At times when you're talking about a Crown corporation, the controls are all very centralized and fixes like this probably happen a lot more quickly than they would in the government itself, where sometimes central agencies manage access to main systems, hence there is a constant communication and oversight that's needed and a horizontal management of access.
Again, I think a good question to ask the government is where it sits in its priorities to control. What I can tell you is that when we look at access controls and we see that individuals have access they shouldn't have, we also look for compensating controls where there is monitoring to make sure that those people didn't access that information, so we're happy to see that as well.
This is really about cleaning up access. Even though we haven't seen any issues, the risk is there and that's why a good cleanup is needed.