?;y`^ m:'7+-5[FPzU<7R(@iM7t0~~<&)$JZA&=&o,Fܿlcf?Zsj ,"Ka_2?_qY~ֺ%w_ݢpʷh;2=V=m!6a m:+l4_VU.M6 ੿PB0j s'7_fw?]Iv{j u`<  9J89-~jU%ދ7`lO|X)W^PgMլȷf75uuF9ڻ]F[B9牣 !*Ak| {R8 ;8@LfuhʔE+k~g֯R5#RM٭I~~|Up郎lXi8%gr% |/rS_/e+ZӮ޳O ԎAW?Rr"q=[4=JkBAsD{=q^G^0yFZݏȼQI۫hu_g;4.V4ኖʗ $RNf\Ɉ]ۛj > 7ſs?V9䱸th;~ά^Xh|#M𶝢閱Ӵ@ `*W_6)+p-IkYoß_ "&կ7+ 61v̐cXl/m2.~mWM, #3y: +ǭ~t=\>ZmEW9QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE>=|WNu?h;. ˓Ƿj)FRR\_S?xK_,Q/%C4nQ~uQϊ?e~Ld~F"Bsd1x_Z/ [t1fGgٟ犿fO^h-Uv zBÞ@]W^Mt>fV>@>V}i$o.x7)_27\[1.>J>,Zo|S3$ JsU?h~j})ucrHyVS*yzWA_QnK_>W N21w[4e%_n_\|4~ 3WZnM(p8=i uo¿M jojߴG6nm/ODl:fLqؐ0ۅ}3Eh,DcjIAwəf+ռVR? h֋kZF#XEUPJEZhҊ(Ҍ{QE~Q@UxAoWR7M H }x?h~gmRW},=MuW~Bm W~?^~Қ$]-~idF6f%`ߑXS_it|@N P}djr:.gGc*3̭ p<Yu_E;I)Gٞ߅"` Rթ*%R[}:qMB;%o)EѴSD0ːG:̳=x9|}vY d9jb|QYc Z4'cIa$\ӴVV ʕ9QO;e~'k 3`L.!.F_W DOy{->MdžUo.X~Q[s/x/?~'?WeO'Go4=@E~0𮛫Zɏ2S6L]'OGO=ZXx H27d/.7<1o ,~"Ep?3ypAU&/!Y >X[f, Io7KtURo\Dt\¿Z|iZ9jIgz,׏|@P G5Fm־ R,?H}O*|O_ *_ϛTŭKB|f1lIXO< \?4| kV>~WBk? 2?5l'aؠǿ?xύSNam&_o!pYWn_=oG-K/]#BI[%gK]l1^ ^,>OxvFu _ֿ~#~_?$~O.K{v+vW'<+t rkGRͱk<cxjglٱ뷍uX{ï0XQm2úkh]jBI)MmpsDsSG"OOoڂ;Snx?>'W/5e]ڀGN<[*_vQ{,l07]#띬c d̗gLs_s#vȣpϟP?> sCb?(F.T'-r+Y^2;+Έo+z~Q_/[~]732֗Hq>/Zlzd* tMpP]"#S{V&I$qf'z>3BOFc zK ,? ~Mo_VerHٚ5O.cb7%wՔo+/?e`?e_ nmV-RN[m`&d#sꂽu~oRTs?AN4Gdr_5{]_5ԑq2ƠT#Q_Bu#Ÿ]W{&|X"|5d_5gR꾛"_5ߧ|pۨ/t}yq8k_m/41Ry#$TPwAuh(_03ˀ򟔑5~_ /xܩiUO R?7Iff -n9'Y~x_~0.ucR4HW&Q.e¿W}gy] /$/kt*k+{x#/$1ªHg{]'zdQ^]&VVhMH+ F~K,i_W:Vy-NjD&K󓂊ܬL͏Tq:Rm|2 #^Z8 (XP((((((Q@ 6 斊kF6ƼǟOFyn"~֧sx^i]R]IסQMJQN1.xxnwϣ\]iOh9Ҽ+O "x<3(n`Ay {ɟRkb8L6%_j' ?lMJ&={U{xMԅP}J?nY|zoF]J[ {-˟m߉+92?j$s+ѳ[ y_ٞMbY#.|,ba0Sѩ^=_'wCl3Ne4j(W_SYdwɯNizqgsĖpr)VʡvŞg4xCK֭7n.q}vȤWx kψc[O6lI63Ds}?G/?Eat#ַ|7WY"k`h7yWA7 m@i_Vel;C]x,"~?Sf-Gk-};ƿgc/*;b=[>=ת+6~O/ +c_ _|XHl2{a8mVߗsj;s|VzO.GįkZ?}6x$?=y-z?럂7RFdiZ`?IOֿ4g|?ÒN/O]A8?ߵi{{Vͺ4}K/׳:_k|0 VQMh#,zVo'?_W5-vtKq%a#Un`@xeWEVO@?OcE<{̩gXfKo?>Lm||BrDŴ Oܣξ+ Ӣ6u_M"! ֽ\eO<<ٕ?0sEWgG}j)~_6a7ý^e ~'WZs _?u_?RK/sI&i2`xB~f8Z:Rҷ7¶4fo|=Oڷn.kCY.&ؕ\~nѿfyۻ887RM Yq\m'#Fz;tiW k(EQLf;:t FkA$,qAItueZ/%Y_W_˟:9 Fo.h> j2 uB+.+' 5/-aҽn#GWUWS7g/^ū7RE,,`jߦb2g5ucMM8?ʾ_~޺n׆+pg^`[TK(xuF_]X@mdMyZl'̾GOEKH#-~j~QEQEQEQEQEQMycwP2XW'"iK6>qM|u}hfG^%4hb7r *-N-J?O {V&-sƀPg{~C_X/q㳺8fKޗ࿯/?A-*dVh7~bZpzAĿnԓN>vOVzOrO5仇vg_>o6"$i,pFGa yRϛ%g&#ھ¿ u+u?&VEX^5\as߇oa,J+OO(?ʳݝK]ES [դ~`g8+O79U!%ɚWG&B=9"&ߴgǩxev,최s_oi,1Ox٢eZ6 )V={7(o*_z$%znGvG)Vh*~ɫxþ46VmKyw!B# y~ [+.oᾳۦbǫi3 &_*q9eGڔ|G7)xd)7|.=71|0Xkzg4oڴۡ F;Q~G7|>3>/_}&bPrX)*xyX\+a3-u̻&FWſG 7qk<6~񴊩2Y;19NI9Yq 55l-NJ>"*=7tQE`lQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQFqր 2i8Qqk ȟ^Xc/mΰ׍[>6Iv|>&,|N&</-ZEZbe?`,]O8eOzN#=NTY(Qݰ%~xf|2_Ta|[Gwz^_,v_q?'_xj5h z(n/M'br0 t2m/Uf2DpyRkb*}oX|񮌱[ǍAgoGʷq y|`è,-,eɈz5׺NnC,;n_ S>82w< $^Y(%QxRwo 0֚d?<{ogI%K{ی ī a9w?hM|^%v,زf ި\wp$,Jr=^+)QݛOL٦7/G?Em&+dZV0( cM5MilW 5LM}pyry" 1v2?[ _ RQ05>&\3M!L juD-~ <_5qd?_yGԄVRCkda׈5Ԇ8+̃=Wzt/#mqC"–w o3h꾋;3̿P꣐f_}_r0!l~6EqBO\2 S6`9ۗ y ZupUx1'A`Q5ٵM_PFfIfbKy$k0q_> xV~iNO@ d<_3]^|qY3/eIY>Vp QGg~~Ɵ·zoff<e0#al%7~~G$_0[ VJ| yH)_r(+^~a&n3t~~G,rC3Cq,]]pè#ֿjXa_AxWmP۠E4ٙ|$oP#/ٴտo/s 5Ŀ بo(|ڜ>ld8ϛB?tȵ >[{yVK{d*񺜆V#S ]?1Ob5}4Fhο!/G5◇̨; 'g8aYUH [8tY_h_ -~'7 3>CvZIeYdv Q8x/ ;=uS__Vo~.?.4n){y<VqImW"{źPo&˖\\0t/K>?yGT__њ:חĒ*.OC?޹+^ߨr?;#ֹ^)?xPcH3m @N{pGv~)ݦ;w}ٵfs^{SW$;8:N6z}ko$9w_h<'m[=hty$@VI?_fymOXz?'^AEPEPEPEPEf ,9 ෷i*Ɗ2YIo)\yul| e+fhֿ [3(8^4>6?wibߚSE p+ؿL_2 htՏR5An0U /Ogv >x:EmF|xy2CݘtWngSޝ/z92ܞ.*iyy$~ɿC? -!' rcJ)]X@KEtQ@˻dx> ᫟B𦝮i7Mlxe8zҶ(7t _F~}~?BO7oʺ"JGO=p̖^*O7og|={Tb$έ}JW?\&`0Jl6 t3\*n>flVW3hDA^3G|u\mb<^nkrdEd@W5_Wt}sx*?`+ ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (PHzW?O_k1kc薅d*9a%A.HE,dg_//4~fK{KEeJFs&Wd<֚_~G/2ײ^=~mDޑ֨/ 0ɻ{kCS>o}Ģp+&?lI >DWIVyە: 1,,S|.n/'ZP>K57$؎u2"?|迴laTմP:o C)vLxVuQZ9R_?\j9e#idp,p?O{ 3-u 2<0SY0):6 DyA#q:x)|V1~H?2y4pVv[ߡWQG7t_B /dcoŬ*l|s[!,?ydvd䂫hY%D1M,oM#EUbz+>G__H #,*n`쌂"X?o|c1omIl ,$o.^ #mJr]Fqr",o`G֠H-||ELENiOQEbnR|;JмIZj7QlhR0U E|mB eOu|+>3:4}99i_ED WWF˚lc[ b[gjy)Qmeϖk_~$O2eׇ.|P3ϣJri `׵G1ҤT_U,?9MfH[1MHծeq!H!_Җj$+;QNE6~ӦwlmnzWWѧo7'2g5ϳ<7u4juB<5'¯"wq/ i |8k*=?F=b _΋\Gm;/K&_>l5wE}9 2_||Y?uO \xau}B} n$xULɇ B,s1<+;S[b;1xNkpW }Ip$ |p9!Sv].xR:βڍ}*PwIg<%'{_/N;wÍK_H-WnAfe☪ȪN"Eڀ.}pG~$ɵ#'#^J0Vج>mNڦ}E|~G$ɴA߲wmcϷjea~^[ƾ\j+[teKigb9wvZ}Ԗ:e22c~8/Nc{OX\;R{Gf6&úK3&$ױ2ˣ(WTs)eU\=h=kcyѬx #~?k+gH3#W Nc^mQ#ƙwoy,19Wޏ?pך{vz镻V?d4{O^&iG2j^%m=_qky_A߲wmwD{G^gFe>z?ڙGU/%V7,`Pu9mf)웣`YN9\1d|H;k(_nt oOC{K97&0v77˲g!*S<5RQ;ɫ+\x!xgoXcw],jt jc^9 ?a{EM-X6ɵ'o2uDa5NÏO1O+_]=&PY4$-j*&R%Ee}qʖ$lqدcs7_6BxUԾkI Y#NV?Zib(=|U^-|mmc#{;N9mQ^[? TkZFVƱGk4yr 'Ma~,YG_Xڛ݌,ùalmcLӓ]>_Cm~~]'Yyiu-k# nNRxm/9wG4.\z8"|^*I?mOTKρ?k=<`ORA}Nm܈{oca_?['{|Z?5GTzQ_')WZGjg7vB${䟺(lك$ƽѪ yikgı7ד[ hb]~( Z:(( c k??6_̱~o0wTVu$ <}kڄvpFfpç)q$~9rWy>2XIu~? c? |d\mYubEuW=rz*u>N95aT?eCݦV<M: VwrK;:;X% 0U@;8/?W<<6~2h^̷i=1ҵO_/.:\jIkk1mGu6HpU*6-ݷz藨٧g髵{+տ$~hC>8xO\z. R+_4(&C,|gy[MI6q1Q/dG5?hzƿ¿ZMq4;%`'F*2 mzwcOrz^jVfA]bv(`J2$@ 2ut>)Uum}f12O];c_'_/%~/~tߎ TAbŖ~{yq|0 M_/iw!v'5wj>ѧ] H:UU?b>;j4hM훙tBmK2"r+ӿ_RN_ Kz_ r\2PC 㰑1t7>f~\wᮍ7-KuV2H#U+)+)+iITQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEx3gKJYxe|Si]KٕzHK UR f_-wauWW4g?6E1E$qiBA韨r7]WU>o?X~-~ؖǩx[6 rLʳ" e3zyr>=5~^(_:Tzơim3\ HhːU`N~'G"UT /g~&;/l*=,sn3j5x ^G.WZ35Ώt vtvvJ+Y1?G/:S FyKO;G:S FyKO;_TQ?i~~ )6,߳&{jG3kmk?\gG1?G:g?"E??K#T-oɳmjk q?gܹ&h>wh??i~~å?ow4å?ow4E.7cK#$g=ӭPKq|ukEUr|ޕTwG֏uQ缻,pĠv'hY1E^4G.4 xRּ+=O5aEHL~`f,@"4fxïx\uxQRo.m49wr{Ě/ }v~ٟšK Z.8ٓhnUxVgVV7:fk$,VƻGcP;x,-R=_k&O?_ƕ}j߃Y5šѿѠ~|$R  ~]YeykIaC+*A; Cͺ5ok5?NRmuNm 5|q11pS%/|\Z>'|I2xldf v4{0 xi>;CUgXsHW5v&־_k(Z߅~ jlOVm:Ѷ*ÐH3#\ %[6m 2#ꮄ0 [g?/O8(\#ԡa Gc~oMAշZbQݾwc ^ڍM*+~(dթI|A&߷YPUDYKv[ǘJz{s)_eg|DuL60!lC |)DqUگ~"T:Xl'u-FLQ|SX9|]C|YXCF4g35z=Z'Ya&ԕe 9k#ֿٿd}I5ƽY<R9/k0x_9$>@5[*z%8X/,7ﵲy;e\s< +eXzZq}h߱OƋ_&Y46k0Yp22H^\eBVFQot|r[[ޘ2:N߼<|\zᢜ _p_ŸO!atYt}]^K q E= k˘i&EHAv'rk2:=菉+{ls:~+~b{~־(R3hܿ0lfq킑?騯Ӱ /e23K4/9"o$eÌpewy=+K־?1KN[~apׯ2S^W_Ÿ\HY<+gbK0\]DܑayǏܟf/xIV@ Pi9oeu@ Sqּux+R|ڧ"] i` ׬A 5EJwץF+8Ӯ>o/z>5|(˛GŸ̐PΎD]ݸxυz?~!x%D^oſo? la(P )AUh0'=-̗^!qGO}ƭwt7 էw9Xg ⴼ)OZN 3kzxOT)g 0A0><$|qu i-gUο xo1'b~FsyY:qAYI^:~]u'(8ݧkQEpEPEPM|S?. 㖝DgMXFcP'أ.lj ;qOt˜k?.E}Cx |>w1m-~}~F#__I)}Wb_YϤZz}4vH:W͟@~LP%?*Vs >*2]|)Fګ gm尿o ǚʡ\7I>0-[jnj6s !2Ȍ2AW x%ot;3UtLs[LUu<"M?X:oeKxy^/n\$c٥sIN p>{Z{8rGڢYYC)ikϤ ( ( ( ( ( ( ( ( ( ( ( ( ( (:+Oߴ7]oM<\iz՛C! Rd=S+뚆Qlob4H}I<)GtLE[3?f??ƍSռ3RHbm.tck+.N2ylU[I,܊%n(88F2%ЙJ04jzc6Ckko Kqqq HEff<$ȿ*2oz5aU5nB^a,ס W`| ouoik7VC]2mb%%A8#:$lGv~yszKW__E'gd`їVOs!6".`\cjK%O붿~4W_t{[i>Y+L ƣ @AQf1xj/W>^~WnRXNQE|yaEPEPJ)"d7 _6zNz~Ɵ,re%3 $_NU )v&tԍŸ >]xK@, i. u,g~ti>9~ξ%^ۼ56Hq6FJG]NQ?.<g?4[>;H 2pÑ؊(աEM|SZoBtKQu+}gE.,-fYmnfhE9WFR < ߲G .]å?7# h8fTQbR&F>?M~~?l=KᎴijXǺJ,do2#rmݒr?2?k!JT\8j]|EPK ӏt#*3JT i8q}QEypQEQEQEQEQEQEQEQEQEPzQE~ew?熵p}&Im-kX @Ȋ&w7)$r)VVy`gm?ow2u+vcvܞu838ϘC^[xY_zֽWf -4CDQ-_LGڢE4'[}Gqֈyi _|?ॿc~.ZOܦptB1p$Y1wS1U5jާ[6>'s3SJmso^Sy׵mWoghO9 m#ᾧnoJh-{/p5O>. (MsTwk:W$MgCo=I#8Գ;סO(g&ͭV◮w=~_Jxoޚr>:WQn>d$ ?jПQu͋LԵY nH3u6)??T/Ÿ٫^Ml׼AB-O;" dd vV"jQHiM*nt_Xԃ?2>T͗{34{}?#^5|&"% ms [}Epy SčO3~4~IoCjbwRnNyUzcZkck;k;u4T+y`u:idreZ'=fJhzcա IsQym5~!`=:ל}'||nk'߱&1*?v]I]xgZ$WG%n#JEg?=5+ ~_ZI?]}bRT1{~~|YS㧌dj^ ե_/ZHb$v8$PN95̐Iأھ_J˫i^ >7xm{d ّ^<>_VfN]e͝wi$ Ha H!@(_~ƿKٻ?%ӴI_XkV 6rFA/\s_?qO =#6b5}|^:faXAiVP°[8QEQ¨ E'Q@Q@Q@Q@Q@4SNҦlϊ}ª':S~+7g{6sRs"VCd.8owq=RW ~ 5멝 Ma%PyT'z?}u| ?'å|zǎ>M߻?xC|Eq.7 ٙO>'Yjer)b.„Wޢmwݩ `~ %kW΃8mdQ,4̪G, p:WxKWּN|MҴkǑ2tlj"5W,JDž??|#<;oPxf40d rjCI[7(9?zgǍkMh?ڍ̲-dao }N_oM4JnKާ2Q8^i7t]_Uf}'hsIHF +xʂdOƿ xLe/,uG~ o$%IgT9=?"GZu<#_ F>̅8 ܃ty/>3~;վ&Xơi֛,Po:r~Iky.dȱ.]ƌ}F6ivw4M֍CprV.7K6QྗO%OWu,>1;o>HrqY' C#)#Ǿ4qLwqq\\(>/GDž'ͺ<>xXƙtvIJKG2r7zXni4SZh}WU'Ո 1 X7fC|[n=3Dյ9Y!gr8@A;Ez_jM? WD~SxTZjMASk4j{,)5#(ъ/*m[W}߁9FUJZ[mr/g&MF#3qs^6~?4oڧGǍW'_ j,-eH-.B$[݀Ju7'?k?G`8-u &`W3I-wtXm#i ۛ_'GYw_5h77+rNDv JK]0ة)ZSk־9*VQꠞ_^yWSGf?⦟K-k7^q^Q\,d@qϊz/zO#^"uo&ֵ&g8HyǚH\i}q Y1;]ltFO u"?$?⟀isៃ|/>N!I3:<]4ۢ1hGQQo{^^OE)|woYYknzk?fmW-Jow%Ɲp}⹁ݝm! Uu㾱7ýcMԼT͵}~x1~h` ׬|5w3e xEПGúmIO J.%$`H#+߲O?/3گu{xUvYhdeܠ+0lGV5;rwnjuiVRj~Oշ q߷ q|@{o gZ. 'ҿgG/#$zǍ5KwsϔRG^ +}_ONTZ=ᰍOI8W""?_>M/EN^+X$^MQE|Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@~8w!3V44kNPr*u?Uc_#2+n^l3,֗&@"Uuc|n,ύth'#?+m)d gP8*޶SWZs^i*/:#g3JZOԡ̑nmÇU)` kc(~MfW7.$8UYG>+~~ߵW㾥}_×,~"̶c6q'LHT<i]zM?A($}{Iյ V3#ɂY-,݌cՖ"1sƵI>iF+]}:~E_5|~ /DӴaZbwK;;cq )vifnSI9IݽOc 23i/-_7~?TOٟL.I|] , 2"K\H>Kq$1/7FlENJqmV:|i6K%"\f?Gm)/~ uwg{ɯxRR% BXAʮJ!_~ҖZGRJY=;B71'"4坰9%Va?b[~ sw]2Zq%ƿuX~#t_gX+ZzY0}pƱ k`(5`bs(((((((((((9YOPGqRQ@_]#߲jÒ7}vB %8 FW_m߆/<]i:֍}早YK[i`}A{^φ5C4RK]GOI .^7SR 7P]j_ ʦ<gxc/mKnO~#}ŒZi1mVQ/#$_[b:LN@8o"߳W_|r/⫍#_ЯkYcUIt<2 LN(oo({e9"4U^}*)p7eu^ysߖIKCQMo=vךz)QEQEQEQEQE7x(nl/{`җWIFqE&YHE8|9DoË;?MUI +Onq`@<=j[rK~xCD<_Ph\se0*غZ]"=îqOq|EGύk~/xw۾-r{,mBAE 9w럳d~fFeׇKxtè7re:*՞|Lv!kߴe"~ܒlI1dvvf=M~~_kS˸u/K߇< ,m[Pov)^c}>_NOWώ<)|DԭYdY6Gm֗>5n tl~>g>ğG?(WoF=QH7L_H5,;!I]z?7n"e[}\.g${ֆx6NdF#9zc}om!'K#OD6|/h)',uOF̟Qfm~?< F|:_4W5\1j>tn-?>&MW_,ekz7J}P˕ݪu{UQTWRZ&ߛӧNy`^ZQYQ@Q@Q@Q@Q@Q@P<=?l!<:7Wqk!!hED+/x>/g:NV^){{WcxFiuGZ,iyNd㩅E~% +:e/?>:*VkOCǎ4/?[?^- 8xdSNpy6sjqkyn]A"dԫ)_FYN.> Ꚏc7(ᑾff?9zொJZQu_O#l`gU_]kX|iw6`1!!FTȵόy. t9 Am g8_5:bԴWTҦZ s[_9׵yTdoM Ƚѝwp䚗WwSߧ1[ SIޚuvocw(?l/x#XmX~ \U5[xfJtbcpC 6.CK[{IoYsԞ _~s'\LiZ['$UPImQG4yoc{jsZg'/ ;gkV cX #4^Ďs?'쥥ivɸkء?\5U{Zi?=>3υ|5'mbVk47IlЉqFΈ3RF@o ^6gc?"m|#m1]M18J> aܗ—0%-WpET8E#6i9JN줒ib|b~~9ܬmv*[G|Yei\,{ZI~6Z_5/hW5[kF~M䌏9+;u>3?{\Z_70Ef?ٺՙ_X1F~׿T_?x~:!l6>62"k0xO.7f_mn<[1_WD\B#.r=x9֞^.mz:EK~"~?T_ۖV_l=kcқH82a?<}G_Ėw:eu\hs qDFꚙnNL<5\?8g/.oY u?/q{'SHܞ *|QExsIN=0U (((((((((((((Cw­g [k>׬s$C$CW*r+'k?lio].cM]c"5ꏼ~NaREj,gRTrn;Q&Ư? .sZOGo5 d+$BM"2ိO7_?a;=Kofk;vWx 1럠{- ư_ `mVS-G.y!fx5Պܸk 0SZZ¾+"4߈dDkqmdѿ4 IᕐbO/cFkc+EO܄ ?칤Ə~"ƞ5KӢ#rK(OMǪ'ʱM}?MgX-?kqjα~̟.6x[ג~I:%ӓRS8V!S_?u1tq}?:7Z,o9#G~(>[jZS# W*NNmE]M<~ 5ýs\* .>܏2ơ3Z5~+_ ymq|_.Dz6}<B\A]U]o]?5,MO;ⶁn%XKI# :OA_0||8gI~Z.Y3%Ɠ6: $"8#Y+jֿ~;,,31i,gV%(yz^JOKC̭?u_7_h..4WcHv oǚ԰=sRMg'R6UVgJ8IJ8-7~n7&lG8$Ucoio_Үÿ k]3{bP{a[u{,g' gƫjz6W {I$>I'i4/S5;}D./o.Xlai%BpAfbq&|go67"c{o|q_#Dm>7NfS6p HoKlVg xX,~_hC3/J{~$汩ю6'I%;??_S/Oo.9xVxO줉sltO [_9yyrMƓ5a=T\܆g{O~Q^}LSm=JS.oS _Vw\26x?=q{ھcb@C TP0h>U'QMSҍ8SVKMKE%Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@uKur;+weeԫ) _ϟ7jw#O_h sKA!8F#0?j 3џ foch<7MdZ]}LW$-OX7E{yjS<B6GIj3,eeqE)ﷇ':|?y6qX2:JA 49ۊ(+C-t1gcV(&wU$v{b*+ Ub;/r<4g*=O?P^gG RPEPEPEPEP\ŏ5YR;=C{ *sUz0+}BC?h/7cn{jڥoW# G8#!]~;/qcXw7E[*_|WOqYok;-mT 3 .ڿ|4$8kHYtOo2C~v#x5MM$8Hrǀ~)bd/)aa ~0ox˴,#jv8H?ebyaj]KYfxo4Iݾ_3#HEmU\*@j+(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((:Eyڧ姭?L4{=Bd^Wg8Ĵ+kA`>xݛ pDGסʳU?iJkw/uj$o|0c[j|/!o: kp'+5{jEJ.AE5%Q@f(8FhFK+in'h,Ğk Ig&ZqYWU[m >C S4F0/{ħK1^*Ou9{+7{]c,u5Z5tsIpV#cTpx:+}烚9btqz=e~6>cwxBkY|G!fn9䞢5TLՋ~ھ4~~ӟ"ivP]xwᗏ[;K"&69i#257cJGp%sTwmJ =,D#G dmto9Ɵ}ǫ ~9x/S<9'`\\;(owG`9SmwJ|{i0H 4b Hqֺ?.MrI;o=>l> |w+V> Դ[_wG4"M6A"pTz'{k%9$̻F zqJॊ?K|7*c4"KtTqKG/?-௟O/oǶ~f_/J=]#ra:m*-XU:߀K">3kyE+oirF͵ZGf7.H,X/U_]Dִ#i1eTlWkGcb<+}w;mQm{V{.<)X_$g#)SͲ cW+sTz?Hh-_?RO;0=,pv!5߉" Z۶Xs.G@k0qo/jVԚzߧ%ng*8al:JqG#g#;7VH5g4ul4_ldFg(nco!j65|c[56$w~[e!\䟱03Q^uLv*=:8 % gg^VoxvIm#ki>1h((((((((((((((((((((((k Ì0AQ@?X'T.?h:uk+X%1 ]LpJp 3 =u8*GB= K*|kC,4RKmB0VF  {_Xo. Gqm ' /< 1 iѭ#er'^^뷟}Itv%1TUP@X'l#BN1_zBii_Դߘqbs7s \2-Ҋ~?4Wc_4i^K)y =Hr=keB\VgFQotQEIAEPEz*;m!kV8RI#aUGRIy U,) IS=29'h@ɯɿ kK fqfO?hNp9^+/uZ=[y]dZ`4~>"-bQ )ۥՇscv ˖oͼlu?Jk,~< ^K9#gn }cɰ}#)c3Wd?_NWX_48Γe!71R1ϗ.7K~PuaYoomoo aR$QUڬWc1؇R%iPT}QEuQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@g]dž^.af? ƂqWQg^%n䶺T*#UxȯƜi mbJs߿SoG؛^&Z. %ec;2E$mWv 1A" _:Hn~|/TݟZ.w_߳ëxE#n!loFwHd2xgV-h9֘G鎧EC?N^k+g}>K[2\ܷK>Gy :u·WeͼnޫA!A]xؿh{{0E_]+B߱ )sd9SC{}ԿvG07~zo>!I5j/;'R2 &I۞qM(R!v>-q-jOo42?A{ 2b彗>.?/ Q'M&_OU1U11+`ۭF~1nWRm կⵍ q}U0I(ny9o3._~C]%y1uxSݏbrc]+CZ9'!kg-#ngƹ<)x\|h]|la_3wK(CK2|:E{W|4՛Qmf mm=??y Hjơ{p>@p(_B~}' iY\С`ÌM~mmGO7Gi ]nV(c{)y]jYN}_"F?xgȿo"_( 65eK_K=g_$`nzn4*ֵC㰌ٵŝiSy~ ':ˀNEi|KCluoQ\_=n{"fh($o*dV8I|V~/ӮmOmϧ*;sdrV_ ^4;i=>Rk]S4m?$14e1m m,NN5{4NZ%ƤjS6DF|I)}JM__5u< _ &+]?%叇bakOM_S^ 1}%f䧉]2_ Z<|e#d_ |GtfE!ռ{h/ WPr8w:}矞kIo̭}Jg:|((((((((((((((((((((((((((kNiw.Cygywksx捔#)ᔂA Y?0o"%]^|V-*^Yܖ6ncX!M^Þ'.BO.ݢ~Ҡڋk5ceR7OS# {ݴL:+ A=afjlaOR  I5O~оտgxKT{!Lx:n _ 594ouB^gKz،9ʳh jer?bma(Ӏ(ڵWTwovB*tiSVKd0=((:{b(orG>XXڔo4EU}݄6Pw!7+az٬|uoZI]J9TZH׶HדW~=_b_WMsĚIqb[G7¬R#Q/orMyfn^8_&!V=e}*{')%2T(.~inQՈ ?hڏƞ?|]-1tײerSvx)#Sd#U(=} Q0У5U_JT`W~D$|3d]/Ic?^-o[6|'j1ZOi\8$WQ<aVtذܓ@+i8:n2)G}ZW0xUƢZ݇e+_s]>:jv %t[{7j.vnRzm~|!`kh*^2rqi'!4{W_F ޿y} lхE;kթ윭ӗ*/OWyT*=w~^g'LbEgQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@R<7ض]PqIaQ| _|MmKX>姇eMQl#vזAطSi:-QɁȍ}EvS1գR_y<7QOe#ށ!~0ԙ[-qc CƿN+:+G2e.x/&G-u/ ~zLj+d.EFpT+4IF!AcA TWJի;ԓ~U:4+B)z+QYQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@cx^C>oii%## kfE4]o?l%GѾ5~Z޷ZGgЊx"s'`Kį X|'|Ɠk$rE-6?E2 $R$O8V+Ъ|E-cOԼIt-jbyԲbcFM{j8jݭé֡'<$z_<>O?דׯl33w9Z?=/>)|5O87?0\99 Կ;6HQǻ['eOҫ\1o&m$gë6__5\5ǧRidcg'so3~VOx-k"HL:VӷߕBk/?A?g:<]/˧M2ڷޟE >6=~#9[=.!B|ri2jt>OOeJح+zL x}j {ǺgɳR>h-C3  >QP9W^\MGRgF<=5NAEV&EPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPE< PEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPE<PEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEP3 A@@  RD 3/2010Art. 29 Registros:Art.35Art.36ART 43ART 44 o Documento: orgorg.1org.2org.3org.4opop.plop.pl.1ACCN-STIC-410 Anlisis de riesgos en sistemas de la Administracin (CCN-STIC-470x Manual de usuario de PILAR MAGERIT v3 op.pl.2>CCN-STIC-406 Seguridad en redes inalmbricas basadas en 802.11 / CCN-STIC-408 Seguridad perimetral  cortafuegos CCCN-STIC-412 Requisitos de seguridad de entornos y aplicaciones web op.pl.3MCCN-STIC-205 Actividades de seguridad en el ciclo de vida de los sistemas TIC +CCN-STIC-400 Manual de seguridad de las TIC -CCN-STIC-404 Control de soportes informticos op.pl.4op.pl.5mCCN-STIC-105 Catlogo de productos de la seguridad de las Tecnolgicas de la Informacin y las Comunicaciones /CCN-STIC-813 Componentes Certificados en el ENS op.accop.acc.1.Serie CCN-STIC-500 Guas para Entornos Windows ,Serie CCN-STIC-600 Guas para otros Entornos Serie CCN-STIC-800 Guas del ENS op.acc.2Serie CCN-STIC-800 Guas ENS op.acc.3)CCN-STIC-801 ENS Responsables y funciones op.acc.4op.acc.5,CCN-STIC-807 Criptologa de Empleo en el ENS op.acc.6op.acc.7op.expop.exp.18o 1.2.- Identifica a los responsables de los elementos?op.exp.2op.exp.3op.exp.4op.exp.5op.exp.6op.exp.70CCN-STIC-403 Gestin de incidentes de seguridad /CCN-STIC-817 Gestin de Incidentes de Seguridad &CCN-STIC-845A LUCIA. Manual de Usuario KCCN-STIC-845B LUCIA. Manual de Usuario con Sistema de Alerta Temprana (SAT) 1CCN-STIC-845C LUCIA. Manual Instalacin Organismo ,CCN-STIC-845D LUCIA. Manual de Administrador op.exp.8;CCN-STIC-434 Herramientas para anlisis de ficheros de log :op.exp.9'CCN-STIC-817 Gestin de ciberincidentes KCCN-STIC-845B LUCIA. Manual de Usuario con Sistema de Alerta Temprana (SAT) op.exp.10 op.exp.11-CCN-STIC-807 Criptografa de empleo en el ENS op.extop.ext.10CCN-STIC-823 Utilizacin de Servicios en la nube op.ext.2op.ext.9op.cont op.cont.1 op.cont.2 op.cont.3op.monop.mon.19CCN-STIC-432 Seguridad Perimetral - Deteccin de Intrusos -CCN-STIC-434 Herramientas de anlisis de logs 6CCN-STIC-435 Herramientas de Monitorizacin de Trfico &CCN-STIC-818 Herramientas de seguridad 5CCN-STIC-953 Recomendaciones empleo herramienta Snort op.mon.2#CCN-STIC-815 Mtricas e indicadores 5CCN-STIC-824 Informe nacional del estado de seguridad 2CCN-STIC-827 Gestin y uso de dispositivos mviles P CCN-STIC-844 INES  Informe Nacional del Estado de Seguridad - Manual de Usuario 'CCN-STIC-817 Gestin de Ciberincidentes  ( CCN-STIC-845A  LUCIA. Manual de Usuario M CCN-STIC-845B  LUCIA. Manual de Usuario con Sistema de Alerta Temprana (SAT) 3 CCN-STIC-845C  LUCIA. Manual Instalacin Organismo . CCN-STIC-845D  LUCIA. Manual de Administrador mpmp.ifmp.if.1mp.if.2mp.if.3mp.if.4mp.if.5mp.if.6mp.if.7mp.if.9mp.permp.per.1mp.per.2mp.per.3mp.per.4mp.per.9mp.eqmp.eq.1mp.eq.2mp.eq.3mp.eq.9mp.commp.com.1/CCN-STIC-408 Seguridad perimetral (cortafuegos) .CCN-STIC-419 Configuracin segura con IPtables .Serie CCN-STIC-500 Guas para Entornos Windows,Serie CCN-STIC-600 Guas para otros EntornosSerie CCN-STIC-800 Guas ENS  mp.com.2,CCN-STIC-406 Seguridad en Redes Inalmbricas 2CCN-STIC-416 Seguridad de redes privadas virtuales CCN-STIC-807 Criptografa ,CCN-STIC-816 Seguridad en Redes Inalmbricas mp.com.3mp.com.4`CCN-STIC-641 Seguridad en equipos de comunicaciones routers Cisco Serie CCN-STIC-800 Guas ENS A U mp.com.9mp.simp.si.1mp.si.2-CCN-STIC-437 Herramientas de Cifrado Software .CCN-STIC-955B Recomendaciones de Empleo de GPG mp.si.3mp.si.4mp.si.5+CCN-STIC-400 Manual de seguridad de las TIC -CCN-STIC-404 Control de soportes informticos mp.swmp.sw.11CCN-STIC-205 Actividades seguridad ciclo vida CIS METRICA v3mp.sw.2mp.info mp.info.1 mp.info.2cCCN-STIC-001 Seguridad de las TIC que manejan informacin nacional clasificada en la Administracin mp.info.3)CCN-STIC-955B Recomendaciones empleo GPG mp.info.4@CCN-STIC-405 Algoritmos y parmetros de firma electrnica segura mp.info.5 mp.info.66CCN-STIC 835 Borrado de metadatos en el marco del ENS.  mp.info.9mp.smp.s.1-CCN-STIC-682 Configuracin segura de Sendmail /CCN-STIC-814 Seguridad en el Servicio de Correo mp.s.2'CCN-STIC-812 Seguridad en Servicios Web mp.s.8=CCN-STIC-434 Herramientas para el anlisis de ficheros de log >CCN-STIC-820 Gua de proteccin contra Denegacin de Servicio mp.s.95.2.2 OPERATIONAL FRAMEWORK5.2.1 ORGANIZATIONAL FRAMEWORK5.2.3 MEASURES FOR PROTECTION 5.1 COMPLIANCE WITH ENS ARTICLES3TECHNICAL SECURITY INSTRUCTIONS AND SECURITY GUIDESCategory RequirementApplicability - AuditedCommentso 1.- Do you know and keep updated the list of technical security instructions and security guides that apply to your system? Do you have a copy of these documents?Consult ITS and guides:To be published:&ITS Information Systems Security AuditSecurity incident reporting ITSSECURITY STATUS REPORTBasicEvidence: You have access to the INES tool of the CCN portal and have a copy of the individual report generated in the last campaign. This report is in printed form or saved in electronic format. @CCN-STIC-824 National Security Framework. Security Status Report (NCCN-STIC-844 INES. National Security Status Report. User's Manual and Annexes. ITS Security Status report+INFORMATION SECURITY INCIDENT RESPONSE TEAM0o 1.- Do you notify the CCN-CERT (National Cryptologic Centre - Computer Emergency Response Team) of those security incidents that have a significant impact on the security of the information handled and the services provided in relation to the categorization of systems included in Annex I of RD 3/2010?Evidence: You have records that show the interaction with the CCN-CERT in case of incidents of significant impact (high, very high or critical) or alternatively use the LUCIA tool for cyberincident management.Consult guides:Wo 1.- Is there a formal process for determining the category of the information system based on the assessment of the impact that an incident affecting the security of information or services would have on the availability, authenticity, integrity, confidentiality or traceability, following the procedure established in Annex I of RD 3/2010? This assessment is made on the basis of its impact on the organization's ability to achieve its objectives, protect its assets, fulfil its obligations, respect the law and the rights of citizens, following the procedure in Annex I.^With regard to the powers to carry out the assessment and determine the category of the systemo 1.1.- Does the person responsible for each information or service within the scope of his activity exercise the powers to make the assessments referred to in Article 43, as well as their subsequent modification? Evidence: There is documentary evidence that the power to assess the security dimensions of each information or service is approved by the person responsible. The assessment document is approved by the person responsible for each information or service within the scope of its activity.o 1.2.- Does the person responsible for the system ex< ercise the powers to assess the system referred to in Article 43 and to amend it subsequently? Evidence: There is documentary evidence that the power to determine the assessment of the system has been exercised by the person responsible for the system.;CCN-STIC 803 National Security Framework. System evaluation ITS Security Status Report7ITS in accordance with the National Security Framework.Audit observations: o Sampling:o Yes I'm auditing it:Apply: o Document: Records: o Document:CATEGORIES AND FACULTIES Category NEvidence: The security policy is either printed or saved in electronic format.,o 1.- Do you have a written security policy?$With regard to this security policy:o Yes{o 1.1.- Has it been approved by the competent superior body (in accordance with the provisions of article 11 of RD 3/2010)?Evidence: The security policy was drafted by a higher body or has been approved (through some written or electronic record) by the higher body. If the higher body does not have a security policy, it must have a security policy drawn up by the ICTS manager and approved by the ICTS Committee and the Corporate Security Committee. In addition, there is a regular review and signature procedure (the latter if there is no security policy drawn up by a higher body).Fo 1.2.- Do you specify the objectives and mission of the organization?bEvidence: Within the policy, the generic objectives and mission of the organization are indicated.bo 1.3.- Is the legal and regulatory framework in which the activities will be carried out precise?o 1.4.- Does it specify the security roles or functions, defining for each one the duties and responsibilities of the position, as well as the procedure for its appointment and renewal?Evidence: The policy indicates the security roles (information manager, service manager, security manager (STIC), system manager (ICT), administrators, operators, users, incident response team, etc.), their duties (ensuring compliance with regulations, keeping abreast of changes in technology, risk analysis, etc.) and the procedure for their appointment and renewal (how often it is renewed, for what reasons, who appoints them, etc.).Evidence: Within the policy, the existence of a STIC Committee, its composition (existence of a STIC manager, representatives of other departments such as physical security, operational security, etc.), its relationship with other elements of the organization (senior management, corporate security committee, etc.) and responsibility (drafting of the ICT Security Policy, creation and approval of standards and procedures on the use of ICT, definition of training requirements for ICT personnel, etc.) are indicated.Evidence: The policy indicates what the criteria for rating the documentation are, the procedure for rating it, who should generate and approve it, which people can access it, how often or under what circumstances it should be reviewed, etc.Audit observartions:o 1.7.- Does the security policy include a reference to the applicable legislation on the processing of personal data and is there consistency between the policy and the documentation required by such specific legislation?Evidence: The policy includes reference to the applicable legislation on the processing of personal data and there is consistency between the policy and the documentation required by the aforementioned legislation on the processing of personal data.hWhen the audited system has as its objective the processing of personal data, the provisions of Organic Law 15/1999 of 13 December on the Protection of Personal Data and its implementing regulations, and specifically the Security Document, will be taken into account. From 25 May 2018, where the audited system is intended to process personal data, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC shall be taken into account.MEvidence: Security regulations are printed and/or saved in electronic format.*With regard to these security regulations:Evidence: There are regulations regarding the protection of unattended equipment, use of e-mail for personal purposes, measures against unauthorized physical access to facilities, etc. These regulations should indicate how to locate the related procedures.2o 1.2.- Does it specify what is considered misuse?[Evidence: There are regulations indicating what is considered to be misuse of equipment (e.g. using the computer for personal purposes), services (e.g. using the Internet to download unauthorised or inappropriate content), facilities (e.g. eating in the server room), information (e.g. sending confidential data by e-mail without encryption), etc.o 1.3.- Do you specify the responsibility of the personnel with respect to the compliance or violation of these rules (rights, duties and disciplinary measures according to the legislation in force)??Evidence: There are regulations that indicate the rights (e.g.: access to e-mail for the exercise of their functions), duties (e.g.: to report any incident affecting information security) and disciplinary measures (reference to Law 7/2007 of 12 April on the Basic Statute of Public Employees or particular adaptations).Security proceduresXo 1.- Do you have one or more documents that constitute the written security procedures?Evidence: The security procedures are printed and/or saved in electronic format, have been prepared by the STIC manager and are approved by the STIC Committee. In addition, there is a regular review and signature procedure. Procedures should be in place for most routine activities, the closer to 100% the better (e.g., on asset inventory, firewall rule modification, backup tasks, user registration, etc.).)With regard to these security procedures:9o 1.1.- Do they specify how to carry out the usual tasks?DEvidence: Each procedure should cover, among other things, under what conditions it applies, what is to be done, what records remain of the activities, (e.g. the asset inventory procedure could state "Upon approval of the change - addition, modification or deletion - of one or more assets from the inventory, the person in charge and authorised for such change - the system administrator if a server, the communications technician if a network element, etc. must record in the inventory which exchange rate has been produced, on which asset, the date and its name - in addition to updating the detail of the asset. In case of finding any problem in this procedure, report it to the STIC responsible detailing, by means of the previously stipulated notification system, what the problem has been and, at least, a proposal of solution").Audit Observations:0o 1.2.