 A substantive strategy sets control risk high for some or all assertions because of one or all of the following factors which could include controls do not pertain to an assertion so the control setup might not be something that's tied out to that specific assertion that we are testing for. Controls are assessed as ineffective so they might have internal controls that are put in place but if they're not effective and or they're not effective for the particular assertion that we're trying to test for then that's going to be a problem with the internal controls. Testing the effectiveness of controls would not be efficient so it's possible that the internal controls are in place but we just can't test the testing the effectiveness of the internal controls maybe would be more difficult take more time than the substantive testing in some particular cases in which case why would we do the more work we're doing less work we're trying to do less work that's the point of us relying on internal controls in the first place if it takes us more work to do the internal controls or test the internal controls then do the substantive testing then we'll do the substantive testing. Our reliance strategy the one that we hope to be using and almost have to be using for publicly traded companies but may not be using for smaller than publicly traded companies due to the fact that we need to rely internal controls for publicly traded companies in order to have the scope of the audit fit into the time frame that usually will be necessary for them whereas smaller companies don't usually have the the ability to implement the same internal controls therefore we're going to rely on the internal control so under our reliance strategy the auditor plans plans to rely on internal controls and assesses control risk at a lower level so now we're going to say at this time we're going to say we've looked at internal controls we have an understanding of internal controls and therefore we're going to we're going to rely on the internal controls we think they're good and therefore we can rely on internal controls and do less of the actual substantive testing the more groundwork type of testing so in terms of lower or higher what that means is the controls assess the control risk at a lower level so we're going to assess the control risk low what does that mean it means that the risk of the controls not detecting material misstatement is low which means the controls are strong so if the controls are strong the control risk is low the risk that the controls that are being set up the separation of duties doesn't catch the error is low so we're going to set the control risk low and therefore we can depend more on it and do less of the substantive type testing given the fact that we are depending on the controls and therefore set the detection risk higher and the detection risk being that our substantive test our audit process won't catch a material misstatement we can actually make that higher because we're relying on the controls so we don't we we can have a higher detection risk lower on on the control risk and still be within the range that we have planned for in our art strategy