 Let's move on to security. So version 9.1 had a chapter on security. You open version 9.2, that chapter has gone away. We've removed it. However, it's been replaced by a freestanding guide. This was developed in collaboration with the open group security experts in the Security Forum. The security chapter was part of the body of knowledge for Togat 9 certification. The security guide is part of the body of knowledge for Togat 9 certification based on version 9.2. Significantly, this document has aligned the understanding of what risk means with ISO standards about what risk means. And it still contains detailed guidance on adapting the ADM for security. But that guidance has been significantly enhanced and brought up to date. Let's go back to the definition of risk. From ISO 31000, risk is the effect of uncertainty on objects. Now, uncertainty is any deviation from what is expected, positive and negative. Our traditional view of risk is that it's a bad thing. The view of risk from the security people is that risk is potentially a good thing. So when we're managing risk, not only should we be trying to mitigate the impact of negative risk, we should be trying to maximize the impact of positive risk. So it's got a significant impact on how we think about risk. The guide includes something called the enterprise security architecture, defined as the structure of organizational, conceptual, logical and physical components that interact in a coherent pattern in order to achieve and maintain a state of managed risk and security. Or information security. So it is a driver of the right kind of behavior. There are two components to it. There is information security management and enterprise risk management. Two aspects of the same thing and both of these have an impact on how you deploy the ADM. We don't have time today to look into that in detail, but the document itself goes into a lot of detail about how you can make the TOGAP ADM secure and manage risk.