In order to become a Certified Internal Auditor (CIA), you must fulfill the CIA certification requirements. The Institute of Internal Auditors (IIA) established the Certified Internal Auditor requirements in order to ensure that CIA candidates meet the high standards of the position and represent the profession well. In total, the IIA imposes 9 CIA certification requirements on candidates, but several of them are very easy to fulfill, such as the CIA exam requirements. On the other hand, a few CIA requirements are significant ventures that will take a good deal of time to complete. To help you handle each of them efficiently and effectively, we’ll cover all of the CIA qualifications here.
As mentioned, the IIA expects candidates to meet 9 CIA requirements:
The education, experience, and exam requirements are definitely the hardest requirements to meet. To fulfill these requirements, candidates must expend time, effort, and money, so they must be committed to the CIA program. The CPE requirement also requires dedication, but you don’t have to worry about that until you’ve earned the certification. Consequently, the CIA certification requirements do not demand as much from candidates, as they are fairly simple.
Additionally, candidates should aim to meet the Certified Internal Auditor requirements in an order close to that of the list above. Most candidates will have met the education requirements before they even begin the program, and some will have even finished the experience requirement. Therefore, they will have little to do to meet the remaining requirements before they can take the exam.
But the IIA does not require candidates to have finished the experience requirement before they take the exam. Furthermore, the IIA will let students in their senior year of college sit for the exam as well. Therefore, you don’t need to follow the exact order of this list.
Finally, you should know that IIA membership is NOT an exam requirement. However, IIA membership has its advantages for CIA candidates, such as discounts on the exam application fee.
Now that we’ve covered the CIA requirements at the most basic level, we can discuss them in more detail.
However, if you are from one of the following countries, you should refer to your local IIA website or contact your local representative for more information about your local certification process:
To become a CIA, you must not only meet all of the CIA requirements, but you must also meet them all within the specified time frame. The exact eligibility period for completing the program certification process is 3 years from the date you received approval of your CIA application. If you don’t finish the process within 3 years, you forfeit all fees and exam credit.
The IIA expects CIA candidates to have at least an associate’s degree or higher. Acceptable equivalents to an associate’s degree include:
The IIA follows the United Nations Educational Scientific and Cultural Organization’s (UNESCO) guidelines on defining accredited universities.
In order to confirm your education, you must upload one of the following documents to the IIA’s Certification Document Upload Portal:
However, as mentioned, senior year college students can take the exam before graduation.
Furthermore, for candidates who don’t meet the minimum education requirements, the IIA has made another way to CIA eligibility. Specifically, the IIA may approve candidates who have at least 7 years of verified experience in internal audit or its equivalent.
The amount of experience you need to qualify for the CIA depends on the level of education you have. So, the work experience requirements for CIA candidates are as follows:
Years of Work Experience Required
Master’s Degree (or equivalent)
|12 months – internal auditing experience or its equivalent|
Bachelor’s Degree (or equivalent)
24 months – internal auditing experience or its equivalent
|Associate’s Degree, 3 A-Level Certificates, grade C or higher (or equivalent)||
60 months – internal auditing experience or its equivalent
The IIA accepts work experience that involves audit/assessment disciplines including external auditing, quality assurance, compliance, and internal control.
Additionally, your current or former supervisor or a CIA, CCSA, CGAP, CFSA or CRMA must verify your work experience.
You do not have to complete the experience requirement before you take the CIA exam, but you must finish this requirement within the program eligibility period. Otherwise, you cannot be CIA certified.
We’ve come to the part of the article where I provide some good news. According to the IIA, the Professional Certification Board (PCB) has approved CIA experience and education exemptions for individuals holding select certifications and licenses. The CIA exemptions apply to the following:
Supporting Requirements Waived
Association of Chartered Certified Accountants (ACCA) Qualified Members
|Education and Work Experience|
|U.S. Certified Public Accountant (CPA) Active License Holders||
The PCB granted these CIA exemptions because the education and experience requirements for ACCA members and the education requirement for U.S. CPAs meet and/or exceed these requirements for the CIA program.
