Skip to Main Content
Select regional store:
California Privacy Rights Act (CPRA) Foundation Training Course

California Privacy Rights Act (CPRA) Foundation Training Course

SKU: 5431
Format: Pacific Standard Time
  • Learn from the experts how the California Consumer Privacy Act (CCPA) and updated privacy law, the California Privacy Rights Act (CPRA), affect your organization
  • Understand the implementation path to ensure CCPA/CPRA compliance
  • Train without the travel with our instructor-led online course, giving you all the benefits of classroom study without the hassle, uncertainty and cost of travel
  • Course dates available in both Eastern Standard Time (EST) and Pacific Standard Time (PST)
  • Passing the included exam leads to the ISO 17024-certificated California Privacy Rights Act Foundation (CPRA F) qualification by IBITGQ.
Price: $690.00

Training course outline

The CCPA (California Consumer Privacy Act) is a California data protection law that came into effect on January 1, 2020. Following the passing of Prop 24, the CPRA (California Privacy Rights Act) will take effect officially on January 1, 2023 and replace the CCPA. The CPRA is widely viewed as California’s version of the EU’s GDPR (General Data Protection Regulation).

Just like the GDPR, it gives people more control over their personal data, and holds businesses more accountable for protecting the data they collect and process.

Once you have completed the California Privacy Rights Act Foundation Online Training course, you will be able to:

  • Demonstrate an understanding of privacy and cybersecurity law concepts, and basis of national/state jurisdiction 
  • Define terms used in the CCPA/CPRA and contrast to the GDPR 
  • Articulate the rights of consumers, and determine the duties of a business 
  • Examine the CPRA's security requirements and prepare relevant responses 
  • Use the CPRA to determine what action(s) should be taken in the event of a breach 
  • Demonstrate an understanding of the CPRA's penalty provisions 

CPRA Foundation training course benefits

 Save time and money

Save time and travel costs with online training delivered to any location with Internet access.

 Fully understand the CPRA

Get an insight into the components of the CPRA, and how your organization may be affected, in just one day.

 Delivered by professionals

Delivered by an experienced privacy consultant, this training course is built on the foundations of our extensive practical experience through advising companies on compliance with data privacy laws and related information security standards, such as ISO 27001.

 Designed by experts

The course will give you a clear understanding of the main elements of the CPRA, and you can ask the trainer questions during the course.

“William was wonderful. I have been trained by some okay people and terrible people. He was by far the best and most engaging trainer I have ever had. He has an amazing wealth of knowledge and I could not have asked for more. Thank you, thank you! ”

- Pete Gebhart, Director Sales Engineering


Who should attend this course?

The course is suitable for anyone involved in information management, data protection compliance, data privacy compliance, or implementation programs for different organizations either located or doing business in the state of California.

This might include:

  • Information security personnel responsible for implementing and maintaining cybersecurity and privacy systems
  • Executive management, senior leaders, and other personnel who need to understand California's requirements for managing consumer information
  • Those who have attended the GDPR Foundation and Practitioner courses, and want to develop their knowledge of US privacy and cybersecurity regulations
  • Lawyers and attorneys who want to advise clients on changes in the U.S. privacy and cybersecurity regulatory environment

Why choose IT Governance for your training needs?

  • We’re an internationally recognized authority in ISO 27001 – our team led the world’s first ISO 27001 certification project, and since then we have trained more than 8,000 professionals on ISMS (information security management system) implementations and audits
  • Trained by industry experts – our trainers are working consultants with years of practical, hands-on experience.
  • Choose the method that suits you – we offer instructor-led online, self-paced online, e-learning and in-house training options
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.
Course details

What does this training course cover?

  • Privacy and cybersecurity law concepts, and basis of national/state jurisdiction
  • Terms in the CCPA/CPRA and how they compare to those in the GDPR
  • The rights of a consumer and the duties of a business 
  • CCPA/CPRA security requirements 
  • Actions to be taken in the event of a breach
  • Penalties under the CCPA/CPRA

You will be assessed on the following criteria:

  • Demonstrate an understanding of privacy and cybersecurity law concepts, and basis of national and state jurisdiction (10%)
  • Define terms used in the CPRA and contrast to the GDPR (10%) 
  • Articulate the rights of consumers, and determine the duties of a business (30%) 
  • Examine the CPRA’s security requirements (20%) 
  • Use the CPRA to determine what action(s) should be taken in the event of a breach (10%)
  • Demonstrate an understanding of the CPRA’s penalty provisions (20%) 

What’s included in this course?

  • Full course materials (digital copy provided as PDF file);
  • California Privacy Rights Act Foundation exam; and
  • Certificate of attendance

What equipment should I bring?

This course is delivered as a WebEx instructor-led online session. Anyone booked on this course is expected to have a reliable Internet connection at their home or office. You will need to take the exam on a PC, Mac or laptop. Docked devices cannot be used when sitting the exam.

To ensure that the WebEx client works properly on your computer, we recommend using the test session functionality offered by WebEx.

To sit the online exam, you will need:

  • Internet Explorer 9 (or later) or Mozilla Firefox version 16 (or later);
  • Internet access for the full time of the exam;
  • To deactivate the pop-up blocker; and
  • A working webcam on the machine you are using to sit the exam.

Course duration and times

9:00 am – 5:00 pm each day course is run.

Exams and qualifications

CPRA Foundation exam

Attendees take the ISO 17024-certificated, California Privacy Rights Act Foundation (CPRA F), exam set by IBITGQ (International Board for IT Governance Qualifications). There is no extra charge for this exam.

  • Delivery method: Online
  • Duration: 60 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

This course is equivalent to:


CPD points

What qualifications will I receive?

The course supports professional development, and delegates who pass the included exam are awarded the California Privacy Rights Act Foundation (CPRA F) qualification by IBITGQ.


This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications), a renowned authority in personnel certification within the field of IT governance.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.

How will I receive my exam results and certificates?

  • Where exams are taken online (either remotely or by computer in the classroom), provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.


Are there any prerequisites for this course?

There are no formal entry requirements, although participants are assumed to have some knowledge of cybersecurity systems and privacy laws. 

Is there any recommended-reading?

We recommend that you purchase and read the following textbook:

The California Privacy Rights Act (CPRA) – An implementation and compliance guide

Customer reviews

This website uses cookies. View our cookie policy