Answer:
Determining the scope of controls to include in testing
Explanation:
Top-down risk assessment: The term "top-down risk assessment" is also denoted as TDRA, and is determined as a process through which the higher-levels are being considered firstly in order to filter it from consideration of the lower-levels assessment as much as possible.
It mainly involves two different steps including:
1. "Determining the extent, nature, and timing of testing procedures in order to perform".
2. "Determining the different scope of controls in order to include in testing".
