EXAM SPECIFICATIONS

Home / Exams and Calls / Exam Specifications

SPECIFICATIONS FOR THE DATA PROTECTION OFFICER EXAM

In accordance with the DPO-AEPD Certification Scheme v.1.3:

Exam Specifications The duration of the exam will be 4 HOURS
It will have 150 questions, each of them will have 4 answer options
  • The exam consists of 150 test questions, each of them has four answer options and just one of this will be valid. Each correct answer adds 1 point. Questions whose answer is incorrect and / or has not been answered will not be counted.
  • 20% of the questions, that is, 30 questions, will describe a practical scenario (normative, organizational and / or technical) on which the question will be discussed.
  • To pass the test, it is required to have correctly answered 50% of the questions in each of the blocks or domains. That is, 75 points must be obtained by adding the minimum score of the three domains, and the rest of the score until obtaining 75% of the total can be obtained from any of the domains.
  • To pass you must have obtained at least 113 points.
Programme or List of Contents

The contents to be evaluated in the certification exam are integrated into the following domains or subject areas according to the weights indicated:
  • Domain 1 GENERAL REGULATION OF DATA PROTECTION.
    Regulatory compliance with European regulations, national regulations, European directive on ePrivacy. Guidelines and guides of art.29, etc.
  • Domain 2 ACTIVE RESPONSIBILITY.
    Evaluation and risk management of personal data processing; impact assessment of data protection, data protection from design, default data protection, etc.
  • Domain 3 TECHNIQUES TO GUARANTEE COMPLIANCE WITH THE DATA PROTECTION REGULATIONS AND OTHER KNOWLEDGE.
    Security audits, data protection audits, etc.
Question Blocks
The questions are distributed by Domains or blocks. Within these domains you will find theoretical and practical scenario questions. The composition will be shown next:

IMPORTANT

  • To access the evaluation phase, compliance with the pre-requisites indicated in the DPO-AEPD Scheme will be necessary.
  • The application processed by the candidate does not presuppose the acceptance of the candidate to obtain the certification. The application will be evaluated according to the DPO- AEPD Scheme.
  • The exam results are confidential, until publication in the registry as certificate Data Protection Officer.
  • The exam will be face-to-face. It can be done by using both computer media and paper support, informing the candidate of the specific medium to be used prior to conducting the exam.
  • In case of detecting phishing, the Legal Department of the EC will file the corresponding formal complaint before the competent authorities.
English