Certified internal auditor

From CEOpedia | Management online
Certified internal auditor
See also




Certified Internal Auditor (CIA) is a designation of professional certification issued by The Institute of Internal Auditors of North America (IIA) to professionals specializing in internal auditing. The certification is recognized worldwide. Individuals holding a CIA are perceived to have a certain level of competency in the profession [1].

The establishment of the CIA designation by the IIA raised the internal audit function to a status of a recognized profession, as it established a “a body of specialized knowledge (common body of knowledge approved in 1972), a formal education process (a minimum prescribed course of formal education), standards governing admission to a full member of The IIA (prescribed course of study, passing CIA exam, professional experience requirements, and the Standards), a Code of Ethics (first approved in 1968), a recognized status indicated by a license or specialized designation (the CIA, or MIA, recognized several jurisdictions worldwide a public interest in the work that the practitioners perform (perhaps more evident in the work performed by internal auditors in government, education, and nonprofit organizations rather than in the private sector), and a recognition by professionals of a social obligation (again, perhaps more evident in government, education, and nonprofit organizations)”[2].

Obtaining a CIA license

The CIA designation requires a completion of a three-part examination and other eligibility criteria as follows:

  • Education: applicants must have at the minimum an associate degree
  • Character: applicants must demonstrate high moral and professional character as documented in a declaration signed by a qualified individual (licensed professional or applicant's supervisor)
  • Work: experience requirements vary depending on the level of education completed:
1. Master’s degree: 12 months of auditing experience
2. Bachelor’s degree: 24 months of auditing experience
3. Associate degree: 60 months of auditing experience

Applicants can sit for the exam prior to meeting experience requirements; however, licensing takes place only after all criteria have been met[3].

Maintaining a CIA license

CIA professionals are required to complete continuous professional education (CPE) to stay current on industry standards. CPE requirements depend on license status. These requirements are as follow:

  • Practicing professionals – 40 CPE hours annually
  • Nonpracticing professionals – 20 CPE hours annually

CIA professionals self-report completion of CPE hours by December 31 each year. All CIAs are required to complete at a minimum two CPE hours in annual ethics training. The IIA defines qualifying CPE activities. Qualified CPE activities are categorized as follows:

  • Educational programs meeting specific quality standards.
  • Other qualifying activities – examinations, writing or translating publications, making presentations, volunteering as an expert matter person, performing external quality reviews.

CIA professionals are required to maintain CPE records for three years. The IIA has the right to audit CPE records[4].

Value - added role of a CIA

CIA professionals work in the internal audit departments. The role of an internal audit department, in broad terms, is to provide an independent attestation or independent testing to determine conformity to established policies and procedures and adequacy of internal controls. The value-added aspect of an internal audit function is perceived differently by different companies. James Roth attempts to define a value-added internal audit program. The author identifies five value-adding features of an internal audit department[5].:

  • Extensive staff expertise – employees in internal audit departments typically have long tenures, with an average of ten years of business experience. Audit staff is multi-disciplinary in a subject matter and audit techniques. Audit staff is highly trained with 75 percent of staff certified (CIA or other). Best auditors are technology savvy. Outsourcing is common, which provides access to highly skilled pool of individuals.
  • Challenging work environment – a work culture that encourages responsibility, accountability, creativity, and that motivates and provides challenge.
  • Organizational alignment – organizational structures that promote establishment of ongoing connection of the internal audit department with other departments. Auditor involvement in committees and other business functions (for example new product development).
  • Proactive, qualitative, real-time risk assessment – alignment of the audit plan with the firm's strategic plan to assist management in accomplishment of strategic goals. A real-time risk assessment provides value to decision makers by providing feedback before a firm commits to a [[project.
  • An array of audit services – a value-added audit function provides an extensive list of services in assurance and consulting activities. Those services may include risk-based audits, process audits, pre-implementation reviews, self-assessments, and employee education.



  1. New to Certifications. (2018).
  2. Ramamoorti, S. (2003).
  3. Eligibility Requirements. (2018).
  4. Continuing Professional Education. (2018).
  5. Roth, J. (2003).

Author: Urszula Szydłowska