DPO: 5 Tips for Earning Certification

From now on, many companies and all public agencies are required to appoint a Data Protection Officer (DPO).

Approved by the CNIL, AFNOR Certification issues the key recognizing the expertise of these individuals, whose status stems from the GDPR—the General Data Protection Regulation—which took effect in May 2018. The rewards: credibility, added value, and a competitive edge. Three DPOs who earned their certification in the fall of 2019 share their secrets for passing the exam.

Tip #1: Do your research and stay informed

Rereading the “classics”: Pierre Loir, founder of Observantiae SARL, a firm specializing in data protection and outsourced DPO services, began by revisiting the GDPR—the General Data Protection Regulation—which defines this role. 

Another useful source of information is the CNIL’s online documents, such as the subcontractor guide and its many recommendations . Finally, it is essential to stay abreast of technical and regulatory developments, particularly by monitoring publications from the CNIL, its Digital Innovation Laboratory (LINC), and the AFCDP.

Tip #2: Expand your knowledge with MOOCs

According to our three DPOs, taking MOOCs—preferably shortly before the exam—gives you the best chance of success. " GDPR Workshop ", offered by the CNIL and available for free, provides a certificate of completion and achievement, as it includes exams at the end of each module. And to prepare for the section on IT security, try the MOOC " SecNum Academy "from the National Cybersecurity Agency (ANSSI). The curriculum covers IT best practices, security guidelines, cyberattacks, and more. Finally, the CNAM has already offered two sessions of its MOOC, " Data Protection: The New Law "in 2018 and 2019. Will there be a third session in 2020?"

Tip #3: Talk to peers and experts

To pass the certification, candidates must have served as a DPO for at least two years—experience they can draw on to prepare for the exam. Like her two peers, Kadiatou Touré, a founding partner of Maatix Conseil specializing in personal data management, “dived back into various practical cases.” And since she is a member of the AFCDP, a key partner of the CNIL, she has “access to the user discussion forum where you can find very practical questions and answers on GDPR implementation.” Another worthwhile step: engaging with IT professionals to better understand their roles and practices. This will help you become familiar with the many acronyms they use, some of which actually mean the same thing. And why not reach out to specialized legal professionals to deepen your knowledge?

Tip #4: Prepare thoroughly for the exam

Those who have passed the exam confirm it: you can feel confident about your chances of success—and your eligibility to take the exam—if you’ve been practicing for two years or more and are curious and versatile. That doesn’t mean you can skip studying the specifics of the exam, particularly its format, which consists of 100 multiple-choice questions. 

Create fact sheets, tables, and summary charts to learn by comparison—for example, the requirements for an impact analysis. Another prerequisite is a study schedule, which you’ll need to manage alongside your professional responsibilities, especially in the weeks leading up to the exam.

Tip #5: Managing Your Time and Questions

On the day of the exam, confidence in your knowledge and abilities is your greatest asset. Be sure, however, to manage your time wisely during the two-hour test! The exam consists of three sections—regulations, liability, and safety—but these sections vary in difficulty, and therefore in the amount of time you should spend on each. The first questions are relatively simple, which should allow you to save a few precious minutes for the more complicated sections that follow. Aim to answer more than half of the questions within the first hour. And don’t go back to questions you’ve already answered; the computer system would have trouble handling that anyway. Finally, stay fully focused until the very end: you absolutely must score at least 75% correct answers to be certified.