Maintaining your CDPSE: CPE and renewal requirements

Dan Virgillito
August 11, 2021 by
Dan Virgillito

Once you pass the Certified Data Privacy Solutions Engineer (CDPSE) exam, you become ISACA certified and join a coveted group of IT professionals having the validated experience to implement privacy solutions. 

However, you must focus on CDPSE renewal so that you keep your knowledge and skills current. Maintaining your CDPSE will also help you stay abreast of industry trends and demonstrates that you're capable of matching privacy solutions to a company's risk appetite. 

So, how do you maintain your CDPSE? 

Free ISACA Career Kit

Free ISACA Career Kit

ISACA certification holders are among the highest-paid in the industry, with average salaries ranging from $103,000 to $133,000, according to Payscale. Earn one of the highest-paying certifications in the industry.

CDPSE CPE policy overview

CDPSE CPE policy aims to ensure that all CDPSE certification holders maintain adequate proficiency and current knowledge in data privacy architecture, privacy governance and data lifecycle. Those who successfully comply with the policy will better deliver technical data privacy solutions to their firms. 

The CDPSE Certification Working Group supervises the continuing professional education process and the prerequisites for ensuring its applicability.

What are the CDPSE renewal requirements? 

One of the CDPSE CPE requirements is to attain CPE hours over an annual and three-year certification period. All CDPSE's must fulfill the following criteria to maintain certification:

  • Attain and report a minimum of 20 CPE hours annually. These hours should be appropriate to the advancement or currency of the CDPSE's skill or knowledge to perform privacy-related tasks. Certification holders can apply these hours towards fulfilling CPE requirements for different ISACA certifications on the condition that the professional activity applies to the work-related knowledge of each certificate. 
  • Attain and report a minimum of 120 CPE hours for a three-year reporting period. 
  • Pay the annual CPE maintenance fees in full.
  • Abide by the ISACA's Code of Professional Ethics.
  • Comply with the annual CPE audit if selected for it.

Failure to comply with these requirements results in the revocation of the CDPSE designation. When revoked, the individual in question must destroy the certification immediately, as ISACA owns all certificates.

Ways to earn CDPSE CPE credits

ISACA offers aspiring CDPSEs several opportunities to earn CPE credits. Below, we discuss some of the best options for earning CPE hours for your certification:

ISACA's professional education activities and meetings (no limit) —participating in ISACA's chapter meetings, seminars, and related programs will earn you a minimum of one credit.

Non-ISACA's professional activities and meetings (no limit) — these include meetings, seminars, workshops and university courses not sponsored by ISACA. You can earn 10 CPEs Per Quarter-Credit-Hour and 15 CPEs per semester by completing a university course.

Self-study courses (no limit) — these courses are made for self-study. After completion, the course provider should issue a certificate that indicates the number of CPE credits earned for the course.

Professional examinations (no limit) — a CDPSE can earn two CPE hours by clearing an exam with a passing score. 

Teaching/lecturing/presenting (no limit) — the development of distance learning/self-study courses plus the creation and delivery of professional presentations related to privacy can also earn you credits. CDPSEs earn CPE hours at five times the presentation time or estimated time to finish the course for the first delivery (or the actual presentation time for the second delivery). A two-hour presentation nets 10 CPE credits. 

Vendor sales/marketing presentations (10-hour annual limitation) — these activities comprise system-specific or vendor product presentations related to privacy architecture, privacy governance and data life cycle.

Publication of books, monographs, and articles (no limit) — as a CDPSE, you'll earn CPE credits if you publish material directly related to privacy architecture, privacy governance and data lifecycle. CPE credits are applied against the number of hours you take to finish the material.  

Mentoring (10-hour annual limitation) — certified individuals can get up to 10 free CPE hours annually by mentoring. Activities include reviewing, coaching and offering guidance to CDPSE candidates.

Journal quizzes — CDPSE candidates will earn one CPE for every journal quiz completed (for a maximum of six free CPEs per annum).

Contributions to the data privacy profession (20-hour overall yearly limitation for all relevant activities for CDPSE reported hours) — these activities include works contributing to the data privacy profession, such as research development, manual certification review development etc. 

What is the CDPSE annual maintenance fee?

The CDPSE annual maintenance fee is $85 for non-members and $45 for members. For those with a third or fourth ISACA certification, the fee will be slashed to $50 for non-members and $25 for members. The first two certifications remain at the non-discounted rate. ISACA membership costs $135 (for basic dues) plus $10 (new member fee to join online). 

You'll need to pay your first maintenance fee by January 1 of the calendar year following when you were certified. For instance, if you become certified during 2021, your first maintenance fee will be due January 1, 2022. Paying the fee will renew your certificate for the whole of 2022.

Free ISACA Career Kit

Free ISACA Career Kit

ISACA certification holders are among the highest-paid in the industry, with average salaries ranging from $103,000 to $133,000, according to Payscale. Earn one of the highest-paying certifications in the industry.

What happens if my CDPSE certification is revoked?

The CDPSE Certification Working Group evaluates the acceptance of credits for specific professional educational efforts. ISACA selects a random sample of CDPSEs for audit on an annual basis. You must share written evidence of previously reported activities that fit the criteria mentioned in the Qualifying Professional Education Activities if you're chosen. Noncompliance with the audit will result in the revocation of your CDPSE certification. 

If your CDPSE credential is revoked, you'll no longer be able to present yourself as a certified CDPSE. Also, you'll need to retake and clear the CDPSE exam and submit a properly filed application for the CDPSE certification. Note that if noncompliance with the CPE policy is the reason your CDPSE certification got revoked and you later appeal for reinstatement, you'll need to pay an additional $50 in reinstatement fee.



Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.