The Certified Data Privacy Solutions Engineer® (CDPSE®) exam consists of 120 questions covering 4 job practice domains, all testing your knowledge and ability on real-life job practices leveraged by expert professionals.
Below are the key domains, subtopics and tasks candidates will be tested on:
- Domain 1: Privacy Governance
- Domain 2: Privacy Risk Management and Compliance
- Domain 3: Data Life Cycle Management
- Domain 4: Privacy Engineering
SUPPORTING TASKS
- Identify internal and external requirements to develop and maintain the organization’s privacy programs.
- Review organizational programs to align with privacy related legal and regulatory requirements, industry best practices (e.g., privacy by design), and data subject’s expectations.
- Advise on data life cycle policies and practices to ensure privacy considerations for data governance.
- Design and evaluate the implementation of technical and operational controls for data classifications and data life cycle requirements.
- Perform privacy impact assessments (PIAs) and other privacy-focused assessments.
- Contribute to the integration of privacy principles (e.g., privacy by design) in the development of procedures and operational manuals for organizational needs.
- Collaborate with stakeholders to promote privacy principles (e.g., privacy by design) are followed during the design, development, and implementation of systems, applications, and infrastructure.
- Identify and assess privacy related threats and vulnerabilities.
- Contribute to the evaluation of contracts, service level agreements (SLAs), and privacy practices of vendors and other parties and subsequently monitor for compliance.
- Participate in the incident management process to address privacy impacts and support remediation.
- Collaborate with relevant stakeholders to address privacy compliance and risk response.
- Contribute to the evaluation of information architecture to support privacy by design principles and data considerations.
- Evaluate changes in regulatory landscape, emerging threats to privacy, and privacy enhancing technologies (PETs).
- Design, implement, and monitor processes and procedures to keep personal information inventory and dataflow records current and accurate.
- Advise on data classification for personal information to enable risk assessment and implementation of controls.
- Develop and monitor metrics to report on privacy program performance to relevant stakeholders.
- Advocate for advancing privacy posture and maturity as it aligns to the organizational objectives.
- Contribute to the development of educational content and conduct privacy training to promote a privacy aware culture.
- Promote accountability, fairness, and transparency throughout the data life cycle.
