CIA Handbook

CGAP
Certified Government Auditing Professional
CCsA
Certification in Control Self-Assessment
CfsA
Certified Financial Services Auditor
CERTIFICATION CANDIDATE HANDBOOK
www.theiia.org/Certification
IMPORTANT NOTE:
The information in this handbook describes the application, registration, and certification processes for those IIA certification candidates who register through IIA Global Headquarters. It is not applicable to candidates whose primary address is in a country that administers the IIA certification programs through a local certification agreement. Candidates from the following countries must contact their local IIA institute representative for more information about local certification processes and the roll-out of computer-based testing (CBT) in their area: Argentina, Australia, Austria, Belgium, Brazil, Bulgaria, China, Chinese Taiwan, Czech Republic, France, Germany, Greece, Indonesia, Israel, Italy, Japan, Korea, Malaysia, Mexico, Morocco, The Netherlands, New Zealand, Norway, Philippines, Singapore, South Africa, Spain, Sweden, Switzerland, Thailand, and Turkey.
This handbook contains important information. All application materials from previous years are no longer valid and should be discarded.
TABLE OF CONTENTS
Addendum ...... iii IIA Membership .. 2 Applying to the Certification Program of Your Choice . 3 Registering for the Appropriate Exam . 6 Scheduling Your Appointment . 8 Preparing for the Exam 10 Checking In for Your Exam at a Pearson VUE Test Center . 11 Taking Your IIA Exam .. 13 Becoming Certified and Receiving Your Certificate . 17 Maintaining Certification .. 18 CIA Program Eligibility and Verification Requirements . 19 CIA Exam Content .. 22 Professional Recognition Credit for Part 4 of the CIA Exam (PRC4) . 23 Eligibility and Verification Requirements for IIA Specialty Exams (CCSA, CFSA, and CGAP) 24 Exam Content for the CCSA, CFSA, and CGAP Exams . 27 Application and Registration Pricing . 28 CIA Application/Registration Form . 29 Job and Industry Codes .. 30 Application/Registration Form for the CCSA, CFSA, and CGAP Programs . 31 Institute List .. 32 Character Reference Form .. 33 The IIAs Code of Ethics .. 34 Full-Time Student/Professor Status Form . 35 CCSA Facilitation Validation Form . 36 Experience Verification Form .. 37
ii
AddENduM
Beginning January 1, 2011, several changes will go into effect that impact The IIAs certification exam fee structure, exam rescheduling, CPE reporting, and program eligibility. Please review the changes below to ensure you have the most current program information.
EXAM FEE STRuCTuRE

The IIA has revised its pricing structure for certification fees, effective January 1, 2011.
CERTIFICATION FEE STRuCTuRE, EFFECTIvE JAN. 1, 2011 MEMBERS

Application Fee CIA Exam Part Fee Specialty Exam (CCSA, CGAP, CCSA) Part Fee Exam Part Rescheduling Fee (when exam part is rescheduled after initial appointment is made) CPE Reporting Fee USD $75 USD $150 USD $325
NONMEMBERS
USD $100 USD $200 USD $375
USD $50
USD $50
USD $0
USD $100
Please note: Candidates from the following countries must contact their local country representative for all exam matters: Argentina, Australia, Austria, Belgium, Brazil, Bulgaria, China, Chinese Taiwan, Czech Republic, France, Germany, Greece, Indonesia, Israel, Italy, Japan, Korea, Malaysia, Mexico, Morocco, The Netherlands, New Zealand, Norway, Philippines, Singapore, South Africa, Spain, Sweden, Switzerland, Thailand, and Turkey.
iii
RESCHEduLING EXAMS
Once you make an appointment, you will be permitted to make changes for a USD $50 fee per reschedule or cancellation. Changes must be made no later than five days prior to your current appointment. After that time, if you do not appear for your exam at your scheduled location on your scheduled date and time, you will be considered a no-show, your registration will be voided, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it.
CPE REPORTING CHANGES

As of January 1, 2011 IIA-certified candidates seeking to report their continuing professional education (CPE) credits must do so in the Certification Candidate Management System (CCMS), rather than on The IIAs website. The CPE reporting deadline is determined by an individuals IIA membership or customer ID number. IIA-certified professionals whose membership or customer ID number ends with an even number (e.g., 00002) should report their CPE credits in even-numbered years (i.e., 2010, 2012, etc.). Those with odd-numbered IIA membership or customer ID numbers (e.g., 00001) should report in odd-numbered years (i.e., 2011, 2013). The reporting deadline for the prior two years is May 31 of the reporting year (e.g., candidates reporting in 2011 will report on credits earned during 20092010). IIA-certified professionals who fail to meet their CPE requirements by the reporting deadline automatically will be placed in an inactive status and may not use their designation.
ELIGIBILITY POLICY
The certification programs eligibility now requires candidates to complete the program certification process within four years of application approval. If a candidate has not completed the certification process within four years, all fees and exam parts will be forfeited. Candidates currently enrolled in the certification program will have until December 31, 2014 to complete their certification, including submission of all required documents.
iv
INTRODUCTION
There are many reasons to obtain an IIA certification. Whether its the hallmark designation of internal auditing - the Certified Internal Auditor (CIA) designation - or one of our three specialty industry certifications, obtaining an IIA certification is professionalism defined. The Certified Internal Auditor (CIA) designation is the only globally accepted certification for internal auditors and remains the standard by which individuals demonstrate their professionalism in the internal auditing field. Candidates leave the program enriched with educational experience, information, and business tools that can be applied immediately in any organization or business environment. The Certification in Control Self-Assessment (CCSA) designation is an esteemed certification for CSA practitioners. It measures a candidates knowledge of important CSA fundamentals, processes, and related topics such as risk, controls, and business objectives. It is the standard by which individuals demonstrate their comprehensive professionalism in the field. The Certified Financial Services Auditor (CFSA) measures an individuals knowledge of audit principles and practices within the banking, insurance, and securities financial services industries. Candidates may choose any one of these disciplines when taking the exam, regardless of their current occupational field. The CFSA is a respected certification for practitioners of financial services auditing. The Certified Government Auditing Professional (CGAP) certification program was designed especially for auditors working in the public sector at all levels - federal/national, state/provincial, local, quasi-governmental, or crown authority. It is an excellent professional credential that prepares and qualifies you for the many challenges you face in this demanding arena. No matter which certification program you choose, earning an IIA certification demonstrates your commitment to the internal audit profession.
THE IIAs NEW, sTREAMLINED CERTIfICATION PROCEss

Taking an IIA certification exam is more convenient than ever. Beginning in May 2008, IIA exams are offered through computer-based testing (CBT). This means that you will be able to take your exam in any one of more than 400 available testing centers around the world, in the exam language of your choice, at a time that is convenient for you! The IIA has chosen Pearson VUE as its computer-based test administration vendor. Pearson VUE will therefore administer The IIAs exams in a computer-based format at Pearson VUEs approved testing centers throughout the world. Pearson VUE is a leader in global computer-based test administration, and their technology investments ensure leading-edge security and provide improved service to IIA candidates. The IIA has also made it even easier for you to complete the certification process. Our new Certification Candidate Management System (CCMS) allows you to perform application and exam registration processes online. You can also monitor your certification progress, access your CBT exam score reports, and print receipts for your exam fees at any time. And the Pearson VUE online scheduling system makes scheduling your testing appointment just as quick and easy. This handbook walks you through the certification process from start to finish and should provide all of the information that you need to complete the process. Additional information is available online at www.theiia.org/certification.
DETAILED APPLICATION AND REGIsTRATION INsTRUCTIONs

sTEP 1: CONsIDER JOINING THE INsTITUTE Of INTERNAL AUDITORs
If you are not yet an IIA member, you should consider joining The IIA before you apply to an IIA certification program. In most countries, a candidate does not have to be an IIA member to apply to an IIA certification program or receive an IIA designation. (Requirements may vary in countries where the IIA certification program is administered through a local IIA certification agreement.) However, there are immediate and long-term IIA member benefits and special offers that a candidate may wish to consider, such as: Preferred pricing on certification application and exam registration fees. Discounts on review materials available through The IIA Research Foundations Bookstore. No charge for Continuing Professional Education (CPE) reporting. Access to The IIAs online auditing standards, ethics, and guidance information. Access to local IIA institutes for professional development opportunities.
Heres what else youll enjoy: Access to Member Exchange, The IIAs members-only, online networking tool. Reduced registration fees for IIA seminars and conferences. Discounts on hundreds of IIA educational products. Free subscriptions to the award-winning Internal Auditor magazine and IIA Insight, a comprehensive online membership newsletter. A wide variety of other online newsletters providing up-to-date news and information about various sectors of the internal audit profession. Members-only access to the Audit Career Center job postings. Networking opportunities. Participation on local or international committees.
For information on becoming an IIA member, go to www.theiia.org/membership.
Note: Your membership process may take some time to process, and you must complete this process before you will receive discounts on your certification application and exam registration fees. Discounts on certification fees cannot be applied retroactively.
sTEP 2: APPLY TO THE CERTIfICATION PROGRAM Of YOUR CHOICE (NEW CANDIDATEs ONLY)
The following steps explain how to apply to an IIA certification program. These instructions concentrate on the process for applying and registering online through the IIA Certification Candidate Management System (CCMS), which is the fastest and most efficient way to apply and register for IIA certification programs. A paper application and registration form is available on page 31, but it is provided only for those candidates who do not have access to the Internet. Applying and/or registering through the paper process takes several weeks, as compared to the online process which can be completed in a few days. Before you complete an application, be sure to read all of the requirements for that certification in this handbook to make sure that you qualify and that you can agree to the rules of the program.
A. CREATE A PROfILE
If you have not previously applied to an IIA certification program (or if you allowed your program eligibility to expire), you must first create a profile in the IIA Certification Candidate Management System (CCMS). To do so, go to www.theiia.org/certification and click on the link to the CCMS. You will be directed to the CCMS login page. Click on the First Time Users link on the right, read and agree to the terms of use, and complete the New Profile page as follows:
REqUIRED fIELDs
Throughout the profile, fields marked with an asterisk (*) are required.
GENERAL INfORMATION
Enter your name exactly as it appears on your government-issued identification. This information will be verified when you present your identification at the test center, and it must match exactly.
ADDREssEs
Primary Address Enter the address of the location where you currently reside or work for most of the year. Do not indicate addresses for temporary assignments or your declared permanent residence address if it is not where you are located for most of the year. This address is required and must be accurate. If you are unsure what to enter, please refer to the examples in the Frequently Asked Questions section of the CCMS before proceeding. Alternative Address This can be any address where you may want The IIA to communicate with you if you do not have an e-mail address. This address is optional. Indicate which address that you would prefer The IIA to use if it becomes necessary to mail information to you.
PHONE NUMBERs
At least one valid phone number is required (in the Primary Phone Number field).
E-MAIL ADDREssEs
At least one valid e-mail address is required (in the Primary E-mail Address field). The CCMS will communicate with you directly through e-mail, so be sure to provide the e-mail address that you use on a regular basis.
CUsTOM qUEsTIONs
Respond to each custom question presented. Further information about completing some of the custom questions is provided below: Suffix If your government-issued identification includes a suffix (such as Jr. or III), you must provide it here so that your identification will match our records when verified at the test site. Name as it should appear on your certificate Indicate exactly how you would like your name to appear on your printed certificate once you become certified. This may be slightly different from the way that your name appears on your identification (for example: John W. Smith instead of John William Smith), but it cannot include any certifications, degrees, or other designations. Job Codes Select the job code that most closely describes your current position. If you need additional information on any of these job codes, please see listing on page 30. Industry Codes Select the industry code that most closely describes the industry in which you primarily work. Please see listing on page 30. Chapter/Institute where we should send your certificate once you have completed all of the program requirements When you become certified, The IIA will forward your printed certificate to your local IIA chapter or institute for presentation to you. Select the chapter or institute that you have joined, will join, or is geographically closest to you. (See page 32 for listing. For additional information, please visit www.theiia.org/chapters-institutes.) Note: If any of the information in your profile changes, you should return to the profile page and update this information. You will be able to change any information (except for your name) at any time. Click on the Submit button and the CCMS will create your account, provide you with your IIA candidate ID number, and e-mail instructions to you and a link for activating your account. Follow the instructions to activate your account and create a username and password. Keep your password confidential because it will provide access to all of your candidate information. IMPORTANT: If you are an IIA member and the CCMS provides you with an IIA candidate ID number that is different from your IIA global membership ID number, please notify us immediately and do not submit any application or registration forms until you are notified that your records have been merged. (Your global membership ID number is the number that you use to access member information on The IIAs Web site: www.theiia.org.) Once you have followed the instructions for activating your account in the CCMS, click on the New Incident link in the CCMS and submit an incident requesting that we merge the information on your ID numbers. We will attempt to resolve the problem within 72 business hours. If you submit an application or registration form under a candidate ID number that is not your membership ID number, you will not receive member pricing. Once you accept the non-member price and submit your order, no refunds or credits will be issued, in whole or in part.
B. COMPLETE THE APPROPRIATE APPLICATION fORM

