The Certified Information Privacy Manager (CIPM) is one of several popular privacy-focused certifications offered by the International Association of Privacy Professionals (IAPP), a not-for-profit organization dedicated to education about data privacy.
Privacy has become a top issue for organizations in recent years. The issue of data privacy received worldwide attention in 2013 when Edward Snowden revealed the degree of surveillance being carried out by the NSA, and more recently, the Facebook and Cambridge Analytica privacy debacle brought the issue back into the news. The General Data Protection Regulation (GDPR) also went into effect in May 2018. This means that any company that deals with EU citizens as customers, employees or clients will have to apply the GDPR principles of privacy and data protection to any personal and sensitive data they process.
The increased focus around privacy and data security has driven interest in privacy certifications like the CIPM.
What is the CIPM Certification?
The CIPM certification is a dual-purpose credential. Passing a CIPM exam demonstrates your ability not only to understand data privacy regulations and laws, but also how to implement a privacy framework in an organization. The certificate is designed specifically for those with a more managerial role in the world of data privacy.
- Assess an organization’s privacy regime
- Protect an organization by knowing which security controls and technology to use
- Sustain an organization’s privacy program using appropriate communication, training and management
- Respond to privacy incidents
The CIPM certificate is an accredited exam under ISO 17024: 2012.
Who Should Earn the CIPM?
The CIPM certification shows that you know how to implement a complete data privacy protection program. In an era of privacy regulations such as GDPR, this makes a CIPM certificate owner a valuable asset for an organization. The roles and people most suited to earning a CIPM certificate include:
- Data protection officers
- Compliance officers and support staff
- Data privacy lawyers
- Security managers
- Information managers
- Anyone wishing to improve their knowledge of data privacy program management
What Experience Do You Need?
There are no formal prerequisites to take the CIPM exam. However, a working knowledge of privacy laws, regulations, standards and policy frameworks will help you succeed in the 2.5-hour, 90-question exam. The IAPP does strongly recommend that you be fully prepared before sitting the exam.
How Does the CIPM Compare to Other Privacy Certs?
The CIPM credential is seen as a leading certification and is the only certification specifically tailored for those who have to implement and manage a privacy program. The IAPP CIPM certification has been fully accredited. This means it will be at the forefront of privacy issues, teaching you about the day-to-day challenges and operations needed to manage privacy in a modern organization.
IAPP offers a variety of other privacy certifications with non-managerial focuses, including:
- Certified Information Privacy Professional/United States Private-Sector (CIPP/US)
- Certified Information Privacy Professional/Government (CIPP/G)
- Certified Information Privacy Professional/Europe (CIPP/E)
- Certified Information Privacy Technologist (CIPT)
What is the Best Way to Train for the CIPM?
The IAPP recommends that you spend at least 30 hours preparing for the exam. This can be done by:
- Taking a dedicated training course, such as the CIPM boot camp offered by InfoSec Institute
- Reading up on the CIPM “body of knowledge,” which is a list of all topics that are covered in the exam
- Using the IAPP CIPM exam blueprint to prepare test questions and sample answers for yourself as a means of self-assessment
- Reading books on subjects covered by the CIPM exam
CIPM body of knowledge, https://iapp.org/media/pdf/certification/CIPM_BoK.pdf
CIPM exam blueprint, https://iapp.org/media/pdf/certification/CIPM_EBP.pdf