I Pass the CIA Exam!

CIA Exam Part 2: Complete Syllabus (How Tough vs Part 1?)


cia exam part 2

Whether you have passed Part 1 of the CIA exam or want to take Part 2 first, you can find details on the syllabus, exam format and difficulty as perceived by my readers below.

CIA Exam Part 2 Syllabus

There will be a major syllabus change in the CIA effective January 2019. The following is the current version valid for the rest of 2018.

1. Managing the Internal Audit Function (40-50%)

  • Strategic role of Internal Audit: what IA adds value in the organization.
  • Operational role of IA: formulate policies and procedures, admin activities, reporting on risk and internal control frameworks, maintain effective Quality Assurance Improvement Program.
  • Establish risk-based IA Plan including types of engagements.

2. Managing Individual Engagements (40-50%)

2018 CIA exam part 2

  • Plan engagements: establish objectives, plan and identify key risks and controls, complete detailed risk assessment, determine engagement procedures, work program and staff required.
  • Supervise Engagement: direct and supervise individual engagement, nurture instrumental relations, coordinate work assignments, review work papers, conduct exit conference, complete performance appraisals.
  • Communicate engagement results: initiate preliminary communication, develop recommendations; prepare, approve, distribute and obtain management response of the engagement report.
  • Monitor engagement outcomes: identify methods for monitoring, conduct follow-up, and report significant audit issues to senior management.

3. Fraud Risks and Controls (5-15%)

  • Identify potential for fraud risks.
  • Determine if consideration or investigation is required.
  • Complete a process review to improve controls.
  • Employ audit tests to detect fraud.
  • Interrogation/investigative techniques.
  • Forensic auditing.
Part 2 is a continuation of Part 1, covering the most important concepts in internal audit.

Exam Format

CIA Exam Part 2 is shorter than Part 1 with 100 questions. Because of this, the duration is reduced from 2.5 hours to 2 hours. The average time per question remains the same as 1.2 minutes. There are only multiple-choice questions in the exam.

CIA Exam Part 2 Difficulty

Based on my readers’ comments, Part 2 is similar to that of Part 1 in that experience internal auditors shouldn’t have problem passing this section.

If you take the exam sequentially, you will happily find QAIP, Risk, and Fraud again in Part 2.

In my opinion, the syllabus is slightly more advanced than Part 1, but once you are well prepared, the questions themselves are more straight-forward in the actual exam. I’ve got more and more candidates reporting this trend since 2016.

Having said that, it does not mean you can just walk in and ace the exam. It is crucial to read through the concepts at least once and work through the practice questions.

Readers have reported that the exam questions are not as tricky as those in Part 1. However, they may have performed better because they had the experience of taking Part 1.

Does the Syllabus Overlap with Other Exams?

Similar to Part 1, there are some overlap with the CPA and CMA exam.

It matches the most with CPA Audit section, which focuses more on general (and external) audit, they share most of the underlying concepts and audit procedures.

CMA Part 1 exam also has a section on internal control. The concepts and question styles are also similar.

Here is the Summary in Video Format

Next Step: Check out Part 3 Syllabus and Tips

For Your Further Reading

If you would like to join our community, check out our free mini course here, or sign up directly below:

About the Author Stephanie

I am the author of How to Pass The CPA Exam (published by Wiley) and the publisher of this and several accounting professional exam prep sites.

follow me on:
  • Neeraj Mishra says:

    want to know complete details about CIA certification , Complete syllabus and Is there is any wavier for Chartered accountants ……….

  • Daniel says:

    Hi Stephanie,

    Here’s a question that I have: I have no experience in Auditing at all, just a basic audit course I had in one of the semesters.

    I will be writing the part one exam in March, just bought the Wiley books.

    Are the 3 exams doable in my case? Well, at least part one and part two, given my lack of experience in the field.

    Can I do it on the basis of the WILEY books alone? Auditing, in college made very little sense to me, it was vague and dry. What approach should I use this time?



    • Stephanie says:

      Hi Daniel, it’s hard for me to tell, but in order to pass, auditing has to make sense for you. Do you have friends working in public accounting? See if they can tell you their everyday job, what they do, and why audit is needed for a company. Start with the macro (the “why”), then go deeper with the “what” , “when” and “where” and lastly with the techincal “hows”. Once the process makes sense, I don’t think audit is hard. It could be tricky, but not particularly difficult.

