0345 4506120

Certified Data Protection Officer Masterclass (C-DPO)

Gain the knowledge and skills to enable you to fulfil the DPO (data protection officer) role under the GPDR (General Data Protection Regulation) with this four-day certificated training course.

The Foundation-level Data Protection officer (C-DPO F) certificate recognises individuals entering the DPO profession. Exam included in course.

The Foundation-level certificate is valid for two years. Renewal or advancement to Professional-level certification is subject to appropriate evidence of DPO work experience and CPD learning hours.

The four-day Certified Data Protection Officer (GDPR) Masterclass Training Course is ideal for anyone looking to develop a career as a DPO or transitioning into the role. It builds on the GDPR Foundation qualification to equip participants with the knowledge and operational skills to act as a DPO in the UK and to ensure that GDPR compliance is effectively designed, implemented and maintained. 

Delivered by an experienced data protection practitioner, this training course is built on the foundations of our extensive practical experience gained advising on GDPR compliance and delivering DPO services.

Please note that you must have passed the Certified EU GDPR Foundation exam before you can attend this course.

DPO certification programme

Aligned with regulatory, organisational and professional development needs, the DPO certification programme consists of two qualification levels:

  • Foundation level – provides individuals with a certificate that recognises their entry into the DPO profession. Foundation level requires no previous DPO work experience, and is a knowledge-based exam following mandatory Masterclass attendance. The certificate is valid for two years with recertification subject to a minimum of 12 months’ DPO work experience and 35 CPD learning hours.

    Advancement to Professional-level certification is subject to a minimum of 24 months’ DPO work experience and 50 CPD learning hours.

  • Professional level – recognises professionals who have two or more years of DPO or data protection work experience. It is a knowledge-based exam where Masterclass attendance is not a prerequisite. Certification is valid for three years with recertification subject to a minimum of 12 months’ DPO work experience and 60 CPD learning hours.


All attendees must have passed the Certified EU GDPR Foundation exam before attending this course.

Course Content

What will you learn on this course?

  • The legal background to the GDPR, and its intersection with the PECR (Privacy and Electronic Communications Regulations), freedom of information legislation, the Law Enforcement Directive and member state implementation approaches.
  • The requirements in respect to the appointment of a DPO, and the requirements placed on the DPO and on the controller or processor.
  • How to inform and advise controllers or processors of their GDPR obligations. 
  • Key training skills, in order to better ‘inform and advise’. 
  • How to monitor compliance with the GDPR. 
  • The role of the DPO in relation to liaison with data subjects and with the supervisory authorities. 
  • The DPO’s role in awareness-raising and staff training.
  • All aspects of personal data processing.
  • The purpose of data inventories, data flow mapping and the records of processing required by Article 30. 
  • The requirements around DSARs (data subject access requests) and the DPO’s role in facilitating them.
  • The DPO’s role in incident management and response and in data breach reporting.
  • When and how to carry out a DPIA (data protection impact assessment).
  • The cross-border data processing requirements, particularly in relation to Cloud service providers.

Exams & Certification

Attendees take the C-DPO exam at the end of the course. There is no extra charge for this exam.

Exam format:

The C-DPO exam is four hours long and consists of 150 multiple-choice questions of which 30% are scenario based.

There are three exam modules which cover the following topic areas:

  1. Data protection regulations – 75 questions
  2. Accountability – 45 questions
  3. Compliance techniques – 30 questions

Certification is attained if:

  1. 75% of all the answers are correct, and
  2. for each of the three modules, 50% of the answers are correct.

 Each correct answer will count as 1 point. No points are awarded for questions incorrectly answered or left unanswered. At least 113 points must be obtained in order to pass.

This course is part of our unique DPO learning path, which also includes the Certified EU GDPR Foundation Training Course. It also supports continued professional development programmes by qualifying for 28 CPD/CPE credits.

Please note that all IBITGQ exams are now online exams, so you will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include