Again, that's a complicated question. To a certain degree the CEPA regulations themselves are organized by sector. Typically you're dealing with a quite distinct class of source of problems with each regulation, so that in and of itself helps to give you some boundedness. It comes back to your question about what we mean by risk-based approaches. Does this mean you go for those that you see are presenting the largest threat? That's one possibility, the big sources. The tricky part with that can be that you don't necessarily want to ignore the cumulative effects of a lot of small sources, which can add up to a big problem if you're dealing with thousands of those as opposed to one big one. You can end up with a problem just as big. It's a tricky set of balances in terms of figuring out where you want to put your effort.
The other thing I'd emphasize about risk-based approaches—and I think in Ontario the situation of long-term care has demonstrated some of the risks with those—because, of course, this was something the Auditor General told the province to do and then they discovered it wasn't doing proactive work at all. The problem with risk-based approaches is they can be backwards-looking. You're looking at what went wrong before, as opposed to looking forward to what might go wrong in the future. You want to be very careful about that.