      Hope it helps! Stephanie

    • Akshatha says:

      Hey Daniel, do not even think of taking up something if you feel it is “dry and vague”. You need to first enjoy the subject to make it your profession!!!
      There are many options other than audit. Think again.

      • Stephanie says:

        That’s true. Internal audit is audit after all. You may get a different feel when you look at audit in a practical stand point. If you still find it quite boring (I wouldn’t blame you), look for other opportunities. There are plenty as Akshatha said.

  • Daisy says:

    Hi Stephanie,

    Just wanna inform you that I passed part 2 last week using only Gleim book and questions 🙂 Even though I first felt that part 2 was more difficult to comprehend than part 1, it felt contrary during the real exam. The questions in part 2 were actually simpler than the ones I saw in part 1. For example, I did like 100+ Gleim questions on fraud (most of them are complex case studies in which we have to decide either how to detect the fraud or what to do next in a given situation) but in the real exam there was no such case study. There was only questions related to concepts, quite easy ones.

    I feel similar regarding other subjects. In my opinion, you just need to have a good grasp of the concepts to pass Part 2. I myself used only Gleim book and The professional practices Framework and I think that’s more than enough 🙂 By the way, of course you have to study to pass. Some people said there’re overlapping topics between part 2 and part 1 and therefore if you’ve passed part 1 then passing part 2 should be easy. My experience was that there are very few questions on part 2 on the overlapping parts (QAIP and Fraud) and in those questions what are asked are more in-depth. Overall, I spent about the same amount of time on part 2 compared with part 1 (approx. 60 hours).

    I hope my sharing could be helpful to some of you. Good luck to all of those who are going to take part 2 and please wish me luck with part 3!

    • Stephanie says:

      Hi Daisy, wonderful news to know you have successfully passed Part 2 as well! It’s all great info for Part 2 candidates. I will see how I can incorporate your sharing above.

      My very best wishes for you with Part 3! Cheers, Stephanie

    • Art Yip says:


      Congratulations on passing Part 2! Most people do find Part 2 easier than Part 1. Keep up the momentum! Be mindful that Part 3 will be much harder! Let me know if you have any questions to your Part 3 prep work.


      • Daisy says:

        Thanks Stephanie and Art! I don’t know why I didn’t get any email notifications regarding your comments, so I only read them today when I visited the website.

        In anyway, I’ve started studying part 3 and I’ve already got a question for you (I posted the question on another topic just now but I’ll put it again here). In the governance part, I ran through a few questions on Sarbanes-Oxley Act 2002 in Gleim test bank. I’m wondering if that SOX thing will be tested in the real exam since it’s an unique act relevant only in the States.

        Thank you in advance

  • Art Yip says:


    I don’t remember SOX being tested much in Part 3. I would focus more on Governance, Risk Management, and IT (in particular SDLC, App Dev, and Change Controls) as all those are heavily tested at the Proficiency Level. I hope that helps.


  • Noman Khan says:

    Hi Stephanie,

    I have passed CIA Part 1 exam back in October 2015, now my preparation for Part 2 is almost complete and intending to take the exam by the end of May.

    There is a query that I want to ask. Is it necessary to pass all 3 sections in order to pass the CIA exam or is it just that you need to score 80% marks (600 out of 750) anyhow?

    • Stephanie says:

      Hi Noman,
      You need to have 600 or above for each Part 1, 2 and 3 to get done with the CIA exam. Each part is scored independently. Hope I answer your question? Stephanie

  • Sophie says:

    Hi Steph,

    I passed in CIA part 1, but I was so shocked when I didn’t pass in part 2! I scored 577 .. the problem was that, most of the questions were unfamiliar to me and that is because gleim did not cover them at all!!!
    Could you let me know any tips that will make me pass in part 2 when I take the resit? Should I shift to Gleim 2017? or Should I use another review course?
    I found the questions tricky and there were many concepts that Gleim did not cover! Also, I found that the Gleim book is very brief rather than explaining in details in order to overcome complex questions in the exam.

