What we look for, I guess, is risks in programs. We do what we call a strategic audit planning process. If you want the inventory of programs that the government provides, we will sit down with the individual departments and talk about the different types of risks that they face, things that could get in the way of their delivering on their mandate. Then we will also look at what types of controls they put in place, perhaps, to mitigate some of those risks. On the basis of all of that information, we will choose things to look at.
Sometimes we also get information that comes from other sources, whether it be an individual, a member of Parliament, or sometimes a committee like this that will ask us to do an audit of something. We will also get that type of information. We will consider those types of things, but we don't go running off after every letter that people send us. We would look at it and ask if it is something we've already identified as a problem and put it through that whole process again of whether we think there is a risk to the program.