we verify the processes have been included in the relevant SCOT documentation along with the risks of incomplete processing or transfers addressed by controls performed by transaction processors or by IT personnel. When such processes are relevant to IT processes, we include the risks as part of manage IT operations or other appropriate IT processes.