EXIN Privacy & Data Protection Professional is a certification that validates a professional’s knowledge and understanding of the European privacy and data protection legislation and its international relevance, as well as the professional’s ability to apply this knowledge and understanding to everyday professional practice.

With the ever increasing explosion of information flooding the internet, every company needs to plan how to manage and protect privacy of persons and their data. Not without a reason, many new laws within the EU, as well as in the USA and many other regions, are formed in order to regulate both privacy and data protection.

The European Commission has published the EU General Data Protection Regulation (GDPR), meaning that from the 25th of May 2018 on, all organizations concerned must comply with specific rules. This Practitioner certification builds on the subjects covered by the Foundation exam by focusing on the development and implementation of policies and procedures in order to comply with existing and new legislation, application of privacy and data protection guidelines and best practices, and by establishing a data protection management system (DPMS).

The new standard in the ISO/IEC 27000 series: ISO/IEC 27701:2019 Security Techniques – Extension to ISO/IEC 27001 and ISO/IEC 27002 for Privacy Information Management – Requirements and Guidelines is useful for organizations that want to show compliance with the GDPR. The content of the new ISO standard helps fulfill the GDPR obligations to organizations regarding the processing of personal data.

Neither the GDPR nor the ISO standard are exam literature. However, the literature matrix in Chapter 4 is designed to show the link between the exam requirements, the literature, the GDPR and the ISO/IEC 27701:2019 standard to give the certification a broader context

The EXIN SIAM™ Foundation credential validates a professional’s knowledge about bringing together multiple service providers to strive for a common goal in order to support the client organization’s agreed objectives for service delivery.

This certification includes the following topics:

•  introduction to SIAM
•  SIAM implementation roadmap
• SIAM roles and responsibilities
• SIAM practices
• processes to support SIAM
• SIAM challenges and risks
• SIAM and other practices.

SIAM is a methodology used to manage multiple service providers and to integrate them seamlessly to provide a single business-facing IT organization. A synonym for Service Integration and Management (SIAM™) is multi-sourcing integration (MSI). In this certification, the term SIAM is used. The EXIN SIAM™ Foundation certification tests a candidate’s knowledge and understanding of the terminology and the core principles. The certification covers themes such as: potential benefits as well as the challenges and risks of implementing SIAM. It also includes examples of implementation structures, governance, tooling and data considerations and the common processes used in a SIAM ecosystem. A candidate who successfully completes this certification knows how SIAM delivers business value and is able to contribute to the implementation and use of SIAM in an organization.

The purpose of ethical hacking is to evaluate the security of a computer system or network through the discovery and exploitation of vulnerabilities in a legal manner.

Today’s technology is moving fast and changing the way we do business. Companies digitize all information by default, store their data in the cloud and use open source software. This raises information security issues related to network and system infrastructure.

The EEHF: EXIN Ethical Hacking Foundation module covers the basic steps of ethical hacking: intelligence gathering, scanning computer network/systems, and penetrating systems. Candidates are expected to be very aware of the difference between legal and illegal hacking, and the consequences of misuse.

In more detail the candidate will develop an understanding of the following topics:

• Network sniffing (gathering information from network traffic)
• Cracking a WEP and WPA(2) key from a wireless network
• Network vulnerability scanning
• Basic penetration of computer systems
• Password cracking
• Web-based hacking, containing SQL Injections (SQLi), Cross-Site Scripting (XSS), Remote File Inclusions (RFI)

The EXIN Ethical Hacking Foundation exam tests the knowledge of the candidate on:

• the basics of Ethical Hacking, and
• the practice of Ethical Hacking.

After successfully completing the EXIN Lean IT Foundation exam, a candidate will be familiar with the principles of the Lean philosophy and in particular with the application of this philosophy within an IT environment. Specifically, the candidate should understand:

• The principles underlying the Lean philosophy
• The importance of understanding and delivering customer value
• The way Lean looks at processes and the waste within them
• How to measure performance and the key determinants of performance
• What the organizational requirements are when implementing Lean, including the use of visual management tools
• Which behavior and attitude is necessary for Lean to be successful within an IT organization
• The DMAIC problem-solving model
• How these Lean principles can be applied within an IT organization

EXIN Lean IT Foundation helps IT organizations to ensure that they provide their customers with the best possible services. Through understanding customer value, the processes that deliver this value, the way to manage performance, the way to organize and the required attitude and behavior, IT organizations are helped to develop a continuous improvement mindset. Lean IT is complementary to all other best practice methods. The purpose of EXIN Lean IT Foundation is to confirm that a candidate has sufficient knowledge and understanding of Lean IT to support a Lean initiative within an IT organization.