The report identified that some of your funding almost lapsed or had to be retained by special applications. I do understand that you must deal with what is allocated, but you didn't even spend what was allocated. I don't find it an acceptable reason for not having implemented known security improvements when you have lapsing money. It's good that your internal audit appears to at least match the Auditor General's. That's positive, and it contrasts with some other studies that have been before this committee.
Mr. Berthelette, you visited two sites yourself and relied on their audit. I'll have you comment on the congruency of the internal audit and what you found. This is an important point if it's just not practical for you to audit these physical sites in most cases.