Use this quick start guide to collect all the information about EXIN PDPP Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the EXIN Privacy and Data Protection Professional (PDPP) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual EXIN Privacy and Data Protection Professional certification exam.
The EXIN PDPP certification is mainly targeted to those candidates who want to build their career in Data Protection and Security domain. The EXIN Privacy and Data Protection Professional exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of EXIN PDPP.
EXIN PDPP Exam Summary:
| Exam Name | EXIN Privacy and Data Protection Professional |
| Exam Code | PDPP |
| Exam Price | $304 (USD) |
| Duration | 120 mins |
| Number of Questions | 40 |
| Passing Score | 65% |
| Books / Training | EXIN and e-CF Competences |
| Schedule Exam | Pearson VUE |
| Sample Questions | EXIN PDPP Sample Questions |
| Practice Exam | EXIN PDPP Certification Practice Exam |
EXIN PDPP Exam Syllabus Topics:
| Topic | Details | Weights |
|---|---|---|
Data protection policies - 10% |
||
| Purpose of data protection and privacy policies within an organization |
The candidate can… - explain the policies and procedures needed within an organization to comply with data protection legislation. - explain the content of the policies. |
5% |
| Data protection by design and by default |
The candidate can…. - explain the concept of data protection by design and by default. - describe the seven principles for data protection by design and by default. - illustrate how principles of privacy by design and by default can be implemented. |
5% |
Privacy information management system (PIMS) - 32.5% |
||
| Privacy information management system (PIMS) basics |
The candidate can… - explain the different terms used in the ISO/IEC 27701 standard (internal and external issues, interested parties). - list which media must be considered when implementing a PIMS. - define what a statement of applicability (SoA) is. - explain the purpose of documentation in a PIMS. - explain the purpose of management reviews in a PIMS. |
12.5% |
| Benefits of a privacy information management system (PIMS) |
The candidate can… - explain the objective of audits in a PIMS. - explain how to determine the specific requirements of a PIMS in light of the appropriate local rules and contractual requirements. - explain how a PIMS and audits help to show compliance with standards and regulations. - explain how a PIMS can help with supplier selection. |
10% |
| Privacy information management system (PIMS) relationships |
The candidate can… - explain the difference between a privacy information management system (PIMS) and an information security management system (ISMS). - explain the relationship between the data protection principle of appropriate information security arrangements and the ISO/IEC 27701 standard. - explain the usefulness of the ISO/IEC 27002 standard for the implementation of a PIMS. - explain how to apply PIMS controls. |
10% |
Roles of the controller, processor, and data protection officer (DPO) - 17.5% |
||
| Roles of the controller and processor |
The candidate can… - enact the responsibilities of the controller. - enact the responsibilities of the processor. - explain the relationship between the controller and the processor in a specific situation. |
10% |
| Role and responsibilities of a data protection officer (DPO) |
The candidate can… - explain when appointment of a DPO is mandatory under the GDPR. - enact the role of the DPO. - explain the position of the DPO in relation to the supervisory authority. |
7.5% |
Data protection impact assessment (DPIA) - 27.5% |
||
| Criteria for a data protection impact assessment (DPIA) |
The candidate can… - apply the criteria for conducting a DPIA. - describe the objectives and outcomes of a DPIA. |
15% |
| Steps of a data protection impact assessment (DPIA) |
The candidate can… - describe the steps of a DPIA. - perform a DPIA in specific situations. |
12.5% |
Data breaches, notification, and incident response - 12.5% |
||
| GDPR requirements with regard to personal data breaches |
The candidate can… - assess whether a data breach has taken place in terms of the GDPR. |
2.5% |
| Requirements for notification |
The candidate can… - notify the supervisory authority of a personal data breach. - notify the data subject of the personal data breach. - describe the elements of the GDPR documentation obligation. |
10% |
To ensure success in EXIN PDPP certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for EXIN Privacy and Data Protection Professional (PDPP) exam.