Login to the CCMS and click on the Complete a Form link to complete an application form. Select the application form for the certification of your choice and complete the required information. Be careful to complete the application accurately. You will need to submit documentation to verify certain information that you submit (such as education). If your documentation does not support the information on the application, you can face review and censure by The IIAs International Ethics Committee, including but not limited to removal from the certification program and revocation of exam parts or certification. Read and agree to the Program Provisions and Conditions on the form. It is important that you read this entire handbook before agreeing to the conditions of the program. Read and agree to the Pricing Provisions and Conditions and submit your form. The system will calculate the appropriate price for your application and present you with a payment page which allows for payment by credit card, check, or wire transfer. Verify that the price quoted is correct for your situation. See IIA Certification Application and Exam Registration Pricing on page 28 for current IIA pricing. If your primary address is in a country that would qualify for discounted pricing based on the World Bank Index, you can contact your local IIA institute to confirm your pricing. If you do not believe that the price provided is correct (based on your country of primary address or your membership status), do not submit the order once you accept the price provided and submit your order, no refunds or credits will be issued, in whole or in part. Instead, please follow these instructions: Click on the Back to Edit Order button at the bottom of the payment page, and then click on the Save for Later button at the bottom of the application page. If the price displayed is incorrect due to an incorrect country code in your primary address, please update your candidate profile with the correct information. Locate your saved application by clicking on the Complete a Form link and choosing the In-Process Forms tab. Open your application and submit it again. Follow the instructions above for verifying the pricing, etc. If the price displayed is incorrect due to your membership status not being updated, please wait until your membership request has been processed at The IIA prior to submitting this form. - You can check your membership status in the CCMS by clicking on the Personal Information link and viewing the IIA Member question under the Custom Questions section. - To follow up on the status of your membership, please contact the IIA institute through which you applied for membership. If your organization is an IIA audit group member, contact your organizations audit group coordinator. - The amount of time that it takes to process a new membership application varies throughout the world and may take several days or several weeks. Please allow appropriate time for processing. - If your record in CCMS does not indicate that you are a member and you have been issued an IIA global membership ID number that is different than the candidate ID number in CCMS, please notify us immediately by clicking on the New Incident link in the CCMS and submitting an incident requesting that we merge the information on your ID numbers. We will attempt to resolve the problem within 72 business hours. Please do not complete any application or registration forms until you are notified that your records have been merged.
You are strongly encouraged to pay your application fees with a credit card as it significantly shortens the processing time required. Applications submitted through the CCMS with payment by credit card are generally reviewed and processed within 72 business hours of submission. Applications submitted by mail or submitted through the CCMS with the payment option of check or wire transfer may take several weeks to review and process. Candidates who opt to pay with a check or a wire transfer must (1) include information on their form of payment during the application process and (2) follow the on-screen instructions regarding submission of payment. Please be aware that if you choose check or wire transfer as your payment method and submit your form online, you will not be able to change to another payment method for that form. Applications will not be reviewed until payment has been received in full and processed to your record. For wire transfers, payment cannot be processed until you submit the appropriate information regarding your wire transfer. Once your application and payment are received and your payment is processed, a member of The IIAs Certification Department will review your application to determine your eligibility for the certification to which you have applied. Please allow approximately 72 business hours for application review after receipt of application and processing of payment at IIA. Once the application review is complete, an e-mail will be sent to you to advise you of your status and the next steps in the process. Approved candidates can begin the exam registration process upon receipt of their application approval message. Note: Approval for any of the certification programs is contingent on meeting the eligibility requirements.
sTEP 3: sUBMIT APPROPRIATE DOCUMENTATION

Refer to page 19 (for CIA) or page 24 (for CCSA, CFSA, or CGAP) for specific requirements for each certification program, as well as required documentation. Additional documentation may be requested from candidates as necessary to confirm eligibility.
sTEP 4: REGIsTER fOR THE APPROPRIATE EXAM(s)

Upon approval of your application, you are eligible to register for the exam(s) in the program to which you applied. Approval of your application is based on the information provided in your application. Supporting documentation is still required, but you may begin the exam registration process before submitting the remaining documentation. Login to the CCMS and click on the Complete a Form link to complete an exam registration form. Select the appropriate form for the exam of your choice. If you are an existing candidate in an IIA certification program, your candidate information has been transferred to the CCMS system. See www.theiia.org/certification for login information. The CIA exam is offered in many languages, and you do not need to select your language at the time of registration. When you schedule your exam with Pearson VUE, you will be able to select the language of your choice. Most exam languages are expected to be available in all Pearson VUE test centers around the world, although all languages may not be available immediately at the initial launch of computer-based testing. Please refer to www.theiia.org/certification for more information about the availability of languages at the time that you register. You may want to wait to register for your exam until your chosen language is available for testing. Note: Your registration for an exam (part) will be valid for 180 days from the date that the registration is processed at IIA. Each registration allows you to sit for that exam one time. It is your responsibility to schedule an appointment for that exam during the 180-day period and to sit for the exam during that time.
Read and agree to the Pricing Provisions and Conditions and submit your form. The system will calculate the appropriate price for your registration and present you with a payment page which allows for payment by credit card, check, or wire transfer. Verify that the price quoted is correct for your situation. See IIA Certification Application and Exam Registration Pricing on page 28 for current IIA pricing. If your primary address is in a country that would qualify for discounted pricing based on the World Bank Index, you can contact your local IIA institute to confirm your pricing. If you do not believe that the price provided is correct (based on your country of primary address or your membership status), do not submit the order once you accept the price provided and submit your order, no refunds or credits will be issued, in whole or in part. Instead, please follow the instructions provided in the application section above regarding incorrect pricing, or refer to the instructions provided on-screen or in the Frequently Asked Questions section of the CCMS. You are strongly encouraged to pay your registration fees with a credit card as it significantly shortens the processing time required. Registrations submitted through the CCMS with payment by credit card are processed immediately. Registrations submitted by mail or submitted through the CCMS with the payment option of check or wire transfer may take several weeks to process. Candidates who opt to pay with a check or a wire transfer must (1) include information on their form of payment during the registration process and (2) follow the on-screen instructions regarding submission of payment. Please be aware that if you choose check or wire transfer as your payment method and submit your form online, you will not be able to change to another payment method for that form. Registrations will not be processed until payment has been received in full and processed to your record. For wire transfers, payment cannot be processed until you submit the appropriate information regarding your wire transfer. Once your payment is received and processed, your registration will be processed, and you will receive an e-mail advising you that you are eligible to schedule your exam with Pearson VUE and providing further directions. If you pay through the CCMS by credit card, this e-mail will typically arrive within minutes. If you wish to register for more than one CIA exam (part), you may do so by repeating the steps above. You must complete a separate registration form for each exam (part). Special Accomodations: If you have a documented physical or medical condition that requires modification to the normal test administration conditions, you must contact the IIA Certification Department at [email protected] for information on how to apply for special accommodations. Requests for test administration modifications will be processed as quickly as possible but may take 30 days or more to implement.
sTEP 5: RECEIVE AUTHORIZATION TO TEsT

Once your exam registration has been processed, you will receive an Authorization to Test notification via e-mail advising you to contact Pearson VUE (The IIAs CBT test administration vendor) to schedule your exam at one of their computer-based testing centers. You will be asked to wait 48 hours before contacting Pearson VUE in order to allow time for your registration data to be uploaded to their scheduling system. You cannot schedule an IIA exam with Pearson VUE without first registering and receiving authorization from The IIA.
Scheduling is the process through which you reserve a testing station at the location and time that you wish to take your examination. You may schedule your exam at any IIA-authorized Pearson VUE test center at any time that the center has an available testing station for you. Once you have waited 48 hours for your registration data to be uploaded to Pearson VUEs scheduling system, you should schedule your exam as soon as possible so that you have the greatest opportunity to sit at your preferred date, time, and location. Note: You must schedule and take your exam within 180 days from the day that your exam registration is processed at IIA. After 180 days, your registration will expire, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it.
sCHEDULING YOUR APPOINTMENT

sCHEDULE YOUR EXAM
The IIA is making it possible for you to sit for your IIA certification exam throughout the world, at a date and time that is convenient to you, in the exam language of your choice! In order for you to take full advantage of these amazing conveniences, you need to schedule early. There are numerous other examinees from a wide variety of certification programs who are also taking their exams at Pearson VUE testing centers. Appointments are made on a first-come, first-served basis, according to availability of testing stations. Centers can and will fill up. If you do not schedule early, you will either have to delay your exam or select a different testing center. You must schedule your exam appointment in advance of the desired exam date. To increase the likelihood that you will receive your first choice of date, time, and location, it is recommended that you schedule at least 45 days before your desired exam date. However, please remember that you should wait 48 hours after receiving your Authorization to Test notification before contacting Pearson VUE to schedule your exam, in order to allow time for your registration data to be uploaded to their scheduling system. You can schedule your exam for any available appointment time within 180 days from the date that the registration is processed at IIA. If you do not schedule your exam in that time period, your Authorization to Test will expire, and you will be required to register and pay for that exam again in order to schedule or sit for it. Neither The IIA nor Pearson VUE is responsible if you do not schedule an appointment before your registration/authorization expires. Once you make an appointment, you will be allowed to re-schedule your exam without penalty up to 48 hours prior to your appointment. After that time, if you do not appear for your exam at your scheduled location on your scheduled date and time, you will be considered a no-show, your registration will be voided, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it.
TEsT CENTER sCHEDULEs

