If you are considering or currently studying for one of the IAPP certifications, you probably have a few questions. I answer these questions all the time, and I haven’t gotten tired of it. But I figured it would be a good idea to centralize a list of answers so others can find them quickly and easily. If you find this helpful, please feel free to share it wherever or with whomever you think would benefit.
What should I study?
This is by far the most common question I get. Without any hesitation, I suggest you head over to the IAPP’s website and find the Body of Knowledge for the certification you are studying for. This document is THE thing to study for any certification as it will tell you what subjects you will be asked questions about, how many questions each subject could have, and ultimately where you should be studying.
Are you looking into the CIPP/E but you don’t know enough about the history of the EU? Well, I am here to tell you that it really isn’t that big of a deal because that is a very small portion of the E exam. In fact, the E exam is unique in that the only three section test (as of this writing) has a vast majority of the questions focused on the General Data Protection Regulation itself. While the other exams are going to be more evenly distributed, it is very helpful to know what subjects to prioritize.
How should I study?
The IAPP states you should spend at least 30 hours studying, and heavily suggests you read the textbook, study the body of knowledge, and the glossary of terms. All of this is available from the IAPP. Now, in some cases the textbook may not be available, such as if you are going for the AIGP certification and have realized that there simply is no textbook yet.
With regards to flash cards, most of the tests are vocabulary heavy. This means knowing the terms will help you to navigate the questions, especially when you may not be completely sure of a question. For example if you understand the requirements for consent under the GDPR, that is to say the definition of consent, any question that asks or refers to consent will be clearer as to what the answer would be. You would know that an opt-out model is generally not permitted under the GDPR and can then avoid those wrong answers.
We have made flash cards for many of the exams based off the IAPP’s glossary of terms, I certainly encourage you to take a look and download them (they’re free!) if you are studying.
Obviously, everyone has different study habits, so find what works best for you. However, be wary of practice exams or questions. While they can be a good way to bolster your general knowledge of the subject matter, the questions themselves may not reflect the way questions would appear on the exam itself.
The Exam
I always provide two pieces of advice about the questions on the IAPP certification exams.
First, there are only multiple choice questions and all of them are written to have exactly one correct answer. If you are debating between two choices, you may be missing something and want to reread the question carefully. The questions are worded deliberately to be specific and targeted as to have only one correct answer. If two answers are technically correct, one of them is more correct or more specifically correct for that question, and is more likely than not the correct answer.
The second point to remember is that you cannot assume anything about a question. If a detail or aspect of a scenario is not provided, then you cannot assume anything about that detail. For example, if a scenario covering how to respond to a data breach was given, and the first question asked what steps should be taken prior to an incident occurring, you cannot assume that the hypothetical company has a incident response plan unless the question says so. It is entirely possible that the answer to that question would be to have created an incident response plan or policy. While it seems obvious, it is still the correct answer.
Good Luck
Now get out there and prepare. Privacy Ref offers the official courses as an official training partner of the IAPP, so if you want to be more prepared you can look at our site for a schedule of upcoming classes.
Reach out to Privacy Ref with all your organizational privacy concerns, email us at info@privacyref.com or call us 1-888-470-1528. If you are looking to master your privacy skills, check out our training schedule, register today and get trained by the top attended IAPP Official Training Partner.