Certified Information Privacy Manager (Singapore)

The Certified Information Privacy Manager (CIPM) programme is the world’s first and only certification in personal data protection programme management. The programme was developed by the International Association of Privacy Professionals (IAPP) and is brought to Singapore by Straits Interactive.


Knowledge of Singapore’s Personal Data Protection Act

Learning Outcomes

  • How to create a company vision
  • How to structure the personal data protection team
  • How to develop and implement a personal data protection programme framework
  • How to communicate to stakeholders
  • How to measure performance
  • The personal data protection programme operational lifecycle

Course Overview

Day #1: Certification Foundation

An introduction to major laws and concepts in data protection

Unit 1
Common Principles and Approaches to Personal Data Protection
This unit includes a brief discussion of the modern history of personal data protection, an introduction to types of information, an overview of information risk management and a summary of modern data protection principles.

Unit 2
Jurisdictions and Industries
This unit introduces the major personal data protection models employed around the globe and provides an overview of privacy and personal data protection regulations by jurisdictions and by industry sectors.

Unit 3
Information Security: Safeguarding Personal Information
This unit presents introductions to information security, including definitions, elements, standards and threats/vulnerabilities, and to information security management and governance, including frameworks, controls, cryptography, and identity and access management (IAM).

Unit 4
Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies
This unit discusses the web as a platform and personal data protection considerations for sensitive online information, including policies and notices, access, security, authentication identification and personal data collection. Additional topics include children’s online privacy, e-mail, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices.

Day #2: Certified Information Privacy Manager (CIPM) Module

This programme is broken into two segments, with the first describing important practices in managing personal data protection. The second segment is an interactive format in which participants apply these practices to a real-world scenario.

Unit 1
Data Protection Programme Governance
This unit describes how to create a personal data protection programme at an organisational level, develop and implement a framework and establish metrics to measure programme effectiveness. Topics include: creating a company vision for its personal data protection programme; establishing a personal data protection programme that aligns to the business; structuring the personal data protection team; developing organisational data protection policies, standards and guidelines; defining personal data protection programme activities; and defining programme metrics.

Unit 2
Personal Data Protection Operational Life Cycle
This substantial unit reviews personal data protection programme practices through the privacy life cycle: assess, protect, sustain and respond. Topics include: documenting the data protection baseline of the organisation; data processors and third-party vendor assessments; physical assessments; mergers, acquisitions and divestures; privacy threshold analysis; privacy impact assessments; information security practices; Privacy by Design; integrating data protection requirements across the organisation; auditing your personal data protection programme; creating awareness of the organisation’s personal data protection programme; compliance monitoring; handling information requests; and handling personal data protection incidents.

Day #3: Data Protection Management – A Hands-on Approach based on your Organisation’s Data Protection Programme

Assess, Protect, Sustain & Respond using the Data Protection Management System
To complement the theory of personal data protection programme management, course participants will get to apply the above in the context of their own PDPA compliance and personal data protection/privacy initiatives.

Delivery Format

  • Lecture style
  • Video clips
  • Discussions with consultants
  • Role play / presentations

Trainers & Consultants

The Certified Information Privacy Manager (CIPM) course will be conducted or facilitated by the following trainers who are certified by IAPP to conduct the course:

  • Kevin Shepherdson, CIPM, CIPP/A, CIPT, FIP, GRCP
  • Alvin Toh, CIPM, CIPT
  • Celine Chew, CIPM, CIPP/A, CIPT, FIP, GRCP
  • Wong Mei Kwan, CIPM


3 full days stretched over 2 weeks

Course Dates

December 2017

Day 1: 18 Dec 2017
Day 2: 19 Dec 2017
Day 3: 20 Dec 2017

January/February 2018

Day 1: 30 Jan 2018
Day 2: 31 Jan 2018
Day 3: 05 Feb 2018

Ideal For

  • Existing Data Protection Officers
  • Newly appointed Data Protection Officers
  • Personnel (Compliance, HR, IT, Marketing, Legal, Internal Audit) with personal data protection responsibilities
  • Professionals seeking a career in privacy/personal data protection

Course Fee

S$4,230 (before GST)

Includes 3 days of training.

Covers all other relevant required fees including textbooks, course notes, exam fees, practice exam fees & online training (excludes IAPP membership fee).

Funding available

This course is supported by CITREP+ which provides:

  • Up to 70% of the nett payable course and certification fees, capped at $2,500 per trainee for non-SMEs
  • Up to 90% of the nett payable course and certification fees, capped at $2,500 per trainee for SMEs
  • Up to 90% of the nett payable course and certification fees, capped at $2,500 per trainee for professionals above 40 years old

Please note that CITREP+ funding is available only to Singapore Citizens and Permanent Residents subject to all funding eligibility criteria being met.

MR code: CITREP+/FY17/MR/17-06/706

For more information on CITREP+ funding and the definition of SME and non-SME, please visit www.imda.gov.sg for details.

Capability Development Grant: Companies can now tap on SPRING Singapore’s Capability Development Grant (CDG) to defray (up to 70 percent of) qualifying project costs for our end-to-end PDPA solutions. Click here for more information about CDG funding.

Productivity & Innovation Credit (PIC) Scheme: Eligible organisations may apply for PIC funding. Click here for more information.