Most Pearson VUE test centers are open five or six days per week during normal business hours, based on local conditions, throughout the year. You can schedule your exam at any time that the Pearson VUE site is open and has testing stations available.
TEsT CENTER LOCATIONs

You will be allowed to take your exam at any IIA-authorized Pearson VUE testing center worldwide, regardless of whether the testing center is located in your hometown or country. To locate the testing centers nearest you, visit the Pearson VUE Web site www.pearsonvue.com/iia and click on Locate a test center.
ONLINE sCHEDULING
The quickest way to schedule an exam appointment (as well as reschedule and cancel an appointment, if necessary) is on the Internet. Using the Internet provides you with 24-hour access to scheduling, giving you the quickest and most direct access to preferred dates and test center locations. You will also instantly receive a detailed confirmation of your appointment (on-screen and via e-mail). To schedule online, follow these steps: 1. Go to www.pearsonvue.com/iia. 2. Click on Schedule a Test. 3. Login using your Pearson VUE username and password. If you are a first-time user of the Pearson VUE Web site, you should: Click on Create a Web Account. Complete the requested information. Use the same information that you provided in your IIA CCMS primary address and primary e-mail fields in order for the Pearson VUE system to locate your authorization from The IIA. Under Previous Testing History, check No, this will be my first time Enter candidate ID number that you received from The IIA. Wait for Pearson VUE to e-mail you regarding your username and password. This process may take up to 24 hours. 4. Click on Schedule Exams. You will see all of the exams that you have registered for and are able to schedule. 5. Select the exam that you wish to schedule and follow the instructions to select the location of the testing center where you wish to take the exam. A calendar indicating available test dates will appear. Click on an available date to see the time slots that are available for this test and select the time for your appointment. Follow the instructions to complete the scheduling of your appointment. You will receive an e-mail confirmation of your appointment.
sCHEDULING BY PHONE
You may also schedule your exam over the phone. Visit www.pearsonvue.com/iia to see a listing of available phone numbers for Pearson VUE call centers. Many call centers have toll-free numbers for your convenience. Provide the call center representative with your IIA candidate ID number, and you will be walked through the scheduling process. Please have your first, second, and third choice of dates and times planned before you call the call center. You may not schedule an exam directly with a Pearson VUE testing center, and no walk-in appointments are allowed.
APPOINTMENT CONfIRMATION LETTER

Upon completion of the scheduling process, Pearson VUE will e-mail an exam appointment confirmation to you, which will confirm your appointment and provide information about the location of the test center. Print this letter and take it to the test center with you when you go to take your exam. If you do not have an e-mail address, Pearson VUE may mail the confirmation to you, as long as your scheduled appointment is at least three days in the future. Please schedule well enough in advance to allow sufficient time for you to receive this letter by mail.
CHANGEs TO YOUR APPOINTMENT

Canceling or changing an appointment can also be accomplished online at www.pearsonvue.com/iia or by calling a Pearson VUE call center. Once you make an appointment, you will be allowed to re-schedule your exam without penalty up to 48 hours prior to your appointment. After that time, if you do not appear for your exam at your scheduled location on your scheduled date and time, you will be considered a no-show, your registration will be voided, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it.
TEsT CENTER CLOsINGs DUE TO WEATHER OR OTHER EMERGENCY

If severe weather or other local emergency requires a test center to be closed, every attempt will be made to contact you. However, if you are unsure if your test center is open on the day of your exam, you may call the local test center directly. If the center is open, it is your responsibility to keep the appointment. If the center is closed, you will be given the opportunity to reschedule without penalty. If you are unable to contact the local test center, go to the Pearson VUE Web site at www.pearsonvue.com/iia, and call the Pearson VUE call center nearest you.
PREPARING fOR THE EXAM

The CIA and the three specialty exams are self-study exams and do not require a prescribed curriculum. Candidates may choose their own method of preparing for the exam. Information on preparation resources is available at www.theiia.org/certification. Abbreviated versions of the exam content outlines can be located on pages 22 and 27. See www.theiia.org/certification for detailed exam content outlines. Also, a brief tutorial on how to navigate through the computer-based exam is available at www.theiia.org/certification. If you have not previously taken an IIA exam in a Pearson VUE testing center, we recommend that you review the tutorial before taking the exam.
10
CHECKING IN fOR YOUR EXAM AT A PEARsON VUE TEsT CENTER

sTEP 1: ARRIVE AT THE TEsT CENTER EARLY
The Pearson VUE exam appointment confirmation letter will provide you with the location of your testing center. Plan your travel carefully so that you will arrive at the test center at least 30 minutes before the scheduled appointment time. If you arrive at the test center less than 30 minutes before your scheduled appointment, you may be denied access to the test center and considered a no-show. In no case will you be admitted to the test if you arrive after your scheduled starting time. If you are considered a no-show, your registration will be voided, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it in the future.
sTEP 2: BRING YOUR PEARsON VUE EXAM APPOINTMENT CONfIRMATION LETTER WITH YOU
You should bring the exam appointment confirmation letter that you received via e-mail from Pearson VUE with you to the testing center. This letter contains important information that will allow the test administrator to locate your record and be able to admit you to the exam. It may also be useful to bring your Authorization to Test notification that you received via e-mail from The IIA.
sTEP 3: PREsENT ACCEPTABLE PERsONAL IDENTIfICATION

The IIA and Pearson VUE employ very strict security measures. One level of security involves your identification. You must bring at least one form of identification that meets the following requirements: Identification (ID) must: Contain your name exactly as you provided it during the exam registration process (as it appears on your Pearson VUE exam appointment confirmation letter). Have a permanently affixed photo of your face. Be current expired IDs will not be accepted. Be an original document no photocopies will be accepted. Acceptable forms of identification are: Government-issued drivers license. Passport. Military ID (except those with chips). Permanent resident visa. Credit card with photo (meeting requirements). Other government-issued ID (see IIA Web site for examples). Unacceptable forms of identification include: Employee identification or work badge. University/college identification. If you do not present acceptable identification, you will not be allowed to take your exam and you will be considered a no-show even though you appeared at the exam site. Your registration will be voided, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it in the future.
11
sTEP 4: CHECK IN fOR YOUR TEsT

The staff at each Pearson VUE test center has been trained in the procedures specific to IIA exams. Exam center personnel will guide you through the steps that have been developed by The IIA. Here is what to expect when you arrive at the test center: 1. The test center administrator will show you where to store your personal items. You must place all personal belongings, including purses, wallets, watches, jewelry, cell phone, etc. in the storage lockers (or other secured location) provided by the test center. You will be given the key to your locker, which must be returned to the test center staff when you leave. The lockers are very small and are not intended to hold large items. Do not bring anything to the test center unless it is absolutely necessary. Neither test center personnel, Pearson VUE, nor The IIA will be responsible for lost or stolen items. 2. The administrator will provide you with a copy of the Candidate Rules Agreement. You must accept the terms of this agreement in order to take an exam at a Pearson VUE testing center. 3. You must provide one form of acceptable identification. The administrator will verify that the name on the identification matches the name on the exam registration. You must keep this identification with you at all times during the exam. If you leave the testing room for any reason, you will be required to show your identification to be re-admitted. 4. The administrator will capture your signature and verify that your signature matches that on your identification (if any). 5. Your fingerprint will be captured, and a digital photograph of your face will be made. 6. The only item that a candidate may bring to the test that is allowed in the testing room is a nonelectronic language translation dictionary. This dictionary may not contain definitions of terms; only direct translations of words. It cannot have anything written or highlighted in the book nor can it contain any added notes or documents inserted into the book. If you have brought a translation dictionary, the administrator will check it to be certain that it is acceptable and does not contain any markings or inserted material. The administrator may disallow any dictionary that does not seem to meet these criteria. 7. You will be offered an erasable note board and pen on which you can take notes during the exam. You must return this to the administrator prior to leaving the test center. You cannot take any notes from the test center. 8. An onscreen calculator will be available during the exam. If you prefer a hand-held calculator and the test center has one available, you may request to be provided with one. You will not be allowed to bring a personal calculator or any other such device with you into the testing room. 9. You will be required to sign the test center log and you will be admitted to the test. Your test will start within 30 minutes of the scheduled start time. If circumstances arise, other than candidate error, which delay your session more than 30 minutes, you will be given the choice of continuing to wait or rescheduling your appointment. 10. If you leave the testing room for any reason, you will be required to sign the test center log and show your identification. You may also be required to provide a fingerprint when leaving or re-entering the testing room. 11. You will not be allowed to bring any food or drink into the testing room.
12
12. You will be escorted to a workstation by the exam proctor. You must remain in your seat during the exam, except when authorized to leave the testing room. 13. After you are logged into your exam, proceed through the introductory screens without delay. There is a time limit on the initial screens and, if that time limit is exceeded, the exam session will automatically begin. 14. If you encounter ANY computer problem, report it immediately to the exam proctor.
TAKE YOUR IIA EXAM

Once you have been seated at a testing station, the administrator will log you into your exam. You will be asked to confirm that the exam shown on the screen is the exam that you are scheduled to take, and then you will begin the testing session. All IIA certification exams follow the same exam flow pattern, which consists of several distinct segments, as follows:
NON-DIsCLOsURE AGREEMENT AND GENERAL TERMs Of UsE fOR IIA EXAMs

Before you begin your exam, you will be required to accept the terms of The IIAs non-disclosure and confidentiality statement as follows: This exam is confidential and is protected by law. It is made available to you, the examinee, solely for the purpose of becoming certified. You are expressly prohibited from disclosing, publishing, reproducing or transmitting this exam, in whole or in part, in any form or by any means, verbal or written, electronic or mechanical, for any purpose, without the prior written permission of The Institute of Internal Auditors (IIA). The IIA requires all exam candidates to read and accept the above Non-Disclosure Agreement and General Terms of Use for IIA exams prior to taking an IIA Exam. If you do not accept the exam non-disclosure agreement, your exam will be terminated. If this occurs, your registration will be voided, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it.
TUTORIAL
Before you begin the actual exam, you will be allowed to view a tutorial that shows you how to navigate through the exam. (Information from this tutorial is also available at www.theiia.org/certification for candidates to review in advance of their exam.) You may choose to skip this section and move directly to the exam if you wish. If you have not previously taken an IIA exam in a Pearson VUE testing center, we strongly recommend that you review the tutorial before taking the exam. If you choose to view the tutorial, you will be allowed 10 minutes to do so. The time allotted for the tutorial is separate from the actual testing time. Whether you view the tutorial or not, you will have exactly the same testing time.
13
BEGIN THE EXAM

When you are ready to begin the exam, the system will advise you of the time that you have to complete the exam. The time allotted for each actual exam is as follows:
EXAM
NUMBER Of qUEsTIONs
TEsT TIME
CERTIfIED INTERNAL AUDITOR (CIA)

Part 1 Part 2 Part 3 Part 4 100 M/C questions 100 M/C questions 100 M/C questions 100 M/C questions 2 hours and 45 minutes 2 hours and 45 minutes 2 hours and 45 minutes 2 hours and 45 minutes
IIA sPECIALTY EXAMs

