Más contenido relacionado

Presentaciones para ti(20)

Similar a IAPP certification programs overview(20)


Más de Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001(20)


IAPP certification programs overview

  1. IAPP Certification Programs: Overview 02.01.2019
  2. About IAPP • • The International Association of Privacy Professionals (IAPP) is the largest and most comprehensive global information privacy community and resource, helping practitioners develop and advance their careers and organizations manage and protect their data. • Founded in 2000 2
  3. Type and cost: • Professional – 275$ • Student – 50$ • Non-For-Profit / Retired / Government / Higher Education – 100$ 3
  4. IAPP Certification Programs • Asia (CIPP/A) • Canada (CIPP/C) • Europe (CIPP/E) • U.S. private-sector (CIPP/US) • Government (CIPP/G) CIPP/E + CIMP = GDPR Ready Bundle 4
  5. 5 The CIPP shows that you understand the laws, regulations and standards of privacy in your jurisdiction or discipline. The CIPP is for you if you’re responsible for: • Legal • Compliance • Information management • Data governance • Human Resources The CIPM says that you understand how to use process and technology to manage privacy in an organization—regardless of the industry or jurisdiction. The CIPM is for you if you’re responsible for: • Risk management • Privacy operations • Accountability • Audit • Privacy analytics The CIPT shows that you know how to manage and build privacy requirements and controls into technology. The CIPT is for you if you’re responsible for: • Information technology • Information security • Software engineering • Privacy by Design
  6. Price and Questions The IAPP’s CIPP/E, CIPP/US, CIPM and CIPT credentials are accredited by the American National Standards Institute (ANSI) under the International Organization for Standardization (ISO) standard 17024:2012. 6
  7. About testing • The IAPP offers two distinct testing modes—event-based paper-pencil testing at our major conferences and test center computer-based testing. Exam content is identical regardless of mode. Computer-based exams can be purchased at any time through the IAPP Store. Event paper-pencil exams can only be purchased through the registration process of the conference with a fixed testing date and time and do not need to be scheduled. • All IAPP examinations are administered in English. In addition, the CIPP/E exam is available in French and German. • Certification is a two-year term starting the day a candidate passes their exam. During this term, certificants are expected to maintain certification by submitting Continuing Privacy Education credits (CPE’s) - (min 20 credit hours of CPE) 7
  8. Code of Professional Conduct (IAPP) All IAPP certified individuals must agree to comply with the Certificant Code of Professional Conduct as outlined below. Accordingly, by signing below you hereby represent, warrant and covenant to the IAPP as follows: • You will at all times conduct your business and/or professional activities with courtesy, honesty and integrity. • You will at all times represent your IAPP related certifications and qualifications honestly and agree to only undertake those activities that you can reasonably expect to complete with the necessary skills, knowledge and competence. • You will not represent any IAPP certification in a misleading way or use an IAPP certification in a manner that would bring the IAPP disrepute. • You will strive to maintain and improve your professional knowledge and competence through regular self-assessments and continuing education or training. • You will follow all certification policies, procedures, guidelines and requirements of the IAPP that are made available to you by the IAPP, as the same may be amended from time to time. 8
  9. CIPP/E - Certified Information Privacy Professional Developed in collaboration with the law firms, Bird and Bird, Field Fisher, Wilson/Sonsini and Covington and Burling, the CIPP/E encompasses pan-European and national data protection laws, key privacy terminology and practical concepts concerning the protection of personal data and trans-border data flows. WHAT YOU'LL LEARN • Introduction to European Data Protection • European Regulatory Institutions • Legislative Framework • Compliance with European Data Protection Law and Regulation • International Data Transfers 9
  10. I. Introduction to European Data Protection A. Origins and Historical Context of Data Protection Law B. European Union Institutions C. Legislative Framework III.Compliance with European Data Protection Law and Regulation A. Employment Relationship B. Surveillance Activities C. Direct Marketing D. Internet Technology and Communications II. European Data Protection Law and Regulation A. Data Protection Concepts B. Territorial and Material Scope of the General Data Protection Regulation C. Data Processing Principles D. Lawful Processing Criteria E. Information Provision Obligations F. Data Subjects’ Rights G. Security of Personal Data H. Accountability Requirements I. International Data Transfers J. Supervision and enforcement K. Consequences for GDPR violations CIPP/E Domains 10
