I failed IAPP’s CIPP/C certification. Here’s how I recovered

“Oh my God!” I exclaimed. I had just been notified by the International Association of Privacy Professionals (IAPP) that I had failed its “Certified Information Privacy Professional (CIPP)-Canada (CIPP/C)” certification examination. 

“How could this have happened?” I asked myself. I had passed IAPP’s CIPP/United States Private Sector Law, CIPP/U.S. Government, and its CIPP/Europe certification examinations successfully on the first attempts.

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

Download Now

Privacy imposter syndrome

My mind was racing at a hundred miles per hour. I had set a goal of passing all seven of IAPP’s certification examinations within six months. I wanted to prove to myself that I could start a third career as a privacy professional. I had achieved outstanding successes as a civilian and military intelligence professional. If I could complete the certification examinations within six months, I’d achieve my next goal of becoming a privacy professional to support myself financially.

I knew the IAPP certifications were the “gold standard” for becoming a respected and successful privacy professional. The stakes were extremely high because I left a well-paid job in the U.S. government as a senior executive to embark on a career as a privacy professional.

A feeling of failure began to overwhelm me. I was unaccustomed to failure. I had always achieved outstanding success in my personal and professional endeavors. Doubt began to creep into my mind. I had left the security of my government job, and I was now driving for Lyft and Uber to make ends meet until I could find my first privacy job. I was also working as a licensed private investigator (a dismal and soul-draining experience).

I asked myself several frank and honest questions about my preparation for the examination: 

• What did I do differently this time in preparing for this examination?
• Had I followed the same preparatory steps I had previously used to prepare for the examination?
• Had I devoted sufficient time to preparation?

How I passed my other IAPP exams

I had developed a time-tested process for passing the IAPP privacy certifications. The process included:

• Purchasing the certification examination textbook from IAPP.
• Visiting the IAPP website and downloading the examination blueprint (EBP). 
• Reading the textbook twice: 
• The first time for familiarity.
• The second time for understanding. 
• Using the EBP to identify the concepts and topics the examination would cover.
• Identifying the concepts and topics in the textbook and memorizing them.
• Review the EBP repeatedly until I knew what IAPP wanted me to know to pass the examination. 
• Note: It usually took me two to four weeks of continuous, focused study before I knew I was ready to take an IAPP certification examination.

My answers to the questions above hit me with a thud! I had done none of those things. I had ordered the CIPP/Canadian textbook from IAPP. I read it in a single day after it arrived at my home. I had already scheduled the CIPP/C certification examination for the next day after receiving the textbook. I had been full of myself. I had honestly thought that I was “God’s gift to Canadian data protection and privacy!” I was wrong! I quickly realized that I had failed to prepare myself properly for the examination, and my reward had been a resounding failure.

How I recovered and passed my CIPP/C

Realizing the error of my ways, I asked myself, “Do you want this certification? What does it mean to you and your future? Do you want to brush off the dust of failure and try to test a second time or as many times as it takes?”

I answered each question affirmatively, so I paid the retest fee. (Infosec’s IAPP boot camps offer an Exam Pass Guarantee, allowing you a free retake if you fail). I waited the mandatory 30-day wait period before I could retest. I created a study plan and stuck to it. The plan centered on answering the questions I had posed during my post-test failure assessment. I refused to allow my failure to prevent me from obtaining my goals of passing every IAPP certification examination and moving on to a rewarding, long-term career as a privacy professional. 

My reward for my efforts was to retake the CIPP/C and pass the remaining IAPP certification examinations. My efforts allowed me to:

• Earned the honor and the distinction of becoming an IAPP faculty member.
• Became an IAPP fellow of information privacy. 
• Served as privacy instructor for other IAPP official training partners, including the Infosec Institute. 
• Worked as a privacy consultant for several private and public sector organizations, including the U.S. House of Representatives Office of Cybersecurity.
• Developed my own privacy training for Cybrary and the Infosec Institute.
• Today, I serve as the cyber and privacy risk analyst for a large international law firm.

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Get Your Plan

What is the moral of this story?

• You can never allow failure to derail your dreams. Failure is a part of life, and we all fail at some point in our lives.
• When faced with failure, you must push through it and redouble your efforts to achieve success. As Mike Tyson said, “Everybody has a plan until they get punched in the face.” What is your plan for overcoming failure when it “hits you in the face?”
• Identify your personal and professional goals and develop a roadmap for achieving them. Infosec’s Cybersecurity talent development playbook is a great place to start.
• Review your goals periodically to determine if any obstacles prevent you from achieving them.
• Revise your plan as necessary to ensure your success.

 My motto has always been “Carpe Diem!” “Seize the day so you don’t miss out on tomorrow’s opportunities.” What is yours?