I just learned about substantive testing and control testing.
It’s not like a software tesiting technique or method, but is more segmented and focused in the information technology auditing process in an organization. To put it simply, the substantive process is used to substantively test related to documents, materials, records such as transactions that occur in an organization, whether the records are relevant, valid, accurate and accountable. However, this thing can actually lead to “collusion” if the client (who is audited) tries to cover up or the documents are manipulated, reduced or the like. Thus, this is where the “test control” appears which used to review/evaluate whether the substantive testing procedure carried out based ont the procedure or not, all of these things use to find potential risks, inconsistencies in statements in the document or defects.