Certification in Control Self-Assessment (CCSA) Certified Government Auditing Professional (CGAP) Certified Financial Services Auditor (CFSA) 125 M/C questions 3 hours and 15 minutes
125 M/C questions
3 hours and 15 minutes
125 M/C questions
3 hours and 15 minutes
The computer screen has a built-in timer to let you know the time remaining as you work through the exam. Plan your time wisely so that you do not use your time up early in the exam and do not have enough time to complete the exam. The testing system allows you to flag questions for review and allows you to return to these items after you have viewed the last question in the exam. If you have completed the last question in the exam before the time is up, you will be able to review your flagged questions and any other questions until your testing time expires. There are no scheduled breaks during the exam. You are allowed to take a break, if necessary, but any time taken for breaks counts towards the overall time allotment for that exam. You will need to check out/in with the exam proctor if you leave the testing room.
sCORING
Your score is based on the number of scored questions that you answer correctly. Each scored question contributes equally to your final test score. (Some unscored questions are included on each exam for the purpose of determining the difficulty of these items only. They do not contribute to your exam score.) There is no penalty for incorrect responses or guessing, so it is to your advantage to attempt to respond to every question in the exam.
14
EXAM MIsCONDUCT NOTICE

Pearson VUE staff is trained to watch for unusual behavior and incidents during the exam. Exam sessions are audio/videotaped to document the occurrence of any unusual activity, and candidate misconduct will be reported to The IIA for investigation. If you violate any of the testing rules, attempt to remove test items from the center, or are disruptive to other candidates, your exam may be terminated and/or your test scores invalidated. The IIA and its Board of Regents consider candidate misconduct related to the certification process a serious offense. Incidents of candidate misconduct will be referred to The IIAs International Ethics Committee for action. Actions by The IIAs International Ethics Committee may include invalidation of exam results, disqualification from participation in all IIA certification programs (current and future), and publication of the results of their due process in an IIA publication. If evidence of misconduct is discovered after a candidate has been awarded an IIA certification, the certification may be revoked. The IIA may also take other actions to the extent permitted by law.
REPORTING EXAM CONCERNs

If you have questions, comments, or concerns regarding the testing experience or with exam questions, please e-mail them to [email protected]. Please note that while The IIA will review all comments provided regarding exam questions, all scored exam questions have been validated before administration of the exam. The IIA will not re-grade or otherwise change a candidates grade after the test administration based on these comments.
COMPLETE THE POsT-EXAM sURVEY

In an effort to enhance the testing experience for future candidates, The IIA relies on feedback from current candidates. At the completion of the exam, a short survey will be presented on the computer screen. Please take a few minutes to respond before leaving the testing center. You will have up to five minutes to complete the survey. This time is separate from your testing time.
RECEIVE YOUR REsULTs

When you finish the exam, leave the testing room quietly, turn in your note board, and sign the test center log. The test center staff will provide you with a printed unofficial score report and dismiss you after completing all necessary procedures. Please do not ask the proctors any questions concerning the exam contents or exam scores as they will not be able to assist you. Note: Your score will become official once The IIA publishes the score to The IIA Certification Candidate Management System (CCMS). This normally takes a few days. Exam scores may be suspended, voided or otherwise invalidated after becoming official if The IIA discovers errors or evidence of cheating or other improper activity.
UNDERsTANDING YOUR REsULTs

The IIA validates test questions to statistically determine the minimum number of correct responses required to pass a test, based on the difficulty of the items in that test. Because the exact number of questions required to pass the exam may be slightly different from one test to another, all raw scores (the number of correct responses) are converted to a reporting scale that ranges from 250 to 750 points. A score of 600 or higher on this scale is required to pass an IIA exam.
15
If you achieve a passing score, your score report will only indicate that you passed. No numeric score will be reported. If you did not pass the test, the score report will indicate the numeric score that you received. This will let you know how close you were to achieving the required 600 points. Failing candidates also receive an indication of their performance on each major exam topic area or domain. This will let you know the topics on which you performed well and those on which you need improvement.
RETAKING fAILED EXAMs

If you fail any one of the CIA exams (parts) or one of the specialty exams, you must wait at least 90 days before you will be able to retake that exam (part). You can re-register for the exam and schedule your new test appointment once your exam results are published to the CCMS; however, the earliest appointment date that will be available to you will be 90 days from the date that you last took that exam. Please keep in mind that when you register for an exam, you must sit for that exam within 180 days of the day that your registration is processed by The IIA. If you register immediately after failing an exam, your 180-day registration/authorization period will begin immediately but you will still have to wait 90 days before your first opportunity to sit for the exam. There is no limit to the number of times a candidate can retake a failed exam. To re-register for a failed exam and schedule a new test appointment, follow the same steps indicated above for initial registration and scheduling.
16
BECOMING CERTIfIED AND RECEIVING YOUR CERTIfICATE

You must pass all required exams and complete all other program requirements in order to become certified. Once you meet all requirements for certification, you will receive notification that you are certified. This official notification is sent to your preferred e-mail address in the CCMS and serves as proof that you are now certified. You can also log onto your account on the CCMS and view/print information from the Certification Progress screen, which shows your certificate number (called Certificate Serial Number) and date certified. Your date certified is the date that your last program requirement was completed and uploaded into the CCMS. Your certificate will be issued to your local IIA chapter or institute for distribution. Certificates are printed and mailed to IIA chapters/institutes on a quarterly basis for presentation to newly certified individuals. To ensure that your certificate is printed and distributed correctly, please log onto your account on the CCMS and verify that your personal information page correctly indicates (1) the way that you would like your name to appear on your certificate and (2) the chapter/institute where your certificate should be mailed. These fields appear at the bottom of the Personal Information page in the Custom Questions section. To change how your name appears on your certificate, please click on the New Incident link in the CCMS and submit an incident indicating how your name should appear on your certificate. This may be slightly different from the way that your name appears on your identification (for example: John W. Smith instead of John William Smith), but it cannot include any certifications, degrees, or other designations. On the incident, please choose a category of Certificate Questions/Concerns and add a summary (title) of Name on Certificate for the incident so that it can be routed appropriately. To change your chapter/institute for certificate distribution, please click on the Update Personal Information link and choose the correct chapter/institute. Please have this information completed by the following deadlines in order to ensure that your certificate is printed and distributed correctly: Candidates certified in January, February, or March must update their information by April 10; their certificates will be shipped to their chosen chapter/institute in May. Candidates certified in April, May, or June must update their information by July 10; their certificates will be shipped to their chosen chapter/institute in August. Candidates certified in July, August, or September must update their information by October 10; their certificates will be shipped to their chosen chapter/institute in November. Candidates certified in October, November, or December must update their information by January 10; their certificates will be shipped to their chosen chapter/institute in February. Note: Any changes requested after the dates specified above will require a $50 USD certificate reprint fee.
17
MAINTAINING YOUR CERTIfICATION

The Board of Regents requires that after initial certification, CIAs, CCSAs, CGAPs, and CFSAs must maintain their knowledge and skills and stay abreast of improvements and current developments in their area of certification through Continuing Professional Education (CPE). This is facilitated through a self-certification process with the completion and reporting of required CPE hours on a biennial basis. For additional information on CPE, please visit www.theiia.org/certification.
The CIA certificate helps you broaden your knowledge on internal controls and other operational issues, such as IT, finance, and accounting. Preparing for the exam provides an excellent overview of business-relevant knowledge.
Ms. Isabella Arndorfer, CIA, CCSA, CFSA Audit Manager, Bank for International Settlements Basel/Switzerland
18

sTANDARDs Of ELIGIBILITY AND VERIfICATION REqUIREMENTs
To be eligible for CIA certification, a candidate must meet all of the following requirements:
1. EDUCATION
Requirement CIA candidates must hold a bachelors degree (or higher degree) or its educational equivalent from an accredited college-level institution. Applicants must meet the education requirement before their CIA application can be approved and before they can register and sit for any CIA exam parts. Equivalents/Exceptions Certain international professional designations (such as Chartered Accountant) may be accepted as equivalent to a bachelors degree. Professional work experience will not substitute for an appropriate degree. Applicants who do not have a bachelors (or higher) degree but believe that their educational achievements or professional designations qualify as equivalents to a bachelors (or higher) degree must choose Other in the Education section of the CIA application and provide specific information in the space provided, as well as submitting required documentation. Information submitted should be sufficiently detailed to enable the Board of Regents to determine equivalency. Documentation of educational achievements should clearly indicate that the education is equivalent to a bachelors degree. Full-time university students who are in their senior (final) year may enter the CIA program and sit for CIA exam parts before completing their education requirement; however, they must: - Complete the special CIA Application Student/Professor in the IIA CCMS; and - Submit a Full-Time Student Status Form (see page 35); and - Complete the education requirement before they can be certified. Required Documentation Applicants must indicate their highest level of education on the CIA application. Proof of education (copy of degree or transcripts) is required. This document should be faxed or e-mailed (along with a cover sheet indicating the candidates ID number) immediately following completion of the CIA application. Candidates may be accepted into the CIA program based on the information that they provide about their education on the CIA application but supporting documentation is still required. Once a candidates application is approved, the candidate may begin the exam registration process before submitting the remaining documentation. Applicants must provide accurate information on the CIA application. If a candidates submitted documentation does not support the information that was provided on the CIA application, the candidate can face review and censure by The IIAs International Ethics Committee, including but not limited to removal from the CIA program and revocation of CIA exam parts or certification.
19
2. EXPERIENCE
Requirement CIA candidates must obtain a minimum of 24 months of internal auditing experience or its equivalent. Equivalents/Exceptions Acceptable equivalent experience includes experience in audit/assessment disciplines, external auditing, quality assurance, compliance, and internal control. A masters degree or work experience in related business professions (such as accounting, law, or finance) can be substituted for 12 of the required 24 months of professional internal auditing experience. Required Documentation A completed, signed Experience Verification Form is required. This document should be submitted upon full completion of the experience requirement. Candidates may apply to the CIA program and sit for the CIA exam prior to satisfying the professional experience requirement, but will not be certified until all program requirements have been met. The Experience Verification Form is available on page 37.
3. PROfEssIONAL CONDUCT
Requirement To be eligible for CIA certification, an applicant must exhibit high moral and professional character and agree to abide by The IIAs Code of Ethics. CIAs and CIA candidates are expected to display exemplary professional behavior and judgment and must agree to abide by the Code of Ethics established by The IIA. Agreement is a required part of the CIA application process and is attested to on the CIA Application. The IIAs Code of Ethics is available on page 34 and online at www.theiia.org/guidance. Required Documentation CIA candidates must submit a Character Reference Form completed by an IIA-certified individual (CIA, CCSA, CGAP, or CFSA), the candidates supervisor, or the candidates professor. This document should be faxed or e-mailed immediately following completion of the CIA application. Candidates may apply to the CIA program and sit for the CIA exam prior to submitting the Character Reference Form, but will not be certified until all program requirements have been met. The Character Reference Form is available on page 33.
4. EXAMINATION
Requirement Candidates must successfully complete all of the following exam parts: CIA Part 1 CIA Part 2 CIA Part 3 CIA Part 4
20
Equivalents/Exceptions The IIA offers candidates the option of obtaining Professional Recognition Credit (PRC4) in lieu of sitting for Part 4 of the CIA exam. See the PRC4 section on page 23 for additional information. Required Documentation Candidates must register for exam parts once their candidate application is approved. Documentation and registration are required for PRC4. Candidates register online through the CCMS at www.theiia.org/certification.
sUBMITTING AND CONfIRMING REqUIRED DOCUMENTATION

