CIPP Certification Programs

Certified Information Privacy Professional/Information Technology

The CIPP/IT demonstrates understanding of privacy and data protection practices in the development, engineering, deployment and auditing of IT products and services.

Certified Information Privacy Professional/Information Technology (CIPP/IT)

The Certified Information Privacy Professional/Information Technology (CIPP/IT) is the first global privacy certification for IT practitioners. It assesses understanding of privacy and data protection practices in the development, engineering, deployment and auditing of IT products and services.

The CIPP/IT certifies individuals in their knowledge of privacy-related issues and practices in the context of the design and implementation of information and communication technologies. Required subject matter areas include:

Industry-standard guidelines for the collection, use and onward transfer of sensitive personal information
Privacy considerations for mapping, storing and retaining sensitive personal information
Privacy requirements for the installation and removal of software
Established methods for end-user notification and choice through IT system and product interfaces
System controls for identity and access management (IAM)
Privacy-enabling technologies (PETs)
Network and system hardware protection

See the complete current CIPP/IT Body of Knowledge (pdf 1MB)

The IAPP is updating the Certified Information Privacy Professional/Information Technology (CIPP/IT) program. All CIPP/IT examinations after June 30, 2014 will be based on the updated CIPP/IT Body of Knowledge. All event-based training after May 30, 2014, including training at the IAPP Privacy Academy on September 17, 2014, will cover the revised content. A new textbook, Privacy in Information Technology: Standards and Practices for IT Professionals, will be published in July, 2014.

To become CIPP/IT-certified, you must successfully complete the Certification Foundation examination before or after the CIPP/IT exam.

The CIPP/IT is designed to work in concert with established credentials in information security (CISSP, SSCP) and IT governance (CISA, CISM).

Who Should Apply

The CIPP/IT is an excellent introductory course for IT practitioners who desire a greater understanding of privacy requirements in technology. The ideal candidates are professionals who are responsible for the development, engineering, deployment and/or auditing of IT products and services, including:

Enterprise system architects (CTO, CIO)
Business process professionals (purchase decision-makers for IT services and products)
Designers, developers, engineers, auditors and administrators of software, network or database systems or applications
Hardware designers and engineers
IT managers
Website operators
Desktop support specialists
Risk and regulatory compliance managers
Information security professionals (CISO, CSO)
IT compliance and auditing professionals (CISM, CISA)

The CIPP/IT is not specific to legal jurisdiction and thus is relevant to professionals who work for, or on behalf of, corporate or government organizations based in any location around the world.

Advising organizations included IBM Corporation, Hewlett-Packard Company, Intel Corporation, Microsoft Corporation, First Data Corporation, Ernst & Young, The Procter & Gamble Company, Citizens Financial Group, the Association for Computing Machinery (ACM), the Information Technology Association of Canada (ITAC), the Infocomm Development Authority of Singapore (IDA), the National Association of Software and Service Companies (NASCIO), the U.S. National Association of State CIOs, the American Society of Access Professionals (ASAP), Indiana University and Carnegie Mellon University.

CIPP/IT Certification Requirements

1. Become an IAPP Member

Each certification candidate must become an IAPP member prior to testing. Membership provides access to the world’s largest community of privacy professionals, including valuable educational resources and networking opportunities. A variety of annual membership levels are available. Learn more about the benefits of IAPP membership.

2. Pass the Certification Foundation Exam

The Certification Foundation exam is required for all first-time certification candidates. It assesses understanding of fundamental concepts of privacy and data protection and covers common privacy principles and approaches, global data protection models, information security controls and online privacy protections. These practice areas are relevant to all privacy professionals regardless of legal jurisdiction, geographic location or practice specialization.

3. Pass the CIPP/IT Exam

Candidates must also pass the CIPP/IT designation exam. The CIPP/IT exam layers over the Certification Foundation Exam, resulting in CIPP/IT certification.

CIPP/IT Certification Preparation

Privacy certification is an important career effort that requires advance preparation. Choosing how you will prepare for your privacy certification exams is a personal choice that should include an assessment of your professional background, scope of privacy knowledge and your preferred method of learning. In general, the IAPP recommends that candidates plan for a minimum of 20 hours of study time in advance of each exam; however, you might need more or fewer hours depending on your personal choices and professional experience.

The way in which you choose to prepare for your exams should be based on your level of familiarity with the exam content and your preferred learning style.

The IAPP strongly recommends that you prepare in the following manner:

1. Review the Bodies of Knowledge and Exam Blueprint

The bodies of knowledge are comprehensive outlines of the subject matter areas covered by the both the Certification Foundation and the CIPP/IT exams; the exam blueprints specify the approximate number of items on the examinations in each area of the bodies of knowledge.

