When you first became aware of the problem, you asked an outside firm, Security Consulting, to conduct an investigation. Why was the private sector directly involved, and not CSIS, for example, which conducted a second investigation?
Why didn't you turn to our intelligence service rather than an outside firm?