Founded in 2000, the IAPP is the world’s largest and most comprehensive privacy resource with a mission to define, support and improve the Privacy profession globally. Every organization has data protection needs. Every day, we access, share and manage data across companies, continents and the globe. Knowing how to implement a privacy program is an invaluable skill that will help you protect your organization’s data—and take your career to the next level. Our Principles of Privacy Program Management training is the premier course on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a privacy team.


* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

Principles of Privacy Program Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organization through process and technology - regardless of jurisdiction or industry.

The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP's ANSI-accredited Certified Information Privacy Manager (CIPM) certification program.

  • Introduction to privacy program management

  • Privacy program management responsibilities
    Accountability in privacy program management

  • Privacy governance

  • Considerations for developing and implementing a privacy program
    Position of the privacy function within an organization
    Role of the DPO
    Program scope and charter
    Privacy strategy
    Support and ongoing involvement of key functions and privacy frameworks

  • Applicable laws and regulations

  • The regulatory environment
    Common elements across jurisdictions
    Strategies for aligning compliance with organizational strategy

  • Data assessments

  • Practical processes for creating and using data inventories/maps
    Generating and applying gap analyses
    Privacy assessments
    Privacy impact assessments/data protection impact assessments
    Vendor assessments

  • Policies

  • Common types of privacy-related policies
    Policy components
    Strategies for implementation

  • Data subject rights

  • Operational considerations for communicating and ensuring data subject rights
    Privacy notice
    Choice and consent
    Access and rectification
    Data portability

  • Training and awareness

  • Developing privacy training and awareness programs
    Implementing privacy training and awareness programs

  • Protecting personal information

  • Holistic approach to protecting personal information
    Privacy by design

  • Data breach incident plans

  • Planning for a data security incident or breach
    Responding to a data security incident or breach

  • Monitoring and auditing program performance

  • Common practices for monitoring privacy program performance
    Measuring, analyzing and auditing privacy programs


This course is ideal for Data Protection Officers, Data Protection Managers, Auditors, Legal Compliance Officers, Security Manager, Information Managers, or anyone involved with data protection processes and programs.




While there are no prerequisites for this course, please ensure you have the right level of experience to be successful in this training.


Length: 2.0 days (16 hours)


Not Your Location? Change

Course Schedule:

To request a custom delivery, please chat with an expert.