We have the four-phase action plan. We have it addressing, first, all the recommendations made by the OAG. That is done. I'm not talking about a month from now or two months from now; we've done that.
There is one component related to IT that we will have completed sometime next October. This is to have a better cross-log of information between our contracting authority and the industrial security program database, which were disconnected for reasons of security. That is going to be done in October. That is the first phase.
The second phase is that we have looked at the 24 contracts to make sure we were satisfied that we would be at a low risk for breaches of security, and we're satisfied that is the case. The people in the 24 contracts were cleared. After the fact is not the ideal situation, but that is the reality.
On top of that, we've decided to look at active contracts, 3,000 of them, to make sure the elements picked up by the OAG don't replicate themselves into the active contracts. We are proceeding with that. It's a three-stage approach, and it will be completed in August. We are doing this very systematic wall-to-wall approach to make sure we're minimizing risk for the contracts. These measures are in addition to the procedures and policies we're putting in place and the management review we're carrying out on the program overall.