A tabletop exercise helps test preparedness of incident response and disaster recovery depending on the scenario. Several frameworks like SOC 2, ISO 27001, HIPAA. GDPR and others require organizations to conduct a tabletop exercise once a year.
The key areas that will be tested using a tabletop exercise scenario are:
The key areas that will be tested using a tabletop exercise scenario are:
- Initial incident reporting and triage workflows
- Escalation paths and incident response team assembly
- Fallback procedures and documentation in the absence of key personnel
- Use of playbooks, checklists, and security controls for investigation and containment
- Internal communication and incident documentation practices
- Coordination with legal counsel and cyber insurance provider
- External communication and stakeholder management (customers, regulators, media, board)
- Prioritization of business function restoration
- Organizational learning and strategic initiatives to enhance security and resilience
Logistics
Ideally a tabletop scenario will use existing gaps found in the company's Risk Register.