Question 20
Domain 4: Individual Requests, Complaints and Privacy IncidentsWhat is the primary purpose of a privacy incident tabletop exercise?
Correct answer: B
Explanation
A privacy incident tabletop exercise is a discussion-based drill used to rehearse response procedures before an actual incident. Its main purpose is to test “roles, escalation paths, and decision points” so the team can identify gaps and improve coordination before a real event.
Why each option is right or wrong
A. Guarantee that no incident will ever occur
B. Test roles, escalation paths, and decision points before a real event
A tabletop exercise is a discussion-based preparedness activity used to validate the incident response process before an actual privacy event occurs, so the focus is on whether the right people know their responsibilities, who escalates to whom, and where key decisions are made. In privacy programs, this is the practical way to test the response chain under simulated conditions without waiting for a live incident, allowing gaps in authority, timing, and coordination to be identified and corrected in advance.
C. Replace all incident-response training permanently
D. Eliminate the need for forensic investigation