The CIPP/IT: Adding Value Across Your Organization

The CIPP/IT is more than just a certification or professional development tool. It is a concrete mechanism for improving privacy within your organization.

The value of the CIPP/IT reaches far beyond just the privacy professionals in your organization. IT and security practitioners outside of the privacy department need to understand the vital relationship between data privacy and overall data management.

The CIPP/IT can:

  1. Help you, as a privacy leader, drive better privacy practices
  2. Elevate the role of privacy in your organization and your leadership profile among your colleagues 
  3. Make your organization as a whole more sophisticated in addressing privacy issues

As a privacy professional, you already understand how the CIPP/IT can make your organization even more effective, but how do you convince your IT leadership of the value of the CIPP/IT to their teams?

Promoting CIPP/IT to Your IT Leadership

The first step to bringing the CIPP/IT into your organization is beginning the conversation with your IT and security counterparts. We’ve pulled together some key points to help you get the conversation rolling:

  • Emphasize how “baking” privacy into your information security and IT functions can make your organization more intelligent and cost-effective. Within every organization there is a need for an understanding of privacy requirements in technology. By becoming CIPP/IT certified, your IT practitioners can apply privacy concepts and practices early in their development and engineering efforts rather than as costly fixes that may occur too late in the process.
  • Explain how training IT staff now can prevent privacy incidents in the future. Education plays a critical role in prevention of privacy incidents through expansion and broadening of the scope of concern within an organization. The CIPP/IT helps make privacy protection a shared objective by establishing a common vocabulary and an aligned approach among business, legal and IT colleagues. This vastly improves the compliance posture of the entire organization. 
  • Describe how the CIPP/IT can make their IT teams more effective and more valuable in the organization. The knowledge needed for the CIPP/IT ensures that a broad spectrum of professionals—from developers and engineers to infosecurity, physical security and IT compliance professionals—know how to identify privacy issues and when to elevate questions to IT and privacy leaders. 
  • Talk about how the CIPP/IT addresses more than just information security practices. CIPP/IT describes the full data management lifecycle as well as how to use privacy-enhancing techniques and tools to enable privacy controls in product features, system interfaces and common IT processes. Your IT pros will know more about end-user privacy expectations, which system activities impact end-user privacy and how to implement privacy-enabled technologies.  
  • Show your IT and security peers the value of the CIPP/IT certification for their IT team. There are numerous other certifications available to IT professionals, but none effectively address the role and importance of privacy protection in developing, engineering and managing IT products and services. The CIPP/IT helps IT professional envision and manage IT projects from a privacy perspective as well as translate privacy requirements into actual system and product designs. 
  • Demonstrate how the CIPP/IT is impacting other organizations. The CIPP/IT is already making a positive difference in the way IT groups understand and address privacy in their daily work. In 2010, candidates from two major corporations and one state government agency took part in a pilot project organized by the IAPP. Many security professionals, IT managers, risk and compliance managers, developers and other IT practitioners participated in an assessment of key privacy knowledge before and after completing the IAPP’s Certification Foundation and CIPP/IT training and testing programs. The results showed measurable improvement in privacy awareness as well as application of privacy practices including:
    • 25% increase in comprehension of privacy-regulated data and ability to properly classify data types

    • 20% increase in ability to identify reportable privacy incidents

    • 45% increase in the number of hours per month spent by IT staff working on privacy initiatives

  • Show them the knowledge their IT practitioners will walk away with. The IAPP offers a CIPP/IT body of knowledge that provides a full outline of what’s covered on the CIPP/IT training course and certification exam.


Promoting Privacy to Your IT Group

Watch our informational video to hear how privacy leaders from three large organizations—Walmart Stores, the California Office of Privacy Protection and Hewlett-Packard—successfully piloted a variety of candidates through the CIPP/IT training and testing program. The results demonstrate not only a measurable increase of privacy knowledge and awareness among IT professionals but an improved incident handling ability in coordination with privacy pros. They also share their insights into how to collaborate more effectively with peers in IT security, audit and compliance.


About the CIPP/IT

The Certified Information Privacy Professional/Information Technology (CIPP/IT) is the first global privacy certification for IT practitioners. The CIPP/IT certifies individuals in their knowledge of privacy-related issues and practices in the context of the design and implementation of information and communication technologies. Learn more about the CIPP/IT