Which of the following statements regarding the audit strategy is NOT correct? When we have determined that substantive procedures alone will provide sufficient appropriate audit evidence to address the identified risk of material misstatement, we can opt not to test controls. When using a substantive only strategy, we still consider the need to incorporate testing of controls in order to enable reliance on system-generated IPE. If we found a deficiency during operating effectiveness testing in one of several controls in an assertion, we can still ‘rely on controls’ and retain our CRA, but we perform additional substantive procedures to address the risk related to the deficiency. When the CRA is High, our preferred audit strategy is to "rely on controls" related to the risks associated with the relevant assertion.