5 Tips on Passing the CIPT exam

5 practical tips on CIPT exam prep for anyone thinking of taking the exam.


Privacy 108 (under the banner of our training entity, IT Security Training Australia) has been running training course in Australia for over 3 years.  Since we started delivering CIPT training, quite a few students have asked how they should prepare for the exam and also provide some feedback on how hard it is (particularly for non-lawyers).

The following tips for anyone thinking of taking the CIPT exam are based on our own experience, plus feedback from students and on-line discussion groups. But first – what is the CIPT?


What is the CIPT?

In the world of data privacy certification, the Certified Information Privacy Technologist (CIPT) certification is the preeminent designation – certainly for technologists interested in how they can support privacy protections. If you hold the CIPT, it identifies you as someone who knows how to build privacy architecture from its foundation.

For individuals, the drive to become CIPT certified enables you to find more opportunities.

The CIPT is offered by the International Association of Privacy Professionals (IAPP) which is the preeminent body for data protection professionals, and its certification is a key industry benchmark for professionals in this field. The certification is accredited by the International Organization for Standardization (ISO) and the American National Standards Institute (ANSI).


CIPT exam preparation

Advice from IAPP on preparing for the exam is limited. There are some handy tips here. The following are our 5 top tips for passing the CIPT exam:


Tip No. 1: Plan your CIPT study

To pass the CIPT exam you need to know quite a lot about technology, security techniques, software development, the role of IT technologists and how privacy interacts with technology.

Unlike the CIPM, there are not a lot of questions where you can rely on common sense or deductive reasoning.  You need to put the time in and be prepared – particularly if you don’t have a technology background.

The IAPP recommends that you train and study for a minimum of 30 hours.

If you’re not a technologist or security specialist, then preparing for the CIPT exam will probably take quite a lot longer than that ….

So, as part of your exam prep make sure you give yourself plenty of time.

I usually tell candidates who’ve done the 2-day course to read the course notes plus parts of the textbook a couple of times.

For the CIPT, it’s important to be across the terminology.  Putting together flash cards or a list of key terms are a couple of ways of getting yourself familiar with some difficult and unfamiliar terms and concepts.

Plus do some practice exam questions

Make sure you convert all of this into a plan that you follow.  Perhaps a long weekend of really full on study?


Tip No. 2: Read the text books

For the CIPT, it also really helps to read some of the recommended texts including:

I’m not a huge fan of the Jason Kronk book but the 2nd edition is better.

We strongly recommend that you also read  Privacy Is Hard and Seven Other Myths by Jaap-Henk Hoepman.  It’s easy to read and covers lots of the content in Domain 4.

If you have time and the interest, then the Daniel Solove text is a really good read – though not completely essential to pass the exam.  It’s one of those foundational academic privacy texts that’s been incredibly influential:

A Taxonomy of Privacy by Daniel J. Solove, 2006https://www.law.upenn.edu/journals/lawreview/articles/volume154/issue3/Solove154U.Pa.L.Rev.477(2006).pdf

Tip No. 3: Know the CIPT Body of Knowledge

The IAPP exam blueprint highlights seven areas of concentration:

  • Understanding the need for privacy in the IT environment
  • Core privacy concepts
  • Privacy considerations in the information lifecycle
  • Privacy in systems and applications
  • Privacy techniques
  • Online privacy issues
  • Technologies with privacy considerations

You should familiarise yourself with each of the domains and the sub-contents of each.  When you’re happy that you know what each of the domain covers and the contents of each, then you’re ready to set the exam.

Also refer to the exam blueprint so you know how many marks are allocated to each domain.  That can help you focus on the areas that are worth the most marks …


Tip No. 4: Do CIPT practice exams

Most of us would like to get a good sense of what the exam questions will be like, particularly the scenario questions, and make sure we train our brain to be able to do them properly.  It’s been a long time since many of us have done an exam …

IAPP offer a Specimen exam, which is included if you enrol in the CIPT prep course (see below).  We go through that exam as part of our training.

You can also buy an electronic version of IAPP’s 25 question specimen exam separately via the IAPP website.

The CIPT sample questions help familiarise you with the format and content of the actual CIPT exam.     They include the answers for each question plus an explanation for each correct answer.

Our experience is that the IAPP specimen exam questions are easier than those on the actual exam and that there are a lot more scenario questions than you’d expect from the number included in the specimen exam.

We include access to CIPT practice questions as part of our CIPT prep course  (see below).

There are also others available on the internet – e.g.




Tip No. 5: Enrol in our CIPT preparatory course! 

We can help you out.  As an educational affiliate with the IAPP we offer the official IAPP training course to help you prepare for the CIPT exam.

Privacy 108 / IT Security Training Australia are running our next CIPT training course on 10th and 11th October 2022.

Our lead instructor, Dr Jodie Siganto, has been delivering privacy and security training for nearly 20 years. She is recognised as one of Australia’s leading privacy professionals, and she’ll work with you over two full day sessions to solidify the knowledge you need to pass your CIPT exam.

If you enrol to do your training with us you get:

  • 2 x Full day instructor led on-line training sessions
  • Electronic copy of iapp text-book
  • Electronic copy of the Student Guide
  • Specimen exam
  • An exam voucher (valid for 6 months and valued at US$575)*
  • 12 months of IAPP Professional Membership (valued at US$250)

Plus, additional resources available only to our students:

  • Link to extra practice questions created by us to help your exam prep;
  • Summaries and crib-sheets to help you study.

And you get our special guaranteeIf you don’t pass the exam for any reason, you can take the course again at any time for no charge.



“For anyone who wants to do the exam, I would give the following feedback … Attend Jodie’s training session!”

To register or for more information click below.


At Privacy 108, we are passionate about privacy and data protection. We work with organisations to ensure they collect, use and secure all information in a way that is both compliant and meets community expectations. Privacy 108 is a law firm. Our team of lawyers can provide specialist legal advice on privacy and security issues.