  11. CIPM - Certified Information Privacy Manager The CIPM is the world’s first and only certification in privacy program management. When you earn a CIPM, it shows that you don’t just know privacy regulations—you know how to make it work for your organization. In other words, you’re the go-to person for day-to-day operations when it comes to privacy. WHAT YOU'LL LEARN • How to create a company vision • How to structure the privacy team • How to develop and implement a privacy program framework • How to communicate to stakeholders • How to measure performance • The privacy program operational lifecycle 11
  12. I. Privacy Program Governance A. Organization Level • a. Create a company vision • b. Establish a privacy program • c. Structure the privacy team B. Develop the Privacy Program Framework • a. Develop organizational privacy policies, standards and/or guidelines • b. Define privacy program activities C. Implement the Privacy Policy Framework • a. Communicate the framework to internal and external stakeholders • b. Ensure continuous alignment to applicable laws and regulations to support the • development of an organizational privacy program framework D. Metrics • a. Identify intended audience for metrics • b. Define reporting resources • c. Define privacy metrics for oversight and governance per audience • d. Identify systems/application collection points II. Privacy Operational Life Cycle A. Assess Your Organization • a. Document current baseline of your privacy program • b. Processors and third-party vendor assessment • c. Physical assessments • d. Mergers, acquisitions and divestitures • e. Conduct analysis and assessments, as needed or appropriate B. Protect • a. Data life cycle (creation to deletion) • b. Information security practices • c. Privacy by Design C. Sustain • a. Measure • b. Align • c. Audit • d. Communicate • e. Monitor D. Respond • a. Information requests • b. Privacy incidents 12
  13. CIPT - Certified Information Privacy Technologist WHAT YOU'LL LEARN • Critical privacy concepts and practices that impact IT • Consumer privacy expectations and responsibility • How to bake privacy into early stages of IT products and services for cost control, accuracy and speed-to-market • How to establish privacy practices for data collection and transfer • How to preempt privacy issues in the Internet of Things • How to factor privacy into data classification and emerging tech such as cloud computing, facial recognition and surveillance • How to communicate privacy issues with partners such as management, development, marketing and legal. 13
  14. I. Understanding the need for privacy in the IT environment A. Evolving Compliance Requirements B. Major risks to a company’s IT framework C. Stakeholder expectations for Privacy D. Privacy vs. Security II. Core Privacy Concepts A. Foundational Elements for Embedding Privacy in IT B. Common Privacy Principles III. Privacy Considerations in the Information Life Cycle A. Disclosure B. Collection C. Use D. Retention E. Destruction IV. Privacy in Systems and Applications A. The Enterprise IT Environment--Common Challenges B. Identity and Access Management C. Credit Card Information and Processing D. Remote Access, Telecommuting, and Bringing Devices to Work E. Data Encryption F. Other Privacy-Enhancing Technologies G. Customer-Facing Applications V. Privacy Techniques A. Authentication Techniques B. Identifiability C. Data Protection by Design VI. Online Privacy Issues A. Specific Requirements for the Online Environment B. Social Media C. Online Threats D. Online Advertising E. Tracking Technologies F. Web Browser Privacy and Security G. Web Security Protocols VII. Technologies with Privacy Considerations A. Cloud Computing B. Wireless IDs C. Location-based Services D. Smart Technologies E. Video/data/audio surveillance F. Biometrics 14
  15. IAPP Store: Exam Prep Sample Questions (electronic version) – 25 $/35 $ GDPR Prep Online Bundle (CIPM) – 1495 $ • Privacy Program Management Online Training (The training comprises 10 modules, which take a total of approximately 10 hours to complete (one hour per module).) • CIPM Certification Exam • Sample Questions • Privacy Program Management: Tools for Managing Privacy Within Your Organization (Electronic Copy) • 1 year Complimentary IAPP Membership Privacy Program Management Online Training – 995 $ / 1195 $ 15
  16. Free resources • 2018 Certification Candidate Handbook - Candidate-Handbook3.1.0.pdf • Glossary of Privacy Terms - 16