Information & Ethics committee  I guess the only thing I can say is that, as I said, obviously we do a lot business with the federal government. I can tell you that our business with CBSA is less than 2%. We do business with many different departments. We provide services to National Defence and many different

Information & Ethics committee  I'm also glad that I could clear my name here. The news media said we got $8 million. We did not get $8 million.

Information & Ethics committee  As you know, that technology had changed over a number of years. We have been involved in the security side of it for many years. Changes have been happening over a number of years. In the past, people just got a threat and risk analysis, which is what the threats are, what the

Information & Ethics committee  It is my understanding that it was done, yes.

Information & Ethics committee  I'm not aware of that, so I can't comment on it.

Information & Ethics committee  I cannot comment too much on those things because, as I said, our involvement with ArriveCAN was making sure that the application was working and was secure. That's all I can say on that.

Information & Ethics committee  To the best of my knowledge, it was one person.

Information & Ethics committee  As I said, it is not when the incidents are there. It's when the applications or the systems are developed or when there are any changes to be made. The security aspect has to be there, because otherwise we will not be secure.

Information & Ethics committee  As I said, we do consulting services. We provide resources, which have the expertise to do all these things, to the government. They're actually at the customer site. If the customer wanted them to do the testing, they will do the testing. For example, if a vulnerability assessme

Information & Ethics committee  There is always a deliverable. The individuals write the report and everything else.

Information & Ethics committee  There's the deliverable part of that, and it's delivered to the government.

Information & Ethics committee  As I'm saying, it's called a security assessment—an assessment is done—and authorization.

Information & Ethics committee  We don't email it. It's written. The consultant will actually.... We are not privy to a lot of information. This is a private.... Obviously, when they're developing applications, as a company we are not privy to that. However, individual consultants who work on a particular pro

Information & Ethics committee  That's my understanding, yes.

Information & Ethics committee  Exactly. Keep in mind that these are secret documents. The companies cannot actually keep it unless they have a document safeguarding facility.