Required documentation should be submitted as an attachment to [email protected] or via fax to +1-407-937-1108. Submitted documents will typically be reviewed within approximately five business days of receipt at The IIA, although the timing will be longer at the initial CCMS launch. You may confirm that the document has been approved by going to www.theiia.org/certification, logging into your record on the CCMS, and clicking on the appropriate certification program on the Certification Progress screen. If the document cannot be approved, you will be contacted.
ELIGIBILITY PERIOD
Once a candidates application to the CIA program has been approved, the candidate can continue to pursue certification until all of the requirements are met. A candidates program eligibility will expire, however, if: It has been two years from the date that the candidates application was approved, AND The candidate has not successfully completed all required exams, AND The candidate has not sat for an exam part in the past two years, AND The candidate does not have a current open registration for an exam part. (An open registration is defined as a paid registration for an exam part for which the candidate has not yet sat. Exam registrations are valid for 180 days from the date that the registration is processed at IIA.) If a candidates program eligibility expires, the candidate loses credit for any exam parts previously passed. In order to re-enter the CIA program, the candidate must submit a new CIA application and pay the appropriate fees. Special note for existing candidates as of January 1, 2008: For candidates who were not yet certified and whose eligibility had not expired as of December 31, 2007, all applications and previously passed exam parts were converted to the CCMS with an application approved or exam passed date of January 1, 2008. This was a necessary step in the transition to the CCMS and means that existing candidates will not expire from the CIA program until January 1, 2010 at the earliest, based on the eligibility period rules outlined above. This transition policy is not retroactive to candidates whose eligibility expired prior to January 1, 2008.
21
CIA EXAM CONTENT

The CIA exam is offered in four parts, each part consisting of 100 multiple-choice questions. Candidates are given 2 hours and 45 minutes to complete each exam part.
PART 1 THE INTERNAL AUDIT ACTIVITYs ROLE IN GOVERNANCE, RIsK, AND CONTROL
A. Comply with The IIAs Attribute Standards. B. Establish a risk-based plan to determine the priorities of internal audit activity. C. Understand the internal audit activitys role in organizational governance. D. Perform other internal audit roles and responsibilities. E. Governance, risk, and control knowledge elements. F. Plan engagements.
PART 2 CONDUCTING THE INTERNAL AUDIT ENGAGEMENT

A. B. C. D. E. Conduct engagements. Conduct specific engagements. Monitor engagement outcomes. Fraud knowledge elements. Engagement tools.
PART 3 BUsINEss ANALYsIs AND INfORMATION TECHNOLOGY

A. B. C. D. E. Business processes. Financial accounting and finance. Managerial accounting. Regulatory, legal, and economics. Information technology.
PART 4 BUsINEss MANAGEMENT sKILLs

A. B. C. D. E. Strategic management. Global business environments. Organizational behavior. Management skills. Negotiating.
For detailed topic outlines, visit www.theiia.org/certification. Exam topics and/or format are subject to change as approved by the Board of Regents.
22
PROFESSIONAL RECOGNITION CREDIT FOR PART 4 OF THE CIA EXAM (PRC4)

CIA candidates who have successfully completed the examination requirements for certain other professional certifications are eligible to receive credit for Part 4 of the CIA exam through the Professional Recognition Credit (PRC4) option, in lieu of sitting for Part 4. Credit is not available for Parts 1, 2, or 3 of the CIA exam. Candidates who attain PRC4 and pass Parts 1, 2, and 3 will have satisfied the examination requirement for the CIA designation. CIA candidates can obtain PRC4 either through an IIA specialty certification (CCSA, CGAP, or CFSA) or through an approved non-IIA certification. A complete list of approved certifications is available at www.theiia.org/certification. CIA candidates who have passed an IIA specialty certification exam will automatically receive PRC4 and do not need to register for PRC4 or submit further documentation. CIA candidates who wish to receive PRC4 based on an approved non-IIA certification must complete all of the following steps: Complete and submit the form entitled CIA Registration for Part 4 Professional Recognition Credit in the online Certification Candidate Management System (CCMS) and provide appropriate payment. Submit documentation of successful completion of the approved certification. Documentation of completing only the examination requirements for any given certification, with the exception of The IIAs specialty certifications (CCSA, CFSA, CGAP) will not be accepted. The certification used for the exemption must also be in current status. Examples of evidence include a copy of the appropriate certification certificate or a letter from the sponsoring organization indicating that the candidate has successfully completed the certification requirements and is in current status. Documentation should be submitted as an attachment to [email protected] or faxed to +1-407-937-1108. Candidates must include their candidate ID number on all documentation (or in the name of the attachment for e-mailed documentation). Documentation will typically be reviewed within approximately five business days of receipt at The IIA, although timing will be longer at the initial CCMS launch. You may confirm that the document has been approved by going to www.theiia.org/certification, logging into your record on the CCMS, and clicking on the appropriate certification program on the Certification Progress screen. If your documentation cannot be approved, you will be contacted. Your credit for Part 4 will not be obtained until both the appropriate PRC4 registration (with payment) and documentation have been received and processed. Candidates may request review of a new certification for PRC4 by contacting The IIA. Candidates who have a specialized certification that is exam-based and is required or useful in their audit environment should submit the information and request for approval to The IIAs Certification Department for review by the Board of Regents. (Candidates outside North America should submit this information to The IIAs Certification Department through their local IIA institute.) The Board of Regents will review the submitted certification and determine whether it is eligible for PRC4. Reviews are generally performed on a quarterly or biannual basis.
23
IIA sPECIALTY EXAMs

sTANDARDs Of ELIGIBILITY AND VERIfICATION REqUIREMENTs fOR THE CERTIfICATION IN CONTROL sELf AssEssMENT (CCsA), CERTIfIED fINANCIAL sERVICEs AUDITOR (CfsA), AND CERTIfIED GOVERNMENT AUDITING PROfEssIONAL (CGAP)
To be eligible for CCSA, CFSA, and CGAP certification, a candidate must meet all of the following requirements:
1. EDUCATION
Requirement Candidates must hold a bachelors degree (or higher degree) or its educational equivalent from an accredited college-level institution. Applicants must meet the education requirement before their application can be approved and before they can register and sit for an exam. Equivalents/Exceptions A minimum of two years of post-secondary education with an accredited organization plus three years of general business experience may be substituted for a bachelors degree in the CCSA, CFSA, and CGAP programs. (This exception is not allowed for the CIA program.) Required Documentation Applicants must indicate their highest level of education on the specialty exam application. Proof of education (copy of degree or transcripts) is required. This document should be faxed or e-mailed (along with a cover sheet indicating the candidates ID number) immediately following completion of the application. Candidates may be accepted into the respective program based on the information that they provide about their education on the application but supporting documentation is still required. Applicants must provide accurate information on the application. If a candidates submitted documentation does not support the information that was provided on the application, the candidate can face review and censure by The IIAs International Ethics Committee, including but not limited to removal from the certification program and revocation of the exam or certification.
2. EXPERIENCE
Requirement CCSA candidates must obtain one year of control-related business experience, such as CSA, auditing, quality assurance, risk management, or environmental auditing. CFSA candidates must obtain two years of auditing experience in a financial services environment. CGAP candidates must obtain two years of auditing experience in a government environment (federal, national, state/provincial, local, quasi-governmental areas, or authority/crown corporation).
24
Required Documentation A completed, signed Experience Verification Form is required. This document should be submitted upon full completion of the experience requirement. Candidates may apply to the program and sit for the exam prior to satisfying the professional experience requirement, but will not be certified until all program requirements have been met. The Experience Verification Form is available on page 37.
3. PROfEssIONAL CONDUCT
Requirement To be eligible for certification, an applicant must exhibit high moral and professional character and agree to abide by The IIAs Code of Ethics. CCSAs, CFSAs, CGAPs, and CCSA/CFSA/CGAP candidates are expected to display exemplary professional behavior and judgment and must agree to abide by the Code of Ethics established by The IIA. Agreement is a required part of the application process and is attested to on the application. The IIAs Code of Ethics is available on page 34 and online at www.theiia.org/guidance. Required Documentation Candidates must submit a Character Reference Form completed by an IIA-certified individual (CIA, CCSA, CGAP, or CFSA), the candidates supervisor, or the candidates professor. This document should be faxed or e-mailed immediately following completion of the application. Candidates may apply to the program and sit for the exam prior to submitting the Character Reference Form, but will not be certified until all program requirements have been met. The Character Reference Form is available on page 33.
4. fACILITATION EXPERIENCE fOR CCsA CANDIDATEs This requirement does not apply to the CFSA or CGAP programs.
Requirement CCSA candidates must obtain seven hours of acceptable facilitation experience or at least 14 hours of acceptable facilitation training. Facilitation experience or training must meet the guidelines listed on the Facilitation Validation Form on page 36. Candidates may apply to the CCSA program and sit for the CCSA exam prior to satisfying the facilitation requirement, but will not be certified until all program requirements have been met. The CCSA Facilitation Validation Form is available on page 36. Required Documentation A Facilitation Validation Form is required.
25
5. EXAMINATION
Requirement Candidates must successfully complete the appropriate exam for their chosen specialty certification program. For CGAP candidates, an international version of the exam is available, as well as a version that is specific to the United States. CFSA candidates must choose one of three disciplines for their exam: Banking, Insurance, or Securities. Required Documentation Candidates must register for an exam once their candidate application is approved. Candidates register online through the CCMS at www.theiia.org/certification.
sUBMITTING AND CONfIRMING REqUIRED DOCUMENTATION

Required documentation should be submitted as an attachment to [email protected] or via fax to +1-407-937-1108. Submitted documents will typically be reviewed within approximately five business days of receipt at The IIA, although the timing will be longer at the initial CCMS launch. You may confirm that the document has been approved by going to www.theiia.org/certification, logging into your record on the CCMS, and clicking on the appropriate certification program on the Certification Progress screen. If the document cannot be approved, you will be contacted.
ELIGIBILITY PERIOD
Once a candidates application to the program has been approved, the candidate can continue to pursue certification until all of the requirements are met. A candidates program eligibility will expire, however, if: It has been two years from the date that the candidates application was approved, AND The candidate has not successfully completed the required exam, AND The candidate has not sat for an exam in the past two years, AND The candidate does not have a current open registration for an exam. (An open registration is defined as a paid registration for an exam for which the candidate has not yet sat. Exam registrations are valid for 180 days from the date that the registration is processed at IIA.) If a candidates program eligibility expires, the candidate must submit a new application and pay the appropriate fees in order to re-enter the program. Special note for existing candidates as of January 1, 2008: For candidates who were not yet certified and whose eligibility had not expired as of December 31, 2007, all applications and previously passed exams were converted to the CCMS with an application approved or exam passed date of January 1, 2008. This was a necessary step in the transition to the CCMS and means that existing candidates will not expire from the program until January 1, 2010 at the earliest, based on the eligibility period rules outlined above. This transition policy is not retroactive to candidates whose eligibility expired prior to January 1, 2008.
26
CCsA EXAM CONTENT

