CIPM (International Association of Privacy Professionals) certification is the most popular privacy manager certification. The CIPM certification focuses on the “how” side of data privacy. The CIPM certification demonstrates your ability to manage privacy within your organization.
This certification allows you to fully understand privacy regulations and implement them in your organization. This certification is useful for creating a company vision, organizing a data protection team, working with system frameworks, and many other things.
Here’s a comparison of CIPM 2019 and CIPM 2020, which were released on September 1, 2020.
General Information:
CIPM 2019CIPM 2020No. Questions9090Mode of questionsMultiple ChoiceMultiple choice (mostly scenario based).Duration2.5 hours2.5 HoursCertification fees550$for the first certification attempt
For each subsequent certification attempt, 375$
550$ for first time certification attempt
For each subsequent certification attempt, 375$
Domains26Domain information:
The CIPM 2019 has 2 domains, while the CIPM 2020 has 6 domains.
Domains of CIPM 2019:
These are the outlines of the two domains that make up CIPM.
Domain 1: Governance of the Privacy Program
This domain gives a good example of how a privacy program should look, be developed, measured, and improved.
Domain 2: Operational life cycle of Privacy Program
This domain is based upon the industry framework
Assessing an organization’s privacy position
Privacy controls are a way to protect assets
Training and awareness programs are essential to maintain the privacy program.
Responding to Privacy Incidents
Domains of CIPM 2020:
The new CIPM 2020 has been divided into six domains. These domains are listed below:
Domain 1: Governance of the Privacy Program
This domain describes the governance rules of the privacy program. It also explains how a privacy plan may be created, maintained, and improved.
Domain 2: Privacy program framework
The second domain of CIPM 2020 focuses upon developing and implementing a privacy program framework and developing appropriate metrics.
Domain 3: Privacy Operational life cycle: Assess
The third domain of CIPM 2020 focuses upon assessing an organization’s current privacy program. It also includes assessing third-party vendors and processors in addition to physical assessments, mergers and divestitures.
Domain 4: Privacy Operational life cycle: Protect
The fourth domain of the privacy operational cycle lays out how to protect assets through various means such as privacy by design, information secure practices, and integrating privacy practices in the functional areas of an organisation.
Domain 5: Privacy Operational life cycle: Sustain
The fifth domain describes how the privacy program can continue through monitoring and auditing.
Domain 6: Privacy Operational life cycle: Respond
The sixth domain focuses on privacy incidents, such as incident response planning, incident detection and incident handling.
In tabular format, we list the differences between the new CIPM (and the old CIPM):
CIPM 2019CIPM2020Domain 1Privacy Programme Governance
Organization Level
Create the Privacy Program Framework
Implement the Privacy Program Framework
Metrics
Develop a Privacy Program
A company vision is created
Establish a Data Governance Model
Establish a privacy program
Establish a privacy team
Communicate
Domain 2Privacy Program Operational Term
Assess Your Organization
Protect
Sustain
Respond
Privacy Program Framework
Create the Privacy Program Framework
Implement the Privacy Program Framework
Develop appropriate metrics
Domain 3 Privacy Operational Live Cycle: Assess
Keep a record of the current baseline of your privacy programs
Third-party vendor assessment and processors
Assessments of the body
Acquisitions, mergers, and divestitures
Privacy Impact Assessments (PIAs), and Data Pro
