CDPO training and certification. Certified Data Protection Officer

This 5-day training course and certification will allow you to gain and develop the necessary knowledge and skills to build and manage with efficiency your own Personal Data Protection Framework. Classes are taught from home, and you have to take the CDPO exam at one of the Pearson VUE centers, the IAPP’s partner.

For Professionals having already taken a training of at least 28 hours or having an experience of at least two years in Data Protection, it is also possible to register only for the module about the preparation to the exam.



The training takes place entirely at a distance, as well as in Strasbourg (France).


Contact us for a quote.


Distance learning takes place through the Webex video conferencing tool.

Training dates


*Sessions can be arranged upon request



1. Initiate, take part or manage the GDPR programme of your business
2. Create the register for data processing
3. Build a PIA (impact analysis on Privacy and Data Protection)
4. Build a good working knowledge on Data Protection by Design and by Default
5. Build Policies regarding cybersecurity, computer Hygiene, and digital skills.
6. Build working knowledge of Principles of Data Protection by and in itself
7. To get to know about essential contract clauses
8. To know how to communicate with all the players involved
9. Manage Data Breaches
10. Learning how to answer any GDPR request
11. Audits
12. Understanding the Ecosystem



To have followed a formation on the fundamental principles of GDPR or to have equivalent knowledge acquired thanks to previous experiences.

To have a professional experience and be familiar with governance aspects and human resources in a business environment.

To have an interest and a good working knowledge of digital technologies. To understand and to know how to use Office Software Application Tools (MS Office kit, internet browsers)

To have an interest in IT and the new ways of using it.

Training content

Day 1:
• Data Privacy at the heart of businesses’ strategy
• GDPR: common law, guidelines, news (profiling and transfer outside the EU)
• Implementation of a programme on data privacy/GDPR in companies
• Create the register for data processing
• Accountability – which approach?
• Homemade tools vs market tools
• Data Transfer outside the EU: adequate countries, SCC and BCR

Day 2:
• Do you need to realise a PIA/DPIA (impact analysis) ?
• The CNIL’s software
• Example and Simulation of PIAs in the following sectors: social areas, IOT, profiling, Specific HR procedures
• CNIL software
• Video surveillance good practices

Day 3:
• Cybersecurity risks and types of cyber-attacks
• Organisational and technical security measures
• Encryption, anonymisation, authentication and access controls, tracking and system files
• Technical and organisational security measures
• Data Protection by Design and by Default
• Life cycle “from the cradle to the grave”
• New technologies: Big Data, AI, Blockchain
• Software as a Service (Saas) cloud solutions and web host analysis

Day 4:
• Contract review with outsourced staff (Data controllers)
• Communication plan (annual reports, etc…)
• Data breaches management
• Data requests management
• Data Ecosystem
• Stakeholders outside the companies: regulatory authorities (CNIL, ICO), professional associations (IAPP, AFCDP), CEPD, ANSSI
• CNIL sanctions: state of things.
• What is going on outside France (other EU countries) ?
• Big Tech Companies

Jour 5: Preparation to the CDPO certification

Public cible

· Data Protection Officer (DPO),
· Assistant DPO,
· Project manager in charge of GDPR compliance,
· Jurist, marketing manager, IT manager, data scientist, HR, anyone wishing to learn more about the job of DPO,
· Anyone who wants to become a GDPR expert.

Want to learn more?

To take part in the training course, contact us for a quote.


Offer description

IAPP’s CDPO training and certification offerings include the following:

  • 35-hour live training, online with a trainer
  • Quiz to prepare the CDPO certification by the IAPP (recognized by the CNIL)
  • “Voucher” you can use to take the CDPO certification in a Pearson VUE center
  • Participant guide

Exam and certification

To be certified CDPO, it is mandatory to have completed at least 35 hours of training or to have at least 2 years of professional experience in data protection.

Once Data Privacy Professionals has given you the “voucher”, the steps to obtain the certification are the responsibility of the IAPP:
1. Registering for the exam directly by phone or on the IAPP website
2. Book an appointment to take the exam at a Pearson VUE test center
3. Take the Exam

At the beginning of the training course, the participant will register for the exam with Pearson VUE. This exam is not mandatory but allows you to obtain the CDPO certification; The CDPO exam is made of 100 questions and to get the certification, candidats must answers correctly to 75% of all the questions and 50% of the questions in the three domains. Results are generally known at the end of the exam.