Proper management of personal data is a business necessity, regardless of your organization’s size, location, or industry. There are many components that go into the proper management of personal data. First, one must know basic data protection concepts, as well as what laws and regulations apply to the processing of personal data. Second, organizations—and the individuals responsible for data protection within those organizations—must know from a functional perspective how to handle personal data. That is, appropriate policies, procedures, and safeguards must be implemented that cover how an organization interacts with the personal data it collects. A great way for professionals to show that they have a deep understanding and expertise in each of these areas is by obtaining the Certified Information Privacy Manager (CIPM) certification.
The CIPM certification is administered by the International Association of Privacy Professionals (IAPP), a U.S.-based non-profit organization that has a global reach. The certifications administered by the IAPP are the most highly desired professional certifications globally in the field of information privacy and data protection. The CIPM designation is the gold standard for privacy professionals looking to verify their expertise in the functional management of personal data.
The CIPM certification can be thought of as covering the “how” of privacy protection. Obtaining the CIPM certification indicates that you are a skilled leader in privacy program management and administration. It shows that you know how to establish and maintain a privacy program throughout its entire life cycle.
What is Required to Obtain and Maintain the CIPM Certification?
There is only one requirement that is necessary to obtain the CIPM certification—successfully completing a qualifying exam administered by the IAPP. This qualifying exam is a 90-question, multiple choice test. You are given two and a half hours to complete the exam.
Unlike some other professional certifications, there are no prerequisites necessary to sit for the CIPM exam. You need not have a certain number of years of professional experience to become certified, making the CIPM certification a great way for professionals to break into the privacy and data protection field.
To maintain your CIPM certification, the IAPP requires professionals to complete 20 hours of Continuing Privacy Education (CPE) on a bi-annual basis. In addition, you must pay an annual “certification maintenance fee” of $250. However, the IAPP waives this fee if you are an IAPP “member.”
- Learn about the costs of IAPP certification by visiting our article “What Are the Costs of IAPP Certification?”
What Are the Benefits of CIPM Certification?
The CIPM certification can help set you up for professional success. According to survey data (access for IAPP members only), privacy professionals certified by the IAPP earn more than their non-certified peers—up to $15,000 more, in fact.
In addition to earning more money, those with a CIPM certification qualify for a greater number of positions across jurisdictions and industries. A recent search across three of the leading job boards shows that the CIPM certification is highly sought-after credential. The CIPM designation was a preferred or required credential in the following number of job postings:
- PrivacyJobBoard.com: 199 jobs
- LinkedIn Jobs: 1,620 jobs
- Indeed: 729 jobs
- Simply Hired: 377 jobs
- Total: 2,925 job listings seeking CIPM certified candidates
Who Typically Obtains the CIPM Certification?
The CIPM exam focuses most heavily on the functional aspects of data management and privacy protection. Because of this, many professionals from a diverse array of backgrounds can benefit from obtaining CIPM certification. We have trained students for the CIPM certification exam that have come to the data protection field with backgrounds in accounting, consulting, IT, human resources, marketing, legal, and other fields.
While the Certified Information Privacy Professional (CIPP) exams administered by the IAPP are geared in large part—though not entirely—towards lawyers, the CIPM certification is applicable to a wider array of professionals. Still, many lawyers find that the CIPM certification helps them in their practice. Indeed, for U.S.-based lawyers, many sit for both the CIPP/US and CIPM exams in order to qualify as a Privacy Law Specialist. Many European lawyers and privacy professionals find that obtaining the CIPP/E and CIPM certifications help them to understand the intricacies of General Data Protection Regulation (GDPR) compliance.
A recent survey by the IAPP showed that 32% of respondents held the CIPM certification. This puts the prevalence of CIPM certification roughly on par with the CIPP/US and CIPP/E certifications administered by the IAPP. It is slightly more common than the Certified Information Privacy Technologist (CIPT) designation.
What is Tested on the CIPM Exam?
The IAPP sets forth the curriculum for each of the exams it administers in two documents: (1) the Body of Knowledge; and (2) the Exam Blueprint. Each of these documents is updated annually.
The Body of Knowledge is the outline of all concepts and topics that candidates will need to know to obtain their certification. The Exam Blueprint, on the other hand, tells students how heavily certain areas in the Body of Knowledge are tested. In 2023, the IAPP combined these two documents into one for the CIPM certification.
The CIPM Body of Knowledge has six primary knowledge “domains”:
- (1) Privacy Program: Developing a Framework
- (2) Privacy Program: Establishing Program Governance
- (3) Privacy Operational Life Cycle: Assessing Data
- (4) Privacy Operational Life Cycle: Protecting Personal Data
- (5) Privacy Operational Life Cycle: Sustaining Program Governance
- (6) Privacy Operational Life Cycle: Responding to Requests and Incidents
As noted above, the topics included in the six primary domains will be tested in multiple choice format. There are two different types of questions that appear on the CIPM exam. The first are straight forward questions testing specific knowledge. The second type of question requires application of knowledge. Test takers are presented with a short fact pattern, followed by questions asking them to apply privacy-based knowledge.
- Learn more about what it takes to pass the CIPM exam by visiting our explanatory article “What is a Passing Score on IAPP Exams?”
What Comes with Privacy Bootcamp’s CIPM Test Preparation Course?
At Privacy Bootcamp, we have designed our CIPM test preparation course to be a comprehensive, all-in-one training resource. Our course comes with the following:
- An e-textbook study guide broken down into more than 60 guided learning modules
- More than 600 digital flashcards
- A bank of more than 450 practice exam questions
- More than 10 digital exercises
- A quick reference “cheat sheet” that pulls out the important points of each study module and provides a concise outline of what you need to know to find success
- A live-exam environment that is modelled after the actual exam software, which allows our students to take practice exams under real-world conditions