Data Privacy

OCEG releases Integrated Data Privacy Capability Model and Professional Certification

The open-source Data Privacy Capability Model is a step-by-step guide to designing, running, and evaluating a strong data privacy program for any organization.

The Integrated Data Privacy Model

PHOENIX, ARIZONA, UNITED STATES, December 5, 2022 / — OCEG is pleased to announce the release of the new Integrated Data Privacy Capability Model (IDPM) and associated certification for Integrated Data Privacy Professionals. Together with a global review committee of privacy experts and the input of Singapore-based OCEG training partner, Straits Interactive, we have developed an open-source capability model that offers a detailed step-by-step guide to designing, running, and evaluating a strong data privacy program for any organization.

Carole Switzer, OCEG Co-Founder, and President notes, “Unlike other available resources and certifications, which generally outline the requirements of various data privacy regulations and tell you what you need to comply with, through this Capability Model we are seeking to help you understand how to meet those needs. Following the structure of our respected GRC Capability Model, we walk you through every stage of identifying relevant requirements for your organization, keeping track of where and how you are collecting and processing personal information, and ensuring that your data privacy program is transparent and auditable.”

The Capability Model is a free, open-source resource that anyone may download directly from the OCEG site.

“We are pleased to offer this important certification as an addition to our GRC Professional and GRC Audit certifications,” says OCEG Founder and Chair, Scott Mitchell, “and to include it at no additional cost for anyone who holds an OCEG All Access Pass. The AAP provides access to our premium resources and all our certification exams at one low cost, which ensures that every organization can have skilled and credentialed teams to address these critical needs.”

Said Kevin Shepherdson, CEO, Straits Interactive, “This Model, which we are honored to have authored with OCEG, offers something that has been missing in the information market for data privacy, that is, looking at privacy from an integrated governance, risk management and compliance perspective. The certification demonstrates an individual’s knowledge of how to build, run and assess an effective and agile data privacy program. As data privacy management becomes more challenging, it would be in every organization’s interest to ensure that its data privacy team and every manager of units with data privacy responsibilities, follow the model and obtain this valuable certification.”

Integrated Data Privacy Capability Model vs Other Privacy Certifications
The Integrated Data Privacy Capability Model provides a roadmap for both GRC and privacy professionals. Those with specialized privacy certifications can now broaden their expertise into GRC as data privacy involves governing personal data, managing risks relating to personal data as well as complying with data privacy laws and regulations.

As for those who have the GRCP certification, this provides a roadmap for GRC professionals to cover data privacy which has become a big focus due to the General Data Protection Regulation and the introduction of many new data privacy laws around the world. By achieving the certification in the Integrated Data Privacy Capability Model, they have the option to then specialize in the area of data privacy and take on additional privacy certification qualifications.

Testimonials from Testers
Testimonials from those who recently took the training have been encouraging and are shared here:
“The course has a definitive guide for Data Protection Officers who are looking towards being operationally ready. What I learned the most would be the specific steps in preparing a robust data protection management program.”

“Relevant to my consulting practice going forward [the Model] provides a more detailed framework to advise clients on how to set up their privacy management plan.”

“The ‘learn and align’[component structure] provides a good way to frame the settings for our consulting with the management to align with their business objectives and enroll support.”

“The training provides in detail the steps required to set up a data privacy program (right from the start).”

“The training is very useful, how we combine data privacy knowledge and GRC perspective.”

“Found it useful to have understood the privacy framework in the larger context of GRC.”

To obtain the free, open-source Integrated Data Privacy Capability Model and learn more about the certification and available training, visit

OCEG is a global nonprofit organization and community. We inform, empower, and help advance the careers of our 120,000+ members who work in governance, strategy, risk, compliance, security and audit. We created GRC to help every organization and every person achieve objectives, address uncertainty and act with integrity. This approach to business, and to life, is what we call Principled Performance®. For over 20 years, we’ve set the standards for GRC and the associated critical disciplines that comprise GRC. The foundational standards for GRC form the basis of OCEG’s GRC Capability Model (the “Red Book”) and additional OCEG capability models.

Straits Interactive
Straits Interactive delivers sustainable data governance solutions that help organizations create trust in today’s data-driven world. As trusted advisors to SMEs, MNCs and data protection authorities in the region, we provide comprehensive competency, consulting and capability roadmaps in data protection and governance. We enable these competencies by partnering top universities in the region and international certification bodies to provide advanced diplomas, degrees and certification courses. Our hands-on advisory services, combined with our software-as-a-service solutions, help reduce risk and create value from data to help businesses achieve their digitalization and innovation objectives.

Carole Switzer
+1 236-464-6254
email us here

Data Privacy Image by Pete Linforth from Pixabay


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.