- Do they specify who should do each task?Evidence: Each task is assigned to a role (STIC responsible, administrator, operator, etc.) (e.g.: the asset inventory procedure could indicate "It will be the system administrator who reviews every 6 months the asset inventory, if he identifies that no assets have changed since the last review, he will proceed to check that nothing has indeed changed within the scope of the inventory to ensure that there has been no unauthorized or unreported change").Fo 1.3.- Do they specify how to identify and report abnormal behaviour?;Evidence: There is a procedure that defines what is meant by abnormal behavior (e.g., receiving an error message from the application), how, and to whom it should be reported (e.g., what application you were using, what you were doing, and the error message should be reported by email to incidencias@organismo.es).Qo 1.- Is there a formal process for authorizations regarding information systems? o Yes o No OThe elements for which an authorization process should exist are set out below.*With regard to this authorization process:Jo 1.1.- Does it cover the use o< f facilities, both regular and alternative?{Evidence: The regulations provide for the process of authorising the use of facilities (e.g. access to the DPC, use of an alternative site for disaster backup servers, etc.), which covers the requirements set out above. There is documentary evidence of the application form and that these resources have been authorised by the relevant manager before they are put into operation.mo 1.2.- Does it cover the entry of equipment into production, in particular equipment involving cryptography?>o 1.3.- Does it cover the input of applications in production?So 1.4.- Does it cover the establishment of communications links with other systems?ao 1.5.- Does it cover the use of telematic means of communication (both regular and alternative)?3o 1.6.- Does it cover the use of information media?2o 1.7.- Does it cover the use of mobile equipment?So 1.8.- Does it cover the use of third party services, under contract or agreement?cEvidence: The regulation covers the process of using third party services (e.g. incident management, service management, development, infrastructure, etc.), which covers the above requirements. There is documentary evidence of the application form and that these resources have been authorised by the person responsible before they are put into operation.o 1.5.- Does it specify the structure of the committee(s) for the management and coordination of security, detailing its scope of responsibility, members and relationship to other elements of the organization?Evidence: The security regulations provide, for each type of component or action, the person or point of contact for its authorization. There is an application model (form) in any format that contains: Description of the element (component) or action for which authorization is requested, the activities for which the new component is required (motivation), the time for which authorization is requested (which may be temporary or permanent), justification that it does not affect other system functionalities, a risk analysis according to the category of the system (if the new component introduces possible vulnerabilities), justification that it does not violate any security regulations, information on the procedures that are applicable as well as the need to develop new ones if necessary.Apt.Category Dimensions / Level?5.2.2 COMPLIANCE WITH ANNEX II MEASURES - OPERATIONAL FRAMEWORKOPERATIONAL FRAMEWORKPLANNING5o 1.- Do you have at least an informal risk analysis?o Yes  o Record: Evidence: You have an approved document in which a textual presentation in natural language of the risk analysis has been made. This document is not more than one year old from its approval or revision. "With regard to this risk analysis:LEvidence: The document identifies the services provided by the organization and the information it handles in reference to compliance with Law 39/2015 (e.g. telematic service for processing files, etc.), as well as the elements on which they are based (e.g. servers, communications line, air conditioning of the CPD, offices, etc.).tEvidence: The document identifies the most likely threats (e.g., fire, theft, computer virus, computer attack, etc.)Evidence: The document identifies threats for which there are no safeguards, or those for which the current level of protection is not sufficient (e.g., data leakage on a USB media, etc.).Evidence: The document identifies the safeguards that are in place to mitigate the identified threats (e.g. fire extinguisher, lockable door, anti-virus, firewall, etc.)7o 2.- Do you have at least a semi-formal risk analysis?Evidence: You have an approved document in which a textual presentation in specific language and with defined semantics (i.e. with tables) of the risk analysis has been made. This document is not more than one year old from its approval or revision. Xo 2.1.- Does it identify and qualitatively value the most valuable assets of the system? o Yes o No Evidence: The document identifies the services provided by the organization and the information it handles in reference to compliance with Law 39/2015 (e.g. telematic service for processing files, etc.), as well as the elements on which they are based (e.g. servers, communications line, air conditioning of the CPD, offices, etc.). These assets (services and information) are also valued qualitatively (following the criteria of low, medium or high).>o 2.2.- Does it identify and quantify the most likely threats?Evidence: The document identifies the most likely threats and quantifies them (e.g., fire with low probability, theft with low probability, viruses with high probability, etc.).Evidence: The document identifies the safeguards that are in place to mitigate the identified threats and their level of effectiveness (e.g. fire extinguisher in all corridors, lockable door only in the DPC, anti-virus on the servers but not on the PCs, etc.). Evidence: The document identifies the level of risk to which the services are exposed (low, medium or high), according to a table of equivalence that takes into account the value of the assets, the probability of the threats and the effectiveness of the safeguards.High o Sampling:  o Document:)o 3.- Do you have a formal risk analysis?Xo 3.1.- Does it identify and qualitatively value the most valuable assets of the system?WEvidence: The document identifies the services provided by the organization and the information it handles as well as the elements on which they rely (e.g., servers, communications line, DPC air conditioning, offices, etc.). These assets (services and information) are also valued qualitatively (following the criteria of low, medium or high).7o 3.2.- Does it identify and quantify possible threats?CEvidence: The document identifies the most likely threats to each asset, their frequency and resulting degradation (e.g., fire in the DPC with low probability and total degradation, theft from the server with low probability and total degradation, viruses on the server with high probability and partial degradation, etc.).Go 3.3.- Does it identify the enabling vulnerabilities of these threats?Evidence: The document identifies the vulnerabilities that enable these threats (e.g. flammable materials, key is held by more than 10 people, antivirus is not updated frequently, etc.).;o 3.4.- Does it identify and assess appropriate safeguards?<Evidence: The document identifies the safeguards that are in place to mitigate the identified threats and their level of effectiveness (e.g. fire extinguisher in all corridors, lockable door only in the DPC, anti-virus on the servers but not on the PCs, etc.), as well as the possible need for additional safeguards.|Evidence: The document identifies the level of risk to which the services and information are exposed (low, medium or high).Security architecture2o 1.- Do you have documentation of the facilities?hEvidence: You have a document detailing the facilities (e.g. number of facilities, their location, etc.)4With regard to such documentation of the facilities: o 1.1.- Are the areas specified?(o 1.2.- Are the access points specified?YEvidence: The document details the access points (e.g. front door, emergency exit, etc.).'o 2.- Do you have system documentation?7Evidence: You have an inventory of information systems.)With regard to such system documentation:`Evidence: The documentation describes the system assets (e.g., mail server, backup robot, etc.).Evidence: The documentation describes existing networks (e.g. local network with 192.168.0.0/24 addressing, demilitarized zone (DMZ) with 172.16.0.0/24 addressing, etc.) and external connection elements (e.g. the local network is separated from the Internet by a firewall, etc.).Eo 2.2.- Are the internal networks and external connections specified?#o 2.1.- Is the equipment specified?4o 3.- Do you have documentation o< f lines of defense?Evidence: The documentation describes the security systems you have in place (e.g. firewalls, anti-virus, anti-spam, anti-phishing, etc.);With respect to such documentation of the lines of defense:o 3.1.- Are the points of interconnection to other systems or other networks specified, especially if it is a question of the Internet or public networks in general?Evidence: This documentation describes the elements of interconnection to other networks (e.g.: the connection to the Internet is made through a router, the connection to other offices is made through an IPSec VPN tunnel, the connection from remote laptops is made through SSL VPN, etc.)/o 3.2.- Are the firewalls, DMZ, etc. specified?Evidence: This documentation describes the defence elements in connections to other networks (e.g.: the connection to the Internet is through a firewall, etc.).Uo 4.- Do you have documentation of the user identification and authentication system?yEvidence: You have a document that details the user identification and authentication systems for each system or service.JWith respect to such user identification and authentication documentation:Evidence: This document details the authentication mechanism for each system or service (e.g.: access to the file processing service is via eID, access to the server administrator console is via username and password, etc.).o 4.2.- Does it need files or directories to authenticate the user and determine their access rights (e.g.: /etc/passwd on Linux, Active Directory on Windows, etc.)?Evidence: This document details where passwords are stored (e.g. keys are stored encrypted in the /etc/shadow file on Linux, Active Directory on Windows, etc.).Mediumno 5.- Do you have a management system for planning, organizing and controlling information security resources?Evidence: You have a document that details how the elements listed above are managed (e.g. how a new user is registered, how a connection to an external system is authorized, how access to a restricted area is authorized, etc.).\o 6.- Do you have documentation of the management system with regular updating and approval?Evidence: The documents detail how often they are reviewed (either explicitly or implicitly in the change management documents), who is responsible for the task and who is responsible for approval.Ao 7.- Is this documentation approved by the Technical Management?HEvidence: The documents have been approved by the Technical Directorate.Evidence: You have a document that details how the data is controlled once in the systems (e.g.: the exchange of information with other systems is accompanied by hashes to avoid alteration, etc.).AWith regard to such documentation of internal technical controls:Evidence: This document details how the data is controlled once in the systems (e.g., validation of ranges in the data, blocking of unauthorized characters, etc.).Acquisition of new componentsBasic High (With regard to this acquisition process:Jo 1.1.- Do you comply with the conclusions of the risk analysis [op.pl.1]?]Evidence: This procedure specifies that in the acquisition of new components, priority is given to the acquisition of the security mechanisms for the system that has identified the risk analysis and its action plan (e.g.: the checklist indicates if the reason for any requirement imposed on the firewall comes from the risk analysis and management).Eo 1.2.- Is it in accordance with the security architecture [op.pl.2]?SEvidence: This procedure indicates that acquisitions should be aligned with the defined security architecture (e.g. if physical security is defined as a door with a lock for the DPC, then the acquisition of a new door should require the door to be relocked, so a new door would not be worthwhile without an equal or better locking system).No 1.3.- Does it consider the technical, training and financing needs together?~Evidence: This procedure assumes that the new component complies with the defined technical measures (e.g. if the connections must be HTTPS, the new component must support HTTPS), that the personnel in charge of the component have the necessary training to use it or will be provided with it, and that it has received the consent of the economic department for its acquisition (e.g. e.g.: the checklist contemplates whether or not it meets - in which case the reason is given - the technical needs listed, the training needs - if they are not currently covered it will indicate how they can be covered by approved courses, manuals, etc.). - D / Medium"Dimensioning / capacity managementMo 1.- Have the dimensioning needs been studied before putting into operation?)Regarding this study of the dimensioning:+o 1.1.- Does it cover the processing needs?Evidence: This study estimates the processing needs (e.g., the device's CPU and memory will support the estimated concurrent number of sessions).lo 1.2.- Does it cover the information storage needs: during processing and during the period to be retained?gEvidence: This study estimates the storage needs both for its operation and for the time during which the information must be maintained (e.g.: the volume of data generated each day, the number of days the service will be used and the time the information must be accessible - both online and in a backup - has been calculated and is supported by the device)..o 1.3.- Does it cover the communication needs?Evidence: This study estimates the communication needs (e.g., that the available bandwidth supports the volume of data to be transmitted at any given time, or that the device supports access from another location).Vo 1.4.- Does it cover the needs of personnel: quantity and professional qualification?Evidence: This study estimates the staffing needs for the management of the element (e.g.: there are dedicated staff for the management of the element) in an appropriate way (e.g.: the management of the element will be done by staff who master its use and management interface).Bo 1.5.- Does it cover the needs of facilities and auxiliary means?Evidence: This study estimates the needs of the facility (e.g., the device fits by size in the server cabinet and there are also free bays to place it) and the ancillary equipment (e.g., the existing air conditioning units will be sufficient to continue cooling the data center).Certified componentsEvidence: You have a list of models for the acquisition of components whose evaluation has been carried out according to European or international standards (e.g.: complies with ISO/IEC 15408 -Common Criteria-) or a functional certification that contemplates:o 2.- And are the certificates recognized by the National Scheme for the Evaluation and Certification of Information Technology Security?VThere is evidence that the components have passed such an evaluation or certification.- Ensure, at least in documentation, that the product manufacturer has defined procedures for addressing future vulnerabilities identified in the product.Z- Maximum level of confidence provided by the regulations used regarding the resistance of the product's security functions, which are based on probabilistic or permutational mechanisms: resistance to direct attacks that are executed with incorrect information but without manipulating the normal operation of the product according to its design.- Vulnerability analysis for attacks of a technical competence level as high as the existing technology in the field allows, or as high as the reference standard used allows.I- Design, development, testing and revision of the component with method.0Evidence: Component certifications are recognized by the National Information Technology Security Evaluation and Certification Scheme. The encryption and electronic signature generation components have been cryptologically certified, in terms of their algorithmic strength, and there is evidence of this.ACCESS PROTECTIONIdentification - A, T / LowYo 1.- Is each entity (user< or process) accessing the system assigned a unique identifier?Regarding that identifier:o 1.1.- Is each user who accesses the system assigned different unique identifiers depending on each of the roles they must play in the system?+o 1.2.- Can we know to whom it corresponds?uEvidence: This procedure provides for the maintenance of a register of the entities responsible for each identifier. There is a relationship between the identifiers and their users (e.g.: the identifier "webmaster" belongs to Jorge Perez, belongs to the group "web" and therefore has read and write permissions in the folder "web" and read permissions in the folder "ftp"). o 1.3.- What rights do you have?o 1.4.- Is the identifier disabled when the user leaves the organization, ceases to perform the function for which the user account was required, or when the person who authorized it gives the opposite order?o 1.5.- Is the identifier maintained for the period necessary to meet the traceability needs of the associated activity records?o 2.- Does the level of the authenticity dimension of the authentication mechanism of the information systems accessed correspond to the security level of the electronic identification systems?<Evidence: There is a correspondence between the defined authenticity level and the equivalent security level according to Article 8 of Regulation 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market.URegulation No. 910/2014 of the European Parliament and of the Council of 23 July 2014 - I, C, A, T / LowEntry requirementso 1.- Are the system's resources protected by a mechanism that prevents their use (except for entities that have sufficient access rights)?XEvidence: The system has an access control mechanism before it is put into operation or already in production. To access any resource, it is necessary to be identified and authenticated beforehand (e.g., even though a PC can be accessed without a password, any application at a lower or higher level requires identification and authentication).o 2.- Are the access rights of each appeal established according to the decisions of the person responsible for the appeal, in accordance with the system's security policy and regulations?"Evidence: The system's security policy and regulations specify who is responsible for each resource and therefore is also responsible for assigning authorization and level of access to each resource. Check that the access rights coincide with those established in the policy or regulations.yo 3.- Does the mechanism include protection against access to system components and their configuration files or records? - I, C, A, T / Medium"Segregation of functions and tasks2o 1.- Is there segregation of functions and tasks?7With regard to this segregation of functions and tasks:Xo 1.1.- Do you consider the incompatibility of development tasks with operational tasks?wo 1.2.- Do you contemplate the incompatibility of "system configuration and maintenance" tasks with those of operation?Evidence: In the function scheme, "system configuration and maintenance" and "operation" appear and are marked as incompatible with each other.{o 1.3.- Do you foresee the incompatibility of "audit or supervision" tasks with those of any other system-related function?uEvidence: "system audit or supervision" appears in the function scheme and is marked as incompatible with all others.&Rest of CCN-STIC-800 Series ENS Guides Access rights management processo 1.- Are the privileges of each user limited to the strict minimum necessary to access the required information and to fulfil their obligations?SEvidence: The security policy and regulations specify that each user will only be provided with the minimum privileges to fulfil their obligations (e.g. a user who is responsible for the registration of new procedures and who has no responsibility for the management of these procedures should not be able to access the management of these procedures). There is documentary evidence of what privileges each user should have according to their obligations. Note that the sampling information is accessible only to users whose privileges (obligations) coincide with the above documentary evidence.Evidence: You have documentary evidence relating to who is responsible for the resources, and to whom you delegate the responsibility of granting, altering or cancelling access to the resources (it is assigned to specific personnel and not to all or any of them in the organization).Authentication mechanism@o 1.- Is the authentication mechanism identified in each system?Regarding the credentials used:No 1.1.- If they use passwords, do they comply with the basic rules of quality?Ko 1.2.- Is it activated once it is under the effective control of the user?Evidence: This policy or regulation states that the user's account is not enabled until the user has confirmed receipt of the credential.Do 1.3.- Are the credentials under the exclusive control of the user? Evidence: This policy or regulation states that the credentials are held only by the user (e.g., it states the user's responsibility not to share his or her credential). In the case of a password, it is known only to the user (e.g. the password is stored in the system in encrypted form).wEvidence: There is a record of each user confirming the receipt of the credential and it informs them of these aspects.o 1.5.- Are the credentials changed with the periodicity marked by the organization's policy (according to the category of the system accessed)?o 1.6.- Are the credentials removed and disabled when the entity (person, team or process) they authenticate ends their relationship with the system?Rest of CCN-STIC-800 SeriesUo 3.- If they use passwords, do they comply with strict quality and renewal policies?Go 4.- Were the credentials used obtained after a previous registration?dEvidence: To prove that the credentials have been obtained in person, telematically by means of a qualified electronic certificate or telematically by means of an authentication with an electronic credential obtained after a previous registration in person or telematically using a qualified electronic certificate in a qualified signature creation device.Fo 5.- Are the credentials suspended after a defined period of non-use?About the tokens:/o 6.- Is the algorithm accredited or certified?Lo 7.- Have the credentials used been obtained after a previous registration?-Evidence: To prove that the credentials have been obtained in a face-to-face or telematic way by means of an authentication with an electronic credential obtained after a previous face-to-face or telematic registration using a qualified electronic certificate in a qualified signature creation device. - I, C, A, T /High - I, C, A, T / MediumLocal access (local logon)4o 1.- Is disclosure of system information prevented? - I, C, A, T / Low6o 2.- Is the number of failed access attempts limited?Evidence: You have a documented policy or regulation that specifies the maximum number of failed access attempts, specifying what action to take if necessary. The system applies this policy (e.g. after 5 unsuccessful access attempts it locks the user's account).8o 3.- Are successful and unsuccessful accesses recorded?Evidence: You have a documented policy or regulation that specifies that both successful and unsuccessful accesses should be recorded. Check that the logging system stores both successful and unsuccessful accesses.^o 4.- Does the system inform the user of their obligations immediately after obtaining access?Xo 5.- Does the system inform the user of the last access with his identity successfully? - I, C, A, T / Medium=o 6.- Are there limits to the time, date and place of access?bo 7.- Have points been establis< hed where the system will require a renewal of user authentication?Remote access (remote login)_o 1.- Is the security of the system guaranteed when users or other entities remotely access it?1o 2.- Is it documented what can be done remotely?6o 3.- Have remote accesses been previously authorized?Evidence: You have a documented policy or regulation that specifies that remote access must be authorized in advance, indicating the person who can authorize access. There is documentary evidence of the accesses authorized, by whom and during which period. EXPLOITATIONInventory of assets-o 1.- Do you have an inventory of the system?Evidence: You have an inventory of the elements that make up the system, detailing their identifier, manufacturer and model (e.g.: "JUPITER" - Cisco 2128, "ORION" - Dell PowerEdge R420, etc.).With regard to this inventory:3o 1.1.- Do you identify the nature of the elements?Evidence: Each element in the inventory has specified what type it is (e.g.: the "JUPITER" element indicates that it is a router, the "ORION" element indicates that it is a server, etc.).Evidence: Each element of the inventory has specified who is responsible for it (e.g. the router manager is responsible for communications).o 1.3.- Is it kept up to date?CCN-STIC-800 SeriesSecurity Configurationeo 1.