Improve your experience. We are very sorry but this website does not support Internet Explorer. We recommend using a different browser that is supported such as Google Chrome or Mozilla Firefox.

Certified Information Privacy Auditor (CIPA)

Enhance your career by earning ClPA-the standard of achievement for those who audit, monitor and assess information privacy technology, business systems and processes. The CIPA designation is a globally recognized certification for Information Privacy Audit, assurance and security professionals.



Being ClPA-certified proves your Information Privacy Systems Audit experience, skills and knowledge, and demonstrates you are capable in the assessment of vulnerabilities, Compliance with GDPR and institutional controls within the enterprise.


  • Gain an in-depth understanding of GDPR solutions and how they map to compliance requirements
  • Learn how to perform and lead Privacy Information Management System (PIMS) certification audits to ISO 19011 standards
  • Enhance your existing or learn with new skills in the field of Data Protection
  • Candidates deliver Assurance services to organisations by advising on conformance with PIMS requirements
  • Become a Technical expert on the preparation required for ISO 27701 Certification
  • Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
  • Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
  • Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
  • Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit

About This Course


CIPA Certification; 


  • Confirms your knowledge and experience 
  • Quantifies and markets your expertise 
  • Demonstrates that you have gained and maintained the level of knowledge required to meet the dynamic challenges of a modern enterprise 
  • Is globally recognized as the mark of excellence for the Information Privacy Audit professional 
  • Increases your value to your organization 
  • Gives you a competitive advantage over peers when seeking a new role
  • Is administered by the International Data Protection Association (IDPA), based in Estonia, and fully aligned to the ISO/IEC 17024:2012 standard (Conformity assessment - General requirements for bodies operating certification of persons)


CIPA Certified Individuals: 


  • Are highly qualified, experienced professionals in the field of Data Protection Systems Audit 
  • Provide the enterprise with a Certification route for Information Privacy Assurance that is recognized by multinational clients, lending credibility to the enterprise 
  • Are excellent indicators of proficiency in control requirements creation and monitoring 
  • Demonstrate competence in five domains, including standards and practices; organization and management; processes; integrity, confidentiality and availability; and software development, acquisition and maintenance 
  • Demonstrate a commitment to providing the enterprise with trust in and value from your Privacy Compliance Framework 
  • Maintain ongoing professional development for successful on -the -job performance


How to become CIPA Certified 


The CIPA designation is awarded to individuals with an interest in Privacy Compliance Framework auditing, control and security who meet the following requirements: 


  • Attendance at a recognised CIPA training course 


We offer the CIPA course both online and at facilities across the EMEA region. Courses are offered year round.


  • Achieving a passing score in the CIPA examination


All delegates attending an official training course will be offered the opportunity to sit the associated examination. To pass the examination, a passing score of 70% must be obtained by answering a combination of scenario based multiple choice questions. There are 5 scenarios with 120 multiple choice questions covering the scope of the exam. Questions cover the 4 key areas of the training course, namely People, Process, Technology and Environment. Successful examination candidates will be issued with a Certificate confirming a passing grade along with the relevant CPD certificate. For a more detailed description of the exam see CIPA Certification Job Practice. 


  • Adherence to the Code of Professional Ethics 


Members of the IDPA and/or holders of the CIPA designation agree to a Code of Professional Ethics to guide professional and personal conduct. 


  • Adherence to the Continuing Professional Education(CPE) Program 


The objectives of the Continuing Professional Education program are to maintain an individual's competency by requiring continual updating of knowledge and skills in the areas of information governance, privacy, technical controls and Audit, as well as to Provide a mechanism for monitoring information systems audit, control and security professionals' maintenance of their competency.


CIPA Certification Job Practice


A job practice serves as the basis for the exam and the requirements to earn the Certification. The job practice consists of task and knowledge statements representing the work performed in information privacy auditing, assurance and evidence assessment. These statements and domains are the result of extensive research, feedback, and validation from subject matter experts from around the globe.

The below job practice is organized by domains. Each domain is covered in the exam at the rate shown.


