ExamTopics Logo
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPM All Questions

View all questions & answers for the CIPM exam
Go to Exam

Exam CIPM topic 1 question 158 discussion

Actual exam question from IAPP's CIPM
Question #: 158
Topic #: 1
[All CIPM Questions]

If your organization has a recurring issue with colleagues not reporting personal data breaches, all of the following are advisable to do EXCEPT?

  • A. Carry out a root cause analysis on each breach to understand why the incident happened.
  • B. Communicate to everyone that breaches must be reported and how they should be reported.
  • C. Provide role-specific training to areas where breaches are happening so they are more aware.
  • D. Distribute a phishing exercise to all employees to test their ability to recognize a threat attempt.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by emily0922 at Aug. 15, 2023, 2:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Privacy2024
1 month, 1 week ago
Selected Answer: A
A is indeed the correct answer because carrying out a root cause analysis on each breach does not directly address the specific issue of colleagues not reporting breaches. The focus should be on improving the reporting process and awareness through communication and training, as outlined in the other options.
upvoted 2 times
...
Rocketly
7 months ago
Selected Answer: A
B, C and D all address the issue with staff not reporting breaches. D is relevant because it is possible breaches are not being reported because breaches arising from cyber attacks are not even being recognised. Whereas A considers why breaches are happening in the first place, which is a separate issue.
upvoted 3 times
...
Ssourav
1 year, 4 months ago
Selected Answer: D
D. Distribute a phishing exercise to all employees to test their ability to recognize a threat attempt. While testing employees with a phishing exercise is a good practice for increasing awareness about potential threats and improving security practices, it doesn't directly address the issue of colleagues not reporting known breaches.
upvoted 3 times
...
emily0922
1 year, 5 months ago
I suggest D, the rest help in identifying or correcting the problem, doing a phishing test has no relation
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago