125 questions | 2.5 Hours (150 minutes)
The revised CIA exam Part 1 is well aligned with The IIA’s International Professional Practices Framework (IPPF) and includes six domains covering the foundation of internal auditing; independence and objectivity; proficiency and due professional care; quality assurance and improvement programs; governance, risk management, and control; and fraud risk. Part One tests candidates’ knowledge, skills, and abilities related to the International Standards for the Professional Practice of Internal Auditing, particularly the Attribute Standards (series 1000, 1100, 1200, and 1300) as well as Performance Standard 2100.
Cognitive Learning A Interpret The IIA's Mission of Internal Audit, Definition of Internal Auditing, and Core Principles for the Professional Practice of Internal Auditing, and the purpose, authority, and responsibility of the internal audit activity Proficient B Explain the requirements of an internal audit charter (required components, board approval, communication of the charter, etc.) Basic C Interpret the difference between assurance and consulting services provided by the internal audit activity Proficient D Demonstrate conformance with the IIA Code of Ethics Proficient
Cognitive Learning A Interpret organizational independence of the internal audit activity (importance of independence, functional reporting, etc.) Basic B Identify whether the internal audit activity has any impairments to its independence Basic C Assess and maintain an individual internal auditor's objectivity, including determining whether an individual internal auditor has any impairments to his/her objectivity Proficient D Analyze policies that promote objectivity Proficient
Cognitive Learning A Recognize the knowledge, skills, and competencies required (whether developed or procured) to fulfill the responsibilities of the internal audit activity Basic B Demonstrate the knowledge and competencies that an internal auditor needs to possess to perform his/her individual responsibilities, including technical skills and soft skills (communication skills, critical thinking, persuasion/negotiation and collaboration skills, etc.) Proficient C Demonstrate due professional care Proficient D Demonstrate an individual internal auditor's competency through continuing professional development Proficient
Cognitive Learning A Describe the required elements of the quality assurance and improvement program (internal assessments, external assessments, etc.) Basic B Describe the requirement of reporting the results of the quality assurance and improvement program to the board or other governing body Basic C Identify appropriate disclosure of conformance vs. nonconformance with The IIA’s International Standards for the Professional Practice of Internal Auditing Basic
Cognitive Learning A Describe the concept of organizational governance Basic B Recognize the impact of organizational culture on the overall control environment and individual engagement risks and controls Basic C Recognize and interpret the organization's ethics and compliance-related issues, alleged violations, and dispositions Basic D Describe corporate social responsibility Basic E Interpret fundamental concepts of risk and the risk management process Proficient F Describe globally accepted risk management frameworks appropriate to the organization (COSO - ERM, ISO 31000, etc.) Basic G Examine the effectiveness of risk management within processes and functions Proficient H Recognize the appropriateness of the internal audit activity’s role in the organization's risk management process Basic I Interpret internal control concepts and types of controls Proficient J Apply globally accepted internal control frameworks appropriate to the organization (COSO, etc.) Proficient K Examine the effectiveness and efficiency of internal controls Proficient
Cognitive Learning A Interpret fraud risks and types of frauds and determine whether fraud risks require special consideration when conducting an engagement Proficient B Evaluate the potential for occurrence of fraud (red flags, etc.) and how the organization detects and manages fraud risks Proficient C Recommend controls to prevent and detect fraud and education to improve the organization's fraud awareness Proficient D Recognize techniques and internal audit roles related to forensic auditing (interview, investigation, testing, etc.) Basic
Additional noteworthy elements related to the revised CIA Part One exam syllabus:
- IPPF elements such as the Mission of Internal Audit and Core Principles for the Professional Practice of Internal Auditing are included.
- The syllabus features greater alignment with The IIA’s Attribute Standards.
- The exam covers the differences between assurance and consulting engagements.
- The exam covers appropriate disclosure of conformance vs. nonconformance with the Standards.
- The largest domain is “Governance, Risk Management, and Control,” which makes up 35%of the exam.
- A portion of the exam requires candidates to demonstrate a basic comprehension of concepts; another portion requires candidates to demonstrate proficiency in their knowledge, skills, and abilities.
CIA Part 1 Reference List
- The IIA’s International Professional Practices Framework
- Applying the International Professional Practices Framework, by Urton Anderson and Andrew J. Dahle
- Internal Auditing Assurance and Advisory Services, by Urton Anderson, Michael Head, and Sridhar Ramamoorti
- Sawyer's Guide for Internal Auditors, by Larry Sawyer
- Quality Assessment Manual, by The IIA
- Enterprise Risk Management Framework, by COSO
- Internal Control – Integrated Framework, by COSO
- Risk Appetite Critical to Success, by COSO
- Managing Cyber Risk in a Digital Age, by COSO
- The IIA’s Internal Audit Competency Framework
- IIA Position Paper “The IIA’s Three Lines Model: An Update of the Three Lines of Defense”
- Auditor Essentials: 100 Concepts, Tips, Tools, and Techniques for Success, by Hernan Murdock
- New Auditor’s Guide to Internal Auditing, by Bruce Turner
- Auditing Social Media: A Governance and Risk Guide, by J. Mike Jacka and Peter Scott
- Ready and Relevant: Prepare to Audit What Matters Most, by Timothy Berichon
- Understanding Management, by Richard Daft and Dorothy Marcic
- People-Centric Skills Interpersonal and Communication Skills for Auditors and Business Professionals
- Current resources on internal auditing and relevant topics