Yes, I understand your question.
Essentially the point you're making speaks to our enforcement and compliance responsibilities, which are discharged in part through inspections. It's not only that, frankly. The Auditor General did also pick up on certain documentation that was missing. When you look at it, we had an onus to ask the company to provide this information. I'm thinking about the security briefing, the so-called security agreement, but it's also the onus of the company to provide this information proactively.
So I'm not going to start sharing blame here. These documents should have been on file.
Normally our inspections allow us to make sure that the company security officer meets the requirements. I will give you examples. Certain sections of the company, where sensitive information may be dealt with, would have padlocks. Their ID systems will be pressure-tested to certain standards. There will be security officers with badges. I'm giving you examples of requirements that may be part of a contract clause, and we expect the company to discharge that. Our way to check this is through inspections to make sure things are happening the way they should. In the past we've carried on inspections, and we are augmenting that in other inspections that we're carrying on.