- Do you have a procedure for fortifying or bastioning the systems before they go into operation?)With regard to this bastioning procedure:Ho 1.1.- Do you indicate to withdraw the standard accounts and passwords?YEvidence: The procedure indicates that standard accounts and passwords should be removed (e.g. Linux servers should not have the "root" account, Windows servers should not have the "administrator" or "guest" account, etc.). Request the list of users to check that there are no accounts that should have been withdrawn according to the procedure.Evidence: The procedure indicates that unrequired, unnecessary, uninteresting, or inappropriate functionality, whether free, operational, administrative, or auditable, is disabled (e.g., if a firewall is purchased to protect the perimeter and it provides remote access functionality via IPSec VPN, if such added functionality is not required or requested by the responsible party, it must have been disabled), and that these are documented and the reason for their disabling.o 2.- The security measures will be respectful of the user and will protect him/her, unless he/she is consciously exposed to a risk. Does the system indicate that possibility to the user, and does he/she have to give his/her express consent assuming the risk?(o 3.- Is the default configuration safe?/CCN-STIC-500 Series Guas para Entornos Windows  $ Serie CCN-STIC-800 Series Guas ENS   3Serie CCN-STIC-600 Series Guas para otros Entornos   Configuration Management0o 1.- Is the configuration managed continuously? MaintenanceLo 1.- Do you have a maintenance plan for the physical and logical equipment?%With regard to this maintenance plan:_o 1.1.- Does it meet the manufacturers' specifications for system installation and maintenance?3o 1.2.- Do you continuously monitor defect notices?o 1.3.- Do you have a procedure to analyze, prioritize and determine when to apply security updates, patches, enhancements and new releases, taking into account the change in risk for prioritization?Change Managemnent@o 1.- Do you have a continuous control of changes in the system? vEvidence: You have a documented procedure that indicates the reasons why a system component should be changed and includes: approval of the responsible party, documentation of the change, security testing of the system after the change, and retention of a copy of the previous component for a pre-determined time. Check if backups are available of the current and immediate previous software version of the different components. This procedure is linked to the procedure for updating the asset inventory, updating the operating procedures related to the changed component and updating the business continuity plan (if applicable).%With regard to such exchange control:o 1.1.- Do you analyze all changes announced by the manufacturer or supplier to determine their suitability for incorporation or not? }Evidence: You have evidence of the analysis of all the announced changes, as well as the reason for their application or not.@o 1.2.- Before putting a new version or a patched version into production, is it checked on a machine that is not in production (equivalent to the production one in the aspects that are checked) that the new installation works correctly and does not diminish the efficiency of the functions necessary for the daily work? Evidence: This procedure involves the performance and recording of pre-production testing of the change (what, who, how and when). Consult the last change made, and sample, if considered._o 1.3.- Are the changes planned to reduce the impact on the provision of the affected services? Evidence: This procedure considers the time window in which the change affects the related services to a lesser extent, and the change is made in this window if deemed appropriate. Check the last change made and see if it was made in the stipulated time window.NEvidence: This procedure provides for the updating prior to the change of the risk analysis (which covers the situation after the change), the person responsible for this updating and, in case the resulting risk is high, it will require the explicit approval of the change by the owner. Consult the impact of changes on risk analysis.Protection against harmful codeo 1.- Do you have mechanisms for preventing and reacting to harmful code (viruses, worms, Trojans, spyware and "malware" in general)?/Regarding such mechanisms against harmful code:Uo 1.1.- Do they follow a maintenance according to the manufacturer's recommendations?~Evidence: Manufacturer's recommendations are available. The configuration options applied are those recommended by the manufacturer (e.g. program execution scan, incoming and outgoing mail scan, automatic blocking of malicious code, etc.), as well as those concerning update frequency; otherwise the reason is documented. Check the management of possible attacks, infections, etc...Incident Managementpo 1.- Do you have a comprehensive process for dealing with incidents that may impact the security of the system?With regard to that procedure:o 1.1.- Does it include reporting of both incidents and security events and weaknesses, detailing classification criteria and escalation of notification?4Evidence: This procedure contemplates the reporting of both incidents and security events as weaknesses (e.g.: considerable increase of error logs, service slowdown, etc.), either internal or coming from services provided by third parties, as well as the detail of the notification escalation process (e.g.: an end user must communicate the incident to the support center, this center analyzes if it is a security incident, in which case it reports it to the technician responsible for these incidents, etc.). Automated incident notification systems are available.o 1.2.- Does it include taking urgent measures, including stopping services, isolating the affected system, collecting evidence and protecting records (as appropriate to the case)?rCheck if there are reported incidents of these types and if the notification escalation process has been followed.Evidence: This procedure provides for urgent measures to be taken on the basis of an assessment of urgency, and who should take these decisions. As a result of this assessment, the measures to be taken are contemplated, including the detention of services, isolation of the system affected, collection of evidence and protection of records (as appropriate). Check whether these measures have been taken and whether the procedure has been followed.o 1.3.- Does it include the allocation of resourc< es to investigate the causes, analyze the consequences and resolve the incident?Ko 1.4.- Does the notice include interested parties (internal and external)?Ko 1.5.- Does it include measures to prevent the repetition of the incident?Evidence: This procedure includes, within the investigation of the causes, the necessary measures to prevent the incident from happening again. This procedure is linked to that of "[op.exp.3] Configuration Management", "[op.exp.5] Change Management" and "[op.exp.2] Security Configuration". Consult whether as a result of an incident it has been determined that it was necessary to modify a procedure so that it does not occur again and has indeed been modified.Wo 1.6.- Do the user procedures include the identification and handling of the incident?do 1.7.- Does it include updating, extending, improving or optimizing incident resolution procedures?Evidence: The incident management procedure provides for its periodic review or following the identification of possible improvements in it.o 1.8.- If the incident affects files with personal data, does its management also contemplate the provisions of current legislation on the processing of personal data?(Evidence: This procedure establishes the identification of whether the incident affects files with personal data and, if so, it is aligned or integrated with the incident management procedure of the applicable personal data processing legislation (related to [mp.info.1]). Check incident records.Recording user activityoo 1.- Are all user activities recorded in the system especially by activating the activity logs on the servers?Evidence: You have a documented policy or regulation that indicates that all user activities must be recorded in the system. Mechanisms exist to implement this policy or regulation and these mechanisms are activated. - T / LowWith regard to those records:o 1.1.- Is the determination of the activities to be recorded and their level of detail determined based on the system's risk analysis?iEvidence: The policy or regulation establishes them based on the result of the risk analysis ([op.pl.1]).yo 1.2.- Do they indicate who performs the activity, when they perform it and on what information, regardless of the user?Lo 1.3.- Does it include the activity of system operators and administrators?.Evidence: This policy or regulation establishes that the activity of the operators and administrators of the system must be registered. Check whether the logging mechanisms store the accesses to the system configuration in such a way that the operators and administrators themselves cannot modify them.Do 1.4.- Does it include both successful and unsuccessful activities?Evidence: This policy or regulation states that both successful and unsuccessful attempts should be recorded. Check if the logging mechanisms store both. - T /MediumEo 1.- Are activity records informally reviewed for abnormal patterns?Evidence: This policy or regulation states that activity records should be reviewed periodically to detect possible suspicious or illegal actions. Consult possible results of these informal reviews. - T / HighQo 3.- Is there an automatic system for collecting records and correlating events?Incident Management RecordKo 1.- Are all actions related to incident management recorded ([op.exp?7])?(With regard to this record of incidents:po 1.1.- Are the initial report, emergency actions and system modifications resulting from the incident recorded?Evidence: The incident management procedure ([op.exp.7]) covers the recording of these actions. This procedure is linked to that of "[op.exp.3] Configuration Management" and "[op.exp.5] Change Management". There is documentary evidence of these records.o 1.2.- Is evidence recorded that can subsequently support or deal with a legal claim when the incident may lead to disciplinary action on internal staff, external suppliers or the prosecution of crimes?_o 2.- Is the determination of auditable events reviewed based on the analysis of the incidents?Protection of activity records -T / High)o 1.- Are the system's records protected?.o 1.2.- Is the date and time of these insured?Yo 1.3.- Are they protected against modification or elimination by unauthorized personnel?;o 1.4.- Do the backups, if any, meet the same requirements?Evidence: You have a security policy or regulation that determines the levels of security to be applied to the backup, if any, of the records in line with the requirements set for live records. Ensure that the security measures applied to backups comply with the policy or regulations. Protection of cryptographic keysCo 1.- Are cryptographic keys protected throughout their life cycle?Ko 2.- Are means of generation isolated from the means of exploitation used?^o 3.- Are the removed operation keys to be archived on media isolated from those of operation?io 4.- Are evaluated means of generation and custody in operation or certified cryptographic devices used?_o 5.- Do the means of generation and custody in operation use algorithms accredited by the CCN?0o 6.- Are the means of custody in use protected?External services(Contracting and service level agreementsWEvidence: The risk analysis identifies the risks associated with the external supplier.Evidence: This procedure also requires the detail of what is considered to be minimum quality and the consequences for the supplier of non-compliance. There is documentary evidence recognized by the supplier (e.g.: contract signed by personnel with legal representation capacity of the supplier) of the minimum quality required (service level agreement) and the consequences of non-compliance and possible penalties if applicable.>Evidence: Such a procedure also requires the establishment of the functions or roles, obligations and responsibilities of each party. There is documentary evidence recognized by the provider (e.g., contract signed by personnel with legal representation capacity of the provider) of the responsibilities of the parties.Daily managementWo 1.- Do you have a routine system for measuring the fulfilment of service obligations?Evidence: This procedure includes a protocol for action in case of non-compliance or degradation in quality agreed in [op.ext.1]. Consult whether any breach of service obligations has been detected and what action has been taken.o 3.- Have the coordination mechanism and procedures been established to carry out the maintenance tasks of the systems affected by the agreement?Evidence: You have a documented procedure that defines the coordination mechanism and procedures for carrying out the maintenance tasks of the systems affected by the agreement (e.g. if the external provider maintains a server, you will need to agree how you can access the DPC for on-site maintenance, or if the external provider provides connectivity services and these need to be shut down for maintenance, you will need to agree when this will be done, etc.). Check if the procedure is being followed.mo 4.- Have the mechanism and procedures for coordination in case of incidents and disasters been established?Evidence: The incident management procedure on the external service shall be related to the one defined in [op.exp.7]. Check if the procedure is being followed.Alternative means - D / Highso 1.- Do you have a plan to replace the service by alternative means in case the contracted service is unavailable?qEvidence: You have a plan to replace the service by alternative means in case of unavailability of the contracted service within the time frame agreed in the organization's continuity plan ([op.cont]). If alternative means are available in the plan, check whether the alternative means are available (e.g. replacement server, replacement switch, alternative DPC, etc.).]o 2.- Does the alternative service offer the same security guarantees as the regular service?< uEvidence: The characteristics of the alternative service include the same security guarantees as the regular service.Qo 3.- Is the service replacement plan part of the organization's continuity plan?VEvidence: The "[op.cont.2] Continuity Plan" contemplates the use of alternative means.Continuity of serviceImpact analysis.o 1.- Has an impact analysis been carried out? - D / Medium$With regard to this impact analysis:Fo 1.1.- Do you identify the availability requirements of each service?PEvidence: Such an impact analysis identifies the availability requirements of each service (measured as the impact of an interruption over a certain period of time). Among these requirements is the identification of the maximum time of data that can be lost, which is taken into account in the frequency of backups and their management.Yo 1.2.- Do you identify the elements that are critical for the provision of each service?Evidence: This impact analysis identifies the elements that are critical to the provision of each service, whether they are in-house or provided by outsiders..CCN-STIC-470 Series Manual de usuario de PILAR Continuity plan$o 1.- Do you have a continuity plan?Regarding that plan:Vo 1.1.- Does it identify functions, responsibilities and activities to be carried out?po 1.2.- Is there a forecast of the alternative means to be combined in order to continue providing the services?wo 1.3.- Are the alternative means planned and materialized in agreements or contracts with the corresponding suppliers?Evidence: This plan includes the agreements or contracts signed with the corresponding suppliers necessary for the continuity of the service so that the coordination of all the elements reaches the restoration in the stipulated time. There are documents to establish points of contact, obligations and communication channels with suppliers for the synchronization of disaster recovery. Consult the contracts.Evidence: This plan identifies the training needs of the staff involved in the plan, as well as the planning of its delivery. Consult attendance records or training reception.|o 1.5.- Is it an integral and harmonious part of the organization's continuity plans in other matters unrelated to security?Periodic testing - D /Higho 1.- Are periodic tests carried out to locate and correct, if necessary, any errors or deficiencies that may exist in the continuity plan?System monitoringIntrusion detection7o 1.- Do you have tools to detect or prevent intrusion? Metric systemLowo 1.- Is the necessary data collected according to the category of the System in order to know the degree of implementation of the security measures and, if applicable, to provide the annual report required by Article 35 of the ENS in accordance with the Resolution of 7 October 2016, of the Secretariat of State for Public Administrations, which approved the Technical Instruction on Security State Reporting (ITS INES)?With regard to these values:o 1.1.- Do they measure the degree of implementation of the security measures they apply of those detailed in Annex II and, where appropriate, to provide the annual report required by Article 35 Report on the state of security?Ko 1.2.- Do they allow for the assessment of the incident management system?Evidence: There is a set of data and associated indicators according to the ITS Ins to evaluate the incident management system that allows to know: the number of security incidents treated; the time used to close 50% of the incidents; and the time used to close 90% of the incidents. The CCN LUCIA tool (management of cyber-incidents) allows the evaluation of the incident management system. ]o 1.3.- Do they measure the efficiency of the security measures including resources consumed?Evidence: There is a set of values indicated in the Ins ITS to measure the efficiency of security measures including resources consumed. Consult the resources of the hours and budgets consumed, the values, their updating frequency and the measures taken as a result of their analysis.A5.2.3 COMPLIANCE WITH ANNEX II MEASURES - MEASURES FOR PROTECTIONCategory Dimensions / LevelProtection measures+Protection of facilities and infrastructure!Separate, access-controlled areasRo 1.- Has the equipment been installed in separate areas specific to its function?$With regard to these separate areas: o 1.2.- Are accesses controlled?HEvidence: You have a documented policy or regulation that specifies that access to separate areas is controlled (e.g., access to the server room requires a key to the access door, which is the only way in) and monitored (e.g., you have a surveillance camera that controls access to the room, or the lock is electronic and records the separate access code of each person accessing, or the access procedure specifies that the person accessing puts their name and signature on a ticket list, etc.). Examine access to such rooms and ensure that they comply with the policy or regulations.Identification of people{o 1.- Is there an access control mechanism to the premises where there is equipment that is part of the information system?TEvidence: Has a mechanism that establishes access control to the specified premises #With regard to such access control:9o 1.1.- Is everyone who enters these premises identified?5o 1.2.- Are the entries and exits of people recorded?BEvidence: This procedure, which complies with the requirements of current legislation on the processing of personal data, specifies that for each person it must be recorded unequivocally along with the date and time of entry and exit, as well as the person or mechanism by which the record is made. Consult the access log.o 1.- Do the premises where the information systems and their components are located have adequate temperature and humidity conditions?Conditioning of the premisesSEvidence: There are adequate elements in the premises to maintain adequate temperature and humidity conditions and that they are within the margins specified by the equipment manufacturers. Check if there is air conditioning, thermometer and hygrometer in the DPC, if they are monitored regularly and if they are in the recommended values.With regard to these premises:To 1.1.- Do they have protection against the threats identified in the risk analysis?Evidence: The premises are protected against the threats identified in the analysis of natural and environmental risks, or those of human origin, whether accidental or deliberate (complementing [mp.if.1], [mp.if.4], [mp.if.5], [mp.if.6] and [mp.if.7]. Consult existing measures (e.g. prohibiting the existence of unnecessary material on the premises, in particular flammable material (paper, boxes, etc.) or which may cause other incidents (water sources, plants, etc.), and avoiding the premises themselves being a threat or causing other threats if the risk analysis has identified a fire as a threat, safeguards should be in place such as fire extinguishers, smoke sensors, etc.)Yo 1.2.- Do they have protection of the wiring against accidental or deliberate incidents?Evidence: The protection of the wiring is contemplated by means of its labelling (to be able to determine the connections of each physical cable), protection (to avoid tripping) and control (to avoid the existence of out-of-use wiring). To verify the existence of these measures.Electric power - D / Low5o 1.- Are the necessary electrical outlets available? Evidence: The premises should have the necessary electrical outlets. Please check that this is the case (e.g.: grounded plugs, sufficient number of plugs so that cascading multipliers exceeding the maximum recommended electrical power do not have to be used, etc.).0o 2.- Is the electrical power supply guaranteed?Bo 3.- Is the correct operation of the emergency lights guaranteed?Evidence: The premises must have emergency lights and a mechanism to check the correct functioning of the emerg< ency lights. Check that there are emergency lights. There's documentary evidence of the emergency light check. - D / Medium o 4.- Is the supply of electrical power guaranteed in the event of a failure in the general supply, guaranteeing sufficient time for an orderly completion of the processes, safeguarding the information?Evidence: The premises must have an uninterrupted power supply system (consisting of an Uninterruptible Power Supply and, if necessary, a generator) for the entire system that guarantees sufficient time for an orderly completion of the processes, safeguarding the information. Check whether the UPS meets the requirements identified in the analysis of the required electrical power. Consult the records of the tests that have been carried out to make sure that the UPS is able to withstand the time required for the ordered completion. How often are the tests carried out? Are load or empty tests carried out? How often are the batteries changed?Fire protectiono 1.- Are the premises where the information systems and their components are located protected against accidental or deliberate fires? - D / LowFlood protectiono 1.- Are the premises where the information systems and their components are located protected against accidental or deliberate incidents caused by water?Evidence: The premises are protected against accidental or deliberate incidents caused by water (e.g. the DPC not being traversed by water pipes, water sinks in the DPC, etc.) according to the level of risk identified. A study of the physical location of the premises has been carried out to find out the real risk of problems due to natural causes or the environment in which it is located (e.g. if it is in a location with flooding, a change of location or the availability of drainage pumps, etc., may be recommended) Equipment check-in and check-outo 1.- Is a detailed record kept of all entry and exit of equipment, including identification of the person authorising the movement?Evidence: Specify the type of equipment (including at least servers, laptops, communications equipment and information carriers) that must be logged in or out. The record should reflect: date and time, unambiguous identification of the equipment, person making the entry or exit, person authorizing the entry or exit and person making the record. Check that the equipment entry and exit register complies with the specifications.Alternative installations - D /Higho 1.- Is the existence and availability of alternative facilities guaranteed to be able to work in case the usual facilities are not available?Evidence: Check the existence of alternative facilities (e.g.: contract with a supplier of alternative facilities available within the time frame set out in the "[op.cont.2] Continuity Plan").Staff ManagementWorkplace characterization&o 1.- Has each job been characterized?%With regard to this characterization:Evidence: This policy or regulation defines the responsibilities related to each job (related to [op.acc.3]), based on risk analysis as it affects each job. Review the list of people assigned to each type of work center. o 2.- Are the job requirements taken into account in the selection of the person who will occupy the position, including the verification of his/her work history, training and other references?JEvidence: This policy or regulation contemplates the requirements of the job in the selection of the person who will occupy that position, including the verification of their work history, training and other references. Consult the characterization of a job, the person who holds it and their references and check that they match.Duties and obligationsuo 1.