Thank you very much, Mr. Chair.
Gentlemen, thank you all for being here today. I have very much appreciated your straightforwardness in this matter, your candour in responding to the questions, and the wholesome way that you've approached this issue, which we all agree is completely unacceptable. There's not a single person in this room who doesn't believe that these two incidents were completely unacceptable.
I appreciate the approach the department has been taking in dealing with this situation. I'm one of those who believe that you also have to look beyond an incident or incidents like this to ask what we are going to do to make sure it doesn't happen again.
What are we going to do to improve our safeguards and our processes and procedures? That is the line of questioning that I'm going to go with: where do we go from here—how to get to zero, as we say it is our goal to do?
I want to get you to comment quickly, to reiterate the direction that the minister has given to you, which as I understand it is to review the ways that employees handle Canadians' data, fix any gaps that allowed this to happen, update network security practices to prohibit external hard drives, and provide more mandatory training for all employees in the proper handling of sensitive and personal information and on the new security policies.
Is that the direction, Mr. Shugart, that you are taking from the minister in what you are doing on a go-forward basis now?