CIPP/US exam annual update (Sept 1, 2020)

CIPP/US exam annual update (September 1, 2020)

From September 1, 2020, the IAPP CIPP/US exam undergoes a small annual update. New topics are added to the exam. These topics fall under the existing topics in the Exam Blueprint and the Book of Knowledge. These documents are therefore not changed. The structure of the exam and the weighting of the different topics remains the same (in contrast to the CIPP/E exam update). In this post, we look at what this means.


The exam is still made up of five parts. These parts contain various topics. As mentioned, this structure does not change.

The average number of questions per part/topic is:

Part Topic average # questions
I.Introduction to the U.S. Privacy Environment 31
A. Structure of U.S. Law 7,5
B. Enforcement of U.S. Privacy and Security Laws 4
C. Information Management from a U.S. Perspective 20
II.Limits on Private-sector Collection and Use of Data 22
A. Cross-sector FTC Privacy Protection 3
B. Healthcare 6
C. Financial 6
D. Education 1
E. Telecommunications and Marketing 6
III.Government and Court Access to Private-sector Information 7
A. Law Enforcement and Privacy 4
B. National Security and Privacy 2
C. Civil Litigation and Privacy 1
IV.Workplace Privacy 10
A. Overview of workplace privacy 4
B. Privacy before, during and after employment 6
V.State Privacy Laws 6
A. Federal vs. state authority 1
B. Marketing laws 1
C. Financial data 1
D. Data security laws 1
E.Data breach notification laws 2

For most topics it is clear what is meant. However, that does not apply to the topic that weighs the most. That is topic I.C about which an average of 20 (out of 90) questions are asked. This topic, Information Management from a U.S. Perspective, covers the following (source: IAPP Exam Blueprint):

These topics are spread over several chapters in the book, but many topics are covered in chapter 4. We will now discuss the update.

CIPP/US Update – new exam topics

According to the IAPP, the 2020 update includes the following topics:

  • Data subject rights.
  • Privacy issues in artificial intelligence.
  • The Existing Business Relationship exception.
  • Federal preemption.
  • CCPA private right of action.
  • Data broker laws.
  • Restrictions on background checks.
  • Biometrics law.

A new (third) edition of the official textbook was published on July 23, 2020 (news link). This edition includes some updates and two new chapters: one on the CCPA (chapter 6) and one on the GDPR (chapter 14).

Not all topics above are reflected in the third edition textbook. We therefore recommend reading the following blog posts/articles.

Recommended reading

CIPP/US (or CIPP/E – CIPM) exam prep

We offer a great CIPP/US exam prep course including an up to date and detailed outline of the entire textbook (latest edition), IAPP style practice questions and various training videos. This combination ensures optimum preparation for the exam and a high chance of excelling at your first try. Register here.

CIPP/US Sample Exam Questions

In this blog post, you can find and download CIPP/US sample questions for free:
CIPP/US Practice Questions (Sample Questions)

Flashcards added to our CIPP/E and CIPP/US training courses!