Thank you for the question.
I don't know whether you had any particular projects in mind. The audit report focuses on five of them.
I think I'll start with entry-exit, because it goes to explain the complexity of IT, which you alluded to. In our world, it's the complexity of the ecosystem we work in. It's a global system out there and our partners are strewn around the world.
In the case of entry-exit, this is the ability to capture exit information as people leave Canada and to share this, in some cases in land mode with the U.S. and in other cases in air mode with other government agencies. We are at the pointy end of 90 acts of Parliament, so our partners who are using some of the information we collect are not within our direct control.
Entry-exit is a good example of this. There are nine partners within the government that wanted the information there. The first major hurdle we ran into involved a horizontal privacy impact assessment not of the collection of the data but of how that data was going to be used. I'm looking at my colleague here who is at the heart of the privacy impact assessment work. That caused some delays. More recently on this is the fact that the regulations to be able to do this are in the border bill and we're still waiting for confirmation of the border bill.
This goes to tell you that there are a lot of dependencies external to the projects. We have to manage those. We know the business we're in, but by and large we have to account for those constraints and that was for entry-exit.