The CCSA exam tests a candidates understanding of important CSA fundamentals, processes, and related topics such as risk, controls, and business objectives. The one-part exam includes 125 multiple-choice questions covering six domains: 1. 2. 3. 4. 5. 6. CSA Fundamentals CSA Program Integration Elements of the CSA Process Business Objectives/Organizational Performance Risk Identification and Assessment Control Theory and Application
Candidates are given 3 hours and 15 minutes to complete the exam. For detailed topic outlines, visit www.theiia.org/certification. Exam topics and/or format are subject to change as approved by the Board of Regents.
CfsA EXAM CONTENT

The CFSA exam tests a candidates knowledge of current auditing practices and understanding of internal audit issues, risks, and remedies in the financial services industry. The one-part exam includes 125 multiple-choice questions. The first 100 questions cover four domains at an awareness level: 1. 2. 3. 4. Financial Services Auditing Auditing Financial Services Products Auditing Financial Services Processes The Regulatory Environment
For the final 25 questions, CFSA candidates are tested at the proficiency level in their chosen discipline of banking, insurance, or securities. Candidates are given 3 hours and 15 minutes to complete the exam. For detailed topic outlines, visit www.theiia.org/certification. Exam topics and/or format are subject to change as approved by the Board of Regents.
CGAP EXAM CONTENT

The CGAP exam tests a candidates knowledge of auditing practices specific to the government sector, and measures understanding of government auditing standards, including The IIAs International Standards for the Professional Practice of Internal Auditing and the International Organization of Supreme Audit Institutions (INTOSAI) government auditing standards. Candidates who take the exam in the United States are also tested on Generally Accepted Government Auditing Standards (GAGAS/Yellow Book). Candidates are given 3 hours and 15 minutes to complete the exam. The one-part CGAP exam includes 125 multiple-choice questions covering four domains: 1. 2. 3. 4. Standards, Governance, and Risk/Control Frameworks Government Auditing Practice Government Auditing Skills and Techniques Government Auditing Environment
For detailed topic outlines, visit www.theiia.org/certification. Exam topics and/or format are subject to change as approved by the Board of Regents.
27
IIA CERTIfICATION APPLICATION AND EXAM REGIsTRATION PRICING

All fees are non-refundable. The pricing below is applicable in the United States, Canada, and many other countries throughout the world. However, these prices may be different in countries where the exams are administered through agreements with IIA institutes. In addition, these prices may be discounted in certain countries based on a World Bank Index.
EXAM
fEEs fOR IIA MEMBERs
fEEs fOR NON-MEMBERs
*fEEs fOR sTUDENTs/PROfEssORs

Application Fee (one-time fee) Part 1 Part 2 Part 3 Part 4 Part 4 Professional Recognition Credit US $60 US $75 US $30
US $130 US $130 US $130 US $130 US $130
US $160 US $160 US $160 US $160 US $160
US $85 US $85 US $85 US $85 US $85
IIA sPECIALTY EXAMs

Application Fee (one-time fee) Certification in Control Self-Assessment (CCSA) Certified Government Auditing Professional (CGAP) Certified Financial Services Auditor (CFSA) US $50 US $75 Not applicable
US $250
US $300
Not applicable
US $250
US $300
Not applicable
US $250
US $300
Not applicable
Once you make an extra appointment, you will be allowed to re-schedule your exam without penalty up to 48 hours prior to your appointment. After that time, if you do not appear for your exam at your scheduled location on your scheduled date and time, you will be considered a no-show, your registration will be voided, you will forfeit your exam registration fee, and you will be required to register and pay for that exam again in order to sit for it. You will also be considered a no-show if you arrive late for your exam appointment or do not provide proper identification, as defined in this handbook. * Full-Time Students/Professors: Please review the eligibility requirements outlined on the Full-Time Student/ Professor Status Form on page 35. www.theiia.org/Certification
28
A paper CIA application and registration form is provided only for those candidates who do not have access to the Internet. To apply to the CIA program, please complete the online application form through the Certification Candidate Management System at www.theiia.org/certification.
29
JOB CODEs
Select the position that best describes your role and function (not necessarily your exact title) in your organization. Enter the appropriate code in the Job Code section of the application. 200 Chief Audit Executive I am the most senior auditing officer for the organization with ultimate responsibility for the entire internal auditing function. 210 Director of Auditing I am the chief auditor authorized to direct a broad, comprehensive program of internal auditing within my organization. 220 Audit Manager I administer the internal auditing activity of an assigned location within the general guidelines provided by the director of auditing. 230 Audit Staff I conduct, or assist in conducting, reviews of assigned organizational and functional activities. 245 IT Audit Director I am head of the IT auditing activity within my organization. 250 IT Audit Manager I administer the IT auditing activity of an assigned location within the general guidelines provided by the director of auditing. 260 IT Audit Staff I conduct, or assist in conducting, reviews of assigned organizational and functional activities related to IT auditing. 275 Audit Services Contractor I offer internal audit services on a contracted basis. 280 External Public Accountant I am a practicing public accountant, chartered accountant, etc. 300 Corporate Management I am a corporate officer, CFO, CIO, CEO (and do not qualify under another job code above). 310 Educator I am principally employed as an educator at a college or university (PhD, DBA, EdD, etc.). 320 Student I am pursuing a degreed program at a college or university (including doctoral candidates) on a fulltime basis. 330 Retired I am retired from active employment (otherwise refer to another job code). 340 Audit Committee Member I am an audit committee member of a corporate board of directors (and do not qualify under another job code above). 350 Management Consultant I am primarily an independent consultant with an interest in internal auditing (otherwise refer to another job code above). 360 Other Specify title or job description.
INDUsTRY CODEs
Select the industry code that most closely describes your current position. Enter the appropriate code in the Industry Code section of the application.
Agriculture, Forestry, & Fisheries 0100 Agricultural, forestry, fisheries, production/services Mining 1000 Mining 1300 Oil and gas extraction Contract Construction 1500 Construction Manufacturing 2000 Food/kindred products 2100 Tobacco manufacturers 2200 Textile mill products/apparel 2400 Lumber/wood products (incl. furniture/fixtures) 2600 Paper and allied products (incl. printing/publishing) 2800 Chemicals 2830 Drugs and research 2840 Petroleum refining and relatedindustries 3010 Rubber and plastics products 3100 Leather, stone and glassproducts 3300 Primary metal industries 3400 Fabricated metal products (including nonelectric machinery) 3500 Industrial and commercial machinery 3510 Aerospace 3520 Computers and related devices/ equipment 3600 Electrical machinery, electronic equipment and supplies 3700 Transportation equipment 3800 Scientific, photographic, medical goods 3900 Miscellaneous manufacturing industries Transportation, Communications, & Utility Services 4000 Land transportation 4400 Water transportation 4500 Air transportation 4700 Other transportation services 4800 Communication services 4810 Telecommunications 4900 Electric/gas/sanitary services 4910 Gas services 4920 Gas and electric services 4930 Sanitary services Wholesale & Retail Trade 5000 Wholesale trade 5300 Retail trade 5800 Eating and drinking places Financial, Insurance, & Real Estate 6000 Banking & financial institutions 6030 Nonbanking bank services (e.g., leasing) 6040 Thrift and savings and loan organizations 6100 Credit unions 6130 6200 6300 6500 6700 Other credit agencies Security and commodity services Insurance carriers, agents, services Real estate services Holding/investment companies
Services 7000 Hotels/lodging services 7200 Personal/social services 7300 Contracted audit services 7310 Management consultants 7320 Information technology services 7330 Executive placement services 7500 Repair services 7600 Gaming/lottery 7800 Motion pictures/amusement & recreational services 8000 Health services 8100 Legal services 8200 Educational services 8600 Membership organizations 8900 Public accounting/accounting/ bookkeeping services 8910 Miscellaneous services Government 9100 Federal/national government 9200 State/provincial government 9300 Local government 9400 International government Nonclassifiable 9900 Nonclassifiable establishments
30
A paper specialty exam application and registration form is provided only for those candidates who do not have access to the Internet. To apply to the CCSA, CFSA, or CGAP programs, please complete the online application form through the . Certification Candidate Management System at www.theiia.org/certification
31
IIA INsTITUTEs/CHAPTERs
ARUBA BAHAMAS BARBADOS BERMUDA CANADA Alberta Calgary Edmonton British Columbia Vancouver Vancouver Island Manitoba Winnipeg Newfoundland Newfoundland & Labrador Maritime (Nova Scotia, New Brunswick and Prince Edward Island) Ontario Ottawa Toronto Quebec Montreal Quebec City Saskatchewan Saskatchewan (Regina) CURACAO IIA ALGERIA IIA ARGENTINA IIA AUSTRALIA IIA AUSTRIA IIA AZERBAIJAN IIA BANGLADESH IIA BELGIUM IIA BOLIVIA IIA BOSNIA & HERZEGOVINA IIA BOTSWANA IIA BRAZIL IIA BULGARIA IIA CAMEROON IIA CHILE IIA CHINA IIA CHINESE TAIWAN IIA COLOMBIA IIA CONGO IIA COSTA RICA IIA COTE DIVOIRE IIA CROATIA IIA CYPRUS IIA CZECH REPUBLIC IIA DENMARK IIA DOMINICAN REPUBLIC IIA ECUADOR IIA EGYPT (Cairo) IIA EL SALVADOR IIA ESTONIA IIA ETHIOPIA IIA FIJI IIA FINLAND IIA FRANCE IIA GERMANY IIA GHANA IIA GREECE IIA GUATEMALA IIA HAITI IIA HONDURAS IIA HONG KONG, CHINA IIA HUNGARY IIA ICELAND IIA INDIA IIA INDONESIA IIA ISRAEL IIA ITALY IIA JAPAN IIA KAZAKHSTAN IIA KENYA
BY COUNTRY/sTATE OR PROVINCE/CITY
UNITED STATES Alabama Birmingham Mobile Montgomery North Alabama (Huntsville) Alaska Arizona Phoenix Tucson Arkansas Ark-La-Tex Central Arkansas (Little Rock) North Arkansas California Beach Cities (Torrance) Inland Empire (San Bernardino) Los Angeles Northern California East Bay Orange County Sacramento San Diego San Fernando Valley San Francisco San Gabriel Valley San Jose (San Carlos, Santa Cruz, Santa Clara) Colorado Denver Connecticut Southern New England (Hartford) Westchester-Fairfield (Greenwich, Stamford) Delaware Philadelphia (Wilmington) District of Columbia Washington, DC Florida Central Florida (Orlando) Florida East Coast Florida West Coast (Tampa) Miami North Central Florida Northeast Florida (Jacksonville) Northwest Florida (Pensacola) Palm Beach County Southwest Florida (Fort Myers) Tallahassee Georgia Atlanta Coastal Georgia Columbus Hawaii Idaho Boise Illinois Central Illinois (Peoria, Bloomington) Chicago Chicago West Northwest Metro Chicago Springfield Indiana Fort Wayne Indianapolis Michiana (South Bend) Tri-State (Evansville) Iowa Central Iowa (Des Moines) Heartland - Iowa Quad Cities (Davenport) Kansas Kansas City Topeka Wichita Kentucky Central Kentucky (Lexington) Louisville (Frankfort) Louisiana Ark-La-Tex (Shreveport) Baton Rouge Monroe New Orleans Maine Downeast Maine (Portland) Maryland Baltimore Massachusetts Greater Boston Southern New England (Springfield) Michigan Detroit Lake Superior Lansing Michiana (Benton Harbor) Western Michigan (Grand Rapids) Minnesota Lake Superior (Duluth) Twin Cities (St. Paul, Minneapolis) Mississippi Central Mississippi (Jackson) Mississippi Gulf Coast (Biloxi) Missouri Central Missouri (Jefferson City) Kansas City Ozarks (Springfield) St. Louis Nebraska Ak-Sar-Ben (Lincoln, Omaha) Nevada Las Vegas Northern Nevada (Reno) New Hampshire Granite State (Manchester) New Jersey Atlantic City Central Jersey (Trenton) North Jersey (Newark, West Caldwell, Hackensack) New Mexico Albuquerque Santa Fe New York Albany Central New York (Syracuse) Long Island New York Rochester Westchester-Fairfield (White Plains) Western New York (Buffalo) North Carolina Charlotte Area Raleigh-Durham Triad (Greensboro) North Dakota Central NoDak Ohio Central Ohio (Columbus) Cincinnati Dayton Northeast Ohio (Akron, Canton, Cleveland) Oklahoma Oklahoma City Tulsa Oregon Portland Salem Pennsylvania Central Penn (Lancaster) Lehigh Valley (Allentown) Northeastern Pennsylvania (Scranton) Philadelphia Pittsburgh Puerto Rico Rhode Island Ocean State South Carolina Coastal Carolina (Charleston) Palmetto (Columbia) Western Carolinas (Greenville) South Dakota Sioux Falls Tennessee Chattanooga Area East Tennessee (Knoxville) Memphis Nashville Texas Ark-La-Tex Austin Dallas El Paso Fort Worth Houston San Antonio Utah Salt Lake City (Provo) Vermont Green Mountain (Montpelier) Virginia Central Virginia (Richmond) Northern Virginia (McLean) Southwest Virginia (Roanoke) Tidewater (Norfolk) Triad (Southern Virginia) Washington Mid-Columbia (Richland) Nisqually (Tacoma) Puget Sound (Seattle) Spokane Wisconsin Fox Valley (WI) (Stevens Point) Madison Milwaukee Wyoming
IIA KOREA, REPUBLIC OF IIA LATVIA IIA LEBANON IIA LITHUANIA IIA LUXEMBOURG IIA MALAWI IIA MALAYSIA IIA MALI IIA MEXICO IIA MOROCCO IIA MOZAMBIQUE IIA NETHERLANDS IIA NEW ZEALAND IIA NICARAGUA IIA NIGERIA IIA NORWAY IIA OMAN (SULTANATE OF) IIA PAKISTAN IIA PANAMA IIA PAPAU NEW GUINEA IIA PARAGUAY IIA PERU IIA PHILIPPINES IIA POLAND IIA PORTUGAL IIA QATAR IIA ROMANIA IIA RUSSIA IIA SENEGAL IIA SINGAPORE IIA SLOVAKIA IIA SLOVENIA IIA SOUTH AFRICA IIA SPAIN IIA SRI LANKA IIA SWEDEN IIA SWITZERLAND IIA TANZANIA IIA THAILAND IIA TUNISIA IIA TURKEY IIA UGANDA IIA UKRAINE IIA UNITED ARAB EMIRATES IIA UNITED KINGDOM & IRELAND IIA URUGUAY IIA VENEZUELA IIA ZAMBIA IIA ZIMBABWE JAMAICA TRINIDAD & TOBAGO
32
CHARACTER REfERENCE fORM

