During our audit, we actually saw that they collected additional data from railway companies about compliance. Where they fell short was in actually then using that data to inform some of their risk-based planning. In fact, when they completed more audits of safety management systems, we didn't see them using the results of those audits to inform future inspections. Those audits might have identified weaknesses and could have informed another risk-based approach to inspections.
We saw that they are gathering better data now, but it's about how you use it. I think that every organization needs to think about a program and think about having a data strategy. You need to know what data you need, why you need it, how you want to gather it, how you store it, how you retrieve it and how you use it to inform decisions. That is really the best step: knowing what data you have and how it informs a smart and comprehensive decision going forward.