- Is each person working in the system informed of their job duties and responsibilities in relation to security?@With respect to such information of duties and responsibilities:0o 1.1.- Are the disciplinary measures specified?Evidence: This document informs about the disciplinary measures that may take place. Obtain evidence of reference to agreements or to the Workers' Statute or to the applicable civil service law.o 1.2.- Is it specified that it covers both the period during which the post is held and the obligations in the event of termination of the assignment or transfer to another post?Evidence: This document reports that obligations are maintained both in the period during which the post is held and subsequently, in the event of termination of the assignment or transfer to another post.o 1.3.- Is it specified that the duty of confidentiality with respect to the data to which it has access covers the period during which the post is held as in the case of termination of the assignment or transfer to another post?Evidence: This document informs that the confidentiality obligations are maintained both during the period during which the post is held and subsequently, in the event of termination of the assignment or transfer to another post.uo 2.- Have the duties and obligations of the staff been established in the case of staff hired through a third party?1With regard to staff hired through a third party:Go 2.1.- Have the duties and obligations of each party been established?fo 2.2.- Has the procedure for resolving incidents of non-compliance with obligations been established? Awarenesso 1.- Are actions taken regularly to raise staff awareness of their role and responsibility for ensuring that the system's security reaches the required levels?With regard to such awareness:o 1.2.- Is the identification of suspicious incidents, activities or behaviour that should be reported for treatment by specialised personnel part of the content?Evidence: The content of the awareness plan includes the identification of suspicious incidents, activities or behaviours that should be reported for treatment by specialised personnel.mo 1.3.- Is the procedure for reporting security incidents, whether real or false alarms, part of the content?Evidence: The content of the awareness plan includes the procedure for reporting security incidents, whether real or false alarms.TrainingWith regard to such training:/o 1.1.- Does it cover the system configuration?REvidence: This plan has training contents related to the configuration of systems.>o 1.2.- Does it cover the detection and reaction to incidents?]Evidence: This plan has training contents related to the detection and reaction to incidents.To 1.3.- Does it cover the management of information in any medium where it is found?Evidence: This plan has training contents related to the management of information in any medium where it is found, at least in terms of storage, transfer, copying, distribution and destruction.Alternative Staff*With regard to such alternative personnel:Io 1.1.- Are you subject to the same security guarantees as regular staff?aEvidence: Alternative personnel are subject to the same security guarantees as regular personnel.Equipment ProtectionWork station clearo 1.- Are the workstations required to remain clear, with no more material on the table than that required for the activity being carried out at any given time?Evidence: You have a documented policy or regulation indicating that the work stations should remain clear, with no more material on the table than required for the activity being performed at any given time. Visually inspect a workstation.Jo 2.- Is this material stored in a closed place when it is not being used?Evidence: This policy or regulation indicates that the material will be stored in a closed place when not in use. See if users have places to lock up this material.Work center lock - A /Mediumo 1.- Does the workstation lock up after a reasonable period of inactivity, requiring a new user authentication to resume the current activity?{o 2.- After a certain period of time, longer than the previous one, are the open sessions cancelled from that work station?Laptop Protection< o 1.- Is equipment that is susceptible to leaving the organization's premises and cannot benefit from the corresponding physical protection, with a clear risk of loss or theft, adequately protected?With regard to the laptops:ho 1.1.- Is an inventory of them kept together with an identification of the person responsible for them?ro 1.2.- Has a communication channel been established to inform the incident management service of losses or theft?Evidence: You have a documented procedure for reporting, to the incident, loss or theft management service, and the personnel responsible for the portable equipment are aware of it.o 1.3.- Has the information and services accessible been limited to the minimum necessary, within the scope of operation of the server, when a portable computer is connected remotely through networks that are not under the control of the organization?"Evidence: You have a documented procedure for protecting network connections (e.g., a perimeter protection system that minimizes visibility from the outside and a personal firewall). Check that the procedure for connections through the Internet and other untrustworthy networks is followed.Evidence: You have a documented policy or regulation requiring prior authorization for laptop connections over the Internet and other untrusted networks.no 1.5.- Is it avoided, as far as possible, that the equipment contains remote access keys to the organization?Evidence: You have a documented policy or regulation that prevents laptops from containing remote access keys to the organization as much as possible. Cases where this policy or regulation cannot be applied have been identified and are approved by management.o 1.6.- Have you been equipped with violation detectors that allow you to know if the equipment has been tampered with and activate the foreseen procedures for managing the incident?Qo 1.7.- Is the high level information stored on the disk protected by encryption?Evidence: This policy or regulation establishes the use of cryptographic means. Cryptographic means (related to [mp.si.2]) are available for the protection of the stored information.o 1.- Is the existence and availability of alternative means of processing information guaranteed in the event of unavailability of the usual means?&With regard to such alternative means:Ko 1.1.- Are they subject to the same security guarantees as the usual ones?]o 1.2.- Has a maximum time been established for alternative equipment to come into operation?Evidence: This procedure identifies the maximum time for alternative equipment to become operational in relation to [op.cont.2] and is approved by the person responsible. Consult the last test that guarantees the entry into operation in the established time.Protection of communicationsSecure perimeterYo 1.- Do you have firewalls that separate the internal network from the external network?Regarding that firewall:o 1.1.- Does the firewall system consist of two or more pieces of equipment from different manufacturers arranged in a cascade?Evidence: Two or more pieces of equipment from different manufacturers are cascaded together. See the firewalls and the network scheme.$o 1.2.- Are there redundant systems??Evidence: Firewalls should be redundant. See firewall settings.Protection of confidentiality - C / Medium1.- Are virtual private networks (VPNs[1]) used when the communication runs through networks outside the security domain itself?mEvidence: Communications over networks outside the security domain itself use VPNs with cryptographic methods that ensure the confidentiality of the information transmitted. Encryption key protection is compliant [op.exp.11]. Consult the VPN mechanism used. Consult the list of personnel with access to the VPNs (additions, deletions and modifications if necessary)About those VPNs:-o 1.1.- Do you use CCN accredited algorithms? - C /HighUo 1.2.- Are hardware devices preferably used in the establishment and use of the VPN?Evidence: Use of hardware devices in the establishment and use of the VPN In the case of non-use of hardware devices, it must be duly accredited and approved by the person in charge. Check whether hardware devices are used or, if not, whether it is approved by the person in charge.$o 1.3.- Are certified products used?yEvidence: Use of certified products (in relation to [op.pl.5] certified components) Check if certified products are used.(Protection of authenticity and integrity - I, A / Lowro 1.- Is the authenticity of the other end of a communication channel ensured before any information is exchanged?o 2.- Are active attacks (alteration of information in transit, injection of spurious information or hijacking of the session by a third party) prevented, ensuring that at least they will be detected, and will the procedures foreseen for handling the incident be activated?gEvidence: You have a documented policy or regulation that specifies the authentication mechanisms used.xo 4.- Are virtual private networks used when the communication runs through networks outside the security domain itself?Evidence: Communications over networks outside the security domain itself use VPNs with cryptographic methods that ensure the confidentiality of the information transmitted. Encryption key protection is compliant [op.exp.11]. Consult the VPN mechanism used.-o 4.1.- Do you use CCN accredited algorithms?io 4.2.- Any of the authentication mechanisms provided for in the applicable regulations will be accepted.Evidence: In the case that concerted keys are used, verify that there is a documented policy or regulation specifying the application of average quality requirements against divination, dictionary or brute force attacks.Uo 4.3.- Are hardware devices preferably used in the establishment and use of the VPN?UEvidence: You have a documented policy or regulation indicating the use of hardware devices in the establishment and use of the VPN. In the case of non-use of hardware devices, it must be duly accredited and approved by the person in charge. Check whether hardware devices are used or, if not, whether it is approved by the person in charge.$o 4.4.- Are certified products used?o 4.5.- Any of the authentication mechanisms provided for in the applicable regulations will be accepted. Are concerted keys used?Evidence: In the case that concerted keys are used, verify that you have a documented policy or regulation that specifies the application of high quality requirements against divination, dictionary or brute force attacks.Network Segregationo 1.- Is the network segmented?With regard to these segments:Jo 1.1.- Is there an entry control of the users who arrive at each segment?Mo 1.2.- Is there output control of the information available in each segment?Wo 1.3.- Is the point of interconnection particularly secured, maintained and monitored?Evidence: It is particularly secured, maintenance and monitoring of the point of interconnection between segments as in [mp.com.1] secure perimeter. - D / Higho 1.- Is the existence and availability of alternative means of communication guaranteed in the event of unavailability of the usual means?Evidence: There is identification of existing alternative means and their availability in case of failure of the usual ones, in relation to the "[op.cont.2] Continuity Plan". These means exist and are available.Evidence: The maximum time for alternative equipment to become operational is identified in relation to [op.cont.2] and is approved by the person responsible. Consult the last test that guarantees the entry into operation in the established time.Protection of information media Labelling - C / Low,o 1.- Are the information carriers labelled?With regard to such labelling:#o 1.1.- Do you reveal the contents?Evidence: This procedure specifies that the labelling must not reveal the content. Note that the< labelling does not reveal the content (e.g. the label does not contain words such as "financial data", "personnel data", etc. but a code that cannot be interpreted by outsiders).[o 1.2.- Does it indicate the level of security of the most qualified information contained?{o 1.3.- Can users understand the meaning of the labels, either by simple inspection or by using a repository to explain it?Evidence: This procedure specifies how to label the media and how to read the label. This information is part of the awareness [mp.per.3] and training [mp.per.4] plan, so they also know and apply the procedures associated with each level of information.o 1.4.- Does it apply to both electronic and non-electronic media (which have been a direct cause or consequence of electronic information within the scope of the ENS)?Evidence: The procedures referred to the protection of information stored and in transit reflect the measures to be applied, according to the nature of the medium (electronic or otherwise). Cryptography - I, C / Mediumo 1.- Are cryptographic mechanisms applied, in particular, to all removable devices (CDs, DVDs, USB disks, or others of a similar nature) that guarantee the confidentiality and integrity of the information contained?.With respect to such cryptographic mechanisms: - I, C / High$o 1.2.- Are certified products used?Custodyo 1.- Does due diligence and control apply to the information carriers that remain under the responsibility of the organization?With regard to this control:Ro 1.1.- Do you guarantee access control with physical or logical measures or both?Evidence: This procedure provides for access control to information carriers with physical ([mp.if.1] and [mp.if.7]), logical ([mp.si.2]) or both measures. Consult the controls in place.o 1.2.- Do you guarantee that the manufacturer's maintenance requirements are respected, especially with regard to temperature, humidity and other environmental aggressors?Evidence: This procedure identifies the manufacturer's maintenance requirements and establishes their application (related to [mp.if.3]). Check that they are applied. Transportio 1.- Do you have a departure record that identifies the carrier receiving the support for your transfer?Io 2.- Do you have an entry record that identifies the delivering carrier?o 3.- Do you use cryptographic protection means corresponding to the highest level of qualification of the information contained?-With regard to such cryptographic protection:xEvidence: This procedure sets out the steps for secure key management. The keys are managed as specified in [op.exp.11].Deletion and destruction - C / Lowio 1.- Are the media to be reused for other information or released to another organization safely erased?<Evidence: There is a documented procedure specifying who or under what circumstances the deletion should be made, who should perform it and the method of secure deletion of the media (portable computer disks in application of the measure [mp.eq.3], hard disks of all types of equipment, removable disks, PDAs, CDs, DVDs, magnetic tape, printed paper, paper tape, microfilm, RAM, CMOS, EEPROM, memory cards, smart cards, printer components, etc.). Check that the specified means for safe erasure are available and that they are carried out in accordance with the procedure.co 2.- Are the supports safely destroyed when the nature of the support does not allow safe erasure?Evidence: You have a documented procedure that indicates the type of media that does not allow safe erasure and specifies how to safely destroy the media. Consult the history of supports and the record of which have been eliminated.To 3.- Are the media safely destroyed depending on the type of information contained?"o 4.- Are certified products used?Evidence: Has a documented policy or regulation indicating the use of certified products (in relation to [op.pl.5]). Check whether certified products are used or, if not, whether it is approved by the person responsible.#Protection of computer applicationsApplication development\o 1.- Are applications developed on a different and separate system from the production one?Ho 2.- Are there development tools or data in the production environment?fEvidence: This policy or regulation states that no development tools or data can exist in the production environment. Note that there are no development tools in the production environment (e.g. no compilers in the production systems). Verify the separation of development and operating environments: characteristics, requirements and configuration of these.9o 3.- Does it apply a recognized development methodology?2Evidence: You have a documented policy or regulation that indicates the use of a known development methodology (e.g., METRIC). There is documentary evidence of the use of the development methodology (e.g. METRICA establishes the elaboration of a series of documents, verify that they have been elaborated).,With regard to this development methodology:=o 3.2.- Do you specifically address the data used in testing?WEvidence: This development methodology specifically addresses the data used in testing.4o 3.3.- Does it allow inspection of the source code?LEvidence: This development methodology allows inspection of the source code.MEvidence: This development methodology includes secure programming standards.]o 4.- Are identification and authentication mechanisms an integral part of the system design?Evidence: You have a documented policy or regulation regarding the design of a system that includes identification and authentication mechanisms.Ko 4.1.- What about the protection mechanisms for the information processed?Evidence: This policy or regulation regarding the design contemplates the mechanisms for the protection of the information processed.Ao 4.2.- What about the generation and processing of audit trails?Evidence: This design policy or regulation provides for the generation and processing of audit trails. Consult the design of a development.vo 5.- Are the tests prior to the implementation or modification of the information systems carried out with real data?oEvidence: You have a documented policy or regulation indicating that tests are performed using fictitious data or real data that is dissociated or masked, and if performed using real data, the corresponding level of security is ensured. There is evidence that real data does not exist in the development environment, or is otherwise approved by the responsible party.Acceptance and commissioningoo 1.- Do you have a test plan before going into production to check the correct functioning of the application?Evidence: You have a documented procedure for the development and execution of an application test plan. There is documentary evidence of the executed test plan and its result.With regard to these tests:6o 1.3.- Are they performed in an isolated environment?iEvidence: This plan envisages that the tests are carried out in an isolated environment (pre-production).o 1.4.- Do you use real data?Evidence: This plan contemplates that the tests are carried out with fictitious data or real data dissociated or masked, and in case they are carried out with real data the corresponding level of security is ensured.Jo 2.- Is a vulnerability analysis carried out prior to entry into service?Evidence: This plan includes the execution of a vulnerability analysis. Consult the results and, if they have identified a vulnerability, see how it has been resolved.(o 2.1.- Is a penetration test performed?Evidence: This plan includes the execution of a penetration test. Consult the results and, if they have identified a vulnerability, see how it has been resolved.?o 2.2.- What about a coherence analysis in process integration?~Evidence: This plan includes the execution of a consistency analysis in the integration in the processes. Consult the results.< 2o 2.3.- Is an audit of the source code considered?Evidence: This plan includes the opportunity to perform a source code audit. Consult the results, or in case it has not been done, consult the reasons for it.Protection of information Personal dataEo 1.- Have you identified whether the system processes personal data?Evidence: You have a documented procedure to identify whether the system processes personal data. Consult the result of the procedure.Qo 2.- In the case of processing personal data, do the regulations in force apply?[Evidence: Documentation is available regarding compliance with data processing or protection regulations, as well as data protection clauses with data owners, data processors and entities to which personal data are transferred in accordance with applicable legislation. Check these ends. Check the data protection security document or equivalent. EOrganic Law 15/1999 of 13 December on the Protection of Personal Data bRoyal Decree 1720/2007, of December 21, 2007, of the Regulation of Development of the L.O. 15/1999 tRoyal Decree 3/2010 of 8 January on the National Security Framework, amended by Royal Decree 951/2015 of 23 October. O e Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data Rating of information - C / Lowlo 1.- Is the information qualified in accordance with the legal provisions on the nature of the information?go 2.- Does the security policy establish who is responsible for each information handled by the system?Evidence: You have a documented security policy that specifies who is responsible for each piece of information handled by the system.o 3.- Does the security policy directly or indirectly reflect the criteria that determine the level of security required in the organization?o 4.- Does the person in charge of each information follow the criteria determined in the security policy to assign to each information the required level of security and is he responsible for its documentation and formal approval?o 5.- Does the person responsible for each piece of information at any time have the exclusive power to modify the level of security required, in accordance with the security policy?/Evidence: This policy states that the person responsible for each piece of information at any time has the exclusive power to modify the level of security required. For existing information, check the history of changes in your security level, as well as the date, and person responsible for the change. - C / Mediumeo 6.- Are there procedures that describe in detail how the information is to be labelled and handled?Evidence: You have a documented procedure that describes how information is to be labelled and handled, depending on the level of security required. Check that the labelling and processing of the information corresponds to the procedure..With regard to such processing of information:/o 6.1.- Do you contemplate your access control?Evidence: Complies [op.acc].'o 6.2.- Do you contemplate its storage?)o 6.3.- Do you contemplate making copies?5o 6.4.- Do you contemplate the labelling of supports?6o 6.5.- Do you contemplate its telematic transmission?Ko 6.6.- And do you consider any other activity related to such information?Evidence: Ask what other information-related activity the organization performs, and whether it is done in accordance with documented, approved, and reviewed policy, regulations, and procedures. Encryption - C / Highmo 1.- Is the information encrypted with a high level of confidentiality during both storage and transmission?Regarding cryptography:Do1.1.- Do you contemplate the use of cryptography in communications? Eo 1.2.- Do you envisage the use of cryptography in information media? `o 2.- Does information with a high level of confidentiality remain clear while it is being used?Evidence: Such a policy or regulation indicates that information with a high level of confidentiality remains clear only while it is being used.Electronic signature - I, A / Lowbo 1.- Do you have an Electronic Signature Policy approved by the relevant competent superior body?o 2.- Are the documents that require evidentiary capacity according to the law of common administrative procedure of the Public Administrations signed electronically?o 3.- In the event that other lawful electronic signature mechanisms are used, are sufficient compensatory measures incorporated that offer equivalent or superior guarantees in terms of preventing repudiation? - I, A / MediumVRegulation 910/2014 of 23 July on electronic identification and trust services (eIDAS) Yo 4.- If advanced electronic signature systems are used, are qualified certificates used?AEvidence: You have a documented policy or regulation indicating the use of qualified certificates. In the case of use of unqualified certificates, it must be duly accredited and approved by the person responsible. Check whether qualified certificates are used or, if not, whether it is approved by the person responsible.-o 5.- Are recognized certificates preferable?@Evidence: You have a documented policy or regulation indicating the use of qualified certificates. In the case of use of non-recognised certificates, it must be duly accredited and approved by the person responsible. Check whether certified products are used or, if not, whether it is approved by the person responsible.)o 6.- Are CCN accredited algorithms used?#o 7.- Is the verification and validation of the electronic signature guaranteed for the time required by the administrative activity it supports, without prejudice to the possibility of extending this period in accordance with the applicable policy on electronic signatures and certificates?FRegarding the verification and validation of the electronic signature:Ko 7.1.- Is the certificate attached to the signature, or is it referred to?Uo 7.2.- Are verification and validation data attached to the signature or referenced?Evidence: This procedure includes attaching or referencing the verification and validation data in the signature. Ensure that verification and validation data are attached to the signature or referenced.no 7.3.