NOTE TO RECOMMENDER
The individual named below has applied to one of the certification programs administered by The Institute of Internal Auditors. In considering the candidates qualifications for any of our certifications, we require a character reference evaluation by an individual with an IIA certification, the candidates supervisor, or the candidates professor. The basis for this evaluation is the Code of Ethics established by The IIA. Please read the Code of Ethics and then complete and sign this form. The Code of Ethics is available at www.theiia.org/guidance.
INfORMATION ABOUT CANDIDATE

Candidates ID#:
Candidates Name (please print): ______________________________________________________________________________________________________

(Last Name) (First Name) (Middle Initial)
Candidates Organization: ________________________________________________________________________________
INfORMATION ABOUT RECOMMENDER

I am (check all that apply): A CIA (Certified Internal Auditor) A CCSA (Certification in Control Self-Assessment) A CGAP (Certified Government Auditing Professional) A CFSA (Certified Financial Services Auditor) The candidates supervisor (current or prior) The candidates professor Name (please print): ____________________________________________________________________________________ Title/Position: __________________________________________________________________________________________ Organization: __________________________________________________________________________________________ Address: ______________________________________________________________________________________________ Phone: _____________________________________________ Fax: ____________________________________________ E-mail: _______________________________________________________________________________________________
sTATEMENT Of CHARACTER REfERENCE

In my opinion, the candidate named on this form exhibits high moral and professional character and meets the qualifications set forth by the Code of Ethics established by The Institute of Internal Auditors. Recommenders Signature: ______________________________________________________________________________ Date: ________________________________________________________________________________________________ Please submit completed form as an attachment to [email protected] or fax to +1-407-937-1108. This document will be reviewed within approximately five business days of receipt at The IIA. You may confirm that the document has been approved by going to www.theiia.org/certification, logging into your record on the Certification Candidate Management System (CCMS), and clicking on the appropriate certification program on the Certification Progress screen. If the document cannot be approved, you will be contacted. www.theiia.org/Certification
33
THE IIAs CODE Of ETHICs

INTRODUCTION The purpose of The Institutes Code of Ethics is to promote an ethical culture in the profession of internal auditing. Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organizations operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. A code of ethics is necessary and appropriate for the profession of internal auditing, founded as it is on the trust placed in its objective assurance about risk management, control, and governance. The Institutes Code of Ethics extends beyond the definition of internal auditing to include two essential components: 1. Principles that are relevant to the profession and practice of internal auditing; 2. Rules of Conduct that describe behavior norms expected of internal auditors. These rules are an aid to interpreting the Principles into practical applications and are intended to guide the ethical conduct of internal auditors. The Code of Ethics together with The Institutes Professional Practices Framework and other relevant Institute pronouncements provide guidance to internal auditors serving others. Internal auditors refers to Institute members, recipients of or candidates for IIA professional certifications, and those who provide internal auditing services within the definition of internal auditing. APPLICABILITY AND ENfORCEMENT This Code of Ethics applies to both individuals and entities that provide internal auditing services. For Institute members and recipients of or candidates for IIA professional certifications, breaches of the Code of Ethics will be evaluated and administered according to The Institutes Bylaws and Administrative Guidelines. The fact that a particular conduct is not mentioned in the Rules of Conduct does not prevent it from being unacceptable or discreditable, and therefore, the member, certification holder, or candidate can be liable for disciplinary action. PRINCIPLEs Internal auditors are expected to apply and uphold the following principles: Integrity The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. Objectivity Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating
information about the activity or process being examined. Internal auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments. Confidentiality Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. Competency Internal auditors apply the knowledge, skills, and experience needed in the performance of internal auditing services. RULEs Of CONDUCT 1. Integrity Internal auditors: 1.1. Shall perform their work with honesty, diligence, and responsibility. 1.2. Shall observe the law and make disclosures expected by the law and the profession. 1.3. Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization. 1.4. Shall respect and contribute to the legitimate and ethical objectives of the organization. 2. Objectivity Internal auditors: 2.1. Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization. 2.2 Shall not accept anything that may impair or be presumed to impair their professional judgment. 2.3 Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review. 3. Confidentiality Internal auditors: 3.1 Shall be prudent in the use and protection of information acquired in the course of their duties. 3.2 Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization. 4. Competency Internal auditors: 4.1. Shall engage only in those services for which they have the necessary knowledge, skills, and experience. 4.2 Shall perform internal auditing services in accordance with the International Standards for the Professional Practice of Internal Auditing. 4.3 Shall continually improve their proficiency and the effectiveness and quality of their services.
34
fULL-TIME sTUDENT/PROfEssOR sTATUs fORM

NOTE TO UNIVERsITY OR COLLEGE OffICIAL
The Institute of Internal Auditors (IIA) offers reduced application and exam registration fees for the Certified Internal Auditor (CIA) program to candidates who are full-time students or professors (educators) at accredited colleges/universities, as outlined below. In order for a candidate to be eligible for these reduced fees, the candidates school must confirm that certain requirements are met using the form below. Please complete and sign this form, and return it to the student/professor for submission.

IIA Candidate ID #: ___________________________________________________________________________________________________ Candidates Name (please print): _________________________________________________________________________________________ (Middle Initial) (First Name) (Last Name)
NOTE TO CANDIDATE (fULL-TIME sTUDENT/PROfEssOR)

In order to receive reduced fees for the CIA program, you must complete the following steps (steps 1, 2, 6, and 8 not applicable if you are already a candidate in the CIA program): 1. Follow directions in the Candidate Handbook to log in to The IIAs Certification Candidate Management System (CCMS), set up a profile, and receive a candidate ID number. 2. Complete the CIA Application Student/Professor in the CCMS and pay the reduced student/professor application fee. If you do not have Internet access, you can use the paper application form, but your processing times will be significantly longer. Your application will be held as pending until your Full-Time Student/Professor Status Form is received and approved. 3. Have an official from your college or university complete and sign this Full-Time Student/Professor Status Form and return it to you. You must include your candidate ID number on the form. 4. Professors: You must also submit a letter from your local IIA chapter or institute supporting your request for professor status for pricing. You must include your candidate ID number on the letter and submit it along with this Full-Time Student/Professor Status Form. 5. Submit the completed form (and letter, for professors) as an attachment to [email protected] or fax to +1-407-937-1108. This document will be reviewed within approximately five business days of receipt at The IIA. To verify approval, log in to the CCMS and click on Supporting Requirements approved student/professor forms will have an Effective Date and an Expiration Date. 6. Once this form is approved, your CIA Application Student/Professor will be reviewed. Upon approval, you will receive an e-mail notifying you that you can proceed with the registration process. 7. The Full-Time Student/Professor Status Form and associated fees are valid for 180 days from the date that the form is processed/approved at The IIA. You will automatically receive the reduced pricing for registrations completed within the 180-day period. A new form is required after 180 days if you are still eligible for discounted pricing. 8. If your CIA application is denied because you do not meet the requirements for student/professor status, you will be notified, and your CIA application will be cancelled and refunded. You must submit a regular CIA application in order to apply to the CIA program.
CONfIRMATION Of fULL-TIME sTUDENT/PROfEssOR sTATUs

I confirm that the candidate named on this form is a: Full-time undergraduate* student (enrolled in at least 12 semester hours or equivalent) in his/her senior (final) year, as defined by our institution. Full-time graduate student (enrolled in at least 9 semester hours or equivalent), as defined by our institution. Full-time professor at our institution, as defined by our institution. Please specify the courses being taught during this semester/quarter: ____________________________________________________________________________________________________________________ ____________________________________________________________________________________________________________________ * Full-time university students in their senior (final) year may enter the CIA program and sit for CIA exam parts before completing their education requirement, however, they must complete the education requirement before they can be certified.
INfORMATION ABOUT UNIVERsITY OR COLLEGE OffICIAL

