 the substantive testing of testing all the transactions and testing the account balances. So we're hoping to do test of controls so that we can determine that we can rely on them to some degree, reducing the amount of detection, the amount of substantive testing we'll need to do. And then we'll set and document the control risk for the purchasing process. So that's gonna be our ultimate goal for the control risk, we'll set the control risk. And those are the two factors that are kind of controlled by the company, inherent risk by the business that they've chosen to be in, the process that they have set up for it and control risk, meaning the controls that they have put in place in order to safeguard against the inherent risks. Purchasing process, control risk, information system, auditor will obtain the information below for each major class of transaction in the purchasing process. So we're gonna go through this process, we're gonna obtain this information related to it, the initiation process for the purchase, cash disbursements and purchase return transactions. So we wanna know about then the initiation process, the cash disbursements and the purchase return transactions, the accounting records, supporting documents and accounts that are part of the purchase process, cash disbursement and purchase returns. We wanna get information related to that, the flow of each type of transaction from initiation to inclusion in the financial statement. So how does this flow through with regards to one, the initiation all the way to the financial statements, computer processing data should be included in this process. So note that of course the IT will be involved in this and we may need IT professionals to help us look into the system to make sure that we can understand and be able to audit the system, give us the rights to basically go through and test the audit within the system and test different types of controls the process used to estimate accrued liability. Purchasing process, control risk assessment. After testing controls, the auditor will set the achieved level of control risk. So we're gonna obviously test the controls then we're gonna set the control risk. If tests of control support the plan level of control risk, no modifications are necessary to planned detection risk. So if we don't have to make any modifications to the detection risk and we can move forward with everything as we planned the auditor will process with the substantive procedures as planned, meaning we're gonna say, okay, we're at the level of control that in the control risk that we had determined it to be therefore we can move forward with the substantive tests as planned. When tests do not support planned control risk so what happens if we test the controls and they are below what we expect them to be the auditor lowers the level of planned detection risk. So remember what we're talking about here with these it's kinda easy to see what we're doing relationship wise but it can be difficult to know which direction these things are going if we were to be tested on it or just to talk about these type of factors. So obviously what we're doing is trying to rely on the controls if we can rely on the controls if they're good controls then we're gonna do less substantive testing. That's fairly obvious, but what does it mean to have the control or hopefully by now we've talked about it by. So what does it mean for the control risk factors? Well control risk is the risk that the problems will not be detected by the internal controls that are set up. So therefore if we're not relying on if we cannot rely on the internal controls the risks that the controls are weak are gonna be higher. That means that we're gonna increase the control risk because the controls are weak, whether they're not good therefore we increase the risk factor. The control risk is gonna be higher because the controls are not going to detect and the detection risk then we're also gonna, we're going to set at lower because what we're trying to do is say the detection risk is gonna be the risk that the audit test, the substantive test the test we're gonna put in place are going to not catch the error. So and that means we wanna make that then we wanna do more substantive testing which will lower the risk that our detection risk wouldn't detect the error. So we can't rely on the controls, control risk goes up we're gonna increase control risk and therefore we need to make detection risk to go down to make the overall thing basically balance out. So we're gonna decrease the detection risk by doing more substantive testing.