The IAPP CIPT exam changed in September 2025. IAPP rebuilt the Certified Information Privacy Technologist credential — collapsing seven domains into five and, for the first time, naming specific privacy threat models like LINDDUN on the exam blueprint. If you studied from a 2024 guide or an old dump site, you're preparing for an exam that no longer exists. Here's what the current IAPP CIPT exam covers, what makes it hard, and how to prepare for the version you'll actually sit.
What Is the CIPT?
The CIPT is the only IAPP credential designed for engineers and architects rather than lawyers. While the CIPP tests privacy law and the CIPM tests privacy program management, the CIPT tests whether you can build privacy into technology — data minimization, consent management, encryption, anonymization, and privacy-by-design controls implemented in actual systems and products.
It sits at the intersection of two worlds that usually don't speak the same language: legal/policy teams that define privacy requirements, and engineering teams that ship the products those requirements apply to. The CIPT validates that you can translate "we need to honor data subject deletion requests" into a system design that actually does it.
There are no formal prerequisites. You don't need a prior IAPP certification or a specific degree. But because the exam tests applied technical judgment, candidates with a background in software engineering, security, data, or systems architecture tend to find it more approachable than those coming from a pure policy role.
What Changed in September 2025
According to IAPP's Q3 2025 annual updates, the CIPT Body of Knowledge was restructured effective September 1, 2025. The two biggest shifts:
- Seven domains became five. IAPP reorganized the blueprint into a more intuitive flow that follows the privacy technologist's actual workflow — from understanding their role, through the data lifecycle, into risk management, design, and governance.
- Threat models are now named explicitly. The updated Body of Knowledge introduced privacy-specific threat modeling, with the LINDDUN framework featured prominently. LINDDUN stands for Linkability, Identifiability, Non-repudiation, Detectability, Disclosure of information, Unawareness, and Non-compliance — a privacy analog to the security-focused STRIDE model. Related models such as MITRE PANOPTIC, Nissenbaum's Contextual Integrity, and FAIR-Privacy also entered the scope.
The practical takeaway: privacy threat modeling is no longer an implied skill — it's testable, named content. If your study material predates September 2025 and never mentions LINDDUN, it's out of date.
Exam Format at a Glance
| Detail | Value | |--------|-------| | Exam Code | CIPT | | Questions | 90 | | Scored Questions | ~70 (remaining are unscored pilot items) | | Question Types | Multiple-choice and scenario-based | | Duration | 150 minutes (2.5 hours) | | Passing Score | 300 / 500 (scaled) | | Exam Fee | $550 (IAPP member) / $1,000 (non-member) | | Delivery | Pearson VUE (test center or OnVUE online) | | Break | 15-minute optional break |
A few details worth internalizing. Not all 90 questions count toward your score — IAPP mixes in unscored pilot questions to evaluate future items, and you won't know which is which. Treat every question as if it counts. IAPP uses scaled scoring from 100 to 500 with 300 as the passing line, so you're aiming to answer roughly three-quarters of the scored questions correctly. On practice exams, target 80%+ to give yourself margin.
On cost: according to PrivacyBootcamp.com, the CIPT exam is $550 for IAPP members. Because IAPP membership is bundled with many training packages and discounts, most candidates pay the member rate rather than the $1,000 non-member fee. Review the current CIPT exam details before you register.
The Five Domains
The current CIPT exam is organized around five weighted domains. Here's what each covers and how to approach it.
Domain 1: The Privacy Technologist's Role in the Context of the Organization (23%)
This domain frames everything else. It tests how a privacy technologist fits into an organization, how privacy and security relate, and — critically post-2025 — how to reason about privacy risk and threat models.
