Integrated Data Privacy Professional (IDPP) Certification

Become a versatile professional who can integrate governance, strategy, performance, risk, compliance, ethics, security, privacy, and audit to achieve Data Privacy objectives. The Integrated Data Privacy Professional (IDPP) certification demonstrates that you have the understanding and skills to apply the Data Privacy Capability Model in your organization.

This certification is currently in beta. The final is expected in May 2023. During the beta period, we are provisionally certifying individuals who pass the beta IDPP exam.

Globally Recognized Data Privacy Certification

Get certified by the global nonprofit that invented GRC 20 years ago

What is the IDPP?

Effective data privacy management is an essential aspect of a GRC capability that drives the attainment of Principled Performance. The Integrated Data Privacy Professional (IDPP) certification validates that you understand how to develop an effective and fully integrated data privacy program. It ensures that you have the versatile skill set to integrate and advise on applying a GRC approach to the governance, management, and assurance of the data privacy program.

What does the IDPP Cover?

The IDPP is based on the essential body of knowledge used daily by data privacy professionals. With the help of experts, this body of knowledge was identified, analyzed, and documented in the Data Privacy Capability Model. The IDPP also relies on data privacy laws, rules, regulations, and concepts found in the public domain.

We recommend using these resources to prepare for the IDPP Exam

While the exam does not require course attendance, most people who pass on the first attempt report that a course helped them pass.

The IDPP Exam is available now for members with an All Access Pass.

Is IDPP right for me?

The IDPP certification provides individuals with a holistic approach to governance, risk, and compliance, with a specific focus on the data privacy/protection domain. It is perfect for anyone who works directly or indirectly in any aspect of data privacy, protection, or governance.

IDPP helps to integrate what you do with the other departments and disciplines, including mainline business operations.

Our certifications are open and accessible to all professionals. We accept candidates from diverse cultural, educational, and professional backgrounds. We do not require specific experience or educational degrees to apply.

When should I get IDPP?

IDPP is a versatile certification aimed to serve versatile needs for professionals in all stages of their careers. Professionals can use the IDPP in several scenarios:

For new and experienced professionals

  1. New Professionals

    Becoming an IDPP is the perfect way to start your career in data management and privacy protection, whether from a process or technology perspective. The big picture of GRC helps you integrate data privacy with governance, strategy, performance, risk, compliance, ethics, security, privacy, and audit. IDPP helps you understand the inner workings within and between other departments, including a greater understanding of how they operate, how they think, and what they need to be successful. And with IDPP, you open up more options in your career as you move forward.

  2. Experienced Professionals

    Becoming an IDP Professional is the perfect way to enhance existing certifications or to upgrade your skills in areas where you lack experience so that you can do even better work. As a data privacy professional, you may already have a certification from a professional association. However, most of these associations focus on a particular discipline (compliance, risk, internal control, security, etc.). IDPP helps to make you more well-rounded.

How do I get the IDPP Certification?

All of our certifications use a similar streamlined process. We pride ourselves on simplicity and accessibility. All of our exams are online and available at any time. No need to schedule! We include everything you need as part of your All Access Pass. To be clear, everything is included for no additional fees.

  1. 1. Get All Access Pass

    Our All Access Pass provides everything you need to prepare for this and all of our other certification exams. One fee for education, preparation, certification, and maintenance.

    Everything is included for no additional fees.

  2. 2. Prepare for IDPP

    Study the essential body of knowledge contained in the open-source Data Privacy Capability Model. Attend Data Privacy Fundamentals to learn how to apply it.

    We offer Data Privacy Fundamentals by attending an in-person course delivered by Straits Interactive, one of our authorized partners (a great choice if you want localized language and additional examples).

    Essential body of knowledge and self-study are included for no additional fees.

  3. 3. Apply for IDPP

    Our certifications are open and accessible to all professionals. We accept candidates from diverse cultural, educational, and professional backgrounds.

    We do not require specific experience or educational degrees to apply.

    Just complete a simple form at the beginning of the exam to update your information and agree to the code of conduct.

    Application is included for no additional fees.

  4. 4. Earn the IDPP (Pass!)

    Access the online exam anywhere and anytime.

