About this Course

Tech Type Premium
Duration 2 Days

Every day, we access, share and manage data across companies, continents and the globe. Knowing how to implement a privacy program is an invaluable skill that will help you protect your organisation’s data—and take your career to the next level.

Our Principles of Privacy Program Management training is the premier course on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a privacy team. You will walk away with the skills to manage organisational privacy through process and technology—regardless of jurisdiction or industry.

This course is designed for anyone whose work is related to the processing of personal data, particularly those in the public sector and from EU institutions, agencies and bodies, including:

  • Data Protection Officers
  • Data Protection Lawyers
  • Compliance Officers
  • Information Officers
  • Record Managers
  • Human Resources Officers
  • Data Protection Professionals
  • Anyone who uses, processes and maintains personal data

*Please note: that whilst exam costs are covered within the fee of this course, you will need to book your exam via the IAPP website.

Learning Outcomes

Principles of Privacy Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organisation through process and technology—regardless of jurisdiction or industry.

The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP’s ANSI-accredited Certified Information Privacy Manager (CIPM) certification program.

Course Outline

Module 1: Introduction to privacy program management

Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management.

Module 2: Privacy governance

Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks.

Module 3: Applicable laws and regulations

Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy.

Module 4: Data assessments

Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments.

Module 5: Policies

Describes common types of privacy-related policies, outlines components and offers strategies for implementation.

Module 6: Data subject rights

Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten.

Module 7: Training and awareness

Outlines strategies for developing and implementing privacy training and awareness programs.

Module 8: Protecting personal information

Examines a holistic approach to protecting personal information through privacy by design.

Module 9: Data breach incident plans

Provides guidance on planning for and responding to a data security incident or breach.

Module 10: Measuring, monitoring and auditing program performance

Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance.

Premium Course

2 Days

Delivery Method

Delivery method

Classroom / Attend from Anywhere

Receive classroom training at one of our nationwide training centres, or attend remotely via web access from anywhere.



Account Queries


Q: How do I access my IAPP account?

A: You will receive an email from the IAPP system when your MyIAPP account is created.


Q: I can’t access my account, who should I contact?

A: Please contact the IAPP offices to help with this.

  • Europe: europe@iapp.org
  • Elsewhere: membership@iapp.org

    Exam Information


    Q: How do I register for an exam?

    A: The exam voucher is in your MyIAPP portal. A voucher is valid on an account for six months. The scheduling of an exam must take place during that six months, but the trainee can schedule it for any future date.

    1. Log into your MyIAPP account.
    2. Click on "My Purchases" in the side menu.
    3. Click on the exam link—this will take you to Kryterion Global Testing Solutions, our computer-based testing provider.
    4. Choose your exam time at one of our hundreds of testing centres worldwide.


    Q: Can I reschedule my exam?

    A: Yes. If you reschedule the exam within 72 hours of the exam there is a $100 (USD) fee. There is no fee for rescheduling outside the 72 hour period.


    Q: Are the exams multiple choice or short answer?

    A: All exams are multiple choice.


    Q: What is the passing score?

    A: Because there can be slight differences in the difficulty of exam forms, all results are placed on a common scale, ranging from 100 to 500. The passing score for all IAPP exams is 300 (which does not represent 50%). When you pass an exam, your results report will show your scale score and the "pass" indicator. When you fail an exam, your results report will show your scale score, the "fail" indicator and an indication of your relative performance on each major section of the examination. The IAPP suggests you use these section results to guide your study before you retake the examination. The IAPP imposes a 30-day waiting period for an examination re-take. There is no limit to the number of times a candidate may attempt an exam.


    Q: How are the questions weighted?

    A: Each correct answer is worth one point on all exams.


    Q: What's the pass rate?

    A: The pass rate is around 70%.


    Q: How many questions are there and how long is the exam?



      Length (hours)























    Q: When will I find out my results?

    A: For exams taken at a testing center, you will automatically receive your results once you have completed your exam.

    For exams taken at an IAPP event, we process exams as quickly as possible. The latest you will receive your results by is 6 weeks.


    Q: Will I see a copy of my test and which questions I answered correctly or incorrectly?

    A: No, but if you do not pass, you will receive a breakdown of your scores by topic that will help guide your further study before retaking the exam.


    Q: How can I find a testing center?

    A: There are over 800 Kryterion High-stakes Online Secured Testing locations around the world. View all locations at http://www.kryteriononline.com. You can also find the link to this site on the IAPP website under the certification section.


    Q: What happens if I don't pass?

    A: You are eligible to re-take the exam after 30 days with a re-take price of USD$375. There is no limit on how many times you can re-take the exam. This is purchased directly through the IAPP website.


    Q: I need help with my registration or need special accommodations for testing, who do I ask?

    A: Questions about registration and inquiries for extended time for an exam should be directed to certification@iapp.org.


    Maintaining your Certification(s)


    Q: How do I maintain my certification(s)?

    A: Each certification requires 20 hours of Continuing Privacy Education (CPE) credits every two years.


    Q: How many CPEs can I earn from attending the class?

    A: If you are already certified you can earn 6.5 CPEs/day (13/program). These are not automatically added to your account. You must Submit your CPEs here:



    Q: How can I earn CPEs?

    A: Attending events, web conferences and more. For more ways to earn CPEs:



    Trusted, awarded and accredited

    Fully accredited to ensure we provide the highest possible standards in learning

    All third party trademark rights acknowledged.