Key topics include:
- The privacy technologist's responsibilities and how they interface with legal, security, and product teams
- Privacy risk models and privacy-specific threat modeling (LINDDUN and related frameworks)
- The relationship between privacy and information security
- Data ethics, fairness, and bias in automated decision-making
- Foundational privacy principles (FIPs) and how they map to technical controls
Expect questions that ask you to identify which privacy threat a given system design exposes, or which LINDDUN category a particular weakness falls under. This is the domain where the September 2025 changes are most visible.
Domain 2: Data Collection, Use, Dissemination, and Destruction (28%)
The heaviest domain. It walks the full data lifecycle and tests the controls you apply at each stage.
Key topics include:
- Consent management and lawful collection
- Data minimization and purpose limitation in practice
- Privacy-enhancing technologies (PETs) across the lifecycle
- Defense in depth applied to personal data
- Secure data retention, archival, and destruction
- De-identification, pseudonymization, and anonymization techniques
Because this is 28% of the exam, you cannot afford gaps here. Know the practical difference between pseudonymization and anonymization, when each is appropriate, and how techniques like k-anonymity, differential privacy, and tokenization actually work.
Domain 3: Privacy Risk Management (25%)
This domain tests how you identify, assess, and mitigate privacy risk in systems — including the software you build and the technologies that surveil or track users.
Key topics include:
- Software security as it relates to privacy
- Tracking, surveillance, and behavioral monitoring technologies
- Workplace and consumer technologies that create privacy risk
- Privacy audits and assessments
- Privacy Impact Assessments (PIAs) and how they integrate into development
At 25%, this domain rewards candidates who can reason about real systems — cookies and trackers, mobile SDKs, IoT telemetry, and the privacy implications of each. Scenario questions are common here.
Domain 4: Privacy by Design (11%)
A lighter domain by weight, but conceptually central. Privacy by Design (PbD) is the principle that privacy protections are built in from the start, not bolted on later.
Key topics include:
- The seven foundational principles of Privacy by Design
- Embedding privacy into the system development lifecycle
- Default privacy settings and proactive (not reactive) controls
- Balancing privacy with functionality and usability
Don't let the 11% weight fool you — PbD thinking threads through the entire exam. Questions in other domains often implicitly test whether you'd design privacy in from the outset.
Domain 5: Privacy Engineering and Privacy Governance (13%)
The final domain covers the engineering practices and governance structures that operationalize privacy in a technical organization.
Key topics include:
- Privacy engineering objectives and how to measure them
- Integrating privacy into the development life cycle (requirements through deployment)
- Data inventory and data flow mapping
- Code review and runtime monitoring for privacy
- Privacy governance and accountability in engineering teams
This is where the abstract becomes concrete: how do you actually verify, in a running system, that privacy controls work? Expect questions about monitoring, logging, and the engineering discipline behind sustained privacy.
How Difficult Is the CIPT?
The CIPT is rated moderate to hard, and its difficulty profile is different from the other IAPP exams. The CIPP rewards legal memorization and the CIPM rewards management judgment — the CIPT rewards technical reasoning across both privacy and engineering.
Here's what trips candidates up:
It's technical, but not a security exam. Engineers sometimes assume their security background carries them through. It helps, but privacy is not security. A perfectly secured system can still be privacy-hostile — encrypted data that's over-collected, or access-controlled data used for purposes the user never consented to. The exam tests the privacy lens specifically.
The threat modeling content is new and underserved. Because LINDDUN and named threat models only entered the exam in September 2025, much of the free study material online hasn't caught up. Candidates who skip this content get blindsided by Domain 1 questions.
Scenario questions reward applied judgment. Many questions present a system or product situation and ask which control, technique, or design choice best protects privacy. You can't memorize your way through these — you have to understand trade-offs.
Breadth across five domains. From de-identification math to PbD principles to governance, the exam covers a wide surface. A specialist deep in one area still needs working knowledge of the rest.
Common Mistakes to Avoid
Studying from pre-September-2025 material. This is the single biggest risk right now. Old guides, dump sites, and outdated courses still teach the seven-domain structure and skip threat modeling entirely. Confirm any resource reflects the current five-domain Body of Knowledge.