    The exam is limited to 1.25 hours (75 minutes) to answer 55 questions. Correctly answer 39 questions to pass. Exams are "open book," which means that you may use Google and other resources while taking an exam.

    You can retake an exam up to six times per year to pass it.

    The IDPP Exam is offered at the end of the Data Privacy Fundamentals course offered by Straits Interactive.

    All retakes are included for no additional fees.

  5. 5. Maintain the IDPP

    Fulfill all requirements to maintain this certification, including an active membership and completing the required continuing professional education every year.

    IDPP requires eight (8) continuing professional education (CPE) credits every year. Many continuing education experiences count toward both IDPP and your other GRC certifications.

    All CPEs are included for no additional fees.

  6. 6. BONUS! Add More Certifications

    Apply to gain additional certifications. We add new certifications regularly.

    All certifications are included for no additional fees.

FAQ about Preparing for IDPP

How long does it take to prepare for IDPP?

Preparation time varies based on your experience. People who pass the exam report anywhere from 2 hours to 40 hours of preparation before the exam.

This wide range is explained by the differences in background. If you are more experienced in data privacy/security then less time may be required to prepare vs. someone new to data privacy/security.

What is the best way to prepare for IDPP?

The essential body of knowledge for the IDPP is contained in the open-source Data Privacy Capability Model and other concepts in the public domain. We recommend that you:

  • Carefully study the Data Privacy Capability Model
  • Attend in-person GRC Audit Fundamentals LIVE! course offered by Straits Interactive (our exclusive beta testing partner)
How do I get IDPP Training?

During our beta test period, we offer Data Privacy Fundamentals LIVE! via our exclusive beta test training partner, Straits Interactive.

What does it cost to get IDPP training?

When finalized, all of our self-study preparation courses for IDPP will be included for no additional fees. This means that Data Privacy Fundamentals is part of your All Access Pass.

During the beta test period, our exclusive beta test training partner, Straits Interactive, delivers Data Privacy Fundamentals LIVE! (additional fee required).

FAQ about the IDPP Exam

How do I schedule the IDPP Exam?

All of our exams are online and available at any time. No need to schedule!

How do I apply for the IDPP exam?

Applying is simple! If you are already an OCEG member, we have most of the information necessary. Just complete a simple form at the beginning of the exam to update your information and agree to the code of conduct.

As a reminder, our certifications are open and accessible to all professionals. We accept candidates from diverse cultural, educational, and professional backgrounds. We do not require specific experience or educational degrees to apply.

How difficult is the IDPP Exam?

Most people who pass the exam report that they carefully studied the essential body of knowledge and completed the preparation course.

Those who fail tend to pass on a subsequent attempt if they study and complete a preparation course.

In other words ... STUDY and WATCH the videos or attend a class if you want to pass the exam.

What is on the IDPP Exam?

The IDPP certification demonstrates that you can apply the principles and practices of an effective data privacy capability. The exam covers awareness and application of concepts found in the Integrated Data Privacy Capability Model.

20% General Knowledge

  • Understand key terms and definitions related to data privacy
  • Understand key principles and drivers behind a data privacy capability
  • Understand background information found in the introduction of the Integrated Data Privacy Capability Model, including the data privacy lifecycle and the lawful bases of the processing
  • Understand the benefits of integrating a data privacy program throughout the business

80% IDP Capability Model Details

  • Understand the structure of the IDP Capability Model
  • Understand key management actions and controls
  • Understand design and implementation considerations
  • Overall 25% Learn – 20%, Align – 30%, Perform – 20%, Review – 5%

The IDPP topics and questions were determined by the authors, and a global expert review panel was assembled for the development of the Data Privacy Capability Model. The members of the review committee include former regulators and governmental advisors from several countries with advanced data privacy regulations, academics, and practitioners. Their input and other research yielded a blueprint that serves as a competency model for the IDPP.

We update the Integrated Data Privacy Capability model and IDP Professional Exam to reflect important and relevant changes in the global regulation and industry practices for data privacy.

How was the IDPP Exam developed?

The IDPP topics and questions were determined by the authors, and a global expert review panel was assembled for the development of the Data Privacy Capability Model. The members of the review committee include former regulators and governmental advisors from several countries with advanced data privacy regulations, academics, and practitioners. Their input and other research yielded a blueprint that serves as a competency model for the IDPP.

