The CIPP/G addresses U.S. government privacy laws, regulations and policies specific to government practice as well as those more broadly applicable to the public and private sectors in the U.S.
The Certified Information Privacy Professional/Government (CIPP/G) is the first publicly available privacy certification designed for employees of U.S. federal, state, county and local government agencies. It also is available to vendors, suppliers and consultants who serve government clients.
The CIPP/G addresses U.S. government privacy laws, regulations and policies specific to government practice as well as those more broadly applicable to the public and private sectors in the U.S. It also covers U.S. government-standard practices for privacy program development and management, privacy compliance and auditing, records management and agency reporting obligations for privacy.
Subject matter areas required to attain CIPP/G certification include:
|•||U.S. laws that compel the disclosure of personal data: BSA, FISA, ECPA and USA-PATRIOT|
|•||U.S. private sector privacy laws that exert certain requirements on U.S. government organizations: HIPAA, COPPA and GLBA|
|•||Information laws for U.S. government practice: FOIA, FISMA, the Privacy Act of 1974, the Government in the Sunshine Act, the E-Government Act and the Data Quality Act|
|•||Key privacy memoranda published by OMB and OPM: M-01-05, M-03-22, M-04-26, M-05-08, M-06-15, M-06-16 M-06-19, M-06-20 and Circular A-130|
|•||Program controls for U.S. government privacy professionals such as PIAs and SORNs|
To become CIPP/G-certified, you must successfully complete the Certification Foundation examination before or after the CIPP/G exam.
CIPP/G candidates are accepted from any of the following categories:
|•||Officers and employees with privacy-related responsibilities or obligations such as privacy officers, compliance managers, records managers, access-to-information coordinators, information security managers and information auditors|
|•||Officers and employees at regulatory agencies who handle privacy as part of their day-to-day roles|
|•||Individuals who advise senior government officers on information management policies and practices specifically as they relate to personal information, such as records management or record retention|
|•||Federal information technology officers (CIO, CTO, CISO or IS manager)|
|•||Officers and employees with privacy-related responsibilities or obligations such as privacy officers, compliance managers, records managers, access-to-information coordinators, information security managers, information auditors, etc.|
|•||State information technology officers (CIO, CTO, CISO or IS Manager)|
|•||Attorneys, consultants, independent professionals and/or employees of vendor companies who serve clients in U.S. federal, state or local governments|
|•||Existing Certified Information Privacy Professionals (CIPPs) who wish to add a government privacy specialization to their core credential.|
The IAPP created the CIPP/G program with the assistance of privacy officers from U.S. federal agencies, including the Postal Service, the Department of Justice, the Department of Veterans Affairs, the Office of Management and Budget and the Internal Revenue Service as well as U.S. state agencies such as the California Department of Consumer Affairs. Leading government services vendors IBM Corporation, SRA International and MITRE Corporation also advised the development of the examination, training programs and reference materials. The CIPP/G program is offered exclusively by the IAPP and is made possible through the generous support of IBM Corporation.
Each certification candidate must become an IAPP member prior to testing. Membership provides access to the world’s largest community of privacy professionals, including valuable educational resources and networking opportunities. A variety of annual membership levels are available. Learn more about the benefits of IAPP membership.
The Certification Foundation exam is required for all first-time certification candidates. It assesses understanding of fundamental concepts of privacy and data protection and covers common privacy principles and approaches, global data protection models, information security controls and online privacy protections. These practice areas are relevant to all privacy professionals regardless of legal jurisdiction, geographic location or practice specialization.
Candidates must also pass the CIPP/G designation exam. The CIPP/G exam layers over the Certification Foundation Exam, resulting in CIPP/G certification.
Privacy certification is an important career effort that requires advance preparation. Choosing how you will prepare for your privacy certification exams is a personal choice that should include an assessment of your professional background, scope of privacy knowledge and your preferred method of learning. In general, the IAPP recommends that candidates plan for a minimum of 20 hours of study time in advance of each exam; however, you might need more or fewer hours depending on your personal choices and professional experience.
