Absolutely. If we were to investigate a physical device, this would be done, first of all, within a personnel security engagement. At this stage, they would absolutely do a review of the impact on security, and they would engage the scope of the actual investigation. IT would get engaged. This is done in a secure environment where access is logged and managed. The information provided by IT is returned to the chief security officer organization, and that's where it's treated internally.
On February 6th, 2024. See this statement in context.