    Could you let me know the changes made in Gleim 2017 when compared to 2016?

    Thank you!

    Please advise

    • Stephanie says:

      Hi Sophie, sorry to hear that. I honestly don’t know as this is the probably first time I hear about Gleim under-preparing for Part 2. Let me show this to the Gleim Team.

      You can always get another set of review materials, but we need to make sure this is really the reason. I also have this page for retakers that you may find helpful: https://ipasstheciaexam.com/fail-cia-exam/

      Regards, Stephanie

    • Karla says:

      Dear Sophie,

      How do you suggest to all candidates for part CIA part 2 study? Actually, I’m studying with premium Gleim Review 2017 and I’m not sure if the topics in the test are being included in Gleim’s materials.

      I felt the same as you respect to CIA part 1, the questions were really really tricky and I needed to do more more effort to try to understand the real purpose of the question, and In fact, I felt the Gleim’s material not covered many questions eg. IT securities (firewalls, control over documents, etc) and soft controls (entity control), control matrix and more.

      To pass the CIA part 1 for me, I felt like a miracle! because It was much much harder that I couldn’t expect and in many questions I had to use my best guessing because I didnt’ have a clear idea about the topic tested.

      Please I appreciate your comments for the topics for CIA part 2.



    • Gleim CIA Review says:

      Hi Sophie,

      Congratulations on passing Part 1! I’m sorry to hear that you didn’t pass Part 2. I am surprised to hear this specific feedback on Part 2, but I will point out that the exam is non-disclosed so we can’t know exactly what will be on the exam. We use the IIA Exam Syllabus that is provided to all providers and past exam questions. I would suggest to use the new 2017 edition and speak with your Personal Counselor about obtaining that. The new edition does have updates and includes videos that covers some of the more difficult topics.

      Regarding the questions covering topics like IT securities or actually found on other parts, The IIA has clarified that while a question in one part of the exam may appear to be testing a topic found in another part of the exam, the question is not testing those concepts. Rather, it is testing a candidate’s understanding and interpretation of a concept appropriate to the part using an industry-related scenario.

      Again, continue studying with Gleim and reach out to your Personal Counselor to discuss the best approach based on your past course history and your plans for the exam.

      Thank you for the feedback, and best of luck!

  • memona says:

    hello everyone,

    I have started preparing for CIA exam. It took me a month to get familiar with the language ( i don’t have any accounting,auditing, business background). I would really appreciate how to tackle this exam efficiently with nil background and family commitments. I have purchased gleim premium review.

    waiting for the feedback fro people who are taking this exam or have done it .

    • memona says:

      I apologize for the typo * would really appreciate the advice and suggestions regarding the preparation of this exam efficiently , with my lack of background in auditing and family commitments.

    • Stephanie says:

      Hello Memona, welcome! If you follow Gleim online (included in your package), it guides you from start to finish. I would definitely spend more time on the practice questions as well. It is the most efficient way to find out the weaker areas and work on those accordingly. I would also allocate more time for each practice question at the beginning. The goal is not to get the answer correctly, but to expect getting a wrong answer, then take the time to understand why it is wrong, and how to get it right the next time.

      Let us know if we can be be helpful along the way!

  • Mahogany says:

    Hello! I am back with a follow-up. I followed Art’s advice and decided to take the Part 2 exam and I passed! Thank you Art and Stephanie for the advice!

    My question is should I move on to Part 3 and then go back to Part 1? If I take Part 1 first, I would have to wait until the end of October to take the exam.

    Thank you for your time.

    • Stephanie says:

      Hi Mahogany, congrats! I am so glad you made it! Let’s see if Art has any advice… I guess it doesn’t hurt to take Part 3 if you have the time (it does take up more studying time — likely double of Part 2). If I remember correctly, Art himself took Part 3 before 1 & 2. Stephanie

    • Art Yip says:


      Congratulations on passing Part 2! I agree with Stephanie, if you have the time, go ahead and take Part 3. It’s good to get the hardest part out of the way as soon as you can. However, be prepared to put in double the study time and effort. Part 3 has double the material than Part 1 or 2, and is much more technical. Make sure you study and know the Governance, Risk Management, and IT sections very well. Take a look at the exam tips and comments on Part 3 of this website before you proceed. They’re at: https://ipasstheciaexam.com/cia-exam-part-3/
      All the best to you!

