It would be helpful for this committee to know why someone wanting to be a network analyst with what would normally require secret security clearance would then be able to work on information systems specifically with access to Canadians' personal information, private health information and biometric data, especially at a time when we're becoming increasingly aware of cyber-threats to our country.
I would look to the witness panel, if they can't provide us a fulsome answer today, to perhaps provide in writing or return to the committee with information on the frequency with which this is permitted and the potential risk that Canadians were exposed to as a result of this. As well, ultimately, who is the signing authority that can waive security clearance requirements?