We also tried to bring a integrated approach to life. But that didn’t really work out and got most of the people involved confused. There’s a thin line between sox and risk management. And most of the people can’t see the difference between operational risk, which mainly causes economic loss and financial misstatement risks. Yes - both are process related, but the goals are different and therefore the requirements. After changing to push only sox and postpone the risk management assesment after sox implemention, we’re doing quit well. Even though we’re not required too, we will finish the sox project by the end of 2004. By then we’ll implemented COSO and CObIT for sox purposes and can start from there with out risk management project.