CIPP/E exam annual update (September 1, 2020)
Note – Find the newest update (2024) here: https://cipptraining.com/updates-to-the-cipp-e-exam-in-2024-what-you-need-to-know/
CIPP/E Update 2020
The exam is still made up of three parts.
The first thing to notice is that even more emphasis has been placed on the GDPR, which is part II of the exam. About 42 to 69 out of a total of 90 questions are now asked about the GDPR.
The distribution of exam questions within part II has also changed considerably. This has focused more on data subject rights (8 to 11 questions) and accountability requirements (4 to 7 questions). This is mainly at the expense of the subject of international data transfers. The topics of information provision obligations and security of personal data continue to weigh heavily.
Fewer questions are now being asked about topic III. The number of questions on topic I remains the same.
The chapters in the official textbook are similar to the subjects in the exam blue print. The average number of questions per chapter will be (in descending order):
| Chapter 9 | 9,5 questions |
| Chapter 10 | 7 questions |
| Chapter 8 | 6,5 questions |
| Chapter 11 | 5,5 questions |
| Chapter 3 | 5 questions |
| Chapter 12 | 5 questions |
| Chapter 4 | 4,5 questions |
| Chapter 6 | 4,5 questions |
| Chapter 7 | 4 questions |
| Chapter 15 | 4 questions |
| Chapter 17 | 4 questions |
| Chapter 5 | 3 questions |
| Chapter 13 | 3 questions |
| Chapter 14 | 3 questions |
| Chapter 18 | 3 questions |
| Chapter 16 | 2,5 questions |
| Chapter 2 | 1,5 questions |
| Chapter 1 | 0,5 question |
New exam topics
The second thing to note is about the content. The exam blueprint has three additions:
- Auditing of privacy programs, under II, H;
- Biometrics/facial recognition, under III, B;
- Artificial Intelligence (AI), under III, D.
Download the official IAPP CIPP/E blueprint here.
According to the IAPP, the complete 2020 update covers the three topics mentioned, but also:
- The third countries concept
- Convention 108
- EDPB Guidelines on the territorial scope of the GDPR
- Processing of personal data through video devices
- Roles of the lead supervisory authority
- Right to be forgotten in search engine cases
- Data security issues and Article 32
Recommended reading
The latest version of the official textbook, European Data Protection – second edition, is from December 2019. The official textbook has not yet been updated with all the above changes. So it is wise to read IAPP articles on the above topics that are not included in the official textbook. We therefore recommend reading the following (at least the first three!):
- https://iapp.org/resources/article/monitoring-your-privacy-program (series)
- https://iapp.org/news/a/how-should-we-regulate-facial-recognition-technology/
- https://iapp.org/news/a/eu-aims-to-regulate-ai-ethics/
- https://iapp.org/news/a/third-country-transfer-tools-the-future-of-alignment-and-interoperability/
- https://cipptraining.com/edpb-guidelines-on-processing-through-video-devices/
- https://iapp.org/news/a/edpb-finalizes-rtbf-search-engine-guidelines/
CIPP/E (or CIPP/US – CIPM) exam prep
We offer a great exam prep course including an up to date and detailed outline of the entire textbook (latest edition), IAPP style practice questions and various training videos. This combination ensures optimum preparation for the exam and a high chance of excelling at your first try. Register here.