      • Mahogany says:

        Thank you guys so much! I read the exam tips for Part 3 and have obtained the suggested reading materials to supplement my studies. I will begin studying today. I will be reporting back soon. Thank you again!

        • Stephanie says:

          Great! Look forward to hearing from you soon 🙂

          • Mahogany says:

            As promised, I came back to report.
            For some reason, I felt compelled to go back to Part 1. It bothered me that I couldn’t pass it. I reread the tips and advice on this website and I am pleased to say that I have passed Part 1!

            Again, the support from this community is awesome. 🙂

            Thank you Stephanie and Art!


          • Stephanie says:

            Hi Mahogany,
            Great hearing from you, awesome to know your perseverance pays off! Yes, I can see how awesome it feels to have beaten Part 1 finally 😉
            Keep up with the excellent work, Stephanie

  • Aleks says:


    I am taking Part 2 this Saturday. As with Part 1, I am using Gleim and I find it to be quite good.

    In order to boost my confidence, I am also reading related Practice Advisories, just to make sure I am not missing anything.

    I mainly focused on RM and Engagement Plannig & Procedures – not sure if checking GTAG would be useful too.

    I’d appreciate any tips on how to best cover IT material.



    • Stephanie says:

      Hi Aleks,
      Sounds good to me! Not much to add. Many are finding Part 2 slightly easier than Part 1. Good luck!

      • Aleks says:

        Hi Stephanie,

        Thanks for the message.

        I took the exam this morning and passed Part 2! Compared to Part 1 the questions were less difficult but you still need to be impeccable when it comes to concepts.

        I highly recommend reading practice advisories as the whole picture is clearer and you are sure about responsibilities of each stakeholder.

        In particular I liked fraud questions – it always feels like a detective story and you have to figure out what to do.

        In short, I’d suggest using Gleim because of its questions but make sure to supplement theory with additional material from IIA.

        After passing Part 1 and 2 I think I will be able to move to IA department in my company – wish me luck in convincing my current manager!

        • Stephanie says:

          Hi Aleks, awesome news! And thanks for the thoughtful notes on the Part 2 exam. We don’t get as much first-hand tips compared to Part 3, so these are especially helpful. All the best in convincing your manager and let us know how it goes! Stephanie

  • Ai Leen says:

    I have just enrolled into the CIA Exam. I have been given the option to purchase either the Gleim CIA Review Books and Test Bank 2017 Edition or the IIA’s CIA Learning System materials.

    Could anyone tell me which study materials are better?

    Do I have to purchase any other materials in addition to the above to be better prepare for all the 3 Parts in the exam papers?

    I would appreciate any useful information to enlighten me.

  • Linda says:

    Hi Stephanie,

    It’s Linda again, I’m prepping for Part 2 of the CIA exam and have the Gleim Test Prep (as the whole package was way too expensive – especially at today’s USD to CAD rate). Just wondering, from Gleim’s books, it is noted that audit procedures is an area of focus for the exam, do you know of any additional resources that I can read up on or practice for audit procedures? The Canadian CPA exam is quite different in that you would write the procedures as the exam is simulation based. And going through the MCQs, I would try and think of procedures before reading the choices (as you’ve suggested), only to find my approach is not listed as any of the choices…So I’m trying to get used to audit procedures MCQ style and was wondering if you have any advice??

    • Stephanie says:

      Hi Linda, yes the audit procedure should be very standard. I would think that the Canadian way is pretty much the same? (I mean the procedure and not the exam style) so if you look it up on an internal audit text book I am quite sure it is covered. Or check out Youtube or Khan Academy? Khan Academy generally has pretty good videos.

      If you still can’t find your approach listed in the answers, let us know and we can discuss further.

      • Linda says:

        Hi Stephanie,

        Thank you for your reply. The audit procedures are similar yes, but Canadian testing also allows for more professional judgment in that some answers not in answer key can also be considered correct.
        I find also the Canadian procedures tend to be more specific and the CIA procedures are very generic (sometimes even to the point of this procedure can apply to any situation)?

