 In this presentation, we will take a look at an internal control flowchart mapping out the processes and procedures related to internal controls. Starting off with the develop and understanding of internal controls by evaluating the design of controls, determining if the controls have been implemented. So that's the first thing we're going to do. We're going to say, hey, what are the internal controls? Could you give us the design of the internal controls? And then we want to determine whether or not the internal controls have been implemented. Next, we're going to document the understanding of the internal controls. So once we have that understanding, we of course, as auditors gathering evidence, will then document that understanding. Then we come to the question point. That's what this red box then means. So we have a question, a yes or no type of question. Does the auditor intend to rely on the controls? So at this point we have to say, do we rely on the controls or not? Now, if we're thinking about a publicly traded companies, we will probably be saying, yes, we're going to rely on the internal controls. If we cannot rely on the controls, we're in big trouble because we typically can't do enough substantive testing in the timeframe given to really support the full audit of a publicly traded company. However, if we have something less than a publicly traded company, it may may well be the case that we don't intend to fully trust or rely on the internal controls. And therefore we're going to do more substantive testing. So remember, at this point, publicly traded company, are we going to rely on the internal controls? We hoped we can at this point or else we're going to have to take into consideration what we're going to do going forward, whether or not we can basically finish the audit within the scope of it. If we're talking about smaller company, we may say no. And in that case, we're going to do more substantive testing. So you can imagine if we have a smaller company, we're going to say, okay, this internal controls aren't something that we can completely rely on. What are we going to do then? We're going to do a substantive strategy, meaning we're going to set control risk at the max. We're going to say control risk is high, meaning there's a high risk that the internal control set up by the organization by the business will not detect a material misstatement. And therefore we need to do more testing on the substantive testing side. So what are we going to do? We're going to increase the amount of the substantive testing instead of wasting our time or going further thinking about testing the internal controls, which we've determined not to be sufficient and therefore not something that we rely on.