To be considered for these CIA exemptions, you must complete the appropriate fields on the CIA application. If you are an ACCA qualified member or a U.S. CPA, the IIA will place your CIA application into a pending status while their certification administrators verify that your membership/license is active.
The IIA holds all CIA candidates to an elevated code of moral and professional behavior. To confirm that you live according to this code, the IIA asks that you submit a character reference form that your professor, your supervisor, or a CIA, CGAP, CCSA, CFSA, or CRMA has signed.
The character reference form is a 1-page document that requires very little of you or your recommender. But, to be sure that you can submit it in good conscience, you must read the IIA’s Code of Ethics.
You must prove you are who you say you are by providing the IIA with a copy of your official passport or your national identity card. Both of these must be current, as the IIA will not accept expired documents.
To submit your proof of identification, you must scan it and upload the image to the Document Upload Portal. The photo on your scanned I.D. must be clearly legible.
After you meet the education, character reference, and proof of identification requirements and receive approval for your application, you must take the CIA exam.
The CIA exam has 3 parts with the following titles and topical coverage:
1: Essentials of Internal Auditing
|2: Practice of Internal Auditing||3: Business Knowledge for Internal Auditing|
I. Foundations of Internal Auditing (15%)
|I. Managing the Internal Audit Activity (20%)||I. Business Acumen (35%)|
|II. Independence and Objectivity (15%)||II. Planning the Engagement (20%)||II. Informational Security (25%)|
|III. Proficiency and Due Professional Care (18%)||III. Performing the Engagement (40%)||III. Information Technology (20%)|
|IV. Quality Assurance and Improvement Program (7%)||IV. Communicating Engagement Results and Monitoring Progress (20%)||IV. Financial Management (20%)|
|V. Governance, Risk Management, and Control (35%)|
|VI. Fraud Risks (10%)|
To pass Part 1, you must answer 125 multiple-choice questions (MCQs) in 150 minutes of total testing time. To pass Part 2 and Part 3 each, you must finish 100 MCQs in 120 minutes. Additionally, the CIA exam is fully computerized, and you can take it at any time of the year.
Passing the CIA exam is one of the most challenging requirements in the certification process, but you don’t have to attempt it alone. Instead, you can use a CIA review course to learn everything you need to know to pass. And, you can save on your CIA exam prep with my CIA review discounts.
Once you pass the CIA exam, you must keep the contents of the exam confidential. The CIA exam is non-disclosed, which means you can’t talk about specific exam content with anyone but the IIA’s Certification Department.
In fact, the IIA considers the unauthorized disclosure of exam material a breach of the Code of Ethics. Therefore, if you’re found guilty of such activity, you could be disqualified from the program.
Speaking of the Code of Ethics, as a CIA candidate, you agree to abide by this code in order to hold the CIA certification.
Finally, once you have received the CIA certification, you must satisfy the Continuing Professional Education (CPE) requirements. The IIA demands CPE so that CIAs can maintain their knowledge and skills while staying up to date on industry improvements and current developments.
During the year in which you earn the CIA certification, the IIA will award you 40 hours of CPE. Then, they will award you another 40 CPE hours the following year, for a total of 80 CPE hours.
After that, the number of annual CPE hours you must complete depends on the reporting status of your certification. This chart delineates your status options and the corresponding number of annual CPE hours expected of you.
CPE Hours for CIA
|Actively performing internal audit or related activities||Yes||40|
|Non-practicing||Not actively performing internal audit or related activities||No||
No matter your reporting status, 2 of the CPE hours you acquire every year must focus on the subject of ethics. In order for your CPE to be valid, you must ensure that you earn your CPE from educational programs that meet the PCB’s established guidelines.
Now that you know what meeting the CIA requirements involves, you can start the process of becoming a Certified Internal Auditor. This process is not too complicated, especially if you have already fulfilled a few of the requirements, such as the education requirement. However, you can get plenty of help along the way by signing up for my free CIA e-course. This course tells you everything you need to know about pursuing the CIA and passing the CIA exam on your first attempt.
I am the author of How to Pass The CPA Exam (published by Wiley) and the publisher of this and several accounting professional exam prep sites.