Duration of the Exam

Home / Exams and Calls / Examination Specifications

Important In order to access the evaluation phase, it will be necessary to successfully fulfill the prerequisites.

DATA PROTECTION OFFICER EXAM SPECIFICATIONS

In accordance with the AEPD-DPD Certification Scheme v.1.3:

Duration of the Exam 

150 questions with 4 response options

  • The exam consists of 150 multiple-choice questions, with four answer options, of which only one will be valid. Each correct answer adds 1 point. Questions that are answered incorrectly and / or have not been answered will not be counted
  • 20% of the questions, that is, 30 questions, will describe a practical scenario (normative, organizational and / or technical) about which the question will be.
  • To pass the test, it is required to have obtained, at least, 112.5 points, having correctly answered 50% of the questions in each of the blocks or domains.
  • For the approval must have obtained, at least, 113 points.
  • The exam will be face-to-face. They can be done using both computer media and paper support, informing the candidate of the specific medium to be used prior to conducting the exam.
  • In case of detecting phishing, the Legal Department of the EC will file the corresponding complaint with the competent authorities.
Check here the Exam Policy OID 1.3.6.1.4.1.18332.105.15

Contents List.

The contents to be evaluated in the certification examination are integrated in the following domains or thematic areas according to the weightings indicated:
  • Domain 1 GENERAL REGULATION ON DATA PROTECTION.
    Regulatory compliance with European regulations, national regulations, European directive on ePrivacy. Guidelines and guides of the art.29 WP, etc.
    Weighing: 50%.
  • Domain 2 ACTIVE RESPONSIBILITY.
    Evaluation and risk management of personal data processing; impact evaluation on data protection, data protection from design, default data protection, etc.
    Weighing: 30%.
  • Domain 3 TECHNIQUES TO GUARANTEE COMPLIANCE WITH THE REGULATION ON DATA PROTECTION AND OTHER KNOWLEDGE.
    Security audits, data protection audits, etc.
    Weighing: 20%.

Questions Blocks

The questions are distributed by Domains. Within these domains we will find theoretical and practical scenario questions. We show the composition below:
Domain I
50%, 75 questions, 15 of them with scenario.
Domain III
20%, 30 questions, 6 of them with scenario.
Domain II
30%, 45 questions, 9 of them with scenario.

Results and Claims

  • During the exam phase the evaluator has a model for complaints and claims regarding the exam or the certification process in general.
  • The result of the evaluation test will entail the assessment of “Suitable” or “Unfit” in each call.
  • If the result is not suitable, you can request to be informed of the percentages of correct answers by Domain.
  • In case of non-conformity with the evaluation, you have the right to request your REVIEW before the evaluator of the Certification Entity.
  • If the result of the claim remains and non-conformity persists you may proceed to an APPEAL before the Committee of Experts of the Certification Entity.
  • The review and appeal processes are not face-to-face, in order to avoid pressures and preserve the independence of the evaluator and, where appropriate, some members of the Committee can be designated to hear the appeal.
  • The terms for resolving and notifying the candidate are for a maximum of 15 days in the reviews and 30 days in the appeals, in the latter case from the end of the corresponding process of allegations.
  • The procedure for complaints / claims, review and appeals can be consulted in the Public Documents´ Section/ Information to the candidate.
    Consult
If you need more information regarding the registration process click here to access the FAQ