Name of College/University Official (please print): _____________________________________________________________ Title: __________________________________________________________________________________________________ Phone: _______________________________________________ E-mail: ___________________________________________ Name of College or University: _____________________________________________________________________________ Signature of College or University Official: ___________________________________________________________________ Date**: ________________________________________________________________________________________________ www.theiia.org/Certification **Note: Form must be submitted within 30 days of this date.
35
CCsA fACILITATION VALIDATION fORM

CCSA candidates must present proof of either facilitation experience OR training. This facilitation requirement does not need to be met before taking the CCSA exam but must be met before becoming certified as a CCSA. This form is not required for the CIA, CFSA, or CGAP programs. VALIDATION Of fACILITATION EXPERIENCE fOR CCsA CANDIDATE This form or a photocopy of this form should be used to verify attainment of appropriate CSA facilitation experience by a CCSA candidate. The following information should be completed and verified by an individual with an IIA certification or the candidates supervisor. INfORMATION ABOUT CANDIDATE Candidates ID#: ______________________________________________ Last Name: __________________________________________________ First Name: ______________________________ Middle Initial:_______ Candidates Organization: _______________________________________ INfORMATION ABOUT VERIfIER I am (check all that apply): A CCSA (Certification in Control Self-Assessment) A CIA (Certified Internal Auditor) A CGAP (Certified Government Auditing Professional) A CFSA (Certified Financial Services Auditor) The candidates supervisor (current or prior) Other* (explain): ______________________________________________ Name (please print): ____________________________________________ Title/Position: _________________________________________________ Organization:__________________________________________________ Address: _____________________________________________________ Phone: _______________________________________________________ Fax: _________________________________________________________ E-mail:_______________________________________________________ *Other qualified verifiers will be considered for approval. (An example of other qualified verifiers would be the candidates contractual clients if CSA is performed by a candidate who is an external consultant.) sTATEMENT Of VERIfICATION I verify that the candidate named on this form has satisfied all of the following requirements: Facilitated or co-facilitated at least one (1) control self-assessment (CSA) workshop, acquiring at least seven (7) total hours of direct facilitation or co-facilitation experience. A CSA workshop is one that assesses and evaluates risks, controls, or processes supporting the achievement of objectives. Demonstrated, through facilitation or co-facilitation, the ability to encourage group participation, resolve conflict (if applicable), and build consensus. Been involved in the planning of at least one (1) CSA workshop. Received assessment/feedback on performance as a facilitator or co-facilitator. Verifiers Signature: ____________________________________________ Date: ________________________________________________________ Please submit completed form as an attachment to [email protected] or fax to +1-407-937-1108. This document will be reviewed within approximately five business days of receipt at The IIA. You may confirm that the document has been approved by going to www.theiia.org/certification, logging into your record on the Certification Candidate Management System (CCMS), and clicking on the CCSA certification program on the Certification Progress screen. If the document cannot be approved, you will be contacted. www.theiia.org/Certification TRAINING CRITERIA Appropriate courses must include all of the following: Facilitation techniques, including methods to encourage participation, probe for information, and keep discussions on topic. Conflict resolution techniques, including techniques for handling difficult participant types. Consensus building techniques. Group dynamics and/or group decision making. Workshop planning. Facilitation exercise including group assessment/feedback to participant. TRAINING ATTENDED Name of Course: ______________________________________________ Basic Course Description: _______________________________________ _____________________________________________________________ _____________________________________________________________ _____________________________________________________________ Course Provider: _______________________________________________ Name of Instructor(s): __________________________________________ _____________________________________________________________ Course Date(s):________________________________________________ Total Time (Hours) in Course (Minimum 14 hours): __________________ sTATEMENT Of VERIfICATION I verify that the information provided above is correct and that the submitted course meets the criteria listed above for appropriate courses. Candidates Signature: __________________________________________ Date: ________________________________________________________ REqUIRED INfORMATION Please attach proof of course completion. If the course is not one of the courses pre-approved by The IIA, please attach a course description and/ or agenda along with contact information for the course provider. (See The IIAs Web site: www.theiia.org for pre-approved courses.) VALIDATION Of fACILITATION TRAINING fOR CCsA CANDIDATE This form or a photocopy of this form should be used to verify completion of appropriate facilitation training by a CCSA candidate. The following information should be completed and verified by the CCSA candidate. INfORMATION ABOUT CANDIDATE Candidates ID#: ______________________________________________ Last Name: __________________________________________________ First Name: ______________________________ Middle Initial:_______ Candidates Organization: _______________________________________
36
EXPERIENCE VERIfICATION fORM

Candidates ID#: Candidates Name (please print):
(Last Name) (First Name) (Middle Initial)
The individual named above has applied to the following certification program (check one) and must submit a completed, verified copy of this form in order to complete the experience requirement, as outlined below: CIA (Certified Internal Auditor) 24 months of internal audit experience or its equivalent (defined as experience in audit/assessment disciplines, including external auditing, quality assurance, compliance, and internal control) CCSA (Certification in Control Self-Assessment) 12 months of control-related business experience, such as CSA, auditing, quality assurance, risk management, or environmental auditing CGAP (Certified Government Auditing Professional) 24 months of auditing experience in a government environment (federal, state/provincial, local, quasi-governmental areas, authority/crown corporation) CFSA (Certified Financial Services Auditor) 24 months of audit experience in a financial services environment
CANDIDATEs EXPERIENCE
The following information about the candidate should be listed in chronological order, with the most recent position listed first. Please list the candidates job title, dates employed, and a brief description of the candidates duties and responsibilities. If teaching experience is being verified, list course titles, dates, and description of courses. (Two years of teaching experience in a related topic will be accepted as the equivalent of one year of work experience.) Title: _____________________________________________________Organization: ___________________________________________________ Dates: From _______________________________________________ To ___________________________________________________________ Description of Duties: ______________________________________________________________________________________________________ _________________________________________________________________________________________________________________________ _________________________________________________________________________________________________________________________ Title: _____________________________________________________Organization: ___________________________________________________ Dates: From _______________________________________________ To ___________________________________________________________ Description of Duties: ______________________________________________________________________________________________________ _________________________________________________________________________________________________________________________
INfORMATION ABOUT VERIfIER

I am (check all that apply): A CIA A CCSA A CGAP A CFSA The candidates supervisor (current or prior)
Name (please print): _______________________________________________________________________________________________________ Title/Position: _____________________________________________________________________________________________________________ Organization: _____________________________________________________________________________________________________________ Address: _________________________________________________________________________________________________________________ Phone: ___________________________________________________ Fax: _________________________________________________________ E-mail: __________________________________________________________________________________________________________________
sTATEMENT Of VERIfICATION
I verify that the candidate named on this form has completed the experience as listed above, and I attest that this experience meets the experience requirement of the program to which the candidate is applying, as outlined above. Verifiers Signature: _______________________________________________________ Date: Please submit completed form as an attachment to [email protected] or fax to +1-407-937-1108. This document will be reviewed within approximately five business days of receipt at The IIA. You may confirm that the document has been approved by going to www.theiia.org/certification, logging into your record on the Certification Candidate Management System (CCMS), and clicking on the appropriate certification program on the Certification Progress screen. If the document cannot be approved, you will be contacted.
37
NONPROFIT ORGANIZATION U.S. POSTAGE
PAID
247 Maitland Ave. Altamonte Springs, FL 32701-4201 U.S.A.
THE INSTITUTE OF INTERNAL AUDITORS
Global Headquarters
08020 PRINTED IN THE U.S.A.
247 Maitland Avenue
Altamonte Springs, Florida 32701 USA
W www.theiia.org
F +1-407-937-1101
T +1-407-937-1111

CIA Handbook

Uploaded by

Copyright:

Available Formats

CIA Handbook

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CIA Handbook

Uploaded by

Copyright:

Available Formats

CGAP

Certified Government Auditing Professional

Certified Financial Services Auditor

CERTIFICATION CANDIDATE HANDBOOK

EXAM FEE STRuCTuRE

CERTIFICATION FEE STRuCTuRE, EFFECTIvE JAN. 1, 2011 MEMBERS

CPE REPORTING CHANGES

THE IIAs NEW, sTREAMLINED CERTIfICATION PROCEss

DETAILED APPLICATION AND REGIsTRATION INsTRUCTIONs

For information on becoming an IIA member, go to www.theiia.org/membership.

B. COMPLETE THE APPROPRIATE APPLICATION fORM

sTEP 3: sUBMIT APPROPRIATE DOCUMENTATION

sTEP 4: REGIsTER fOR THE APPROPRIATE EXAM(s)

sTEP 5: RECEIVE AUTHORIZATION TO TEsT

sCHEDULING YOUR APPOINTMENT

TEsT CENTER sCHEDULEs

TEsT CENTER LOCATIONs

APPOINTMENT CONfIRMATION LETTER

CHANGEs TO YOUR APPOINTMENT

TEsT CENTER CLOsINGs DUE TO WEATHER OR OTHER EMERGENCY

PREPARING fOR THE EXAM

CHECKING IN fOR YOUR EXAM AT A PEARsON VUE TEsT CENTER

sTEP 3: PREsENT ACCEPTABLE PERsONAL IDENTIfICATION

sTEP 4: CHECK IN fOR YOUR TEsT

TAKE YOUR IIA EXAM

NON-DIsCLOsURE AGREEMENT AND GENERAL TERMs Of UsE fOR IIA EXAMs

BEGIN THE EXAM

CERTIfIED INTERNAL AUDITOR (CIA)

IIA sPECIALTY EXAMs

125 M/C questions

3 hours and 15 minutes

125 M/C questions

3 hours and 15 minutes

EXAM MIsCONDUCT NOTICE

REPORTING EXAM CONCERNs

COMPLETE THE POsT-EXAM sURVEY

RECEIVE YOUR REsULTs

UNDERsTANDING YOUR REsULTs

RETAKING fAILED EXAMs

BECOMING CERTIfIED AND RECEIVING YOUR CERTIfICATE

MAINTAINING YOUR CERTIfICATION

CERTIfIED INTERNAL AUDITOR (CIA)

sUBMITTING AND CONfIRMING REqUIRED DOCUMENTATION

CIA EXAM CONTENT

PART 2 CONDUCTING THE INTERNAL AUDIT ENGAGEMENT

PART 3 BUsINEss ANALYsIs AND INfORMATION TECHNOLOGY

PART 4 BUsINEss MANAGEMENT sKILLs

PROFESSIONAL RECOGNITION CREDIT FOR PART 4 OF THE CIA EXAM (PRC4)

IIA sPECIALTY EXAMs

sUBMITTING AND CONfIRMING REqUIRED DOCUMENTATION

CCsA EXAM CONTENT

CfsA EXAM CONTENT

CGAP EXAM CONTENT

IIA CERTIfICATION APPLICATION AND EXAM REGIsTRATION PRICING

fEEs fOR IIA MEMBERs

fEEs fOR NON-MEMBERs

*fEEs fOR sTUDENTs/PROfEssORs

CERTIfIED INTERNAL AUDITOR (CIA)

US $130 US $130 US $130 US $130 US $130

US $160 US $160 US $160 US $160 US $160