Who is it for?

  • Anyone who has some existing responsibility for data protection within their organisation.
  • It’s also useful for those who want to broaden their basic understanding in this area and fully understand the practical applications of data protection laws.
  • Whilst this certificate is written to the UK Data Protection Act, many other jurisdictions have enacted broadly similar data protection laws, so international candidates may also find this useful.

Entry requirements

  • It's ideal if you hold the BCS Foundation Certificate in Data Protection, though this is not mandatory.
  • We strongly recommended that candidates attend an accredited training course and are fully familiar with GDPR and the syllabus and any recommended reading outlined in the syllabus.

What will I learn?

Candidates will be able to:

  • Gain an understanding of the key changes and the associated implications that the GDPR and the UK Data Protection Act 2018 introduce to data protection.
  • Gain an understanding of individual and organisational responsibilities under the GDPR and the UK Data Protection Act, particularly the need for effective record keeping.
  • Be able to apply the new rights available to data subjects and understand the implications of those rights.
  • Be able to demonstrate an understanding of the designation, position and role / tasks of a data protection officer.
  • Be able to prepare organisations to manage and handle personal data in compliance with the GDPR and the UK Data Protection Act.

Please note: This certification has now been refreshed in line with legislative updates in this space as of 31 May 2020. The previous exam and syllabus are still available until 30 November 2020.

Download the old syllabus (PDF)

The new syllabus includes training objectives, details of modules and learning hours, plus a recommended reading list:

Download the new syllabus (PDF)

How do I get this certification?

Training and exam (recommended)

Take this course with one of our accredited training providers.

How long will it take?

Classroom courses usually last between three and five days dependent on training provider.

Where can I study?

At a BCS accredited training provider near you.

How much does it cost?

Course prices vary depending on your chosen training provider and course format.

Find a provider

Exam only (self study)

Ideal if you’re self-motivated and already know something about data protection.

How long will it take?

It usually takes between 20 to 40 hours dependent on experience.

Where do I sit my exam?

At the BCS London office. To book this exam please contact us online or call +44 (0) 1793 417655.

How much does it cost?

Guide price: £222 (£185 + VAT)

Contact us online

What format is the exam?

Version 8 (2017)

  • A two hour ‘closed book’ written exam, comprising:

    • Part A: 20 simple multiple-choice questions (1 mark each)
      20 complex multiple-choice questions (2 marks each)
    • Part B: 12 short answer questions (5 marks each)
  • Pass mark is 65% (78/120); Distinction pass mark is 80% (96/120)

Download the current specimen paper (PDF)

Version 9 (2020)

  • A 90 minute closed book digital 40 question multi-choice exam
  • Pass mark is 65%

Download the new specimen paper (PDF)

This qualification is not regulated by the following United Kingdom Regulators - Ofqual, Qualifications Wales, CCEA Regulation or SQA.