Treating it like the CIPP. The CIPT is not a law exam. You need to understand privacy principles, but the questions are about technical implementation, not regulatory text. Memorizing GDPR articles won't help you answer a question about which de-identification technique resists re-identification attacks.
Ignoring threat modeling. LINDDUN is now named content. Learn the seven LINDDUN categories, what each means, and how to map a system weakness to the right category. It's high-yield and freshly emphasized.
Confusing anonymization with pseudonymization. This distinction shows up repeatedly and candidates routinely get it wrong. Pseudonymization is reversible with additional information; anonymization (done correctly) is not. Know the implications for re-identification risk and regulatory treatment.
Underestimating Domain 2. At 28% it's the largest slice. Some candidates over-invest in the flashier threat-modeling content and under-prepare the data lifecycle fundamentals that carry the most points.
How to Prepare
1. Confirm your materials match the current Body of Knowledge
Before anything else, verify your study resources reflect the post-September-2025 five-domain structure. According to PrivacyBootcamp.com, the 2025-2026 CIPT Body of Knowledge is the version you're tested on. Anything teaching seven domains is obsolete.
2. Master privacy threat modeling
Learn LINDDUN cold — the seven categories and a concrete example of each. Understand how privacy threat modeling differs from security threat modeling (STRIDE), and be ready to apply it to scenarios. This is the most exam-relevant new content.
3. Allocate study time by domain weight
Weight your preparation toward where the points are:
- Domain 2 (Data Lifecycle): ~28% of study time
- Domain 3 (Privacy Risk Management): ~25%
- Domain 1 (Technologist's Role + threat models): ~23%
- Domain 5 (Privacy Engineering & Governance): ~13%
- Domain 4 (Privacy by Design): ~11%
4. Get hands-on with PETs
Don't just read about differential privacy, k-anonymity, tokenization, and pseudonymization — understand when each is appropriate and what attack each defends against. The exam tests applied selection, not definitions.
5. Practice scenario questions
Definition flashcards help with vocabulary, but the exam's scenario questions require applied judgment. Drill with questions that present a system situation and force you to choose the best privacy control. Our free IAPP CIPT practice questions cover all five current domains with detailed explanations.
6. Plan a realistic timeline
For candidates with an engineering or security background, 50-70 hours over 4-6 weeks is a reasonable target. For candidates coming from policy or compliance roles, plan for 70-100 hours to build the technical fluency the exam assumes.
Who Should Get the CIPT?
The CIPT is the right certification for:
- Software engineers and architects building products that handle personal data
- Privacy engineers formalizing the discipline they already practice
- Security professionals expanding into privacy-specific risk
- Data engineers and ML practitioners who need to bake privacy into pipelines and models
- Technical privacy consultants who advise on system design
If you already hold the CIPM (privacy program management) or a CIPP (privacy law), the CIPT completes the picture by proving you can implement privacy technically. The CIPT + CIPM pairing is especially strong: you can both design the controls and run the program around them. If your focus is specifically AI governance, consider the IAPP AIGP certification alongside it.
Why the CIPT Matters in 2026
As AI systems and connected devices collect more data than ever, organizations increasingly need people who can operationalize privacy in technology — not just write policies about it. Privacy engineering has moved from a niche to a recognized discipline, and the CIPT is the credential that validates it. The September 2025 rebuild, with its emphasis on threat modeling and engineering practice, reflects exactly that shift toward applied, technical privacy work.
Start Practicing Now
The fastest way to find your gaps on the new five-domain exam is to test yourself. Our free IAPP CIPT practice questions cover the current Body of Knowledge — including privacy threat modeling — with detailed explanations for every answer.
Review the full CIPT exam details for registration and scheduling, follow the CIPT study guide for a structured plan across all five domains, or grab the CIPT cheat sheet for fast review before exam day.