        • Stephanie says:

          I see… hmm… it’s getting a bit too technical for me to be helpful. Maybe it is better to get a reference book from the US?

          • Linda says:

            Hi Stephanie,

            Just wanted to update you – I wrote and passed Part 2 yesterday. Again, I think reviewing the Practice Advisories greatly helps. I’ve used Gleim Test Prep and their book (e-version) and read the practice advisories that were listed in the Gleim book.

            I however, did not find Part 2 to be easier than Part 1, I would say they are the same level of difficulty for me (and for a bit of time during the exam, I felt Part 2 was harder than Part 1) – guess luck of the draw for me – the exam questions is different for every taker.

            And I would agree with some of the other posters that there were some materials that I feel was from Part 3 that were tested in Part 2. And in terms of audit procedures above, I find that Gleim was very technical in that regard (understandable I guess since they were known for CPA exam prep?).

            Also have a few questions: for Part 3, I understand that there are some additional reading materials that could supplement my understanding – I found some blog posts from Art Yip on it, but was not sure if that was the complete list. Could you let me know if you have a link to a complete list of suggested additional reading materials for Part 3?

            And I’m not sure if your coupon codes works for only one Part? I’m thinking of trying Gleim Premium for Part 3 given its difficulty but don’t see the discount applicable for only one part?

            Many thanks for your help! This website has been a tremendous source of inspiration and wealth of knowledge for me 🙂

          • Stephanie says:

            Hi Linda, that’s great to know, excellent progress! Thanks so much for the detailed “report”. It is going to be really helpful to fellow candidates.

            As for the supplements for Part 3, besides the ones listed on my Part 3 page, I don’t really have others (if I do I would have put it there)… I tried to summarize the comments’ discussion on that page but it is still useful to read through those comments yourself.

            As for the Gleim, yeah, it’s their call, I am afraid they only offer 10% discount to the bundled package these days. Their CIA products are selling really well — honestly they don’t even need to offer this coupon but I guess it’s a nice gesture 🙂

  • Linda says:

    Thank you Stephanie, just to confirm – the suggested additional reading materials are here? https://ipasstheciaexam.com/cia-exam-part-3/

  • Atif iqbal shahid says:

    Hello, actually i wanted to know is it wise to give part 2 exam first then part 1. Does it provide any benefit in any terms.

    • Stephanie says:

      Hmm… I guess it doesn’t matter, but at the same time I don’t see obvious benefits. There are some overlaps in concepts so the two parts do complement each other. Regards, Stephanie

      • Atif iqbal shahid says:

        ok as i am ACCA qualified and soon to get my membership, In Shaa ALLAH. So the question i wanted to ask is am i be able to get any exemption or any challenge exam, if yes then how and when??

        • Stephanie says:

          Hi Atif, all I know is that they are not running the challenge exam in 2017 (and the foreseeable future). I am not aware of other exemptions for ACCA members at this stage. Regards, Stephanie

  • Karla says:

    Dear Stephanie,

    After many times asking for help about CIA Exam part 2, I took the exam and succesfully passed on my first attempt!

    I was really scary because when I took CIA exam part 1 last year, the questions in the exam weren’t covered appropiately by Gleim and many times I had to guess.

    So based in that, my advices for someone who wants to take part 2 and work perfect for me are:

    1) Read, study and UNDERSTAND every word in the practice advisors. As many people said before they are a MUST in the exam.
    2) Supplement your study with the practice guides: “Internal Auditing and Fraud​”, “Measuring Internal Audit Effectiveness and Efficiency​” (don’t miss the appendix), “Auditing External Business Relationships​”.
    3) As suggested Lynnel, I review and understand “Three Lines of Defense”. I found some questions about coordination with other assurance providers so it is really helpful.

    My review about the exam:
    – The questions are no longer as Gleim, but Gleim prepares you very well to expect the unexpected.
    – Many questions about Fraud, Communicating results and IA based in Risk.
    – Few questions about procedures to support objectives, ccsa.
    – Pay attention to the questions because as everybody knows are very tricky.
    – If you are non-English speaker (as me), if you feel unsure about a question change into English inmediately but work in the test preparation with this added difficulty in order it doesn’t affect your time in the exam. I feel more comfortable many times reading the question in English.