  • Domain 1—The Process of Auditing Information Privacy Systems and Solutions


Provide audit services in accordance with ISO 19011 audit standards to assist the organization in protecting and controlling information privacy systems. (21%)


  • Domain 2 - Governance and Management of Information Privacy Technology


Provide assurance that the necessary leadership and organizational structures and processes are in place to achieve objectives and to support the organization's strategy. (16%)


  • Domain 3—Information Systems Acquisition, Development and Implementation


Provide assurance that the practices for the acquisition, development, testing and implementation of information systems meet the organization’s strategies and objectives. (18%)


  • Domain 4—Information Systems Operations, Maintenance and Service Management

Provide assurance that the processes for information systems operations, maintenance and service management meet the organization’s strategies and objectives. (20%)


  • Domain 5—Protection of Personally Identifiable Information (PII) Assets


Provide assurance that the organization’s policies, standards, procedures and controls ensure the confidentiality, integrity and availability of PII. (25%) 



A thorough understanding of current Data Protection legislation, Information Security & Risk Management knowledge as well as ISO 19011 Auditing Standards is required to successfully pass the examination.

What's Included?


  • Teas, Coffees, refreshments and a full Lunch*
  • Course Slides
  • Study Guide
  • Exam Fees

* For Classroom based Courses only



The course is administered by The International Data Protection Association (IDPA) and is fully compliant with ISO 17024:2012 (Conformity Assessment - General requirements for bodies operating certification of persons)

Who Should Attend?


  • Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
  • Managers or consultants seeking to master a PIMS audit process
  • Individuals responsible for maintaining conformance with PIMS requirements
  • Technical experts seeking to prepare for a PIMS audit
  • Expert advisors in the protection of Personally Identifiable Information (PII)


Certification Logo



  • All candidates at official training courses will be offered the opportunity to sit the associated exam. For CIPA, this constitutes a 125 question exam which should be completed within 165 minutes. A passing score is achieved at 70%. Exams are hosted remotely through our relationship with Pearsonvue. 

Our Guarantee


  • We are an approved IDPA Training Partner.
  • You can learn wherever and whenever you want with our robust classroom and interactive online training courses.
  • Our courses are taught by qualified practitioners with commercial experience.
  • We strive to give our delegates the hands-on experience.
  • Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher.
  • Our aim: To achieve a 100% first time pass rate on all our instructor-led courses.
  • Our Promise: Pass first time or ‘train’ again for FREE.


*FREE training offered for retakes – come back within a year and train for free.

Similar courses

European Data Protection & Privacy Programme Management - DPO Ready

The 4 day combined CIPP/E & CIPM Training Course from the IAPP

More Information
Certified Information Privacy Professional (CIPP/E)

The European Data Protection Training Course from the IAPP, leading to Certified Information Privacy Professional/Europe status.

More Information
Certified Information Privacy Manager (CIPM)

This is the Privacy Programme Management Training Course from the IAPP, leading to Certified Information Privacy Manager status.

More Information
Certified Data Protection Officer Training (CDPO)

Certified Data Protection Officer Training, attracting 31 CPD hours

More Information
Certified GDPR Foundation

PECB's GDPR Foundation, attracting 14 CPD hours

More Information
ISO 22301 Lead Implementer

PECB's Official ISO 22301 Lead Implementer Training Course. Attracts 31 CPD hours

More Information
ISO 9001 Lead Auditor

PECB's Official ISO 9001 Lead Auditor Training Course

More Information
Certified Information Privacy Technologist (CIPT)

The 2020 version of the IAPP's Certified Information Privacy Technologist Training Course

More Information
ISO 27701 Lead Implementer

PECB's Official ISO 27701 Lead Implementer Training and Examination Course. Attracts 31 CPD hours

More Information
ISO 38500 Foundation

PECB's official 2 day training and examination package, suitable for those wishing to learn best practices for the use of IT within their organization.

More Information
IAPP Taster Session

Join us for a 1 hour taster session to learn about the IAPP's flagship training courses, the CIPP/E and CIPM

More Information
Executive MBA in Cyber Security

The PECB University Executive MBA in Cybersecurity prepares candidates to manage information security challenges technically and strategically whilst focusing the attention on the business aspect.

More Information
Executive MBA in Business Continuity Management

The PECB University Executive MBA in Business Continuity Management is designed for candidates that want to develop a comprehensive understanding of how to manage business disruptions, emergencies or threats in an organization.

More Information
Executive MBA in Governance, Risk & Compliance

he PECB University Executive MBA program in Governance, Risk and Compliance covers fundamental principles of risk management, governance and compliance and their areas of their applicability, as such making the PECB University graduates experts in the field and a significant asset for an organization.

More Information

Press enter to see more results