Certification Foundation Common Body of Knowledge (pdf 1MB)

Certification Foundation Exam Blueprint

CIPP/IT Body of Knowledge (pdf 1MB)

2. Study the Textbooks

Certification Foundation Textbook:

Foundations of Information Privacy and Data Protection: A Survey of Global Concepts, Laws and Practices      

Foundations of Information Privacy and Data Protection: A Survey of Global Concepts, Laws and Practices
Peter P. Swire, CIPP/US
Kenesa Ahmad, CIPP/US

Additional Reading:

The Information Privacy Case Book: A Global Survey of Privacy and Security Enforcement Actions with Recommendations for Reducing Risk      

The Information Privacy Case Book: A Global Survey of Privacy and Security Enforcement Actions with Recommendations for Reducing Risk
Margaret P. Eisenhauer, Esq., CIPP/US

3. Get Certification Training

The IAPP offers both in-person certification prep classes and online training to help you prepare for your Foundation and CIPP/IT exams.

IAPP certification prep classes are offered at IAPP conferences, in conjunction with industry events in select cities throughout the year. You are not required to attend the IAPP conference in order to attend the Certification Prep class. All certification prep classes include an accompanying coursebook. See a list of upcoming Certification Prep classes.

Online training for the Certification Foundation and DVD training for the CIPP/IT is currently available. The content and presentation are consistent with a live training workshop (other than interaction with instructors and other participants), but you have the convenience of viewing the presentation at your own pace, and reviewing the sections you want to spend more time on. The training coursebook is included with DVD training and downloadable from online training.

4. Additional Resources

CIPP/IT bibliography of recommended reading (pdf 170KB)

Glossary of Privacy Terms

CIPP/IT Exam Content and Format

Candidates for CIPP/IT certification must pass both the Certification Foundation and the CIPP/IT exams. Partial completion will result in no certification being awarded until such time that all requirements are met.

Note: Existing CIPP holders who are seeking an additional credential are exempted from the Foundation testing requirement.

Certification Foundation Exam Format*

The Certification Foundation exam is a 100-minute, 105-item, objective test.

The Foundation exam is composed of 90 multiple choice scored items and 15 non-scored trial items. There are no essay questions. Each scored correct answer is worth one point.

It is important to note that Certification Foundation is not itself an IAPP certification; you must pass both the Certification Foundation and the CIPP/IT exam to achieve certification.

CIPP/IT Exam Format

The IAPP is updating the Certified Information Privacy Professional/Information Technology (CIPP/IT) program. All CIPP/IT examinations after June 30, 2014 will be based on the updated CIPP/IT Body of Knowledge. All event-based training after May 30, 2014, including training at the IAPP Privacy Academy on September 17, 2014, will cover the revised content. A new textbook, Privacy in Information Technology: Standards and Practices for IT Professionals, will be published in July, 2014.

The CIPP/IT is a 70-minute, 60-item, objective test covering the following general topics:

I. System Activities that Impact End User Privacy
II. Data Subject Privacy Expectations and Behaviors
III. Privacy Protection Mechanisms
IV. Providing Notice and Choice
V. Auditing and Enforcing IT Privacy Compliance
VI. Implementing Technologies with Privacy Impacts

The CIPP/IT exam is composed of 40 multiple choice items and 20 True/False, scenario items.

Get Started

Congratulations on your decision to pursue the CIPP/IT! Get started on the road to certification now by selecting and purchasing the items you will need to successfully prepare for and achieve your CIPP/IT designation.

Now Avaliable!

Get everything you need to become CIPP/IT-certified. Purchase the official IAPP study materials and your exams in one convenient package.

- or -

Add items to your cart individually:

1. IAPP Membership

Available IAPP memberships (select one):

Professional
Open to privacy professionals.
  $250
 
Government
Reserved for city, state or federal employees.
  $100
 
Not-for-profit
Reserved for employees of non-profit organizations.
  $100
 
Higher Education
Reserved for employees of accredited institutions.
  $100
 
Student
Reserved for full-time students at accredited institutions.
 
  $50
     

2. Textbooks

Foundations of Information Privacy and Data Protection: A Survey of Global Concepts, Laws and Practices   $65
 
The Information Privacy Case Book: A Global Survey of Privacy and Security Enforcement Actions with Recommendations for Reducing Risk
 
  $65
     

3. Training

NEW! Prep classes featuring in-person instruction by IAPP Professional Privacy Faculty are now available in cities around the world. See a complete prep class schedule now.

Certification Foundation Online Training   $425
 
CIPP/IT DVD Training   $525
 
In-person training is available at IAPP conferences and select industry events. Separate registration is required. See available training events now.
 
 
     

4. Practice test

Certification Foundation Practice Test   $25
     

5. Testing

Certification Foundation Exam   $275
 
CIPP/IT Exam   $275