    So, I’m going to move for part 3 and I’m very positive. For a latin person as me study materials with a intermediate English level are very challenge and take a long time but I’m sure that every every sacrifice has its rewards.

    Good look to everyone who are working for part 2!!

    • Stephanie says:

      That’s wonderful news Karla and a great inspiration for fellow Latino candidates 🙂
      Your observation is really helpful as well. Regards, Stephanie

  • Jamillah Hughes says:

    Hello all! I just passed Part 2 today! This was a big confidence boost after failing Part 3 on March 1.

    I had questions on CSA, IT Assurance Engagements, supervision of audit engagements, and of course CAE responsibilities.

    The things I did not pay attention to in my study materials was the different responsibilities of a staff auditor, senior auditor, auditing manager, and CAE during an audit engagement. I had quite a few questions on these.

    I recommend knowing the types of assurance engagements and the types of consulting engagements. Please know what is a consulting engagement vs assurance and what audit procedures are conducted in each.

    There were only a few fraud questions that went too difficult.

    I used mainly Gleim (only the ebook and test questions). I also used the post test in the IIA learning system. These questions helped me to prepare for those tricky questions that the actual exam is notorious for.

    Good luck to all of you studying for Part 2.

    • Lisa says:

      Hi Jamillah Hughes,

      Congrats!! All the best on Part 3 – you will pass on your next attempt.

      Thank you so much for sharing your exam experience. I really appreciate it as I am currently studying for Part 2.

      I have a few questions:

      1. Did you use any IIA Practice Guides during your studies that helped you in the exam?

      2. IT Assurance arrangements which GTAG document do you find that information as I am using GLEIM
      it does not have any information on IT assurance.

      3. Do you believe that haven’t studied Part 3 it aided you in passing Part 2? (I have read on this site that
      Part 3 materials sometimes appear on Part 2).

      4. Do you recommend reading Part 3 study materials (IIA/GLEIM) if you have it?

      Any assistance would be greatly appreciated.


      • Jamillah says:


        I really like the Gleim materials. If you have access to the full kit then great. If there is a practice exam of questions you haven’t seen before, then I’d take that last.

        I don’t feel like there was any material from Part 3 in the exam. Even they way the risk questions were asked was different than Part 3. So I don’t think studying Part 3 is necessary for Part 2.

        I also did not use the GTAG’s for the IT Assurance. I do recommend studying what’s in the Gleim subunit on assurance engagements as it relates to IT audits and the test questions in that subunit (I actually missed those questions on the practice exam and that’s how I remembered them for the exam). Gleim lists the different types of assurance engagements. I would know these front and back. That was really helpful. As I stated before, I had several questions on CSA. Know the concept of CSA and how it helps auditors. Gleim covers this very well.

        I read the following practice guides:
        -Auditing External Business Relationships
        -Auditing Privacy Risks (I had zero questions on this)
        -Audit Reports (this was very helpful)
        -Internal Auditing and Fraud

        I also re-read the Practice Advisories/Implementation Guides to see what I may have missed in the materials.

        The final thing I did was go through the Part 2 syllabus and made sure I knew the concepts and/or main points of each.

        During my studies, I made a note to understand the roles of the board, the audit committee, senior management, the CAE, management, and the external auditors where applicable in each topic. In my opinion this is a great practice for all 3 parts of the exam.

    • Stephanie says:

      Hi Jamillah,
      Thanks a lot for the feedback (and congrats of course!)
      We don’t get as many sharing on Part 2 vs Part 3 so this is very useful. All the best to your retake in Part 3. I am sure you are a lot more confident now! Stephanie

      • Jamillah says:

        No problem Stephanie. I just want to be useful as the others that have contributed to the site. As as you stated there wasn’t much feedback for Part 2.

  • Lis says:

    Hi All,

    I am currently studying CIA Part 2.

    I was thinking to do the exam by/on June 30, 2017 to try and not be affected by the change in the standard/IPPF that takes effect July 1, 2017. However, I don’t want to rush and then fail.

    Given that this section of the website is less active than say Part 3, I wanted to increase the posting on this side.

