Our impression when we did the initial audit in 2005 was that Passport Canada had given priority to service issues rather than security issues. We noted several deficiencies concerning security issues and we made several recommendations so that improvements could be made in that area.
I think that our follow-up audit shows that Passport Canada did deal tentatively with these issues, implemented a very serious action plan and started to tackle these problems even though solving some of them will take some time. The question of electronic links with the provinces and territories, for example, cannot be solved in a few months. All risk analyses will also take some time. The same is true for the quality framework for decision management, namely who has the right to access and who shouldn't. That also takes some time and requires training.
Nevertheless, I think that with a few exceptions—for example, one would have thought that the problem of system access would have been solved—a very serious effort has been made in dealing with security.