- Are the signature, the certificate and the verification and validation data protected by a time stamp?Evidence: This procedure includes a time stamp to accompany the signature, the certificate and the verification and validation data. Make sure that the signature, the certificate and the verification and validation data are accompanied by a time stamp.o 7.4.- Does the body collecting signed documents verify and validate the signature received upon receipt by attaching or referencing unambiguously the certificate, the verification and validation data, and the time stamp?Evidence: This procedure involves validating the signature of the signed document obtained, received at the time of receipt, by attaching or referencing without ambiguity the certificate, the verification and validation data, and the time stamp. Note that if signed documents are collected, the signature is verified and validated by attaching or referencing the certificate, the verification and validation data, and the time stamp without ambiguity.o 7.5.- Electronic signature of documents by the Administration attached or unambiguous reference to the certificate, the verification and validation data, and the time stamp?Evidence: This procedure includes the certificate, the verification and validation data, and the time stamp. Note that if documents are signed, the certificate, verification and validation data, and time stamp are unambiguously attached or referenced. - I , A / High&o 8.- Are qualified certificates used?Evidence: You have a documented policy or regulation indicating the< use of qualified certificates. Check the use of these certificates.4o 9.- Are qualified signature creation devices used?pEvidence: You have a documented policy or regulation indicating the use of qualified signature creation devices.#o 10.- Are certified products used?Evidence: You have a documented policy or regulation indicating the use of certified products (in relation to [op.pl.5]). Check if certified products are used. Time stampslo 1.- Are time stamps (electronic dating) applied to information that may be used as evidence in the future?o 2.- Is the data relevant for the subsequent verification of the date treated with the same security as the dated information for the purposes of availability, integrity and confidentiality?o 3.- Are time stamps regularly renewed until the protected information is no longer required by the administrative process it supports?@o 4.- Are certified products or admitted external services used?io 5.- Are "qualified electronic time stamps" used in accordance with European regulations on the subject? Cleaning of documentso 1.- Is there a procedure to clean up (remove information contained in hidden fields, meta-data, comments or reviews) all documents that are to be transferred to another security domain, except where such information is relevant to the recipient of the document?Backupro 1.- Do you make backups that allow for the recovery of accidentally or intentionally lost data of a certain age?With regard to such backups::o 1.1.- Do they cover the organization's work information?Evidence: This procedure requires all information managers in the organization to determine their need for backups. Make sure that the backups store this information.To 1.2.- Are the applications in operation, including the operating systems, covered?Evidence: This procedure requires that all the organization's systems managers determine their need for backups. This procedure is linked to [op.exp.3] configuration management, [op.exp.4] maintenance and [op.exp.5] change management. Make sure that the backups store this information.mo 1.3.- Does it include configuration data, services, applications, equipment, or others of a similar nature?\Evidence: This procedure requires that all system managers in the organization determine their need for backups. This procedure is linked to [op.exp.1 asset inventory], [op.exp.2] security configuration, [op.exp.3] configuration management, [op.exp.4] maintenance and [op.exp.5] change management. Make sure that the backups store this information.Mo 1.4.- Are the keys used to preserve the confidentiality of the information?Evidence: This procedure requires that all system managers in the organization determine their need for backups. This procedure is linked to [op.exp.11]Protection of cryptological keys and [mp.info.3] encryption. Make sure that the backups store this information.o 1.5.- Do they enjoy the same security as the original data in terms of integrity, confidentiality, authenticity and traceability?Evidence: This procedure provides that backups enjoy the same security as the original data in terms of integrity, confidentiality, authenticity and traceability, both in terms of access, storage and transport. This procedure is linked to [op.acc] access control, [op.exp.9] incident management logging and [op.exp.10] protection of activity logs and, in case encryption is used, with [op.exp.11 Protection of cryptographic keys]. Check that the security measures are appropriate.Wo 1.6.- Is there an authorization process for the recovery of information from backups?Evidence: You have a documented procedure for requesting a backup recovery, identifying the person responsible for the information and giving written authorization. Consult the latest information restorations and check that they have been authorised by the person responsible.vo 1.7.- Is it regularly verified that the backed up information is correctly disposed to be recovered in case of need?o 1.8.- Are they kept in place(s) sufficiently independent of the normal location of the information in operation so that the incidents foreseen in the risk analysis do not occur simultaneously in both places?Protection of services*Protection of the electronic mail (e-mail)so 1.- Is the information distributed via e-mail protected, both in the body of the messages and in the attachments?>o 2.- Is message routing and connection information protected?Evidence: You have a documented policy or regulation that specifies message routing protection (e.g., protecting the DNS server and its configuration by preventing the end user from changing the configuration of the mail account - such as the mail server) and connection establishment (e.g., preventing the end user from connecting to a non-corporate mail server, such as with firewall rules).uo 3.- Is the organization protected against problems that materialize through email, such as unsolicited mail (spam)?Evidence: Has a documented policy or regulation that specifies that the organization should be protected from spam. You have a properly configured and maintained anti-spam system (e.g. an anti-spam system before the mail server, or an anti-spam system at the user's end).-Regarding protection against e-mail problems:o 3.1.- Do you protect yourself against harmful programs (viruses, worms, trojans, spies or others of similar nature) related to op.exp. 6 Protection against harmful code?:o 3.2.- Is it protected against mobile code "applet" type?8o 4.- Have rules for the use of e-mail been established?%Regarding this rule of use of e-mail:Wo 4.1.- Do you contemplate limitations to the use as support of private communications?fEvidence: These regulations specify the limitations to the use as a support of private communications.Vo 4.2.- Are awareness and training activities carried out regarding the use of e-mail?/CCN-STIC-500 Series Guas para Entornos Windows -CCN-STIC-600 Series Guas para otros Entornos +Protection of web services and applicationsmo 1.- Are the subsystems dedicated to the publication of information protected against the threats they face?o 2.- When the information has some kind of access control, is the impossibility of accessing the information guaranteed by bypassing authentication?mo 2.1.- Is the server prevented from offering access to documents by alternative means to the given protocol?You have a documented policy or regulation that specifies the access protocol to be used, and you do not allow another one to be used. The system applies this policy (e.g. pages that are to be accessed via HTTPS are not accessible via HTTP)./o 2.2.- Are URL manipulation attacks prevented?0o 2.3.- Are attacks on users' cookies prevented?Evidence: This policy or regulation specifies the use of mechanisms to protect cookies from tampering. The system applies this policy (e.g. the cookie information is stored in encrypted form).-o 2.4.- Are code injection attacks prevented?VEvidence: This policy or regulation specifies the use of mechanisms to prevent code injection attacks. The system applies this policy (e.g.: applications do not allow receiving unsanctioned code, the web server does not allow entering characters not authorized by the application, the server does not return descriptive error messages, etc.).4o 3.- Are attempts to escalate privileges prevented?&Evidence: This policy or regulation specifies the use of mechanisms to prevent attempts to escalate privileges. The system applies this policy (e.g. no system information can be accessed that can be used for privilege escalation, no actions can be executed by impersonating another user, etc.).1o 4.- Are cross site scripting attacks prevented?REvidence: This policy or regulation specifies the use of mechanisms to prevent cross site scripting attacks. The system applies this policy (e.g.: it is not possible to enter information on the< website that is displayed as it is to the user later, it is not possible to upload Adobe Flash content from locations outside the server, etc.).Eo 5.- Are attacks of manipulation of "proxies" or "caches" prevented?Evidence: This policy or regulation specifies the use of mechanisms to prevent "proxy" or "cache" manipulation attacks. The system applies this policy if it makes use of these technologies (e.g., it is not possible to supplant sessions of other users).:o 6.- Are security audits and penetration tests performed?jo 7.- Are website authentication certificates used in accordance with European regulations on the subject?\Evidence: You have a documented policy or regulation indicating the use of website authentication certificates. In case of not using web authentication certificates, it must be properly accredited and approved by the responsible. Check whether website authentication certificates are used or, if not, whether it is approved by the person in charge.uo 8.- Are qualified web site authentication certificates used in accordance with European regulations on the subject?nEvidence: You have a documented policy or regulation indicating the use of qualified website authentication certificates. In the case of use of unqualified certificates, it must be duly accredited and approved by the person responsible. Check whether qualified website authentication certificates are used or, if not, whether it is approved by the responsible party.VRegulation 910/2014 of 23 July on electronic identification and trust services (eIDAS)$Protection against denial of service - D / Mediumno 1.- Has the system been planned and equipped with sufficient capacity to handle the expected load with ease?Evidence: You have a procedure to identify the load the system can carry. The load that the system can carry has been checked against the expected load ([op.pl.4] dimensioning/capacity management) and is sufficient.Wo 2.- Have technologies been deployed to prevent known denial of service (DoS) attacks? - D / HighLo 3.- Has a system for detecting denial of service attacks been established?Evidence: You have a documented policy or regulation indicating the establishment of a denial of service attack detection system. Mechanisms are in place to enforce such a policy or regulation (e.g., a DoS detection device, a monitor with warning if it detects a higher or lower number of requests than usual, a monitor with warning if it detects higher than usual communications bandwidth consumption, etc.).yo 4.- Has a procedure been established for reacting to attacks, including communication with the communications provider?Evidence: You have a documented procedure that indicates the procedure for reacting to attacks, including communicating with the communications provider.fo 5.- Is the launching of attacks from the facilities themselves prevented from harming third parties?mEvidence: You have a documented policy or regulation that indicates the establishment of a system that prevents the launch of attacks from your own premises to the detriment of others. Mechanisms are in place to enforce such a policy or regulation (e.g. blocking a large number of concurrent connections, blocking the sending of large amounts of information, etc.).o 1.- Is the existence and availability of alternative means of providing the services guaranteed in the event of unavailability of the usual means?\o 1.2.- Has a maximum time been established for the alternative means to become operational?Evidence: This procedure identifies the maximum time for alternative means to become operational in relation to [op.cont.2]. Consult the last test that guarantees the entry into operation in the established time.Evidence: You have a copy of the ITSs and guidelines that apply to your system in printed form or saved in electronic format. Do you know where to update the list and obtain copies of documents (e.g. CCN website www.ccn-cert.cni.es)o Yeso Yes o 1.- Do you comply with the Technical Instruction on Security of the Report on the State of Security regulated by Resolution of 7 October 2016, of the Secretariat of State for Public Administrations?In addition, you have a copy of the ITSs and guidelines that apply to your system in printed form or saved in electronic format. You know where to update the list and obtain copies of documents (e.g. CCN website: www.ccn-cert.cni.es)FCCN-STIC-817 Esquema Nacional de Seguridad. Gestin de ciberincidentes &CCN-STIC-845A LUCIA. Manual de usuario KCCN-STIC-845B LUCIA. Manual de usuario con Sistema de Alerta Temprana (SAT) 5CCN-STIC-845C LUCIA. Manual de instalacin. Organismo ,CCN-STIC-845D LUCIA. Manual de administrador Evidence: There is a document available that analyses the assessment made by each information or service manager, who is authorised to do so, of the consequences of a negative impact on the security of information and services.=CCN-STIC 802 Esquema Nacional de Seguridad. Gua de auditora @CCN-STIC 804 Esquema Nacional de Seguridad. Gua de implantacin ORGANIZATIONAL FRAMEWORKSecurity PolicyEvidence: Within the policy are indicated the laws that apply to it (LO 15/1999, RD 1720/2007, L39/2015, L40/2015, RD 3/2010, etc.) as well as the various regulations that may exist (European scope, local, etc.) (For example: include in an annex the list of applicable legislation).to 1.6.- Are the guidelines for structuring the system's security documentation, its management and access indicated?Security regulationsKo 1.1.- Is the correct use of equipment, services and facilities indicated?Yo 1.- Do you have one or more documents that constitute the written security regulations?Authorization process2Evidence: The regulations provide for the authorization process for the entry of equipment into production, which covers the above requirements. There is documentary evidence of the application form and that these resources have been authorised by the person responsible before they are put into operation.Evidence: The regulation provides for the process of authorising the entry of applications into production (e.g. operating system patch updates, installation of new applications, etc.), which covers the above requirements. There is documentary evidence of the application form and that these resources have been authorized by the person responsible before they are put into operation. Risk Analysis>o 1.1.- Are the most valuable assets in the system identified?/o 1.2.- Are the most likely threats identified?Ho 1.3.- Are the safeguards that protect against such threats identified?/o 1.4.- Are the main residual risks identified?Uo 2.3.- Are the safeguards that protect against such threats identified and assessed?9o 2.4.- Is the the residual risk identified and assessed?6o 3.5.- Does it identify and assess the residual risk?/o 2.3.- Are the system access points specified?{o 4.1.- Is the use of concerted keys, passwords, identification cards, biometrics, or others of a similar nature specified?Co 8.- Do you have documentation of the internal technical controls?Co 8.1.- Is input, output and intermediate data validation detailed?Vo 1.- Is there a formal process for planning the acquisition of new system components?{Evidence: You have a study in any format with this analysis, before each acquisition or putting into operation, of the needs for additional means or capacities of the existing means, so that these satisfy the established requirements. In case they are not satisfied, it is argued. There is documentary evidence of each study, reflecting who performed it, the date and the result.- Maximum level of confidence provided by the regulations used regarding the proof of robustness of the component's security, when used in a manner different from that specified by its documentation of use.Evidence: There is a set of data and indicators to measure the< degree of implementation of security measures. Consult the values, their update frequency and the measures taken as a result of their analysis. Consult the latest security status report.o 1.- Are systems, products or equipment whose security functionality and level have been assessed in accordance with European or international standards being used?MEvidence: This procedure provides for the maintenance of a register of the rights of each entity. There is a relationship between the identifiers and their permissions (e.g. the identifier "webmaster" belongs to the group "web" and therefore has read/written permissions in the folder "web" and read permissions in the folder "ftp").Evidence: Consult incompatible functions and request the name of the people assigned to those functions to verify that they are not the same people.uEvidence: "Development" and "operation" appear in the function scheme and are marked as incompatible with each other.4Evidence: You have a documented policy or regulation that specifies that you must use passwords of at least a certain length marked by the entity's policy, containing alphabetic and numeric characters that are not easy to guess (significant dates, telephone numbers, car license plates, names of family members or friends, etc.), or reuse personal passwords. The credential management mechanism does not allow the use of passwords that do not comply with this policy (e.g., the Windows password policy does not allow the creation of keys that violate this policy).o 1.4.- Has the user confirmed that he or she has received the credentials, and that he or she knows and accepts the obligations involved in holding them, in particular the duty of diligent custody, protection of their confidentiality and immediate information in case of loss?Evidence: You have a documented security policy that specifies the periodicity of credential changes. There is evidence of the change of credentials within the period established in the policy (e.g.: the Windows password policy forces the change of credentials after the established time, there is a history that indicates what was the date of the last change of the credential of each user and it is within the established time, etc.).(o 2.- Is two-factor authentication used?Evidence: Verify that a double authentication factor is used: something you know (passwords or concerted keys); something you have (software certificates, one-person physical tokens, etc.); and/or something you are (biometric elements).Evidence: You have a documented policy or regulation that specifies that the user must be informed of his or her obligations immediately upon obtaining access. Once the system has been successfully accessed, it displays a warning with the user's obligations. - I, C, A, T / HighEvidence: You have a documented policy or regulation that specifies that accesses made outside the organization's own facilities, through third party networks, must meet the requirements of measures [op.acc.6] and [mp.com.3].iEvidence: You have a documented policy or regulation governing activities that can be performed remotely.Evidence: You have a documented procedure that indicates the activities to be performed on the systems (security profile) for their safe configuration prior to their entry into operation. This procedure is endorsed by a recognized authority (e.g. CCN security templates and baseline recommendations). There is documentary evidence (e.g., checklist) of the fortification done to the systems, indicating the person who did it and the date and version of the procedure they used.VEvidence: You have a documented procedure to record which situations may put security at risk and ensure that these require the express consent of the user. If the user performs an action that may jeopardize security but the organization consents to it under the user's responsibility (e.g.: exporting a list of personal data for a specific treatment known to the organization, but which requires the creation of a temporary file that must comply with the same security measures as the original file), the user will have to consciously accept that possibility, his responsibility and consequences (e.g. e.g.: in this case a warning window must appear to the user, which by default will have the option of "no further action" marked, informing the user of this and asking him to accept the conditions). See if there are any records of these user consents.Evidence: By default, the system configuration is safe (e.g. in case the user has not specified a key for a service, it will not be empty, but will have a preconfigured -non-standard- key).o 1.4.- Is it determined by risk analysis whether the changes are relevant to the security of the system? If the change involves a high level of risk, is the change explicitly approved prior to implementation?Evidence: This procedure provides for the allocation of resources to investigate the causes of the incident, analyze the consequences and resolve the incident. Check whether these measures have been taken and whether the procedure has been followed.-o 1.1.- Is their retention period determined?Evidence: You have mechanisms to guarantee the date and time of its generation according to [mp.info.5]. Check that the date and time of various systems, especially those that generate or store activity records, is correct.Evidence: You have a documented procedure of their retention period, which is established in addition to the retention period of evidence after an incident. The records inventory includes the retention period of the records. You have a documented procedure for disposal of records after the stipulated retention period, including backups (if any). Check if the age of the records matches the established retention period.Evidence: You have a documented procedure for protection during generation, transport to the point of operation (e.g. hand delivery, use of secure or cryptographic physical containers, dual channel - key and activation data separately), storage during operation, archiving after removal from active operation and final destruction (e.g. disposal of original and copies). Check if this procedure is followed.Evidence: You have a documented policy or regulation specifying that the means of generation must be isolated from the means of exploitation. Check if they are generated according to such policy or regulation.Do 1.- Have the risks of contracting external services been analyzed?Evidence: You have a documented procedure for incident management. Consult incidents of this type and, if none exist and it has been a long time since the procedure was implemented, consult whether the reason why no incident has been detected has been analyzed (e.g. because no security incidents have occurred, or because staff are unaware of the procedure and therefore do not report them, etc.)?Prior to the use of external resources it has been established:Ro 1.2.- What is considered minimum quality and the consequences of non-compliance.4o 1.1.- The characteristics of the service provided.,o 1.3.- The responsibilities of the parties.rEvidence: You have a documented procedure that defines the frequency of measurement of compliance with service obligations, the person responsible for such measurement and the protocol for action in the event of non-compliance. The required follow up could be included in the contract (reports to be made, reviews, monitoring...) Consult the results of the measurements.Wo 2.