    In light of this, I wanted to know the studying strategies being pursued by persons studying for Part 2, the materials being utilized and the practice guides being studied?

    Any areas persons are having difficulties with, explanation we can give each other to enhance understanding and application etc.

    Let’s help each other pass. Let’s get this page active with valuable contribution…..

    • Smush 61 says:

      Dear all and Lis,

      Actually I am quite confused since the announcement from the IIA have not made so far based on the information “””Certifications: Exam questions no earlier than 1 July 2017″””. The day 1st of July is approaching but many candidate do not know what they will be expected. Candidate need more information regarding exam. The phrase “no earlier than 1 July 2017” is quite ambigious.

      I have chance to read some implementation guides and I can say that they are quite shorter than practice advisory.

      I hope there will be an announcement from the IIA to clarify the situation in coming days.

    • Stephanie says:

      Yes, that’s right Lis, although my own theory is that people find Part 2 easiest and that’s why fewer questions/comments/ advice 😉

      I certainly would love to see more sharing — if we get half of what the Part 3 page is getting it would be awesome!

    • Karla says:

      Dear Lis,

      I was looking for help as you few months ago like you. I took the exam on March this year and succesfully passed on my first attemp.

      My review is:

      1) Gleim is pretty good for part 2, however, due I had many surprises in part 1 and I felt I had to guess in many questions I decided to supplement the review courses with few practices guides.

      2) The practices Guides I reviewed and found at least one question related in the exam are:
      – Internal Auditing and Fraud
      – Measuring Internal Audit Effectiveness and Efficiency
      – Auditing External Business Relationships​
      – Formulating and Expressing Internal Audit Opinions

      3) Practice Advisors are a MUST. You have to really understand instead of memorize.

      4) Questions at Gleim are the best and prepares you very well to the exam.

      5) I read Lynnel’s blog and she recommends read Position Paper “Three Lines of Defense”. I did it and It helps to understand which is the duty assigned to whom in the risk management process. I found it helpful.

      6) My last advice for you is try to applied the theory in the practical question, learning why you answers are good or bad and focus in the last week before the exam in your weak areas.

      I hope I could help you and my best whishes for part 2.

      • Lisa says:

        Hi Karla,

        Thanks for the help.

        I just wanted to ask if you remember any specifc areas on the exam; CSA, the different types of assurance – due diligence, security, external business relationship, ethics, communication etc??

        I am little scared and worried about the exam- I really want to pass and move to part 3.

        How is your preparation going for Part 3? All the best on the exam.


        • Karla says:

          Hi Lisa,

          I was exactly like you. I really wanted to pass with all my heart to move to part 3.

          I think that many practice questions and a good understanding of the standards and the practice advisors are the key.

          I had many questions about Fraud, Communicating results and IA based in Risk.

          Few questions about procedures to support objectives, CCSA, IT assurance and follow up recommendations and action plans.

          1 or 2 questions of external bussiness relationships, coordination with other assurance providers, perfomance of IA.

          Keep in mind that every exam is different and other candidates had had more questions in CCSA and other topics. For example, I read that other people suggested you study PG Audit Reports and that was very useful in the exam.

          In summary, I think Gleim is very good for part 2 but It’s important read the extra material suggested to avoid surprises in the exam.

          Personally, I felt this time that I was more prepared in comparison when I took with part 1 being reading this extra material.

          Remember focus on your weak areas and understand your correct or wrong questions.

          My preparation for part 3 is another whole world. There are many topics to cover (in my opinion, 2 times more than part 1 and part 2 together) and sometimes I feel overhelmed, but I´m very positive to obtain the best results.

          Hard work pays for. Be positive Lis, you’ll nail it on your first attempt.

      • Stephanie says:

        Great tips, thanks!

        • Jay says:

          Hello Stephanie,

          I have just started to prepare for part 2 of the CIA exam and I was wondering if you have any additional resources or suggestions? I am using Gleim’s book and online test prep. Any advice would be helpful. I don’t want to over prepare, i.e. reading unnecessary supplemental information.

          Kind Regards,


  • lisa says:

    Hi All,

    So I did Part 2 on September 11 and I am happy to report I passed.

