Our mandate does cover CSIS. We can audit CSIS, but in some cases restrictions on the subject of our reports apply. For example, it goes without saying that we cannot publicly disclose secret or confidential information.
We looked at the security issue during the 2000 and 2003 audits, if I remember correctly. I think we focused particularly on the RCMP.
I would ask Mr. Flageole to provide more specific details.