You are on page 1of 1

Controlled Document Approved by: IAPP Effective Date: 07/01/15

Page 1 of 1 Certification Advisory Board

Version 1.2.0 Approved on: 06/09/15 Supersedes: 1.1.0

Privacy Manager Certification

Examination Blueprint for the
Certified Information Privacy Manager (CIPM)

The examination blueprint indicates the minimum and maximum number of question
items that are included on the CIPM examination from the major areas of the Body of
Knowledge. Questions may be asked from any of the listed topics under each area.
You can use this blueprint to guide your preparation for the CIPM examination.

I. Privacy Program Governance 26 39

A. Organization Level 8 11
Create a company vision, establish a privacy program, structure the privacy team
B. Develop the Privacy Program Framework 9 13
Develop organizational privacy policies, standards and/or guidelines, define privacy
program activities
C. Implement the Privacy Policy Framework 6 9
Communicate the framework to internal and external stakeholders, ensure
continuous alignment to applicable laws and regulations to support the development
of an organizational privacy program framework
D. Metrics 3 6
Identify intended audience for metrics, define reporting resources, define privacy
metrics for oversight and governance per audience, identify systems/application
collection points
II. Privacy Operational Lifecycle 29 42
A. Assess Your Organization 8 11
Document current baseline of your privacy, processors and third-party vendor
assessment, physical assessments, mergers, acquisitions and divestitures, conduct
analysis and assessments, as needed or appropriate
B. Protect 2 5
Data life cycle, information security practices, Privacy by Design
C. Sustain 10 14
Measure, align, audit, communicate, monitor
D. Respond 9 12
Information requests, privacy incidents

Pease International Tradeport ∙ 75 Rochester Avenue. Suite 4 ∙ Portsmouth, NH 03801 USA ∙

+ 1 603.427.9200 ∙