    I had been studying from March 2017 having passed Part 1 in the early March. So I study for approximately 6 months.

    I used the following study material:
    – Gleim Textbook and Gleim Test bank;
    – IIA text book;
    – Hock Part 2 videos
    – Practice Advisories
    – Practice Guides ( QAIP, Ethics, Privacy, assessing risk management using ISO 31000, Formulating opinion, evaluation external businesses relationships, coordinating with other assurance providers, managing IT auditing, IT Governance, measuring auditing effectiveness and efficiency, internal auditing and fraud, 3 lines of defense, audit reports – communicating assurance engagement results, interaction with the board, internal audit reliance on other assurance providers). I think that’s it for Practice Guides.

    Here are the topics/areas I was tested on;

    – change management
    – privacy
    – CSA ( purpose, whether its an assurance or
    consulting etc.)
    – IAA relationship with Board and senior
    management ( having good relations , the
    advantage of having these relationships)
    – QAIP
    – knowing the roles/duty of CAE, management
    of IAA versus lower internal audit staff
    – roles internals should and should not do (ISO
    – communication
    – fraud
    – 3 lines of defense
    – external audit versus internal audit
    – risk-based planning
    – resource management
    – tools used in planning
    – IT auditing
    – Types of opinions

    It seems like I got on every aspect of the syllabus. Please make sure to read the practice guides they were very useful.

    Also make sure GI thru the Gleim Test bank a couple of times. The test bank was very helpful and I even think I saw 3 -4 questions on the exam from the Gleim Test bank.

    The questions on the exam were shorter that than Part 1 exam questions and the Gleim Test bank however I had to do a lot of critical thinking. There would be 1 word or phrase in the exam that made a difference in choosing the correct answer. And there is always 2 answers that are very close so you have to read the question carefully and find that 1 important word or phrase that makes the difference.

    All best…you can do it

  • Jay says:

    Hello Francis,

    I just took and passed CIA part 2 on my first try! I used Gleim and there were only a few minor updates to that book. I purchased the book and test prep around Thanksgiving 2017 and began to study in December. I registered for the test at the end of January and passed on 2/8/2018. I only used Gleim and no other supplementary readings. The printing of my textbook was August 2017, which included the changes concerning the IPPF that became effective in 2017. As a member of the IIA, you can get a free copy of the standards, practice advisories, etc. I would recommend to stay positive and block any negative thoughts.

    Kind Regards

    • Stephanie says:

      Hello Jay, that’s great to know! I am glad Gleim has been helpful because we have been generally recommending this course for a while now. And of course, the free download is a must! Thanks for sharing and assuming you will take Part 3 soon, good luck! Stephanie

  • Wanjiru🇰🇪🍫 says:

    I passed part 1 in december 2017 .Thanks to Gleim(Online book and test prep)!!Hoping to sit for Part 2 end of July.,Word of advice to those intending to take CIA..take your time in understanding the concepts in the short notes.They may be short but they are loaded.Then after that practice !practice! practice !

  • Amol Sahota says:

    I passed CIA Part 1 in May 2018 and appeared for Part 2 today and failed with a score of 588.
    While I used Gleim material for both parts and gleim and wiley for practice papers, in Part 2 i was faced with a number of questions from topics that are not covered in Gleim, which is extremely disappointing. One example, three lines of defense, on which I had at least 3 questions on the exam and had to simply guess.

    I read the comments below and apparently one is also supposed to read Practice guides and practice advisories, and rightly so, I can see a document covering all aspects of the three lines of defense.

    My question here is, why aren’t these topics included in Gleim material or why does it not come with a disclaimer that one should also read from other sources. I feel like I just missed from passing not because I was not fully prepared (I gave 20 practice papers including gleim and wiley, scoring average 78), but because I had no clue there were other topics as well.

    On that note, it would really help if someone could provide a list of Practice advisories, and practice guides or any other material that one should also consider apart from gleim material.

  • Vinit Bhujwala says:

    I want to take up CIA and want to become member of IIA and IIA Oman chapeter. Can you please guide how can I become a member and how to pay for membership. I have registered mself on IIA website but not able to find where to pay for membership. I have read on your site that there is discount exam fees if one has membership of IIA.

  • >