IAPP Certified Information Privacy Professional and Manager prep course + Exam

Individuals who need a foundational understanding of information privacy and data protection and privacy management. Those individuals interested in pursuing CIPP/E and CIPM certifications.

Data Protection Officers

Data Protection Managers

Auditors

Legal Compliance Officers

Security Manager

Information Managers

Anyone involved with data protection processes and programmes

• Design, implement, and manage a privacy program aligned with organizational goals and global data protection requirements
• Establish and maintain an effective privacy governance structure, including roles, responsibilities, and frameworks
• Apply key privacy and data protection laws, regulations, and standards within a business context
• Apply privacy-by-design principles throughout systems, processes, and business operations
• Plan for and respond to privacy incidents and data breaches effectively
• Monitor, measure, audit, and continuously improve the performance of a privacy program
• Define key concepts of European data protection.
• Describe EU data protection laws and regulatory bodies.
• Explain the application of the GDPR and other compliance obligations to European and international entities.

Days 1 & 2

Module 1: Introduction to Privacy Program Management
Identifies privacy program management responsibilities and describes the role of accountability in privacy program management.

Module 2: Privacy Program Framework — Privacy Governance
Examines considerations for developing and implementing a privacy and data protection program, including the position of the privacy function, role of the data protection officer, program scope and charter, privacy strategy, privacy frameworks, and support and ongoing involvement of key functions.

Module 3: Privacy Program Framework — Applicable Laws and Regulations
Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy.

Module 4: Privacy Operational Life Cycle — Assess: Data Assessments
Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy/data protection impact assessments, and vendor assessments.

Module 5: Privacy Operational Life Cycle — Protect: Protecting Personal Information
Examines a holistic approach to protecting personal information through privacy and security controls and privacy by design. Explores risks associated with the use of artificial intelligence.

Module 6: Privacy Operational Life Cycle — Protect: Policies
Describes common types of privacy- and data-protection-related policies, outlines components, and offers strategies for implementation.

Module 7: Privacy Operational Life Cycle — Sustain: Monitoring and Auditing Program Performance
Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance.

Module 8: Privacy Operational Life Cycle — Sustain: Training and Awareness
Outlines strategies for developing and implementing privacy training and awareness programs.

Module 9: Privacy Operational Life Cycle — Respond: Data Subject Rights
Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure.

Module 10: Privacy Operational Life Cycle — Respond: Data Breach Incident Plans
Provides guidance on planning for and responding to a data security incident or breach.

Days 3 & 4

Module 1: Data Protection Laws
Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonized legislative framework.

Module 2: Personal Data
Defines and differentiates between types of data as defined by the EU General Data Protection Regulation, including personal, anonymous, pseudonymous and special categories.

Module 3: Controllers and Processors
Describes the roles and relationships of controllers and processors as defined by the GDPR.

Module 4: Processing Personal Data
Defines data processing and GDPR-processing principles, explains the application of the GDPR, and outlines the legal grounds for processing personal data.

Module 5: Data Subject Rights
Describes data subject rights, applications of rights, and controller and processor obligations as set out in the GDPR.

Module 6: Information Provision Obligations
Explains controller obligations for providing information about data-processing activities to data subjects and supervisory authorities as set out in the GDPR.

Module 7: International Data Transfers
Outlines options and obligations under the GDPR for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations.

Module 8: Compliance Considerations
Discusses the applications of European data protection laws, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, and internet technology and communications.

Module 9: Security of Processing
Discusses considerations and duties of controllers and processors for ensuring personal data security and GDPR specifications for providing notification of data breaches.

Module 10: Accountability
Investigates accountability requirements, including data protection management systems, data protection impact assessments, data protection policies and the role of the data protection officer.

Module 11: Supervision and Enforcement
Describes the role, powers and procedures of supervisory authorities; composition and tasks of the European Data Protection Board; role of the European Data Protection Supervisor; and remedies, liabilities and penalties for noncompliance outlined in the GDPR.

While there are no prerequisites, However, participants are recommended to have:

• A basic understanding of privacy and data protection concepts
• Familiarity with relevant laws, regulations, or policy frameworks
• Familiarity with legal or regulatory environments related to privacy

Certified Information Privacy Professional – Europe (CIPP/E)
Certified Information Privacy Management (CIPM)