Yes, as the executive director mentioned, our reviews are based on risk analysis. By “risk” I mean the risk to compliance and the risk to the protection of the privacy of Canadians. Every year, we sit down and ask, “Based on what we know, what type of activities should we review this year?” It's based on the risk.
On the other hand, there are certain matters or activities that we review yearly.