The way in which you choose to prepare for your exams should be based on your level of familiarity with the exam content and your preferred learning style.
The IAPP strongly recommends that you prepare in the following manner:
The bodies of knowledge are comprehensive outlines of the subject matter areas covered by the both the Certification Foundation and the CIPP/G exams; the exam blueprints specify the approximate number of items on the examinations in each area of the bodies of knowledge.
CIPP/G Body of Knowledge (pdf 1MB)
Certification Foundation Textbook:
Foundations of Information Privacy and Data Protection: A Survey of Global Concepts, Laws and Practices
U.S. Government Privacy: Essential Policies and Practices for Privacy Professionals
The Information Privacy Case Book: A Global Survey of Privacy and Security Enforcement Actions with Recommendations for Reducing Risk
The IAPP offers both in-person certification prep classes and online training to help you prepare for your Foundation and CIPP/G exams.
IAPP certification prep classes are offered at IAPP conferences, in conjunction with industry events in select cities throughout the year. You are not required to attend the IAPP conference in order to attend the Certification Prep class. All certification prep classes include an accompanying coursebook. See a list of upcoming Certification Prep classes.
Online training for the Certification Foundation and CIPP/G is currently available. It is recommended as a complement to a certification prep class, or an alternative training method if you are not able to attend a class. The training coursebooks are downloadable from online training.
CIPP practice tests are a great way to gain familiarity with the format and content of the actual designation exams. Each practice test includes suggestions for use, a sample answer sheet, questions, answer key and an explanation of each correct answer.
Candidates for CIPP/G certification must pass both the Certification Foundation and the CIPP/G exams. Partial completion will result in no certification being awarded until such time that all requirements are met.
Note: Existing CIPP holders who are seeking an additional credential are exempted from the Foundation testing requirement.
The Certification Foundation exam is a 90-minute, 90-item, objective test.
The Foundation exam is composed of 90 multiple choice items. There are no essay questions. Each correct answer is worth one point.
It is important to note that Certification Foundation is not itself an IAPP certification; you must pass both the Certification Foundation and the CIPP/G exam to achieve certification.
Please note that on March 7, 2014, The Certification Foundation exam will become a 100-minute, 105 item objective test. The test will include 90 scored items and 15 non-scored trial items. If you plan to schedule your exam on or after that date, please make sure to take into account the new length of the exam.
70-minute, 60-item , objective test covering the following general topics:
I. U.S. Government Privacy Laws
II. U.S. Government Privacy Practices
The CIPP/G exam is composed of 60 multiple choice items. Ten of the multiple choice items are associated with a scenario. There are no essay questions. Each correct answer is worth one point.
Please note that on March 7, 2014, the CIPP/G exam will become an 80-minute, 72-item objective test. The test will include 60 scored items and 12 non-scored trial items. If you plan to schedule your exam on or after that date, please make sure to take into account the new length of the exam.
Congratulations on your decision to pursue the CIPP/G! Get started on the road to certification now by selecting and purchasing the items you will need to successfully prepare for and achieve your CIPP/G designation.
Here is a list of what you'll need:
Available IAPP memberships (select one):
Open to privacy professionals.
Reserved for city, state or federal employees.
Reserved for employees of non-profit organizations.
Reserved for employees of accredited institutions.
Reserved for full-time students at accredited institutions.
|Foundations of Information Privacy and Data Protection: A Survey of Global Concepts, Laws and Practices||$65|
|U.S. Government Privacy: Essential Policies and Practices for Privacy Professionals||$65|
|The Information Privacy Case Book: A Global Survey of Privacy and Security Enforcement Actions with Recommendations for Reducing Risk
NEW! Prep classes featuring in-person instruction by IAPP Professional Privacy Faculty are now available in cities around the world. See a complete prep class schedule now.
|Certification Foundation Online Training||$425|
|CIPP/G Online Training||$525|
|In-person training is available at IAPP conferences and select industry events. Separate registration is required. See available training events now.
|Certification Foundation Practice Test||$25|
|CIPP/G Practice Test||$25|
|Certification Foundation Exam||$275|