SecProve
ProfessionalVendor-neutralIAPP· issued from US

CIPP/C

Certified Information Privacy Professional / Canada

Canadian privacy-law expertise — PIPEDA, provincial regimes (Quebec Law 25, Alberta/BC PIPA), and federal sectoral rules.

Official page at IAPP↔ Compare with another cert
Exam fee
$550
Ongoing
$250/yr AMF · 10 CPE/yr
Study time
40–80 hrs
Delivery
Online proctored
Validity
2 yrs (renewal cycle)

› Quality score

23.0 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor
How well-defined and rigorous the exam blueprint is.
Body-of-knowledge organised by federal (PIPEDA), provincial private-sector, and public-sector regimes. Clear, well-scoped.
8.0/10
Practical evidence
Hands-on labs / written reports vs pure MCQ.
Pure MCQ. No applied case work.
0.0/10
Currency & upkeep
How aggressively content is kept current with the field.
Refreshed to track Quebec Law 25 implementation milestones and federal CPPA/AIDA progress.
8.0/10
Market recognition
How often this signal actually moves a hiring decision.
The de facto Canadian privacy credential; common on DPO and privacy-counsel listings in Canada and US firms with Canadian operations. [Holders: 4k, 2024-12]
7.0/10

› Market signals

public, citable inputs to the recognition score
Holders worldwide
4,000
as of 2024-12 · source

› Built for these roles

Privacy Officer (Canada)Privacy CounselDPO (Canadian operations)Privacy Program Manager

› Exam format

90 multiple-choice questions, 2.5 hours, English. Online proctored via IAPP/Pearson. Covers PIPEDA, Quebec Law 25, provincial PIPA regimes (AB/BC), public-sector privacy, and cross-border transfer rules.

› Recertification

20 CPE credits over two years (avg 10/yr) plus the $250/yr IAPP membership fee that bundles certification renewal.

› 3-year cost of ownership

Exam (1×)
$550
AMF (3×)
$750@$250/yr
Total
$1300

Excludes study materials, training, retake risk, and lost-wage opportunity. Use as a floor estimate.

Recognition
CAGlobal
Exam languages
en

› Core domains covered

The 1 domain this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A12Data Security, Privacy & Protection

Data classification, encryption-at-rest/in-transit, DLP, tokenization, privacy-by-design, plus the regulatory stack (GDPR, CCPA, HIPAA) that sets the bar.

› Also touched

Present in the blueprint but not the primary focus — you’ll be introduced but shouldn’t expect depth.

A1Governance, Risk & Compliance

Risk frameworks (NIST RMF, ISO 31000, FAIR), policy development, audit, regulatory compliance, third-party risk.

C7AI Governance & Risk

EU AI Act compliance, NIST AI RMF, AI risk assessment, model cards, algorithmic auditing, AI incident response.

› Prerequisites

Experience

Legal, compliance, or privacy-program background. Most candidates already hold CIPP/E or CIPP/US and are stacking the Canadian regime.

Knowledge assumed
  • PIPEDA principles and OPC findings
  • Quebec Law 25 and provincial PIPA regimes
  • Cross-border transfer and breach-notification rules

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (2)
CIPP/USIAPPCIPP/EIAPP
CIPP/C
IAPP
Required by (0)

No certs require this one.

Recommended next (0)

No follow-on certs reference this one yet.

› Careers that commonly pursue this cert

Privacy Engineer / DPO

Build privacy into systems by design. Navigate GDPR, CCPA, and emerging AI privacy regulations.

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain mapBrowse all certifications