- Do you have a procedure to neutralize any deviation outside the agreed tolerance?Evidence: You have a mechanism for the analysis of the impact of a contingency in the continuity of the service, this contemplates the person responsible for it, its periodic revision or update after changes in the systems (linked to [op.exp.3], [op.exp.4] and [op.exp.5]). If the mechanism is reflected in a documented procedure, consult the latest impact analysis and the fact that it has been revised or updated.7Evidence: You have a continuity plan that establishes the actions to be carried out in case < of interruption of the services provided by the usual means. This plan provides for periodic review or updating following changes in systems (linked to [op.exp.3], [op.exp.4] and [op.exp.5]), services and their quality.'Evidence: Intrusion detection or prevention tools are in place and operational. You have a document analyzing the location of these tools and their correct configuration (e.g.: manufacturer's recommendations regarding the systems to be monitored, protocols to be inspected, etc.), in accordance with the risk analysis. You have a documented procedure that indicates the frequency of its updating (related to [op.exp.4]), the responsibility in the attention to the alarms, and the frequency and responsibility in the review and analysis of the records.Evidence: You have a mechanism for the assignment of responsibility in the collection of the requested data which, in general, will refer to the identification of the entity, general data, security organization, critical processes, awareness and training, incident management, resources and budgets, audit, critical risk indicators and security measures, as described in the security guide CCN-STIC-815 on Metrics and Indicators for the National Security Framework. In the CCN-STIC 824 ENS Security Status Report guide, for each data requested, the objective to be measured, the origin of the information, the procedure for collecting and processing the data, the frequency of data collection and presentation of results and the assessment criteria of the resulting indicators for the purposes of reacting and taking decisions are considered. Access to the INES (National Security Status Report) tool is available. There is documentary evidence of such data.Evidence: You have a documented procedure that specifies that each person who accesses it must be identified. Check this fact by requesting access to the corresponding records.Evidence: Premises are fire protected in accordance with relevant industry standards (e.g. having evacuation signs, fire extinguishers, non-flammable materials, etc.). You have the relevant industrial regulations and these are applied.@o 1.1.- Does it define the responsibilities related to each job?Evidence: This policy or regulation defines the requirements to be met by the people who are to occupy the post, in particular in terms of confidentiality. Evidence: You have a documented regulation that specifies the duties and obligations of personnel hired through a third party. There is documentary evidence of the requirement of this regulation (e.g.: the regulation is reflected in the contract with the third party).Evidence: You have a documented regulation that lists the duties and obligations of each party. There is documentary evidence of the requirement of this regulation (e.g.: the regulation is reflected in the contract with the third party).rEvidence: The content of the awareness plan includes security regulations regarding the proper use of the systems._o 1.1.- Are the security regulations regarding the good use of the systems part of the content?]o 1.- Are the staff regularly trained in the subjects they require to carry out their duties?Evidence: You have a training plan in which the person responsible for its preparation is identified, the training needs of each job, as well as the planning in the provision of the necessary training and the frequency with which it must update its training.o 1.- Is the existence and availability of other people who can take over the functions in case of unavailability of the usual staff guaranteed?o 1.2.- Does it define the requirements to be met by the people who will occupy the post, in particular in terms of confidentiality?Evidence: After a certain period of time, which is longer than the previous one, open sessions are cancelled from that work station. See that it is fulfilled.JEvidence: You have a documented procedure that specifies the security measures to be followed by equipment leaving the organization's premises (e.g. when unattended it will be secured by a special Kensington lock, it will have identifiers that will allow its return in case of loss but without identifying the type of content it holds, etc.). This procedure specifies the application of the provisions of [mp.si.5] for deletion and destruction when dismantling. Portable equipment must comply with the [op.acc.5] authentication mechanism. To verify that the procedure has been followed.Evidence: You have a documented procedure for the inventory of portable equipment that includes the identification of the person responsible for it. Consult this inventory.o 1.4.- Is prior authorization required from those responsible for information and services accessible through the Internet and other non-trusted networks?Evidence: You have a documented procedure that identifies the existing alternative means and their availability in case of unavailability of the usual ones, in relation to the "[op.cont.2] Continuity Plan". These means exist and are available.Evidence: You have a documented policy or regulation that requires the authenticity of the other end of a communication channel to be assured before any information is exchanged (related to [op.acc.5] authentication mechanisms). There is documentary evidence that the authenticity of the other end has been ascertained, by whatever procedure has been established, before any information is exchanged.do 3.- Are the authentication mechanisms used among those provided for in the applicable regulations? - I, A / HighEvidence: You have a documented policy or regulation indicating the use of certified products (in relation to [op.pl.5. Check whether certified products are used or, if not, whether it is approved by the person responsible.Evidence: A mechanism is in place for the network to be segmented. It has specific segments, delimited, reflected in the system architecture ([op.pl.2]), either physical or logical. Only traffic between segments that has been previously authorized is allowed.ZEvidence: Alternative means are subject to the same security guarantees as the usual ones.2Evidence: There is a documented procedure for labelling information carriers, both those that remain on the organization's premises and those that go to other destinations, which is established by the person responsible for the labelling. Check whether the supports are labelled according to the procedure.Evidence: This procedure specifies that the labelling should indicate the security level of the most qualified information contained. Note that the labelling indicates this level of security.Evidence: You have a documented policy or regulation that indicates the use of cryptographic mechanisms that guarantee the confidentiality and integrity of the information contained (related to [mp.eq.3]). Note that cryptographic mechanisms are used in removable devices.Evidence: You have an inventory of cryptographic algorithms used. The cryptographic algorithms have been accredited by the CCN.Evidence: You have a documented policy or regulation indicating the use of certified products (in relation to [op.pl.5] certified components). Check whether certified products are used or, if not, whether it is approved by the person responsible.Evidence: This policy includes the criteria that determine the level of security required in the organization, within the framework established in Article 43 and the general criteria prescribed in Annex I of the ENS.&o 3.1.- Do you manage the keys safely?Zo 3.1.- Does it take into consideration security aspects throughout the entire life cycle?wEvidence: This procedure provides that alternative means are subject to the same security guarantees as the usual ones.rEvidence: This development methodology takes into consideration security aspects throughout the entire life cycle.7Evidence: This plan includes security acceptance tests.kEvidence: This plan includes tests to ensure that the security of other service components is not impaired./o 3.4.- Does it include safe programming rules?Go 1.1.- Do you ch< eck that the acceptance criteria for security are met?So 1.2.- Do you check that the security of other service components is not impaired?oEvidence: You have a documented procedure to identify the existing and applicable legality with respect to the classification of information, which feeds the formal scheme of classification of information in accordance with legal provisions on its nature, in a manner consistent with other classification systems of the environment in which the organization operates. This procedure sets out the responsibilities for initially ascribing certain information to a certain qualification and for possible subsequent re-qualifications. Check whether the information printed or available on the applications reflects your rating..Evidence: You have a documented procedure to be followed by the person responsible for each information to assign to each information the level of security required and established in the security policy. It also defines that it is their responsibility to prepare the documentation and formal approval.+Evidence: It meets [mp.si.3] and [mp.si.2].&Evidence: It complies wih [mp.info.9].%Evidence: It complies with [mp.si.1].$Evidence: It complies with [mp.com]. - A /HighBCCN-STIC-412 Requisitos de seguridad de entornos y Applyciones web o Sampling:&Evidence: It complies with [mp.com.2].%Evidence: It complies with [mp.si.2].Evidence: You have an Electronic Signature Policy approved by the appropriate higher competent body, and it complies with [op.exp.11] cryptographic key protection.Evidence: You have a documented procedure for signing. You have a documented procedure to identify the time required by the administrative activity during which the electronic signature must be able to be verified and validated. You have a documented procedure to verify and validate signatures whose mechanisms support such validity (e.g. OCSP queries, CRL, etc.). To establish that this procedure has been complied with.Evidence: You have a documented procedure that contemplates attaching or referencing the certificate in the signature. Check that the certificate is attached to the signature or referred to.Evidence: You have a documented procedure to identify and establish the retention time of information that may be used as evidence in the future, or that requires evidentiary capacity according to administrative procedure law. You have a documented procedure for electronic dating. You have a documented procedure to verify and validate dates whose mechanisms support such validity. Documents for which proof of date and time of entry or exit must be provided are dated electronically.3Evidence: You have a documented procedure for processing relevant data for subsequent verification of the date and is as secure as dated information for the purposes of availability, integrity and confidentiality. Check the safe treatment according to this procedure for subsequent verification of the date.4Evidence: It complies with [op.pl.5] or [op.exp.10].Evidence: You have a documented procedure that identifies the threats foreseen by the risk analysis and establishes, if necessary, a location independent of the operating site for the storage of backups that allows compliance with the "[op.cont.2] Continuity Plan" established.DEvidence: You have a documented procedure for the protection, according to its level of classification, of the information distributed by means of e-mail and is protected, both in the body of the messages and in the attachments (related to [mp.info.6] cleaning of documents). Check that the emails comply with the procedure.0Evidence: You have a documented policy or regulation that specifies that the organization must be protected against harmful programs in the e-mail. You have a properly configured and maintained anti-virus system (e.g. an anti-virus system on the mail server, or an anti-virus system on the user station).KEvidence: You have a documented policy or regulation that specifies that the organization must be protected against mobile code in the e-mail. You have an anti-virus system that contemplates mobile code properly configured and maintained (e.g.: an anti-virus system in the mail server, or an anti-virus system in the user station).Evidence: You have a documented policy that specifies the correct and authorized use of email. Ensure that the regulations are followed.Evidence: You have a training and awareness plan covering the use of email (related to [mp.per.3] awareness and [mp.per.4] training). Consult the results of the implementation of the training and awareness plan.Evidence: You have a documented policy or regulation that specifies the security measures web servers should have, as identified in the risk analysis. Note that these measures are being implemented.Evidence: The policy or regulation specifies the use of mechanisms to prevent tampering attacks onURL[2]. The system applies this policy (e.g. it is not possible to access pages that require previous visits to other pages in the process).%Evidence: It complies with [mp.sw.2].Evidence: You have a documented policy or regulation indicating the deployment of technologies to prevent DoS attacks. The system applies this policy (e.g., You have a firewall with identification and protection against DoS).Evidence: You have documented policy or regulation that establishes the obligation to apply the same security guarantees to alternative means as to the usual means. Alternative means are subject to the same security guarantees as the usual ones.o 1.2.- Do you indicate that the system provides the functionality required for the organization to achieve its objectives and no other functionality?Evidence: It meets the requirements of measures [op.acc.4], [op.exp.2], [op.exp.4] and [op.exp.7]. You have a documented procedure that indicates how often and why the system configuration should be changed and includes: approval of the responsible party, documentation of the change, security testing of the system under the new configuration, and retention of the previous configuration for a pre-determined time. Check if there are backups of the current and the immediate previous configuration of the different components.Evidence: You have a documented procedure that indicates the components to be reviewed, responsible for the review and evidence to be generated. Request evidence of the execution of the plan.Evidence: You have the manufacturers' specifications for installation and maintenance of the systems. The procedure reflects these specifications.Evidence: You have mechanisms in place to continuously follow up on defect announcements (e.g.: subscription to defect announcement mailing list by the manufacturer or a supplier of defect announcements). You have a documented procedure indicating who and how often to monitor these ads.Evidence: This procedure provides for the notification of interested parties both internally (e.g. warn users in the organization of the unavailability or degradation of a service and the estimated time for resolution) and externally (e.g. to warn citizens or other organizations related to the organization of the unavailability or degradation of a service and the estimated time for resolution). When the incident is due to defects in the equipment or has a significant impact on the security of the information handled and the services provided or could cause similar problems in other organizations, the procedure provides for the notification of these to the competent CERT (the CCN-CERT in the case of public sector bodies of those incidents which have a significant impact on the security of the information handled and the services provided in relation to the category of systems in compliance with Article 36 of the ENS). There is documentary evidence that the interested parties to be notified in case of an incidence have been identified. Evidence: You have a documented procedure for incident management oriented to the end user, so that he knows how to identify and solve the most common incidents. Consult an end user to make sure they are aware of this pro< cedure.Evidence: You have a documented procedure for incident management that includes keeping a record of all actions related to incident management. There is documentary evidence of the records generated during incident management.Evidence: You have a documented procedure for incident analysis that feeds into the determination of which events should be audited.Evidence: You have an inventory of activity records, which also includes the personnel authorized to access, modify or delete them. You have a plan to ensure the storage capacity of records according to their volume and retention policy.@Evidence: You have mechanisms that prevent access, modification or deletion of records or configuration of record generation by unauthorized personnel. Consult the list of authorised accesses and check that there is no incompatibility in accordance with the provisions of "[op.acc.3] Segregation of functions and tasks".Evidence: You have a documented policy or regulation that specifies that the keys withdrawn from operation that must be archived, are in isolated media from those of operation. Check whether they are stored in secure physical containers (e.g. in a safe) or in cryptographic containers.Evidence: You have a documented policy or regulation specifying that the means of generation and custody in operation must have been evaluated or be cryptographic devices certified in accordance with [op.pl.5]. Consult the evaluation or certification of the means of generation.Evidence: You have a documented policy or regulation specifying that the means of generation must use CCN-accredited algorithms. Consult the accreditation of the algorithms.Evidence: You have a documented policy or regulation specifying that the means of custody in operation must use a password-protected smart card. Request a smart card and observe its use.Evidence: You have a documented procedure of steps previous to the contracting of external services that requires the detail by the supplier of the characteristics of the service to be provided, and these satisfy the requirements of service and security required and approved previously. There is documentary evidence recognized by the provider (e.g., contract signed by personnel with legal representation capacity of the provider) of the characteristics of the service.jo 1.4.- Have the people affected by the plan received specific training concerning their role in the plan?Evidence: This plan defines who makes up the crisis committee that takes the decision to implement the continuity plans after analyzing the disaster and evaluating the consequences, who will be in charge of communication with the affected parties in the event of a crisis, and who will be in charge of rebuilding the information system (disaster recovery), defining for each function the activities to be carried out. These functions are not incompatible according to [op.acc.3], or if they are, it is motivated and approved by the Management. In case the tasks have been assigned to roles, there is a document that allows to identify the roles with the nominal people. People formally accept their obligations in the plan. Evidence: This plan identifies the alternative means that will be necessary to continue providing the services: alternative facilities ([mp.if.9]), alternative communications ([mp.com.9]), alternative equipment ([mp.eq.9]), alternative staff ([mp.per.9]) and information retrieval with an age limit determined in the light of the impact analysis ([mp.info.9] and [mp.cont.1]). If alternative means are available in the plan, check whether the alternative means are available (e.g. replacement server, replacement switch, alternative DPC, etc.).Evidence: Possible existing continuity plans in the organization have been identified and, if they exist, integrated with it. You have a documented procedure for updating any part of the continuity plan that affects existing ones.*Evidence: You have a documented procedure that indicates the responsibility for the development of a testing plan, the frequency of execution of the plan, the way in which the tests are carried out, the members of the test team, the preparation of the resulting report after the tests, the analysis of the report and the development of a plan for improvements (both in means and procedures, awareness or training of the people involved). Check the report of the last test and, if improvement actions have been identified, that they have been implemented.Evidence: You have an approved document in which a formal presentation has been made in specific language and with an internationally recognized methodological basis (e.g. according to MAGERIT, UNE 71504, CRAMM, EBIOS, OCTAVE, etc.) of the risk analysis. This document is not more than one year old from its approval or revision. It uses a recognized risk analysis tool (e.g. PILAR, CRAMM, EBIOS, etc.). Evidence: You have a documented procedure linked to human resource management to alert those responsible for user management in the system to changes in user responsibilities. Check with human resources what the latest change has been and see if it has been reflected in the system users.Evidence: You have a documented procedure that identifies the period required to meet the needs of traceability of activity records, a procedure that indicates what must be done in the systems before they are put into operation or already in production, what must be done once this period has passed and who must do each task in the procedure (e.g. when an employee leaves the organization, his user is locked out for the time established in the retention policy, and it is not until after this time that this user can be removed from the system). There is documentary evidence of the period necessary to meet the needs of traceability of records. Taking a system (sampling may be greater as deemed appropriate), the established retention period will be analyzed and identifiers that have been disqualified within and outside the retention period will be sought, to ensure that the procedure has been followed.Evidence:You have documentary evidence (administration manual, internally developed document, etc.) where it is specified which are the system components and their configuration files or records, as well as the user permissions that must be established so that only authorized users have access. Make sure that only technical personnel have access to the system's configuration files.Evidence: You have a procedure to list, from the systems prior to their operation or already in production, the authentication mechanism, and the person responsible for this task is identified. There is a list of systems that require authentication and their corresponding authentication mechanism (e.g., intranet requires authentication via username and password, e-mail requires authentication via username and password).-Evidence: You have a documented procedure linked to human resource management to alert those responsible for user management in the system to changes in user relations. Check with human resources what the last termination of the relationship was and see if it was reflected in the users of the system.Evidence: You have a documented policy or regulation that applies the resource, so it requires the use of passwords of at least a certain length marked by the entity's policy that contain alphabetic and numeric characters, which do not repeat characters consecutively. The security policy and regulations specify that, in addition, you should not use passwords that are easy to guess (significant dates, phone numbers, car license plates, names of family members or friends, etc.), or reuse passwords for personal services. You have a documented security policy or regulation that specifies the frequency of credential changes. The credential management mechanism requires the use of passwords of a certain length, containing both alphabetic and numeric characters, that do not repeat characters consecutively, and provides for such periodicity (e.g., the LDAP server does not allow the use of a key of less than a certain number of characters, in addition to requiring the< change of the password with the stipulated periodicity).AEvidence: You have a documented policy or regulation for the review of credentials that are not being used, which specifies the person responsible and the periodicity, it also indicates the maximum period of inactivity of a credential before being suspended. There is evidence of the date of last use of the credentials. 0Evidence: You have a documented procedure for the acquisition of hardware components that use algorithms accredited by the National Cryptologic Center. There is documentary evidence of the algorithms used in the tokens, indicating that they have been accredited by the CCN and whether they are certified.Evidence: You have a mechanism for systems to be configured so that they do not reveal system information prior to authorized access, before they are brought into operation, or existing systems are configured so that they do not reveal system information prior to authorized access. The access dialogues (to the local post within the organization's own installation, to the server, to the network domain, etc.) do not reveal information about the system being accessed (e.g.: an inappropriate message prior to the login would be "Welcome to the systems of the Tomillar Town Hall, you are about to access a critical level system in which information about all citizens of the region is stored."The system is restricted to authorized personnel, and you are informed that its use must be in accordance with the security policy and your access will be logged. Inappropriate access error messages would be "User does not exist" or "Password incorrect", while an appropriate one would be "Incorrect data").Evidence: You have a mechanism that specifies that the user must be informed of the last access with his identity successfully, once he has obtained access. Once the system has been successfully accessed, it displays the date and time of that user's last successful access.Evidence: You have a mechanism that indicates the time, date and place from which access is authorized. Mechanisms are in place to implement such a policy or regulation. Check for any successful access logs that violate this policy or regulation.