Certified Information Privacy Manager

The CIPM is the worlds first and only certification in privacy programme management. When you earn a CIPM, it shows that you know how to make a privacy programme work for your organisation. In other words, you're the go-to person for day-to-day operations when it comes to data protection.

The CIPM program was developed by the International Association of Privacy Professionals (IAPP), which is the worlds largest comprehensive global information privacy community and resource. The CIPM certification also holds accreditation under ISO 17024: 2012.

Adding the CIPP/E to your CIPM puts you at the forefront of ensuring you are ready for the GDPR.

Who Should Attend

• Data Protection Officers
• Data Protection Managers
• Auditors
• Information Managers
• Security Manager
• Legal Compliance Officers
• Anyone involved with data protection processes and programmes

Obsah školení

The CIPM certification is comprised of two domains:

• Domain 1: Privacy Program Governance
• Domain 2: Privacy Program Operational Life Cycle

Domain 1

Domain 1 provides a solid foundation for the governance of a privacy program and defines how the privacy program may be developed, measured and improved.

1. Organisation Level

• Create a company vision
• Establish a privacy program
• Structure the privacy team

2. Develop the Privacy Program Framework

• Develop organisational privacy policies, standards and/or guidelines
• Define privacy program activities

3. Implement the Privacy Policy Framework

• Communicate the framework to internal and external stakeholders
• Ensure continuous alignment to applicable laws and regulations to support the development of an organizational privacy program framework

4. Metrics

• Identify intended audience for metrics
• Define reporting resources
• Define privacy metrics for oversight and governance per audience
• Identify systems/application collection points

Domain 2

Domain 2 details the management and operations of the privacy program governance model within the context of the organisation’s privacy strategy. The Privacy Program Operational Life Cycle domain is built upon a common industry-accepted framework.

5. Assess Your Organisation

• Document current baseline of your privacy
• Processors and third-party vendor assessment
• Physical assessments
• Mergers, acquisitions and divestitures
• Conduct analysis and assessments, as needed or appropriate

6. Protect

• Data life cycle (creation to deletion)
• Information security practices
• Privacy by Design

7. Sustain

• Measure
• Align
• Audit
• Communicate
• Monitor

8. Respond

• Information requests
• Privacy incidents

Recommended Downloads

The CIPM body of knowledge outlines all the concepts and topics that you need to know to become certified. The exam blueprint gives you an idea of how many questions from each topic area you can expect on the exam. We recommend you download and read the following publications provided by the IAPP:

• CIPM Body of Knowledge
• CIPM Exam Blueprint
• 2019 Certification Candidate Handbook

Certificate Exam

The IAPP uses computer-based exams, which are administered through Pearson VUE testing centres at locations throughout the world. Available testing centres can be viewed upon scheduling an exam. You will receive your results immediately upon concluding your exam, and a confirmation print out will be provided by the testing centre. Exam results will update in the IAPP system after one business day.

All results are placed on a common scale, ranging from 100 to 500. The passing score for all IAPP exams is 300 (which does not represent 50 percent). Typically, passing scores range between 65 and 80 percent correct, depending on the program and exam form.

Additional Resources provided by the IAPP
Preparing for the exam – https://iapp.org/certify/prepare/
Maintaining your certification – https://iapp.org/certify/cpe/

Recommended

IAPP offers its training in a modular format using 2-day courses. By combing your CIPM certification with the Certified Information Privacy Professional / Europe (CIPP/E) 2-day course, you’ll be uniquely equipped to fulfil the DPO requirements of the GDPR. The CIPP/E relates to the knowledge a DPO must have concerning the European legal framework of the legislation, and the CIPM the theoretical aspects necessary to lead an organisation’s data protection efforts. Talk to ALC about a combined course discount!