Become a leader in privacy programme management with this
advanced data protection certificate from the IAPP

About this Course

The Certified Information Privacy Manager (CIPM) is the first and only certification in privacy programme management. Developed by the International Association of Privacy Professionals (IAPP) in 2013, the CIPM is the perfect companion to both the IAPP CIPP/E and BCS Practitioner Certificate in Data Protection. Holders of the award develop an understanding of the capabilities required to implement, maintain and manage a privacy program through every stage of its lifecycle. Through consultation with its global community of information privacy practitioners and lawyers, the IAPP ensures its CIPM curriculum is always relevant and up to date.

What's included

  • Official
  • Day online
  • Flexible live
    interactive training
  • Examination
  • 1st year
    IAPP membership

Course Contents

This 2-day certified CIPM course from the IAPP provides data protection officers (DPOs) and other professionals involved in compliance or privacy based roles with extensive information on how to implement and manage a privacy programme within your organisation. It means that you will be regarded as the go-to person for day-to-day operations when it comes to data protection.

IAPP CIPM Course Contents

This 2 day course is broken into ten modules includes:

Module 1: Introduction to privacy program management

Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management.

Module 2: Privacy governance

Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks.

Module 3: Applicable laws and regulations

Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy.

Module 4: Data assessments

Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments.

Module 5: Policies

Describes common types of privacy-related policies, outlines components and offers strategies for implementation.

Module 6: Data subject rights

Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten.

Module 7: Training and awareness

Outlines strategies for developing and implementing privacy training and awareness programs.

Module 8: Protecting personal information

Examines a holistic approach to protecting personal information through privacy by design.

Module 9: Data breach incident plans

Provides guidance on planning for and responding to a data security incident or breach.

Module 10: Measuring, monitoring and auditing program performance

Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance.

The CIPM program was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource.

The CIPM certification also holds accreditation under ISO 17024: 2012.

Who should attend?

Who should attend?

  • Data Protection Officers
  • Data Protection Managers
  • Compliance Professionals
  • Information Managers
  • Auditors
  • Security Managers
  • Anyone involved with data protection processes and programmes

What you will learn

  • How to create a company vision
  • How to structure the privacy team
  • How to develop and implement a privacy program framework
  • How to communicate to stakeholders
  • How to create Data Protection Impact Assessments
  • How to measure performance
  • How to respond to a security incident
  • The privacy program operational lifecycle


IAPP CIPM Exam information

IAPP exams have gained a reputation for being difficult to pass. Both Freevacy and the IAPP strongly recommend careful preparation, even for experienced professionals.

The following information about the CIPM examination is an extract from documentation provided to delegates by the IAPP. For the full details please review the IAPP Privacy Certification Candidate Handbook 2018 and the CIPM Examination Blueprint.

Exam Information

IAPP certification programs are designed to differentiate between candidates who do and who do not possess the knowledge required to be considered minimally qualified privacy professionals. All questions are multiple choice with some relating to scenarios. Each question has only one correct answer. Each item (question) consists of a clearly written question (stem), a correct or best response (key) that should be apparent to minimally qualified candidates and three incorrect responses (distractors) that will be plausible to not-minimally qualified candidates. Note that it is each candidate’s responsibility to be prepared for exams by being familiar with all elements of the Bodies of Knowledge.

The candidate is encouraged to read each question carefully. The stem may be in the form of an actual question or an incomplete statement. An exam question may require the candidate to choose the most appropriate answer based on a qualifier, such as MOST likely or BEST.

Total number of questions 90
Scored questions 70
Exam duration 2 hours 30 minutes
Passing score 300 out of 500

Examination Blueprint

The examination blueprint indicates the minimum and maximum number of items that are included on the CIPP/E examination from the major areas of the Body of Knowledge. Questions may be asked from any of the listed topics under each area.

Part 1

Privacy Program Governance




Organisation Level

Create a company vision, establish a privacy program, structure the privacy team




Develop the Privacy Program Framework

Develop organizational privacy policies, standards and/or guidelines, define privacy program activities




Implement the Privacy Policy Framework

Communicate the framework to internal and external stakeholders, ensure continuous alignment to applicable laws and regulations to support the development of an organizational privacy program framework





Identify intended audience for metrics, define reporting resources, define privacy metrics for oversight and governance per audience, identify systems/application collection points







Part 2

Privacy Operational Lifecycle




Assess Your Organisation

Document current baseline of your privacy, processors and third-party vendor assessment, physical assessments, mergers, acquisitions and divestitures, conduct analysis and assessments, as needed or appropriate





Data life cycle, information security practices, Privacy by Design





Measure, align, audit, communicate, monitor





Information requests, privacy incidents




On all IAPP certification exams, each item has equal value and is scored as correct or incorrect. Unanswered items are considered incorrect, and there is no additional penalty for incorrect answers.

Special Accommodations

It is the policy of the IAPP to provide testing accommodations to candidates with qualifying disabilities to ensure each candidate a comparable opportunity for success on exams. We require 30 days notice in order to arrange special accommodations. Please do not schedule an exam until the IAPP approves your request. After exam purchase, submit your request and supporting documentation using the forms provided on the IAPP website.

Exam Languages

All IAPP examinations are administered in English.

Course Cost

Get this IAPP Certified Information Privacy Professional Europe (CIPM) training course:

  • Receive a 5% online discount for multiple bookings onto public courses
  • If you have a team of 4 or more, we can deliver the training at your location - ask about an onsite course
Package includes:
  • 2-day IAPP accredited GDPR training course
  • Authorised IAPP instructors
  • IAPP CIPM examination voucher
  • 1st year IAPP professional membership
  • Official CIPM courseware
  • Sample exam questions

You will also receive access to our free professional advisory service, potentially reducing the need for legal advice or consultation fees by supplying the right advice when you need it most.


View our privacy information

Course dates

Code Course Start Duration Location Booking
PM-DP IAPP Certified Information Privacy Manager 30 Sep 20 2 Days Bedford Book now

IAPP Certified Information Privacy Manager (PM-DP)

Starts: 30 Sep 20

Duration: 2 Days

Location: Bedford

Book now

Freevacy work hard to secure our IT systems and your data against cyber attack. We have been awarded Cyber Essentials certification by The National Cyber Security Centre, part of GCHQ and have signed up to the ICO's "Your Data Matters" campaign.