@Evidence: You have a mechanism that indicates the points at which the system will require a renewal of the user's authentication. Verify that this occurs (e.g., login credentials are automatically reused on the PC for intranet access, but to access payroll information on the intranet you ask for the credentials again).Evidence: You have a documented procedure that specifies the person responsible and the frequency of its revision and/or updating. The inventory reflects that the date of last review and/or update is consistent with that specified in the procedure.@Evidence: You have a documented policy or regulation that specifies that systems are in separate areas specific to their function (e.g., servers are in a separate room). You have an inventory where the existing separate rooms are indicated. Examine these rooms and verify that they comply with the policy or regulations.Evidence: The premises must have the necessary electrical power. You have an analysis of the required electrical power, which is updated before the acquisition of new components. Check if the supply contract covers the necessary electrical power.yEvidence: You have a documented policy or regulation that contains the characterization of each job in terms of security.Evidence: You have a documented procedure that specifies how to inform each person working in the system of their job duties and responsibilities in relation to security, as well as how to obtain their explicit and signed acceptance. You have a document for each profile with your duties and responsibilities. Consult these documents (information and acceptance of duties and responsibilities) signed.Evidence: You have a documented procedure that defines the resolution of incidents related to non-compliance with obligations by the third party's personnel. You have identified the contact person in the third party for the resolution of this type of incident.Evidence: You have a documented procedure that indicates the person responsible for the development of the awareness plan, as well as its periodicity and content. Consult this plan and the records of its execution.Evidence: You have a documented procedure that identifies the people who can take over the functions in case of unavailability of the regular staff, in relation to the "[op.cont.2] Continuity plan". These people are reachable and know the necessary procedures.}Evidence: You have a mechanism related to [op.exp.2] that defines the period of inactivity after which the workstation from which medium or higher level services or data are accessed is automatically blocked (requiring a new user authentication to resume the current activity). This configuration cannot be changed by the user (in relation to [op.exp.3]). See that it is fulfilled.Evidence: You have violation detectors that allow to know if the equipment has been manipulated (e.g.: stickers that are altered when manipulating them), in which case the foreseen procedures of management of the incident are activated. Evidence: You have a specific, delimited and limited perimeter, reflected in the system architecture ([op.pl.2]). All traffic with the outside passes through the firewall. Only traffic that has been previously authorized is allowed. See the firewall and network scheme.pEvidence: You have a documented policy or regulation that specifies the use of mechanisms for the prevention of active attacks and, if they occur, their detection with the consequent activation of the procedures foreseen for the treatment of the incident. Check which mechanism is used and whether it is activated and review possible incidents that have been resolved.Evidence: Entry control of users arriving at each segment is established. You have an inventory of the users that arrive at each segment.Evidence: The output control of the information in each segment is established. You have output control of the information available in each segment.uEvidence: You have a documented procedure for the control of information media, both electronic and non-electronic (that have been a direct cause or consequence of electronic information within the scope of the ENS). You have an inventory of all the information media in use, indicating their label, physical location and who is responsible for them. Consult the inventory.Evidence: You have a register of authorised carriers. You have a documented procedure that records each output of a medium (both electronic and non-electronic - which have been a direct cause or consequence of electronic information within the scope of the ENS) from the organization's facilities. This record stores both the label and the carrier who is responsible for its transfer. Check the records.jEvidence: You have a documented procedure that records each arrival of a medium (both electronic and non-electronic - which have been a direct cause or consequence of the electronic information within the scope of the ENS) to the organization's facilities. This record stores both the label and the carrier who is responsible for its transfer. Check the records.Evidence: You have a documented procedure that specifies the use of cryptographic protection means ([mp.si.2]) corresponding to the highest level of qualification of the information contained. Note that means of cryptographic protection are used.Evidence: You have a documented procedure that the way to destroy a support according to the type of information contained. Consult the history of supports to see which have been eliminated.Evidence: You have a documented policy or regulation indicating that application development is performed on a different and separate system from production. You have an inventory that identifies which servers are used for development.qEvidence: You have a documented policy or regulation that indicates that information with a high level of confidentiality is encrypted both during storage (according to [mp.si.2], either as file encrypt<ion, directory encryption, encrypted virtual disks or database encryption) and during transmission (according to [mp.com.2]). You have a documented procedure that determines how to correctly encrypt information based on its classification and the medium in which it is stored. It is fulfilled [op.exp.11]. Mechanisms exist to implement such a procedure (e.g. GnuPG, IPSec VPN, etc.) and the information is indeed encrypted.Evidence: You have a documented procedure for identifying documents that require evidentiary capacity according to administrative procedure law. These documents are signed electronically.Evidence: You have a documented procedure to identify alternative electronic signature mechanisms and their guarantees with respect to prevention of repudiation. The procedure provided for in Article 27(5) (countervailing measures) should be used.Evidence: You have a documented procedure for processing the relevant data for subsequent verification of the date with the same security as the dated information for the purposes of availability, integrity and confidentiality. This procedure provides for the electronic dating of signatures whose validity is to be extended over long periods or is required by the applicable regulations, and also provides for the alternative use of advanced signature formats that include dating. You have a procedure to identify the duration of the time stamp according to the time required by the administrative process it supports. Note that the time stamps that required it have been renewed in accordance with the procedure.yEvidence: You have a documented procedure for the use of qualified electronic time stamps, based on European regulations. Evidence: You have a documented procedure that identifies the destination of the document and, if it is to be transferred to another security domain or published electronically, indicate how to clean up the document. You have evaluated tools to clean the documents.Evidence: You have a documented procedure by which the information manager determines the frequency with which copies should be made, the retention period during which they should be kept, and the making and deletion of backups. You have backup mechanisms (e.g. tape drive, tapes, hard disk for copy storage, backup application, etc.) and secure disposal mechanisms (e.g. secure disposal software, demagnetizer, etc.). Check that the backups exist and are made according to the procedure.Evidence: You have a documented procedure for performing backup restoration tests, which indicates who should do it, how often; maintaining the security requirements set for the original information restored. You have a backup test plan that covers, over time, all areas that are backed up. Check that the test plans have been carried out, the results of the tests and whether any changes have been necessary.Evidence: You have a documented policy or regulation that specifies, from the design stage, that information for which authentication is required cannot be accessed without such authentication. The system applies such a policy (e.g., information that requires user authentication is not accessible by any other means that does not require authentication, such as an internal browser).Evidence: You have a documented procedure that details the elements to be considered before acquiring new system components (e.g.: acquisition of a server, firewall, anti-virus, backup tape, etc.), which includes the person responsible for reviewing and maintaining this procedure. You have a document that indicates the security measures required for the new components acquired and their compliance (e.g.: it has a checklist with the requirements that the firewall must have - IPSec encryption, stateful packet inspection, etc. - and its corresponding indication as to whether it covers it or not - in which case the reason for this is argued - together with the name of the person who has carried out the verification and the date of the same).\Evidence: You have a documented procedure for creating new system users that specifies that an identifier cannot be created for multiple users. You have a documented policy that specifies that users cannot share their identifier with anyone. The system user list does not show general users (e.g. administration, management, systems, intern, etc.).Evidence: You have a documented procedure for the creation of new system users that specifies that identifiers must be created for each user's role (administration, query, guest, etc.).Evidence: You have a documented procedure that indicates, among the activities to be performed in the systems (security profile) for their secure configuration prior to their entry into operation ([op.exp.2]), the use of prevention mechanisms against harmful code for all equipment (servers and workstations). You have a documented procedure that defines the reaction to harmful code. Check if this type of system has tools to prevent harmful code.Evidence: This policy or regulation establishes what should be recorded, who performs the activity, when they perform it and on what information. You have a documented procedure related to "[op.exp.2] Security Configuration" which details the mechanisms to be used to keep the system clock on time. Check if the registration mechanisms store this information (e.g.: reading by a human of that registration could be that the user34 on 16-10-2010 at 14:59:37 modified the tuple 328 of the database "procedures"). Evidence: You have a centralized security console that reviews and centralizes activity logs automatically. Tools are available to analyze the records for unusual activities. Check the result of the analysis and possible unusual activities.Evidence: Specialized legal advice has been used to determine the composition and detail of this evidence, and it has been implemented in accordance with its recommendations. You have a documented procedure for withholding evidence that can support or deal with a lawsuit after an incident. Consult whether the personnel responsible for these activities are aware of the procedure and have the means to implement it.o 2.- Can only and exclusively the personnel with competence to do so grant, alter or cancel the authorization to access the resources in accordance with the criteria established by the person responsible?zEvidence: The regulations provide for the authorization process of communication links with other systems (e.g. for the exchange of dossiers between one body and another), which covers the requirements set out above. There is documentary evidence of the application form and that these resources have been authorised by the person responsible before they are put into operation.JEvidence: The regulations provide for the authorization process for the use of media (e.g. use of a data line for Internet access), which covers the above requirements. There is documentary evidence of the application form and that these resources have been authorised by the person responsible before they are put into operation.NEvidence: The regulation provides for the authorization process of using information media (e.g. backup tapes, DVDs, USB sticks, etc.), which covers the above requirements. There is documentary evidence of the application form and that these resources have been authorised by the person responsible before they are put into operation.bEvidence: The regulations provide for the authorization process for the use of mobile equipment (e.g. portable computers, PDAs or other similar equipment), which covers the above requirements. There is documentary evidence of the application form and that these resources have been authorised by the person responsible before they are put into operation.B5.2.1 COMPLIANCE WITH ANNEX II MEASURES - ORGANIZATIONAL FRAMEWORK  m}/?}& 6j z= M   -N^q`p;K $9%%(3q:BFkM3 R|XD^?aJfkSSo 8v{*+ AR2ukn6 g ն1+M 9qZr}5R5R .,I   "&-o G1 5U:?\C1`HJO TY|^bf=kDq sWw_}քI^   G0ޱ- JM{ 4ZaGN'.  M% . ATR' ]hdyccB ZO &M   dMbP?_*+%,&ffffff?'ffffff?(?)?",B333333?333333?yp&<3U } m B} $B} B&,,,,,,,,, , , , , ,,,,,,,,,,,,,,,,,,,Dl ,!,",#,$,%, xd++(  |  BA??8 Imagen$]&`  Z[ب?$Cuadro de texto 2"PK![Content_Types].xmlJ0*miG]`Hm6 Xwt?. g#Wi3E).+7 >ON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK!I^P drs/shapexml.xmlVmO0>iwhҦVXAZ8vfoC 6it4>w{{s/.bka4:i™Ѕ)^ۓsΜ]2Z|'w-t4 FxͨqRNM#4J+ck𸵋Niak&ɠ+tK!uq7f" .QeMWQCh.⡪IZiBCRHӳAeN}px iˆ{kϽW_EP\j(9g^l ц^ϚG⚮-eλI6LCɚ"\6;{ub"\so'צސFfW9-)=|M[a#D'S"tXyPm+[ ؙbH5D4#`0زIw1jI7aD8HhL ܊wtpAJQcͰM·n?ȂZzauA2x*m1PcER%;b mV<)g0+l wr3÷tSd$ls=%V>a{k3 +T'pY猒%|h- +xKhJPl 4ZN6+Ŗݍt S7JbZ2h JP3В#X_s[=@%ÿk?pxОXظ}n_lM8ePK!b!drs/downrev.xmlTKO1&暸vtn-#N[fA=|=Z]rCc@ɬLn aQ,Y*Ce >+g7.N+tp]Әբ2xC)6Tj9 'RG/ (8i@jON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK!yOJ drs/shapexml.xmlVn0 }q j]zA. [Nʒ')}HIm<8H!M-Ɋ+h4BB3$:J&rK/.62U,!`B!dt\3tl5 65s5NiײGQcYi zĥ .x)ܕ(`V2څy|AP`XUy|pExF~8 ȿ-9w3ۤƭG>巛DoنԬ0:8qRgX#j5m&5^M eF%U=+ސvzq8)6̓.m[VL(pG @XeC-^{ ".3[:Qm*S UE0^^Pu<#46p AC5p>RztpRTǚ!zqȼZ8nuF!XUzDŽ kPXIbňgT<QI )Jֆ5ߖpJnI&ǰ1/%02(Y6FPBnʺJ~,rX+F&0 dF#_9M )&ΒQ@a*kƆb QnOnpk.ftJU0R1\_&pVKQ"=@3iޞ}߯╚dN( X`}Mbiے(9!a|>w N'ӧI#?܇{`7\f6/1 _RRp宙c0ˏ, PK! -drs/downrev.xml\_O0M5M'lC4 ꦉemŵ%maO$ϹnO'^d#k B B7p5<ӜF [`6=?17ŦAvcF~5WB170+q&ỤU- 4Pxf+qWX+ e|(7@i9-.Et\88L|.ms漰Xآo纬%2Ɗ_Z5HiZNHG5Jd?9:I`"O4ƣafq '闧?PK-![Content_Types].xmlPK-!1_a ._rels/.relsPK-!yOJ )drs/shapexml.xmlPK-! -drs/downrev.xmlPKM&p ]`  <!ICT Security Guide CCN-STIC 808 <77 uu  LYب?Text Box 2"PK![Content_Types].xmlJ0*miG]`Hm6 Xwt?. g#Wi3E).+7 >ON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK!ludrs/shapexml.xmlUn0 }vK:E0kƖIm_?Rrv{=,DR!E_l:itӄ3KSI(1g΃@- _L?~8Vv\Ѕv|};\ S  \ f1#v65M.=Eu=G`ב(L( ~&. G2:'g0Fyq_5PZSpμz%3cX~lln` `О}2[ވN0E1Vĵ|v]U5m@j j.bf1%"`XlؽF|TVT6BL]3L?+8|a2&h0!J"CusVEABBu0GbV>d [牦C ͍TX BJm ~6pD<7 ˔lER׺ &kLP'e<l8]߇8=~jeudB[pcVphͳ4qg5ך8 9[V.Xݘ~ı]^B"8-UPJP~"XuT  wrobm9SL/*LOxoy +4'pJ,tFɊZb8_*րқxw썙/5VPdmb<˒g>L|H %'T,P/YrA!URhkK3PK! T.drs/downrev.xmlTP]O1|7?4k⛴qH!`4#Cs>]Kz>5;;3;JSFsv# qxq^h)Jr0\^HZjAFCfDKrU 1q[ ͨFc}ZB\l}նkR-t}XKfm"gK@||'Yr~m  -6 VhʙNrcI+W|c_<"HbJ-NyaNP zsTj|Q0Z-=: OPK-![Content_Types].xmlPK-!1_a ._rels/.relsPK-!lu)drs/shapexml.xmlPK-! T.sdrs/downrev.xmlPK!$ ]`  < August 2017 <7 <  LYب?Text Box 2"PK![Content_Types].xmlJ0*miG]`Hm6 Xwt?. g#Wi3E).+7 >ON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK!B@drs/shapexml.xmlV_o1 r-Tk>A\rK¿}&mRxvsbka4:O gBzwg}Μ]2Z|'}p-t4 (fb)jpL#4j+ck𸵋NiakI+tK!MQ7f"~rHTѺ0j^u-\l7X3?Ĺs٪rD CocRNSr5z en1'r攞5zրAd-ӪKQ}C'ؒJI0~Z]Ϲpg3|0m5Sals+_vk3 +4'p,bsFɒZ>۹>(CyT 9>K}l%(4Z{ǧg6yfw7t}"JoP磋%o#!BS@N %^K^6 B7&qheŽ~PK!͞y'drs/downrev.xmlTPN07ct ޠ}v?qmI[=:u!{|m xQ&6%ϏHX8Yzy1i[:KU >~`ʠVXE@J*h\7Eբ6B%Rz9 GVŋMl׆(9@ܙ/!Y~ }݋=8X6A9\ ]37ye)2ox g5qm808ע*k _fG#`OٸwY1MX)?PK-![Content_Types].xmlPK-!1_a ._rels/.relsPK-!B@)drs/shapexml.xmlPK-!͞y'drs/downrev.xmlPK&&]`< <NOT CLASSIFIED <8<}}  L_ب?Text Box 2"PK![Content_Types].xmlJ0*miG]`Hm6 Xwt?. g#Wi3E).+7 >ON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK!T(drs/shapexml.xmlUn0 }q4 Y/C.-[Nʒ'GJnn04{YC:֊uwO΄.L)2oN9eN8~1|[1be,CڍQ͸qJNM#4j+ckNiakIdqP*j$s)~rHTѺ0jw-\Wդ&^Gf3e _d0t{WU8|zdCY6xUMҳu}pa53/^IE̓mq9rFd,W+:h`;S |Yϵ2%Ţ׺ &kLPؓԋ2^?B/Cn?2Plcɹ Vpn5a䧸š&ξ{Ξ++0t7&8y(WsЪXFPKs*I`WT%qZ-ιp's| mYPL/s +j3+4'pL,tFɒZbT!P )dG 9K}j%(66]Mۛ+Y>/L %uV_g@D^i|$Jsxh/w9l9@d?ggD ZO 1:  dMbP?_*+%,&ffffff?'ffffff?(?)?M NPI3A59A5 (HP Color LaserJet M4C 4dXXA4!GIS4DINU"` *=y8o `SMTJP{2DFD62CB-0245-449E-968B-EC04DCBB7A01}InputBinFORMSOURCERESDLLUniresDLLLocaleSpanish_Modern_SortStringsCluster0IDS_ABOUTTAB_NAMEStringsCluster1IDS_ABOUT_HP_COPYRIGHT1PrintQualityHighUserResolutionResolutionImageREt3600Resolution600dpiDocumentColorCorrectioncustomGeneralEdgeControlGeneralNormalTextGraysTextBlackImageGraysImageCompositeGraphicsGraysGraphicsBlackTextHalftoneTextDetailImageHalftoneImageDetailGraphicsHalftoneGraphicsDetailDeviceCollationDeviceUncollatedColorModeColorOutputPaperSizeA4OrientationPORTRAITMediaTypeAutoSelectMediaTypeDuplexNONEManualDuplexManualSimplexJobFlipPageUpfalseDocumentNUp1NUpBordersOffPresentationDirectionRightBottomCollateONPageRotate180NoRotationJobPageOrderStandardJobStorageJobStorageOffJobStoragePrivateSecurePrivateSecureOffJobStorageUserNameUserNameCurrentJobStorageJobNameJobNameAutoJobStorageJobNameExistJobNameExistsUseJobStorageSavePasswordSavePasswordOffDocumentRGBColorRGBColorRGBDocumentInsertPagesNoInsertPagesDocumentBlankSheetException1BeforeExceptionPagesDocumentBlankSheetException2BeforeExceptionPagesDocumentMediaException1MediaException1DocumentMediaException2MediaException2DocumentExceptionUsageSpecifiedPagesPageBlackTextNoneGUIStringsIDS_USE_PAPER_SIZEDocumentCoverFrontNoCoverDocumentCoverBackNoCoverDocumentInterleavesNoInterleavesPageWatermarkTextPageWatermarkPlacementCenterPageWatermarkLayeringOverlayPageWatermarkUsageAllPagesPagePoster1DocumentBindingNONEPageScalingNONEScaleOffsetAlignmentCenter*V4DM)ڮ>b-EDܻzx&Dd~~~B~h~~$~:d$(~,~~ ,T~~4~8v4~4~R~< ~ <  < @< j@ D H L L:PTXX\D`rttx|. 0h     <0 8 @J  d bArrayZoomPosterNUpBorderWidthNUpBorderLengthNUpBorderDashLengthFrontCoverMediaSizeFrontCoverMediaSizeWidthFrontCoverMediaSizeHeightFrontCoverMediaTypeFrontCoverInputBinBackCoverMediaSizeBackCoverMediaSizeWidthBackCoverMediaSizeHeightBackCoverMediaTypeBackCoverInputBinInterleavesMediaSizeInterleavesMediaSizeWidthInterleavesMediaSizeHeightInterleavesMediaTypeInterleavesInputBinInsertEmptyPagesMediaSizeInsertEmptyPagesMediaSizeWidthInsertEmptyPagesMediaSizeHeightInsertEmptyPagesMediaTypeInsertEmptyPagesInputBinInsertEmptyPagesExceptionUsageInsertEmptyPagesListInsertPrintPagesMediaSizeInsertPrintPagesMediaSizeWidthInsertPrintPagesMediaSizeHeightInsertPrintPagesMediaTypeInsertPrintPagesInputBinInsertPrintPagesExceptionUsageInsertPrintPagesListTargetMediaSizeTargetMediaSizeWidthTargetMediaSizeHeightBindingGutterSignaturePagesPageWatermarkNameHPageWatermarkPlacementOffsetWidthPageWatermarkPlacementOffsetHeightPageWatermarkTransparencyPageWatermarkTextTextHPageWatermarkTextFontSizePageWatermarkTextAnglePageWatermarkTextColorPageWatermarkTextFontHPageWatermarkTextOutlinePageWatermarkTextBoldPageWatermarkTextItalicPageWatermarkTextRightToLeftPageWatermarkImageFileHPageWatermarkImageScaleWidthPageWatermarkImageScaleHeightJobNameUserNamePINPasswordShortcutNameDuplexModedns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages<Fns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages20061HFFFF000000610041ddManual" dXX333333?333333?&<3U } IB} $B} B} B} B} B1,,,,,; w@,, ;  , , ;  @,,,,,,,,; ,,, , , ,`,`,`,`         Dbl,,,, ,`!,`",`#,`$,`%,`&,`',`(,`),`*,`+,`,,`-,`.,`/,`0,`&T@ (  b  L@`ب?Text Box 2"PK![Content_Types].xmlJ0*miG]`Hm6 Xwt?. g#Wi3E).+7 >ON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK!WCS drs/shapexml.xmlUn0?%Y^*H$SWZl" r/A&gpoE:i4iBХ^0dL\W\- Gϋ_ζr].%B)]zN{=W.Eݩimml=lWYeI2 ^*jh|J]DQI(ljkh]UzH ,hBIZ)( 0Ɇ. x1^$Y;~2vG@w@~s-ixi xJgXG`#q~DVh@|7[O1dkL캬OR\r"Ybc;aCFOSg&ֶ9Fg@Y:JƣA2N>%e0HaΧH-[a&EV>w- NԱ7bTX7dd ,xn(0:N/`Tq *U<$bÈfO .l)X2[ 9I|0`cjo5q1)YV.P3SXcRkj$/P`ߥ jm̨p'3x 6!d!ȊQ  +qq'`L,b:dŌ.ʒ5NM<̻>{g]+j^o>Q/nﯮ`>#F^']k6DB+9TIм{.;Y,PK!7']*drs/downrev.xmlLPN07x'6F#1e= ޳o鼭+rJ9 Й9޼%8/Ϯb"MS8}ND~7 P 70;Ш)ck\K 'BgD_w550LiL;(|tkLElC<s6dQ2fKzpPK-![Content_Types].xmlPK-!1_a ._rels/.relsPK-!WCS )drs/shapexml.xmlPK-!7']*ddrs/downrev.xmlPKFF]` <INDEX<9  Z^E_A??7 Imagen3 @]&`  bPUبO8]8c4 Rectngulo#"i@]PK![Content_Types].xmlJ0*miG]`Hm6 Xwt?. g#Wi3E).+7 >ON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK!8Eudrs/shapexml.xmlUn0G,oq5͢% L*mq%Nؑm,v1@X׋=WׇS"Ńs,*Ig1FPQP.Ki|}su(TBE  R5I@[VS}.&[JUS&(x̓(Ѝb[̭a0o7J~KW`,e QxIڜ_}6fl?@Kr'#=I_Q8GN7)Ȱ k!vfZ]RH#AkZ!6߸AChFC6 i%@ MdYCCTH bhA9lc]18nQ|`dUXAXBi:6.>9rfEpbp!W/ dȆıaЎò`9y.0uRy] %CVڛ{H|i*1w8ZI xjD6 *ܧ8U2|"R`D |3qmVΩpOSQD <*He ׅ^n*lt>@ŧf>9`\C I1rwMkț?0(Ts@EӦ˵t-5V+ePK!!drs/downrev.xmllP]O1|7?4k G()3Prǿw9CLVW䠜/0G@I,MaaQ|v{3iU] ? >-okepYE@r*h\W4"F( ^(D ~~4|<6mU1p!/5&r؇3K$l}t -6VhI NYMm:Uj+1&˼  y2G!I쟘uJc:~PK-![Content_Types].xmlPK-!1_a ._rels/.relsPK-!8Eu)drs/shapexml.xmlPK-!!drs/downrev.xmlPKRbH]` $ <!5.1 COMPLIANCE WITH ENS ARTICLES<:: **  b0\بO8]8c5 Rectngulo#"~@rPK![Content_Types].xmlJ0*miG]`Hm6 Xwt?. g#Wi3E).+7 >ON ޑ1ˋz "+R RhB.} /<^ITխ%rHK4uK~I0xM e`|X}đ I`߽N4aG2$RKIZ)4(M9`ctB{m:f@`3n|O,ܗr޾jxR0T ,0@}WBLǬ5vPK![h!3~drs/shapexml.xmlUn0w|&BJԤbmH- hݺ;=~6{؎$]pα͡bhG*OppcDy&o # &HI߿>2&<  j]Ǟ-5-OrI^1COՒ\m)շ΃SbB[ g**,]{FYXEtNc~)tvnP0~g,3MvQ0:K~DQ[BUdR$#M߭lTwKpENb=4Y/fdj怶N@ODQ01gїg4ϧ_lj |I$YRR&mU`+o&\l]|Ȭ. PK!0%drs/downrev.xmlTN0M|xCۀ YƄѵ%m9j;:!{i]m4:7%#1Z2褃iz{3caz-_4nTƔIX=FASk*ϕ̿6ߊA9[n,U6ob \-Xd[;c b ŢXse0-&#MӽFk؋a'UQ8Azlh=xsѵ<& +9"d(s#PK-![Content_Types].xmlPK-!1_a ._rels/.relsPK-![h!3~)drs/shapexml.xmlPK-!0%drs/downrev.xmlPKg  ^]` $%<&5.2 COMPLIANCE WITH ANNEX II MEASURES<::%>@d"yK !5.1 COMPLIANCE WITH ENS ARTICLES'Compliance with art. ENS'!A1yK 5.2.1 ORGANIZATIONAL FRAMEWORK$'Compliance with Annex II - Org'!A1yK 5.2.2 OPERATIONAL FRAMEWORK#'Compliance with Annex II - Op'!A1yK 5.2.3 MEASURES FOR PROTECTION$'Compliance with Annexo II - Me'!A1ggD ZO RM dU \ `  dMbP?_*+%w&ffffff?'ffffff?(?)?M NPI3A59A5 (HP Color LaserJet M4C 4dXXA4!GIS4DINU"` *=y8o `SMTJP{2DFD62CB-0245-449E-968B-EC04DCBB7A01}InputBinFORMSOURCERESDLLUniresDLLLocaleSpanish_Modern_SortStringsCluster0IDS_ABOUTTAB_NAMEStringsCluster1IDS_ABOUT_HP_COPYRIGHT1PrintQualityHighUserResolutionResolutionImageREt3600Resolution600dpiDocumentColorCorrectioncustomGeneralEdgeControlGeneralNormalTextGraysTextBlackImageGraysImageCompositeGraphicsGraysGraphicsBlackTextHalftoneTextDetailImageHalftoneImageDetailGraphicsHalftoneGraphicsDetailDeviceCollationDeviceUncollatedColorModeColorOutputPaperSizeA4OrientationPORTRAITMediaTypeAutoSelectMediaTypeDuplexNONEManualDuplexManualSimplexJobFlipPageUpfalseDocumentNUp1NUpBordersOffPresentationDirectionRightBottomCollateONPageRotate180NoRotationJobPageOrderStandardJobStorageJobStorageOffJobStoragePrivateSecurePrivateSecureOffJobStorageUserNameUserNameCurrentJobStorageJobNameJobNameAutoJobStorageJobNameExistJobNameExistsUseJobStorageSavePasswordSavePasswordOffDocumentRGBColorRGBColorRGBDocumentInsertPagesNoInsertPagesDocumentBlankSheetException1BeforeExceptionPagesDocumentBlankSheetException2BeforeExceptionPagesDocumentMediaException1MediaException1DocumentMediaException2MediaException2DocumentExceptionUsageSpecifiedPagesPageBlackTextNoneGUIStringsIDS_USE_PAPER_SIZEDocumentCoverFrontNoCoverDocumentCoverBackNoCoverDocumentInterleavesNoInterleavesPageWatermarkTextPageWatermarkPlacementCenterPageWatermarkLayeringOverlayPageWatermarkUsageAllPagesPagePoster1DocumentBindingNONEPageScalingNONEScaleOffsetAlignmentCenter*V4DM)ڮ>b-EDܻzx&Dd~~~B~h~~$~:d$(~,~~ ,T~~4~8v4~4~R~< ~ <  < @< j@ D H L L:PTXX\D`rttx|. 0h     <0 8 @J  d bArrayZoomPosterNUpBorderWidthNUpBorderLengthNUpBorderDashLengthFrontCoverMediaSizeFrontCoverMediaSizeWidthFrontCoverMediaSizeHeightFrontCoverMediaTypeFrontCoverInputBinBackCoverMediaSizeBackCoverMediaSizeWidthBackCoverMediaSizeHeightBackCoverMediaTypeBackCoverInputBinInterleavesMediaSizeInterleavesMediaSizeWidthInterleavesMediaSizeHeightInterleavesMediaTypeInterleavesInputBinInsertEmptyPagesMediaSizeInsertEmptyPagesMediaSizeWidthInsertEmptyPagesMediaSizeHeightInsertEmptyPagesMediaTypeInsertEmptyPagesInputBinInsertEmptyPagesExceptionUsageInsertEmptyPagesListInsertPrintPagesMediaSizeInsertPrintPagesMediaSizeWidthInsertPrintPagesMediaSizeHeightInsertPrintPagesMediaTypeInsertPrintPagesInputBinInsertPrintPagesExceptionUsageInsertPrintPagesListTargetMediaSizeTargetMediaSizeWidthTargetMediaSizeHeightBindingGutterSignaturePagesPageWatermarkNameHPageWatermarkPlacementOffsetWidthPageWatermarkPlacementOffsetHeightPageWatermarkTransparencyPageWatermarkTextTextHPageWatermarkTextFontSizePageWatermarkTextAnglePageWatermarkTextColorPageWatermarkTextFontHPageWatermarkTextOutlinePageWatermarkTextBoldPageWatermarkTextItalicPageWatermarkTextRightToLeftPageWatermarkImageFileHPageWatermarkImageScaleWidthPageWatermarkImageScaleHeightJobNameUserNamePINPasswordShortcutNameDuplexModedns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages<Fns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages20061HFFFF000000610041ddManual" d333333?333333?