We update the Integrated Data Privacy Capability model and IDPP Exam to reflect important and relevant changes in the global regulation and industry practices for data privacy.

How many questions are on the IDPP Exam?

There are 55 scored questions and up to 10 unscored questions on the exam. We calculate your final score on the 55 scored questions. Scored questions have gone through a rigorous validation process.

The unscored questions are used to introduce and validate new questions without affecting your score. However, the unscored items are not labeled – so make sure you answer each question as if it counts!

All questions are multiple-choice.

How do I pass the IDPP Exam?

You have 1.25 hours (75 minutes) to complete the exam. You must correctly answer 39 of the 55 scored questions.

Is the IDPP Exam "open book" like the real world?

Yes! The exam is open-book, meaning you may use Google and other resources while taking the exam.

We believe that the exam process should reflect modern reality and user experiences. In your job, you use Google and online resources daily. You should be able to use these resources when you learn and when you take the exam.

However, don't be fooled! The exam is challenging even with the help of these resources.

When do I find out if I passed the IDPP?

You get your result immediately after taking the exam. If you pass, your certificate is immediately available for sharing and printing from your Certification Dashboard.

What happens if I fail the IDPP?

You may retake the exam up to six (6) times per year. Almost everyone is able to accomplish this goal. We believe that certification should be part of the learning process and help reinforce understanding and not just be a point-in-time proof of memorized knowledge.

Consider being fully prepared each time that you attempt the exam. Our database of questions is extensive, so it is unlikely that you will see the same questions each time that you attempt the exam.

FAQ about Maintaining IDPP

How long is my certificate valid?
  1. When a certificate is awarded, it is awarded for a full year starting on the day you passed the exam.
  2. Your first full year has no CPE requirement (because you spent at least 8 hours preparing for and taking the exam).
  3. Starting your second year, you must earn at least eight (8) credits of continuing education related to the certification topic annually.
  4. When a certificate renews, it renews for a full year. Automatic renewal on the day of certificate expiration happens if both of these conditions are true: a) Member has an active AAP and b) CPE requirement has been met (if applicable).
  5. If the expiration date passes and you do not meet both conditions, you have a grace period of 90 days to fulfill the requirements (renewing your AAP and/or getting enough credits). After the grace period is over, your certification gets deleted from our records, and certificates are no longer available for display.
Do I need to recertify every year?

NO! You only need to pass the exam once every five (5) years. We use continuing education requirements to ensure that you stay current with new developments.

How do I maintain the IDPP?

All continuing education for OCEG certifications is automatically tracked and administered under a unified program on our website. Whenever you watch a video or attend an event on our website, it is automatically tracked and counted toward your IDPP (or other OCEG certifications as appropriate).

You can see all of your current CPE credits on your Certification Dashboard.

The unified program allows you to track one CPE credit to multiple certifications. So, for example, a course on “Risk Assessments” would count toward not only IDPP but also several other certifications that rely on Risk Assessment skills.

Maintaining ALL of your certifications is simple and straightforward. We use a unified CPE program for all of our certifications and automatically track progress on your Certification Dashboard.

This certification has two main requirements:

  1. Maintain an All Access Pass, and
  2. Complete 8 hours of continuing professional education (CPE) every year
How do I submit CPEs for the IDPP?

You don’t have to!

All continuing education for OCEG certifications is automatically tracked and administered under a unified program on our website.

Whenever you watch a video or attend an event, such as a webinar on our website, it is automatically tracked and counted toward your IDPP (or other OCEG certifications as appropriate).

You may also manually submit CPEs from other pre-approved continuing education experiences.

You can check your CPE progress at any time on your CPE Dashboard.

Do I get "double credit" for CPEs?

Yes! Many of our continuing education experiences count toward multiple OCEG certifications. The unified program also allows you to track one CPE credit to multiple certifications. This means that a single webinar or course can count toward one or more of your certifications.

One experience. Multiple credits.

So, for example, a course on “Risk Assessments” would count toward not only IDPP but also several other certifications that rely on Risk Assessment skills.