Exam specifications

In accordance with the AEPD-DPD Certification Scheme v.1.3:
 

Important


In order to access the evaluation phase, it will be necessary to have been admitted to fulfill the prerequisites

 
01

150 questions with 4 answer options

  • The exam consists of 150 multiple-choice questions, with four answer options, of which only one is valid. Each correct answer is worth 1 point. Questions for which the answer is incorrect and/or has not been answered will not be counted.
  • El 20% de las preguntas, es decir, 30 preguntas, describirán un escenario práctico (de carácter normativo, organizativo y/o técnico) sobre el que versará la pregunta.
  • 20% of the questions, i.e. 30 questions, shall describe a practical scenario (of a regulatory, organizational and/or technical nature) on which the question is based.In order to pass the test, it is required to have answered 50% of the questions correctly in each of the blocks or domains. That is to say, 75 points must be obtained by adding the minimum score of the three domains, and the rest of the score up to 75% of the total can be obtained from any of the domains.
  • The pass must have obtained, at least, 113 points.
  • The exam will be face-to-face. It may be carried out either by computer or on paper, informing the candidate of the specific means to be used prior to taking the exam.
  • In case of detecting identity theft, the Legal Department of the EC will file the corresponding complaint before the competent authorities.
02

List of contents

 
DOMAIN01@2x
General data protection regulations
Regulatory compliance with the European regulation, national regulations, European ePrivacy directive. WG art.29 guidelines and guidelines, etc. Weighting: 50%.
 
 
DOMAIN02@2x
Active responsibility
Risk assessment and management of personal data processing; data protection impact assessment, data protection by design, data protection by default, etc. Weighting: 30%.
 
 
DOMAIN03@2x
Techniques to ensure compliance with data protection regulations and other expertise
Security audits, data protection audits, etc. Weighting: 20%.
 
03

Blocks of questions

The questions are distributed by Domains. Within those domains we will find theoretical and practical scenario questions. We show below the composition:

 
 
DOMINIOI
Domain I
50%, 75 questions, of which 15 with scenario.
DOMINIOII
Domain II
30%, 45 questions, of which 9 with scenario.
DOMINIOIII
Domain III
20%, 30 questions, including 6 with scenario.
04

Results and complaints

  • During the examination phase the evaluator has a form for complaints and claims in relation to the examination or the certification process in general.
  • The result of the evaluation test will involve the evaluation of "Pass" or "Fail" in each call.
  • If the result is "Not Pass", you can request to be informed of the percentage of correct answers per domain.
  • In case of non-conformity with the evaluation, you have the right to request a REVIEW before the evaluator of the Certification Body.
  • If the result of the complaint is still of non-conformity, you may proceed to an APPEAL to the Expert Committee of the Certification Entity.
  • The review and appeal processes are not face to face, in order to avoid pressure and preserve the independence of the evaluator and, where appropriate, member of the Committee appointed to hear the appeal.
  • The terms for resolving and notifying the candidate are a maximum of 15 days for reviews and 30 days for appeals, in the latter case from the end of the corresponding allegations process.
  • The procedure for complaints/complaints, review and appeals can be consulted in the Public document/information to the candidate. See
05

Exam


If you need more information about the registration process