&<3U } mA} B} hB} I'B} 9B}  B} 5BRw@w@w@w@ a w @I@w@ w@ w@ w@ w@  w@w@w@w@w@w@w@w@@ w@ @ @w@w@w@w@ w@w@w@  b c c c c D    I J K  L M OJ  N J   P M   P Q  O Q  O Q   O QOQOQOQOQOQNQST C    V J K  W M XJ  X J   Y M  Y Q  YQ YQYQD l F,B884**4*,B884*4 w@!w@"w@#w@$w@%w@ &w@ '@(w@))@* @+w@,w@-w@.w@/w@ 0w@1w@2w@3w@4w@5w@6w@7w@8w@ 9w@ :;8@<@=w@>w@?@ YQ!YQ"YQ#YQ$YQ%ZT &E & &' ' 'V 'X '[ (X (V ( ) )W )X * *W *X * +X +V+ , ,X ,\ - -Y -\ . .Y .\ / /Y /\ 0 0Y0\ 0 1 1Y 1\2Y\ 3 3X 3\ 4 4X 4\ 5 5X 5\6X\7X\8]^ 9F 9 9 : : :V :X :[ ;G ;W ;V ; <G <W <X =GW =X = >G >W >V> ?G ?V ?\DNl,B,*8(****4****,F8*,4@@Aw@B@ C@Dw@Ew@Fw@Gw@Hw@Iw@Jw@Kw@Lw@Mw@Nw@Ow@ Pw@Qw@ @G @W @\AGW\ BG BV B\ CG CWC\ CDGX\ EG EX E\FGX\ GG GY G\ HG HY H\ IG IY I\JGW\ KG KY K\ LG LY L\ MG MW M\ NG NW N\ OH O` O^(T**4*********PH00(   >@d&&'8:O'8CO ()08*/;<99%=B%% ggD ZO _0 R J 2  dMbP?_*+%&ffffff?'ffffff?(?)?M NPI3A59A5 (HP Color LaserJet M4C 4dXXA4!GIS4DINU"` *=y8o `SMTJP{2DFD62CB-0245-449E-968B-EC04DCBB7A01}InputBinFORMSOURCERESDLLUniresDLLLocaleSpanish_Modern_SortStringsCluster0IDS_ABOUTTAB_NAMEStringsCluster1IDS_ABOUT_HP_COPYRIGHT1PrintQualityHighUserResolutionResolutionImageREt3600Resolution600dpiDocumentColorCorrectioncustomGeneralEdgeControlGeneralNormalTextGraysTextBlackImageGraysImageCompositeGraphicsGraysGraphicsBlackTextHalftoneTextDetailImageHalftoneImageDetailGraphicsHalftoneGraphicsDetailDeviceCollationDeviceUncollatedColorModeColorOutputPaperSizeA4OrientationPORTRAITMediaTypeAutoSelectMediaTypeDuplexNONEManualDuplexManualSimplexJobFlipPageUpfalseDocumentNUp1NUpBordersOffPresentationDirectionRightBottomCollateONPageRotate180NoRotationJobPageOrderStandardJobStorageJobStorageOffJobStoragePrivateSecurePrivateSecureOffJobStorageUserNameUserNameCurrentJobStorageJobNameJobNameAutoJobStorageJobNameExistJobNameExistsUseJobStorageSavePasswordSavePasswordOffDocumentRGBColorRGBColorRGBDocumentInsertPagesNoInsertPagesDocumentBlankSheetException1BeforeExceptionPagesDocumentBlankSheetException2BeforeExceptionPagesDocumentMediaException1MediaException1DocumentMediaException2MediaException2DocumentExceptionUsageSpecifiedPagesPageBlackTextNoneGUIStringsIDS_USE_PAPER_SIZEDocumentCoverFrontNoCoverDocumentCoverBackNoCoverDocumentInterleavesNoInterleavesPageWatermarkTextPageWatermarkPlacementCenterPageWatermarkLayeringOverlayPageWatermarkUsageAllPagesPagePoster1DocumentBindingNONEPageScalingNONEScaleOffsetAlignmentCenter*V4DM)ڮ>b-EDܻzx&Dd~~~B~h~~$~:d$(~,~~ ,T~~4~8v4~4~R~< ~ <  < @< j@ D H L L:PTXX\D`rttx|. 0h     <0 8 @J  d bArrayZoomPosterNUpBorderWidthNUpBorderLengthNUpBorderDashLengthFrontCoverMediaSizeFrontCoverMediaSizeWidthFrontCoverMediaSizeHeightFrontCoverMediaTypeFrontCoverInputBinBackCoverMediaSizeBackCoverMediaSizeWidthBackCoverMediaSizeHeightBackCoverMediaTypeBackCoverInputBinInterleavesMediaSizeInterleavesMediaSizeWidthInterleavesMediaSizeHeightInterleavesMediaTypeInterleavesInputBinInsertEmptyPagesMediaSizeInsertEmptyPagesMediaSizeWidthInsertEmptyPagesMediaSizeHeightInsertEmptyPagesMediaTypeInsertEmptyPagesInputBinInsertEmptyPagesExceptionUsageInsertEmptyPagesListInsertPrintPagesMediaSizeInsertPrintPagesMediaSizeWidthInsertPrintPagesMediaSizeHeightInsertPrintPagesMediaTypeInsertPrintPagesInputBinInsertPrintPagesExceptionUsageInsertPrintPagesListTargetMediaSizeTargetMediaSizeWidthTargetMediaSizeHeightBindingGutterSignaturePagesPageWatermarkNameHPageWatermarkPlacementOffsetWidthPageWatermarkPlacementOffsetHeightPageWatermarkTransparencyPageWatermarkTextTextHPageWatermarkTextFontSizePageWatermarkTextAnglePageWatermarkTextColorPageWatermarkTextFontHPageWatermarkTextOutlinePageWatermarkTextBoldPageWatermarkTextItalicPageWatermarkTextRightToLeftPageWatermarkImageFileHPageWatermarkImageScaleWidthPageWatermarkImageScaleHeightJobNameUserNamePINPasswordShortcutNameDuplexModedns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages<Fns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages20061HFFFF000000610041ddManual" dXX333333?333333?&<3U } d}  B} $B} SB} I*B} B} I*B_@@@ @ @ @ @@@ @ @ @ @ @@@E@@ @@~ @@@s@ e@@@m @ @ @@@  b c c c c @       V X [  W V _  X X   V V   W \ X\  V \  W \X\  V \  W \  V \  W \  V \  W \X\  V \  W \X\   V \  W \  ` ^     V X [  W V _XX_Dl F,,B884*********** ***,B8 @!@"@#@$@ %@&@'8@(@)@ *@ + @,@-@.@/@0@1@ 2@3@4@5@66@7@8@ 9@ :@;@< @=@>@?@  X X X ! !V !V!X " "W "\X#X\\ $ $V $\U % %W%\ %&X\ ' 'V '\ ( (W (\)Z^ * * *+ + +V +X +[ , ,W ,V ,_-XX_ . .X .X . / /V /V/ 0 0W 0\1X\ 2 2V2\ 2 3 3W 3\4X\ 5 5V 5\ 6 6W 6\7X\8]^ 9 9 9: : :V :X :[ ; ;W ;V ;_ < <W <X_ =X =X = > >X >V> ? ?V ?\Dl84**4**,B884*4***,B8*,4@@A@B@Cd@DJ@E+@F@Gb@H@I@Jq@K@Lg@M5@NI@ Ow@P@Q+@R@S@T@U@V @W@ X@Y@Z`[@\@]@^@ @ @W @\AX\ B BV B\ C CW C\DX\EX\ F FV F\ G GW G\HX\ I IV I\ J JW J\KX\ L LV L\ M MW M\NX\ O OVO\ O P PW P\QX\ R RV R\ S SW S\TX\ U UV U\ V VW V\W`^BX*********4*****PH@0(  >@d=N*8OW%))99.19W):W28+8**ggD ZO p n  j   % `- p5 ^= "E L U 4\ c j Xr Vz p |   dMbP?_*+%&ffffff?'ffffff?(?)?M NPI3A59A5 (HP Color LaserJet M4C 4dXXA4!GIS4DINU"` *=y8o `SMTJP{2DFD62CB-0245-449E-968B-EC04DCBB7A01}InputBinFORMSOURCERESDLLUniresDLLLocaleSpanish_Modern_SortStringsCluster0IDS_ABOUTTAB_NAMEStringsCluster1IDS_ABOUT_HP_COPYRIGHT1PrintQualityHighUserResolutionResolutionImageREt3600Resolution600dpiDocumentColorCorrectioncustomGeneralEdgeControlGeneralNormalTextGraysTextBlackImageGraysImageCompositeGraphicsGraysGraphicsBlackTextHalftoneTextDetailImageHalftoneImageDetailGraphicsHalftoneGraphicsDetailDeviceCollationDeviceUncollatedColorModeColorOutputPaperSizeA4OrientationPORTRAITMediaTypeAutoSelectMediaTypeDuplexNONEManualDuplexManualSimplexJobFlipPageUpfalseDocumentNUp1NUpBordersOffPresentationDirectionRightBottomCollateONPageRotate180NoRotationJobPageOrderStandardJobStorageJobStorageOffJobStoragePrivateSecurePrivateSecureOffJobStorageUserNameUserNameCurrentJobStorageJobNameJobNameAutoJobStorageJobNameExistJobNameExistsUseJobStorageSavePasswordSavePasswordOffDocumentRGBColorRGBColorRGBDocumentInsertPagesNoInsertPagesDocumentBlankSheetException1BeforeExceptionPagesDocumentBlankSheetException2BeforeExceptionPagesDocumentMediaException1MediaException1DocumentMediaException2MediaException2DocumentExceptionUsageSpecifiedPagesPageBlackTextNoneGUIStringsIDS_USE_PAPER_SIZEDocumentCoverFrontNoCoverDocumentCoverBackNoCoverDocumentInterleavesNoInterleavesPageWatermarkTextPageWatermarkPlacementCenterPageWatermarkLayeringOverlayPageWatermarkUsageAllPagesPagePoster1DocumentBindingNONEPageScalingNONEScaleOffsetAlignmentCenter*V4DM)ڮ>b-EDܻzx&Dd~~~B~h~~$~:d$(~,~~ ,T~~4~8v4~4~R~< ~ <  < @< j@ D H L L:PTXX\D`rttx|. 0h     <0 8 @J  d bArrayZoomPosterNUpBorderWidthNUpBorderLengthNUpBorderDashLengthFrontCoverMediaSizeFrontCoverMediaSizeWidthFrontCoverMediaSizeHeightFrontCoverMediaTypeFrontCoverInputBinBackCoverMediaSizeBackCoverMediaSizeWidthBackCoverMediaSizeHeightBackCoverMediaTypeBackCoverInputBinInterleavesMediaSizeInterleavesMediaSizeWidthInterleavesMediaSizeHeightInterleavesMediaTypeInterleavesInputBinInsertEmptyPagesMediaSizeInsertEmptyPagesMediaSizeWidthInsertEmptyPagesMediaSizeHeightInsertEmptyPagesMediaTypeInsertEmptyPagesInputBinInsertEmptyPagesExceptionUsageInsertEmptyPagesListInsertPrintPagesMediaSizeInsertPrintPagesMediaSizeWidthInsertPrintPagesMediaSizeHeightInsertPrintPagesMediaTypeInsertPrintPagesInputBinInsertPrintPagesExceptionUsageInsertPrintPagesListTargetMediaSizeTargetMediaSizeWidthTargetMediaSizeHeightBindingGutterSignaturePagesPageWatermarkNameHPageWatermarkPlacementOffsetWidthPageWatermarkPlacementOffsetHeightPageWatermarkTransparencyPageWatermarkTextTextHPageWatermarkTextFontSizePageWatermarkTextAnglePageWatermarkTextColorPageWatermarkTextFontHPageWatermarkTextOutlinePageWatermarkTextBoldPageWatermarkTextItalicPageWatermarkTextRightToLeftPageWatermarkImageFileHPageWatermarkImageScaleWidthPageWatermarkImageScaleHeightJobNameUserNamePINPasswordShortcutNameDuplexModedns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages<Fns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages20061HFFFF000000610041ddManual" dXX333333?333333?&<3U } B}  B} B} IeB} IB} aB} B} B,,,;     @ @ ; X@ @ @ ;@;@@;@@;J ; @@:@@ ;v;   b c  c c c             g  _ h  i g _ ___  _ _   g g   i \  g\   i \_\  g \  i \_\  g \  i \_\j^ G g _ h  i g _  _ _   g g  i \  g\   i \_\Dzl F,,,B884*4*****B884*4* @!7@"w@#@$;%;&@' @(J );*@+;,h@-@.'@/;0@1'@2;3@ 4(@5;6@7@8;9w@:v;f@<;=w@>Y@?@  g \ ! !i !\ " "g "\ # #i #\$_\ % %_ %\ & &l &\ ' 'l '\(j^) ) )g" )_ )h * *ix *g *_+___ , ,_ ,_ ,  - -g# -g- . .i$ .\/_\ 0 0g% 0\ 1 1i& 1\2_\ 3 3g' 3\ 4 4i(4\ 45_\ 6 6g) 6\ 7 7i* 7\8_\ 9 9g 9\ : :i+ :\;_\ < <_ <\ = =l =\ > >l >\ ? ?m ?^DXl*******B884****4*******@ A:@Bu@C;D@Eh@F;G;H;I;J;Ku@L;M@N@O@P;Q@R@S;T@U@V;W@X*@Y;Z @[ @\e@];^@_e@ @ @, @A A Ag- A_ Ah B Bi. Bg B_C___ D D_/ D_ D  E Eg0 EgE F Fi. F\G_\ H Hg1 H\ I Ii2 I\ J Jg3 J\ K Ki4 K\L_\ M M_5 M\ N Ng9 N\ O Oi6 O\P_\ Q Qg8 Q\ R Ri7 R\S_\ T Tg T\ U Ui7 U\V_\ W Wg: W\ X Xi; X\Y_\ Z Z_< Z\ [ [g= [\ \ \i> \\]_\ ^ ^g? ^\ _ _i@ _\DPl,B884******************`;aw@ b@c;dve@f;gu@hu@i;j;k:@l;@mI@ nvo@p;q;r;s;@ t,@u,@v,@w,@x,@y8@ z@{@|;}@~@;`_\ a agA a\ b biBb\ bx c c_C c\y d dg d\y e eiD e\yf_\y g ggE g\y h hiF h\yi_\y j j_ j\y k kl k\y l ll l\y m mm m^zn nG ngH n_ nh o oiI og o_p\__ q\ q_ q  r\ rgrs\\t\\ tu\\v\\w\\x\\y^^z zS zgJ z_ zh { {iK {g {_|i__ } }gL }_ }  ~ ~_M ~g~_\Dl*4*********B8,( B884@e@;@@ v,,,,;  Y@ @;@@ @;w@ @;;;@@;@@@:@   g \  iN \i\  _O \  g \  iP\ \\\\\\\\^^  Q  R g _ h  i g ____  _T _    gU g  iV \_\  gW \  iX\ _\_\_\  gY \  iZ \_\  _ \  l \  l \  m ^  \ Dl****4,B884**4******@@;;J@@@@@@;@ @@   v@@@  @*@@;@@;; @ @   [ g] _ h  i g ____  _^ _    g_ g  i` \  ga \  ib \  gc \  id \_\  ge \  if\   gg \  ih \  i   g _ h  ij g _  p __  o _     g  n\   m \  il \_\  gk \  iq \_\  _ \  l \  m ^  r DlB884******4**,B8*844******* w@r@;;@g@@;@@;w@d@; @@;@ M @;e@@;;J@@J@J  @r@;  s  t gu _ h  i g ____  _v _    gw g  i \_\  gx \  iy \_\  gz \  i \_\  g{ \  iy \_\  g| \  iz\ _\  g} \  i~ \_\  _ \  l! \  l" \  l# \  j ^ $        g _ h  i q q!_ooDl,B884********4*******,B8@ @ ;@@;;@@;;J w @*@;g@@)@ ;@@; @@;;I@J  @@  g o    i q_\   g \  i{ \_\  _ \  l! \  l" \  l% \i\j^ &    g _ h  i q o_oo  _ o    g q  i \_\   g \  i \_\  g \  i \_\  _ \  l' \  m ^ (     _ h    Dl84 ******,B884* *******,B;@@@ ;I@@F@    @ @ ; @ @# @;@8@;@T@;@ @; @o @;9@@;;          R x   Ry  ' Ry   Uz )     g _ h  i| q o _oo  _ o    g q   i \_\  g \  i \_\  g \  i \_\  g \  i\ _\  g \  i \_\  g \  i} \_\  _ \DZl84 ***,B884******4**** g@!g@ "v@#@$;%Y@&Y@'Y@ ()@ *;+U@,;-;.;/;0;1@ 2@3;4@5 @6J 7 8 @9@:;;@<@=;>Y@?F@  l* \ ! !m !^" " "g "_ "h # #i #q #o$_oo % %g %o %o  & &i~ &q& ' 'g '\U ( (i(\ ()j^* * *g *_ *h + +i +q +o,_oo -_ -o -  ._ .q./_\ 0 0_ 0\ 1 1g 1\ 2 2i2\ 23i\ 4 4g 4\ 5 5i 5\6n^ 7+ 7 78 8 8g 8_ 8h 9 9i 9q 9o:_oo ; ;g ;o ;o  < <i <q<o=i\o > >g >\\ ? ?i ?\\Dl**B884*4B8,(**4**,B884*@;A@B @ CW@ D:@EF;G;H;IJ J @ K@Lt@M;NX@O@P; QL@ R S@Tq@U;V;W;X; Y @ Zv@[@\@]@^;_; @_\\ A Ag A\\ B Bi B\^Cj^ CrD D Dg D_ Dh E Ei Eq EoF\oo G\ Go Go  H\ HqHoI\\sJ^^ JrK K Kg K_ Kp L Li Lq LoM_oo N Ng No N  O Oi OqOP\\Q^^ Qr R, R RS S Sg S_ Sh T Ti  Tq ToU\oo V\ Vo V  W\ WqWX\\Y^^ YrZ Z Zg Z_ Zh [ [i  [q [o \ \g \oo ] ]i ]o ]  ^\ ^q^_\\Dl** B8,( B884 ,B8,( B8*8(`J@a@b; c d eY@fu@g;h@i@j,@k;`l;`mvn;oh@ p @q;r;sJ t uf@vR@w;x@y@z@{;|t@}R@~;@`\\ `a\\b^^ c- c c d. d de e eg e_ eh f fi fq fog_oo h h_ ho h  i ig iqi j ji j\k_\ l lg/ l\ m mi m\ni\ o og o\ p pip\ pq_\ r r_ r\ s sm s^ t0 t tu u ug u_ uh v vi  vq vow_oo x x_ xo x  y yg yqy z zi z\{i\ | |gc |\ } }i }\~_\  g \D|l ,,B884****4**,B884***@;@@;;w@h@ @  @ @ `;;; @  Y@@;@@@;Y@@;@&@J #@  i  \_\  g \  i  \_\  _ \  l \  l \  m^ r 1   G g _ h  id q oioo \ o   \ q\\^^ r 2    g _ h  ie q o_oo  _ o    g q  if \_\  g \  ig \_\  g \  iz \_\j^ rDnl******4,B8,( ,B884*****A +@ @;;@@;@@;@@@&@ C@    @p@Y@;@@ r@  v@;@@ @@ 3      G t _ h  i q oioo  i o    t q  i \i\  t \  i \i\  t \  i \  t \  i \j^ r 4        g _ h  i q o_oo  _ o    g q  i \j^ r 5   G g _ h  i q oioo  _ o    g q  i \  i \Dl,B884******* ,B884* ,B884*;G@ @;@@;Y@@;@ @;u@T@;@9@;;@@;;g@g@g@g@g@g@;;_\  g \  i \_\  g \  i \_\  g \  ih \_\  g \  i \_\  g \  ii \_\  g \  i \_\_\  g \  i \_\  _ \  l6 \  l7 \  l8 \  l9 \  l: \  l; \i\i\Dl*********************;;;J m@  @@@@@@@@c@@@@@@@@@@@@@ @@@@@i\i\i\i\j^ r <    g _ h  i q io  _ o    g q  i \_\  g \  i \_\_\  g \  i \_\  g \  i \_\_\_\  _ \  l= \i\ \\\\\\\\Dl ,B884********* @ @@@@@ @@@  @ @ @ @ @@ @@ @ w@@9@@@@@@ @@w@@@ @^^  g _ h  i q o\oo \ o   \ q\\ \\^^    g  _ h  i q  _o _ o   _ q _\_\ ^^ >    G g  _ h  ij q io  _  o    g q  i \_\  g \  i \_\  g \  ik \_\  _\ DPlB8,( B8,( ,B884***** @!@"@#@$@%@ &@ '@(@)@*@+@,@-@.@/@ 0@1@2@3+@4@5@6@7@8@ 9 :J@;@<@=@>@?@  l? \ ! !l8 !\ " "l@ "\ # #l: #\ $ $l; $\%j^ &A & &' ' 'g '_ 'h ( (il (q ()io * *_ *o *  + +g +q+ , ,i ,\-_\ . .g .\ / /i /\0_\ 0 1 1g 1\ 2 2im 2\3_\ 4 4g 4\ 5 5i 5\6_\7_\8n^ 9B 9 9: : :g :_ :h ; ;i ;q ;<_o = =g =o =  > >i >q>?i\Dpl*****,B884*** ****,B884@@A@B@C@D@ EH@F@G@H@I@JF@K@L@M@ Nh@ Ow@ Pw@Q@R@S@T@U@V@W@X@Y@Z@[@\@]@^@ _@ @ @g @\ A Ain A\B_\ B C C_ C\ D DlC D^E EG E E_ Eh F Fo Fq F G G Go H Hp Ho H  I I IqI J Jq J\K\ KL\M^ NfD N  N OE O! OP PG Pg P_ Ph Q Qi" Qq Qo R R_ Ro R  S Sg SqS T Tir T\U_\ V Vg V\ W Wi# W\X_\ Y Yg Y\ Z Zi$ Z\[_\ \ \_ \\ ] ]lF ]\^j^ ^r _G _% _Dl** **B8*84* ,,B884******* `w@a@b@c*@d@ew@f@g @h@i@j@k@ l5@ mh@ n@o5@p@q@r@s*@t@ u @ vJ@ ww@ xw@y@z@{@|@}d@~@w@` `G `g& `_ `h a ai aq aob_oo c cg co c  d di' dqde_\ f fg( f\ g gi) g\h_\ i ig* i\ j ji+ j\ki\lu^ lr mH m, mn n- ng. n_ nh o oi/ og o_pi__ q qg0 q_ q  r ri1 rgr s sg2 s\ t ti3 t\un^ uk veI v4 v wJ w5 wx x7 xg6 x_ xh y yi yg y_zi__ { {_8 {_ {  | |g9 |g| } }i: }\~_\  g; \DlB884**** ,B884** ,,B884*@@ @ @ w@@@h@| @@@ @@@@g@ @@@6@ S@ J@ *@ @@@@@ @   h@  i< \  _ \  m=^ k K >   g? _ h  i g _  _@ _    gA g  it \_\  gB \  iu \_\  gC \  iD \_\  gs \  iE \  gF \  iv \n^ k L G  H gI _ h  iw g \_ \ _   \ g\\^^ k M J  N K  G gL _ hDl**4,B884********* ,B8,( ,, @@ @W@W@W@W@ | @ @ @,@@@h@@@@*@*@*@*@ *@@@@@@ @ @@@9@  i g _i__  _ _    lO g  lP \  lQ \  lR \  mS^ k T M  N gO _ h o g   i  _ _ _    _P g  gQ \  i \_\  _ \  lU \  lV \  lW \  lX\ \\\\\\\\^^ G gR _ h  iS g i_  _ _    lU gDl884***4,B,*,4******4B889@9@9@9@9@9@ @@@@  @@@@@@ @@ @ @````````````  vY \  vZ \  v[ \  v\ \  v] \  lV \  lX\ \\\\^^  gT _ h  iU g w_ \ _   \ g\\\\ \\^^D*l******4B8,( ```````````PHP0(  >@d xnuDJKMHJR]8C*6KQSYZb") ! '8   %08*/() -1NP]_@@ ,3Da}qstyzz?()?67Q77!()26RbRR`bccdsddespshoVXtttux%%&8&&9M99:DEM;<BD=AFGNNO^OOP^_l__`lckmummvvwwwqt{(4?AmnyggD ZO t F V  0 *  N ) (2 V: |B K R X[ c \k s `z . ҏ  dMbP?_*+%&ffffff?'ffffff?(?)?M NPI3A59A5 (HP Color LaserJet M4C 4dXXA4!GIS4DINU"` *=y8o `SMTJP{2DFD62CB-0245-449E-968B-EC04DCBB7A01}InputBinFORMSOURCERESDLLUniresDLLLocaleSpanish_Modern_SortStringsCluster0IDS_ABOUTTAB_NAMEStringsCluster1IDS_ABOUT_HP_COPYRIGHT1PrintQualityHighUserResolutionResolutionImageREt3600Resolution600dpiDocumentColorCorrectioncustomGeneralEdgeControlGeneralNormalTextGraysTextBlackImageGraysImageCompositeGraphicsGraysGraphicsBlackTextHalftoneTextDetailImageHalftoneImageDetailGraphicsHalftoneGraphicsDetailDeviceCollationDeviceUncollatedColorModeColorOutputPaperSizeA4OrientationPORTRAITMediaTypeAutoSelectMediaTypeDuplexNONEManualDuplexManualSimplexJobFlipPageUpfalseDocumentNUp1NUpBordersOffPresentationDirectionRightBottomCollateONPageRotate180NoRotationJobPageOrderStandardJobStorageJobStorageOffJobStoragePrivateSecurePrivateSecureOffJobStorageUserNameUserNameCurrentJobStorageJobNameJobNameAutoJobStorageJobNameExistJobNameExistsUseJobStorageSavePasswordSavePasswordOffDocumentRGBColorRGBColorRGBDocumentInsertPagesNoInsertPagesDocumentBlankSheetException1BeforeExceptionPagesDocumentBlankSheetException2BeforeExceptionPagesDocumentMediaException1MediaException1DocumentMediaException2MediaException2DocumentExceptionUsageSpecifiedPagesPageBlackTextNoneGUIStringsIDS_USE_PAPER_SIZEDocumentCoverFrontNoCoverDocumentCoverBackNoCoverDocumentInterleavesNoInterleavesPageWatermarkTextPageWatermarkPlacementCenterPageWatermarkLayeringOverlayPageWatermarkUsageAllPagesPagePoster1DocumentBindingNONEPageScalingNONEScaleOffsetAlignmentCenter*V4DM)ڮ>b-EDܻzx&Dd~~~B~h~~$~:d$(~,~~ ,T~~4~8v4~4~R~< ~ <  < @< j@ D H L L:PTXX\D`rttx|. 0h     <0 8 @J  d bArrayZoomPosterNUpBorderWidthNUpBorderLengthNUpBorderDashLengthFrontCoverMediaSizeFrontCoverMediaSizeWidthFrontCoverMediaSizeHeightFrontCoverMediaTypeFrontCoverInputBinBackCoverMediaSizeBackCoverMediaSizeWidthBackCoverMediaSizeHeightBackCoverMediaTypeBackCoverInputBinInterleavesMediaSizeInterleavesMediaSizeWidthInterleavesMediaSizeHeightInterleavesMediaTypeInterleavesInputBinInsertEmptyPagesMediaSizeInsertEmptyPagesMediaSizeWidthInsertEmptyPagesMediaSizeHeightInsertEmptyPagesMediaTypeInsertEmptyPagesInputBinInsertEmptyPagesExceptionUsageInsertEmptyPagesListInsertPrintPagesMediaSizeInsertPrintPagesMediaSizeWidthInsertPrintPagesMediaSizeHeightInsertPrintPagesMediaTypeInsertPrintPagesInputBinInsertPrintPagesExceptionUsageInsertPrintPagesListTargetMediaSizeTargetMediaSizeWidthTargetMediaSizeHeightBindingGutterSignaturePagesPageWatermarkNameHPageWatermarkPlacementOffsetWidthPageWatermarkPlacementOffsetHeightPageWatermarkTransparencyPageWatermarkTextTextHPageWatermarkTextFontSizePageWatermarkTextAnglePageWatermarkTextColorPageWatermarkTextFontHPageWatermarkTextOutlinePageWatermarkTextBoldPageWatermarkTextItalicPageWatermarkTextRightToLeftPageWatermarkImageFileHPageWatermarkImageScaleWidthPageWatermarkImageScaleHeightJobNameUserNamePINPasswordShortcutNameDuplexModedns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:Plainpsk:AutoSelectns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages<Fns0000:UsePageMediaSizepsk:AutoSelectpsk:AutoSelectns0000:SpecifiedPages20061HFFFF000000610041ddManual" d333333?333333?&<3U } B} B} B} IB} $'B} $DB} m B} B@,,;     @  @ @ w@ | @  @ @ @f@@@@@w@@@ f@ @ @@@8@@)@ V b cW c c c ^ X  _  Y     `  Z     N g[ o p  i q o  _\ o    g] q   i^ \ j^ r a _  N g` o p  ia q   _b o  gc o    i! qi\  gd \  ie \i\j^ r b g  N gf o p  ih q _o  _i o    gj q  ik \Dl F,,,B884* ,B8*84** ,B884  @ ! @ "@ #@$@%@&@'@(@)@ *,@ +e@,@-@. @/;0@ 1@2@ 3: 4@5@6X@7@8X@9X@ :@ ;v <@=A @>w@?@  gl \ ! !jm!^ !r "c " n "   # #o #gp #o #p $ $iq $q $o%_oo & &gr &o &o  ' 'i 'q'o(_\o ) )gs )\^ * *jt*^ *r+ +u +gv + +p , ,iw , , -\ - -O .\ ../\Q0\Q1\\ 12^^ 3d 3x 34 4z 4gy 4o 4p 5 5i" 5q 5o6\oo 7\ 7o 7o  8\ 8q8o9\\s:^^ :r ;e ;{ ;< <[ <g| <o <p = =i} =q =>\o ?\ ?o ? Dl*4,B884*4B8,( ,B8,( ,B8@@Aw@ B@ CX@ D@E @F@G@H@I@J@ K@L@ M: N@O@P@Q@R@S@ T@ U: V: W@X@Y@Zw@[@\@]@^)@_@ @\ @q@A\\B^^ Br Cf C ~ C   D DN Dg D Dp E Ei E EF\ G\ G G  H\ HHI\QJ\QK\\ KL^^ Mg M MN N Ng No Np O Oi Oq OPio Q_ Qo Q  R\ RqRS\\T^^ Tr Uh U U Vi V VW WG Wg Wo Wp X Xi Xq XYio Z Z_ Zo Z  [ [g# [q[ \ \i \\]_\ ^ ^g, ^\ _ _i$ _\Dll( ,B8,( ,B8,( ,,B884**`i@aU@ b@ c d@eB @f@gg@h;@i@j @kE@ls@m@n@o@p@qY@r@s@t@u@v@w@ x@ y@ z@{7@|@}@~H@H@`_\ a ag a\ b b{b^ br cj c cd dN dg do dp e ei eq ef_o g g_ go g  h hg hqh i ii i\ j jg j\ k ki k\ l lg l\ m mi m\n_\ o og o\ p pi% p\q_\ r r_ r\ s sg s\ t ti& t\u_\ v vg v\ w wi w\xj^ xr yk y yz zN zg zo zp { {i {q {o|_oo } }_ }o }  ~ ~g( ~q~  i' \Dl*4,B884************ ,B884@ @@-@ @@@  @@@@@@;@8@X@ H@@ I )@@@w@@@ @   @@@i\  g \  i \_\\  gQ   i Q^T l   N g) o p  i* q _o  _ o    g q  i \  g \  i \_\  gQ   j T m    g+ o p  i q _o  _ o    g q  i \n^ r n   o   N g o p  i q ioDl**4*,B884***4*,B884* ,,B8@@@ @ v@@v@@v@ @   V@@@v@@  @ @@@@@ @k @  U@@:@@f@ @;@ \ o   \ q\\^^ r G g o p  i q o i o   i qi\^^ r p    g o p  i q o \ o   \ q\\^^ r M g o p  i- q o _ o   _ q_\_\ ^^ q   N g o p  i. q _o  _ o    g q  i/ \i\Dl,( B8,( ,B8,( B8,( ,B884*f@ @ @ @@C@@@@ 8@@@@@ X@ Y@ @@h@h@@@@  @   @@@@@@  g \  i\   g \  i \  g0 \  i \  g \  i \j^  g o p  i q o  g o    i q_\^^ r r ,  7 g o p  i1 q o_oo  _ o    g q  i@ \  g \  j^ r s   t   N g o p  i q _o  _ o    lu q  lv \D2l*4******B884 ,B884**4,,B884@@ @ @@*@X@h@@ @  v@@@@@9@@@@@  @ @@@8@@ " @ I @@@  |w \  |x \  }y^ r  _ o p  g q   i o  _z o    g q  i \^^ r {     o p   q o   o     q  ; \   \  | \  } \  ~ \  ^ r  g o p  i q o  g o    i q_\^^ r     g o p  i2 q _oDbl**4B8*84* ,B884*****4B884 ,B8U@@@@f@f@f@f@ @  @ @ @ @ @@@ @ v@@h@@@@ [@ @ @@@*@(@@@  g o    i q_\  g3 \  i \i\  _ \  l} \  m~^ r  o g o p  i q o  _ o    g q   i; \  g \  i \j^ r 4 g o p  i q o  g o    i5 q  g \  i \^n^ r     g o p  i6 q o  _ o    g q  i \  g \  i \D^l84****4B884*** B884** ,B884** v@!@"@#@$@%@&@ '@ (+ )@*@+@,@-e@.@/@ 0@ 1 2 3@4@5@6h@7@8X@9@:@;@<)@ =@ >@ ? @  g \ ! !i !\ " "_ "\ # #lu #\ $ $lv $\ % %l! %\ & &l" &\ ' 'm'^ 'r ( ( , (   ) ) )g )o )p * *i *q *o + +_ +o +  , ,g ,q, - -i7 -\ . .g .\ / /i /\0n^ 0r 1 1 1 2 2 23 3 3g 3o 3p 4 4i8 4q 4o 5 5_ 5o 5  6 6g 6q6 7 7i 7\ 8 8g 8\ 9 9i9 9\ : :g :\ ; ;i ;\ < <g <\ = =j=^ =r > > >? ? ?g ?o ?pDfl*******4,B884*** ,,B884******4,@@A@B@C@D@E@ F@ Gh@Hh@I@J@K@ L@ M Nv@O@Pw@Q@R@S@T@ U@V@ W@ Xg@Y @Z@[@\@]@ ^@_w@ @ @i: @q @oAioo B B_ Bo B  C Cl~ CqC D Dl D\ E El E\Fj^ FrG G G_ Go Gp H Hg Hq H I Ii; Io J Jg JqJ K Ki< K\L^^ Lr M M MN NN Ng  No Np O Oi Oq OP_o Q Q_  Qo Q  R Rg  RqR S Si  S\ T Tg  T\ U UiUQ UVjT W W WX XN Xg Xo Xp Y Yi Yq Yo Z Zg Zo Z  [ [i [q[\i\ ] ]g ]\ ^ ^i^\ ^ _ __ _\D>l884** B8*4* ,B884**4,B884*4`@a@b@ c d@e @f@gX@hJ@iw@ j@k@ l@m@n@o@p(@q@r@s@ t@u@v@ w xh y@z@{@| @}Y@~@@ ` `g> `\ a ai a\bj^ c c cd d dg do dp e ei eq ef_o g g_ go g  h hl hqh i il i\ j jlRj\ jk^^l lV lg lo lp m mi mq mn_o o og oo o  p pi pqpq_\ r rg r\ s si s\ti\ tui\vj^ w w w x x xy yG yg  yo yp z zi zq zo { {g! {o {  | |i" |q| } }g# }\ ~ ~i$ ~\  _% \Dl**,B884*4B884** ,,B884**@H@@@w@9@@@@@v@@@@@@Y@:@ @@@ @ @ @9@@@@8@@@@  g? \  iA \  g& \  i' \  g( \  i) \  gD \  i* \  g+ \  i, \  g- \  i. \  g/ \  i0 \  g1 \  i2 \_\  _ \  lQ   l Q^T  3  N g4 o p  i5 q o  _6 o    gE q  iB \  gF \  iC \  g7 \  i8 \  g9 \Dl*****************4*,B884*****@Y@Y@ @ @@@@@ @@h@@@ @    @)@v@@ @ @ @ @9@ @  @# @@@  i: \_\  _ \  m^ r G g; o p  i< q o  g= o    i> q^^ r  g? o p  i@ q o  gA o    iB q\\^^ r  C   D  N gE o p  iF q o  gG o    iH qi\  _ \  lI \  lJ \  lK \  mL^ r  M  N gO o p  iG q o_oo  gP o  D\l**4B884 B884 ,,B884****4,B8@@@@E@@@@f@ @ @@@@@@@@@@@@@@@@@@9@@@ @  iQ q  gR \  i= \  gS \  iH \  gT \  iU \_\  _ \  m^ r V gW o p  iX q o  _Y o    gZ q  i[ \_\  g\ \  iI \_\  g] \  iJ \_\  g^ \  iK \_\  g_ \  iL \_\  g` \  ia \i\n^ rDnl4*******4B884***********+ @@ @@@@@@@@@@@ @ : @@@@@(@@J@J@J@J@  @ @@h@@h@  b  c gd o p  i q io  ie o    gf q  iP \  gg \  iQ \  gh \  ii \  _ \  l~ \  m^ r  j  k gl o p  iR q _o  gm o    i q  gn \  i \i\  _ \  l \  l~ \  mp^ r o gq o p  ir q o  gs o    it q_\D:l,B884*******4,B884*****4B884@*@@@ @@@@@ @ @ @ @ # @K@ @ J@ @@@@@@@ | @  @ @:@@@ @  gu \  i; \  gv \  iS \i\  _w \  gx \  iT \  gy \  iz \  g{ \  i| \  g} \  i~ \i\  g \  j^ r  g o p  i q oioo  g o o   i qo_\o  g \^  j^ r      g o p  iU q io  g o    iV q  g \Dl**************4B884*4,B884  @!v@"v@#v@$v@ %v@&v@'v@(v@)v@*@ +  ,@-@.@/@0@1@ 2@ 3 4g@5 @6@7@8@9@:@;@<@=Y@>v@?@  i \!_\ " "g "\ # #iW #\$i\ % %t%\ % & &i &\'_\ ( (_ (\ ) )l~ )\ * *mp *^ + + +, , ,g ,o ,p - -i -q -.io / /i /o /o  0 0l 0q0o1i\s2^^ 2r 3 3 34 4z 4g 4o 4p 5 5i 5q 56io 7 7_ 7o 7  8 8g 8q8 9 9i 9\:_\ ; ;g ;\ < <i <\=_\ > >g >\ ? ?i ?\Dl***4****,B884 ,B884****@@A*@B&@C@D@E @F@G@Hr@I,@J@K_ @L@ M@ N @ O@ P@Qc@R@Su@T3 @U@VX@W@X@Y@Z@[@\,@]@^@_@@_\ A Ag A\ B Bi B\C_\ D Dg D\ E Ei E\F_\ G Gg G\ H Hi H\I_\ J Jg J\ K Ki K\ L Lg L\ M MjXM^ Mr Nf N N O O OP PN Pg Po Pp Q QiY Qq QR_o S Sg So S  T Ti TqTUi\ V Vg V\ W Wi W\X_\ Y Y_ Y\ Z Zg Z\ [ [iZ [\\_\ ] ]_ ]\ ^ ^g ^\ _ _i[ _\D\l*********4,,B884*******`@a;@b@c@d@ev@ f@g@h@i@jJ@kJ@lJ@mJ@nJ@oJ@pJ@qJ@rJ@s@ t u@vU@w@x@y@zY@{@|@}@~@w@`_\ a ag a\ b bi\ b\c_\ d d_ d\ e eg e\ f fif\ fg_\ h hg h\ i ii] i\j_\ k k_ k\ l ll l\ m ml m\ n nl n\ o ol o\p~\q~\r~\su^ t t tu uN ug uo up v vi^ vq vw_o x xg xo x  y y yqyzi\ { {_b {\ | |g |\ } }i }\~_\  g \Dl****4*******,B884***@@g@@i@Y@@@w@@@@@@h@@:@@:@:@@@@@@@ =@ @@@@@  i_ \_\  g \  i \_\  g \  i \_\  g \  i \_\  g \  i \_\  g \  i \_\  g \  i` \_\  g \  i \_\  _ \  |w \  |x \  }^ r  g o p  i q o  i o     q_\DBl******************4B884@@ + @@@@@@@@@@@@  @ @ @@@@ @   @@,@@@@  @ @`_\ ^^     g o p  i q oioo  g o o   ia qo_\o  _ \\  lN \\  l \\  l! \\  l" \\  l \^  mS^ r  g o p  i q o  g o    i q  g \  j^ r  ,   g o p  i1 q o  _ o    g q  ib \  g \  j^ rDl ,B884******4B884*4,B884**4````````````````````````````````Dl ````````````````````````````````Dl````````` ` ` ` ` ```````,|PH`0(  >@drfs,2 7L-.tv#*+24:4MNT)03=?F11vwQR%*$*lvosHKOPmn{giefwwUV^b&+/5<GLdk  ?A=>EF   "2""12!!CLCCDLKL3:33;B;;GJ<BMTMMUUVbVVWbOPQSXYZacxccdxyyyzefgw}2=22>L>>''(0((BEMVMMNVWbWWXbQTZ]xxxycvccjk56*+2++3M33NNOsOOPsSetttuxggD Oh+'0 `ht Carlos USEROS RABOSOMicrosoft Excel@" @o ՜.+,D՜.+,H hp|   CoverIndexCompliance with art. ENSCompliance with Annex II - OrgCompliance with Annex II - OpCompliance with Annexo II - Me''Compliance with Annexo II - Me'!_ftn1''Compliance with Annexo II - Me'!_ftn2*'Compliance with Annexo II - Me'!_ftnref1*'Compliance with Annexo II - Me'!_ftnref2*'Compliance with Annex II - Op'!OLE_LINK1+'Compliance with Annex II - Op'!OLE_LINK13+'Compliance with Annex II - Op'!OLE_LINK17+'Compliance with Annex II - Op'!OLE_LINK19+'Compliance with Annex II - Op'!OLE_LINK21+'Compliance with Annex II - Op'!OLE_LINK23+'Compliance with Annex II - Op'!OLE_LINK25,'Compliance with Annexo II - Me'!OLE_LINK27,'Compliance with Annexo II - Me'!OLE_LINK29*'Compliance with Annex II - Op'!OLE_LINK3,'Compliance with Annexo II - Me'!OLE_LINK31,'Compliance with Annexo II - Me'!OLE_LINK33,'Compliance with Annexo II - Me'!OLE_LINK35,'Compliance with Annexo II - Me'!OLE_LINK37,'Compliance with Annexo II - Me'!OLE_LINK39,'Compliance with Annexo II - Me'!OLE_LINK41,'Compliance with Annexo II - Me'!OLE_LINK43,'Compliance with Annexo II - Me'!OLE_LINK45*'Compliance with Annex II - Op'!OLE_LINK5*'Compliance with Annex II - Op'!OLE_LINK7*'Compliance with Annex II - Op'!OLE_LINK9 Hojas de clculoRangos con nombrex(OWG _PID_HLINKSMS REFA0y$'Compliance with Annexo II - Me'!A1??#'Compliance with Annex II - Op'!A1?k$'Compliance with Annex II - Org'!A1\'Compliance with art. ENS'!A1(b0d25897-173c-47ba-899c-1d72c10c766c  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~Root Entry FWorkbook SummaryInformation(DocumentSummaryInformation8