Last update: May 23, 2020.
I took the CIPP/E exam in April 2018. This article reflects my experience and recommendations. Hope this helps you obtain your certification!
This article is a guide to help you study efficiently and pass your GDPR certification exam. The International Association of Privacy Professionals (IAPP) offers the most up-to-date and sought-after ANSI/ISO-accredited certifications.
The IAPP has three types of GDPR certifications:
- Certified Information Privacy Professional (CIPP), the gold standard in the privacy industry.
- The Certified Information Privacy Professional/Europe (CIPP/E) credential demonstrates a strong foundation in European privacy laws and regulations.
- The CIPP/US, CIPP/C, CIPP/G and CIPP/A credentials focus on privacy regulation in the US, Canada, U.S. Government and Asia, respectively.
- Certified Information Privacy Manager (CIPM) focuses on GDPR operational privacy management such as implementing and maintaining privacy programs.
- Certified Information Privacy Technologist (CIPT) is privacy training for IT professionals.
A number of costs are involved in order to get your certification:
|Authoritative Textbook||$75, $65 for members|
|Sample Questions||$35, $25 for members|
|First-time Certification Exam||$550|
|Retake Certification Exam||$375|
|Additional Certification Exam, once you passed an exam||$375|
|Bi-Annual Certification Maintenance Fee||$250, free for members|
|Annual IAPP Membership||$275, $50 for students|
The Certification Maintenance Fee is waived when you are an IAPP member. As an IAPP member, you will receive membership benefits such as members-only content and networking opportunities.
Tip: you can showcase your IAPP membership on LinkedIn.
There are a few ways in which you may be able to reduce these costs:
- Sign up for a free IAPP account, which will give you a chance to receive promotional mailings with discounts on sample questions, exams, etc.
- Become a beta tester. As a beta tester, you take an exam with a new set of questions, for which you will receive a 50% discount, a saving of $275. There seems to be high demand for discounted beta tests and available slots fill quickly. One way to get access to a beta test exam is to receive an IAPP email invitation. Or check if the IAPP website has an active Beta Exam page similar to this CIPT one.
Download all briefing material from the IAPP website:
- IAPP Privacy Certification Candidate Handbook
- Study Guide
- Authoritative Resource List
- Body of Knowledge
- Exam Blueprint
- Glossary of Privacy Terms
As an option, you can purchase IAPP Sample Questions. This will give you an idea of the type of questions to expect. However, the exam questions are considerably more difficult!
Books by the IAPP
- Determine which books you will need. The “Authoritative Resource List” contains a paragraph called “Authoritative Texts” that lists several books required for your exam.
- Tip: In my experience, the first book listed covers almost all of the “Body of Knowledge”. Carefully studying this book should be sufficient in order to pass the exam, depending on your background and prior knowledge.
- A free book preview is available from the IAPP online store. By clicking on the book’s “Details” link, a new window will open with a link to “Download a Preview” at the bottom.
- Paper or electronic? Most books are available in paper and electronic versions. I prefer the electronic version because you can bookmark pages, highlight, add notes, search for specific terms and use the electronic dictionary.
- Electronic books come in Amazon Kindle and epub formats. After you purchase one type, you get access to both formats.
- You will have to use the iOS Kindle app on Apple devices since IAPP books will not show up in the macOS Kindle app.
I highly recommend that you acquire the following books:
|CIPP/E||Ustaran, Eduardo. European Data Protection: Law and Practice. Portsmouth: IAPP, 2018.|
|CIPM||Densmore, Russel R. Privacy Program Management: Tools for Managing Privacy Within Your Organization. Second Edition. Portsmouth: IAPP, 2019.|
|CIPT||Breaux, Travis. An Introduction to Privacy for Technology Professionals. Portsmouth: IAPP, 2020.|
- IAPP recommends that you plan for a minimum of 30 hours of study time prior to your exam date. I suggest that you spend most of that time studying the book.
- I recommend that you make your own diagrams and summaries of key topics in order to better understand and remember the important concepts.
- I also recommend spending some time on the Glossary of Privacy Terms in order to become familiar with the terminology.
- Understand the overall GDPR structure and the numbers of important GDPR articles, along with the main topic covered by each article.
- Focus on the first 50 articles of the GDPR.
- This site is useful for studying the GDPR structure and articles, as well as the “recitals” that provide further background about the GDPR articles.
- Tip: There are several GDPR apps available free of charge that you can use as a reference in order to quickly access the GDPR text, without having to search through PDF files. My favourite app is the Explore GDPR by DLA Piper.
- Tip: Check out tips from other people taking the exam at the CIPP/E Advice Forum on www.techexams.net. I found this post most helpful.
CIPP/E exam questions
The CIPP/E exam has many case studies. The cases require a fair amount of time in order to read and properly understand the situation. Be aware that you can easily run out of time if you spend too much time on one case.
Other types of questions are also difficult. There is often not just one correct answer, but IAPP will ask which answer is the most correct or which situation would create the fewest problems. In other words, you must go beyond memorising facts and be able to assess the situation.
Taking the exam
Reserve your exam time and location through the IAPP website. Most exams allow 150 minutes for completion and consist of 90 multiple choice questions. Many people found the level of the exams to be very difficult and felt that they did not have enough time.
- The exam is online.
- You cannot bring electronic devices like a phone or electronic watch into the exam room.
- Non-native English speakers can bring one English-to-alternative-language dictionary.
- You are provided with a few sheets of paper and a pen in order to take notes.
- A countdown timer displays on your screen.
- Each question is pulled from the server, which can take several seconds. The timer stops each time until you see the next question, giving you an opportunity to recuperate and collect your thoughts.
- Passing scores generally range between 65 and 80% correct, depending on the program. The IAPP does not provide any more specific information, but at least you get an idea.
- You may mark questions on the screen to review before handing in your answers.
- You receive your results immediately. Unless you are a beta tester, in which case the results will available in about four weeks.
IAPP uses Accredible, a digital credential service, to issue its certificates. Accredible provides you with a professional, interactive certificate that can be verified, downloaded, added to LinkedIn, etc. You should receive your certificate about a week after the exam, unless you are a beta tester, in which case it could take a few additional weeks.
In order to maintain your CIPP certification, you will have to complete at least 20 hours of continuing privacy education (CPE) every two years. You obtain credits for studying and for being active in the privacy community, such as participating in online seminars, conferences, volunteer work or writing an article. You self report your credits in your IAPP online environment.
Free online resources
- The IAPP website has excellent relevant information.
- The CIPP/E Advice Forum on www.techexams.net.
- The Handbook on European data protection law 2018 edition (Free)
Did you take the CIPP/E exam? How was it? Leave a Comment!