I'll start, and then Runa can answer.
The answer is yes, in the sense that it will inform all privacy-related actions. It's actually broader than a privacy impact assessment, in the sense that all companies will be required to have a privacy management program for their use of personal information, which gets at all of the elements that were noted. In fact, in the case of small and medium-sized enterprises, we require the Office of the Privacy Commissioner to work for a certification that SMEs can live up to with respect to their PMPs.