CIPP/A Certification
RECOGNIZING YOUR EXPERTISE IN ASIAN PRIVACY MARKETS
The IAPP’s CIPP/Asia credential certifies proficiency in the key data privacy practices of major Asian economies. CIPP/A holders are known for their ability to apply relevant knowledge and a nuanced understanding of privacy practices to the needs of organizations operating in Asia and around the world.
The CIPP/A exam is available for scheduling at more than 6,000 computer-based testing centers worldwide. Prepare for the exam with these resources and in-person training developed by IAPP official training partner Straits Interactive.
Demonstrate your ability to support vital privacy-related processes such as compliance, cross-border data transfers and internal data protection. Explore CIPP/A certification today.
Certified Information Privacy Professional/Asia
WHAT’S COVERED
Fundamental Privacy Principles
Singapore Privacy Laws and Practices
Hong Kong Privacy Laws and Practices
India Privacy Law and Practices
Common Themes Among Principle Frameworks
The CIPP/A body of knowledge outlines all the concepts and topics you need to know to become certified. It also has an exam blueprint that gives you an idea of how many questions from each topic area you can expect on the exam. These documents, as well as additional certification resources and helpful links, can be found here.
We strongly encourage all potential test takers to read our Certification Candidate Handbook before testing for details on our testing policies and procedures.
Here are our top five reasons why IAPP certification and training are sure to advance your organization.
The CIPP is the global industry standard for professionals entering and working in the field of privacy.
Achieving a CIPP/A credential demonstrates understanding of a principles-based framework and knowledge base in information privacy within the Asian context, including laws and practices specific to the regions of Singapore, Hong Kong and India.
You’ll be recognized as part of an elite group of knowledgeable, capable and dedicated privacy and data protection practitioners.
Holding a CIPP/A designation elevates your leadership profile among your colleagues.
The CIPP/A is a key benchmark among top employers for hiring and promoting privacy professionals.
The examination blueprint indicates the minimum and maximum number of question items that are included on the CIPP/A examination from the major areas of the Body of Knowledge. Questions may be asked from any of the listed topics under each area. You can use this blueprint to guide your preparation for the CIPP/A examination. For example, domains II, III and IV comprise 78% of the exam.
I. Privacy Fundamentals
A. Modern Privacy Principles
OECD Guidelines, APEC privacy principles, Fair Information Practices
B. Adequacy and the Rest of the World
GDPR, U.S. Sectoral approach, adequate and non-adequate countries
C. Elements of Personal Information
Personal data (EU, HK, SG), Personally Identifiable Information (US), Sensitive Personal Data Information (IND), psuedonymisation, de-identification and anonymisation
II. Singapore Privacy Laws and Practices
A. Legislative History and Origins
Legal and political system, surveillance and identification, constitutional and common law protections, sector specific protections, social attitudes to privacy
B. Personal Data Protection Act (PDPA)
PDPA definitions, Do Not Call Registry, the employment setting, exemptions, key concepts and practices (DPOs, staff training, consent, use, disclosure)
C. Enforcement
Monetary Authority of Singapore, Personal Data Protection Commission, Commissioner guidance, rulings
III. Hong Kong Privacy Laws and Practices
A. Legislative History and Origins
Political and legal systems, surveillance and identification, constitutional and common law protections, social attitudes to privacy
B. Personal Data Privacy Ordinance (PDPO)
Definitions of personal data, sensitive personal data, Guidance on Direct Marketing, exemptions, six data protection principles (DPPs), employment matters, data transfers
C. Enforcement
Commissioner rules and guidance, policy development, privacy incidents
IV. India Privacy Law and Practices
A. Legislative History and Origins
Legal system and political structure, Credit Information Companies Regulation Act, Article 21, The Right to Information Act 2005, The Protection of Human Rights Act 1993
B. Information Technology Act 2000 (IT Act)
Section 43 and 43A, 2008 amendment, exemptions, 2011 rules
C. Enforcement
The Ministry of Communication and IT, DeitY, TRAI, commissioner rulings and guidance, penalties and sanctions
V. Common Themes
A. Comparing Protections and Principles
Children’s data, data breach notification, public registers, surveillance, national identity systems, data processing and export
B. Data Subject Rights
Domestic use, breadth of exemption in HK, SG, and India
QUESTION 1
In the Asia-Pacific Economic Cooperation (APEC) Privacy Framework, what exception is allowed to the
Access and Correction principle?
A. Paper-based records.
B. Publicly-available information.
C. Foreign intelligence.
D. Unreasonable expense.
Correct Answer: B
QUESTION 2
How can the privacy principles issued in 1980 by the Organisation for Economic Cooperation and Development (OECD) be defined?
A. Guidelines governing the protection of privacy and trans-border data flows issued in collaboration with the Federal Trade Commission.
B. Guidelines governing the protection of privacy and trans-border data flows of personal data in states that are members.
C. Mandatory rules governing the protection of privacy and trans-border data flows within the European Union.
D. Mandatory rules governing the protection of privacy and trans-border data flows among binding member states.
Correct Answer: B
QUESTION 3
Which concept is NOT an element of Cross Border Privacy Rules (CBPR)?
A. Enforcement by Accountability Agents.
B. Self-assessment against CBPR questionnaire.
C. Consultation with Privacy Enforcement (PE) Authority.
D. Dispute resolution via the Accountability Agent’s compliance program.
Correct Answer: B
UESTION 4
What term is defined by the European Commission to mean any data that relates to an identified or identifiable individual?
A. Personally identifiable information.
B. Sensitive information.
C. Personal data.
D. Identified data.
Correct Answer: C
Actualkey IAPP CIPP-A Exam pdf, Certkingdom IAPP CIPP-A PDF
Best IAPP CIPP-A Certification, IAPP CIPP-A Training at certkingdom.com
