CIA® Challenge Exam Frequently Asked Questions

September 2016

2

The IIA and the CIA Challenge Exam Who is the IIA?

The Institute of Internal Auditors (IIA) is the acknowledged worldwide leader of the internal audit profession, its global voice, recognized authority, chief advocate, and principal educator, with more than 180,000 members in 170 countries and territories around the world. Typically, members provide assurance and advisory services within the broad spectrum of governance, risk, and control, with responsibilities that may include internal and external auditing, risk management, internal control, information technology audit, education, and security.

What is the CIA? With over 140,000 holders worldwide, the Certified Internal Auditor® (CIA®) is the premier global certification for all those working in internal audit, regardless of background, sector, or region. It provides recognition and status among peers and principal stakeholders, and identifies individuals as committed and competent internal audit professionals. The CIA Challenge Exam is a unique opportunity for professional auditors to earn this distinguished certification through an expedited process based on the candidates’ existing member affiliation.

Why is The IIA offering the CIA Challenge Exam? The IIA is committed to raising the profile of, and demand for, the internal audit profession. To accomplish this, The IIA works closely with organizations such as the Institute of Singapore Chartered Accountants (ISCA) to help the advancement of the accountancy and internal audit professions. By offering the CIA Challenge Exam to qualified ISCA members, The IIA continues to demonstrate the uniqueness of internal auditing as a profession and strengthen its strategic partnerships.

What are the advantages of taking the CIA Challenge Exam? The CIA Challenge Exam allows qualified ISCA members currently working in internal audit (or plan to work in internal audit in the future) the opportunity to earn the CIA professional credential through an expedited route by demonstrating competency in those areas not already covered in the accountancy exams. ISCA and The IIA believe the CIA Challenge Exam is a tremendous opportunity that offers qualified ISCA Members:

the ability to demonstrate their insights and capabilities relating to internal auditing as a distinctive area of expertise;

access to the globally recognized certification for the professional practice of internal auditing through a single exam customized to reflect knowledge, skills, and abilities already held and demonstrated, and;

professional recognition, job enhancement, and career progress. Will I have the opportunity to take the CIA Challenge Exam in the future?

There is no plan to offer the CIA Challenge Exam in the foreseeable future.

3

When can I apply to the CIA Challenge Exam program? Application to the CIA Challenge Exam program is only one step in the process to earning certification through the expedited CIA Challenge Exam. The chart below outlines the steps necessary to complete the program.

ACTION LETTER of Good Standing from ISCA

Candidate to request Letter of Good Standing from ISCA and submit it to The IIA via the Document Upload Portal along with other required documents. ISCA will also provide a copy of the letter to IIA Singapore.

CREATE a Profile in CCMS Starting 1 September

Access CCMS and follow the instructions to create a profile or to retrieve existing CCMS profile login information or password.

APPLY to the program 1 September – 31 October

Applications are accepted 1 September through 31 October 2016.

SUBMIT documentation Letter of Good Standing from ISCA, signed Character Reference Form, and valid government issued photo identification.

REGISTER for the exam Open until 30 November

After APPLICATION approval, candidates can immediately REGISTER for the exam. REGISTRATION is open until 30 November.

SCHEDULE the exam

Candidates are asked to wait 48 hours after REGISTRATION confirmation is received before contacting Pearson VUE to SCHEDULE to sit for the exam.

SIT for the exam 1 November – 16 December*

Arrive at the Pearson VUE test center on the scheduled date and time. Candidates must SIT for the exam from 1 November to 16 December 2016. The CIA Challenge Exam will not be available after this date.

*If a candidate has an emergency related to illness, death in the immediate family, birth, natural disaster, civil unrest, or military duty, he/she may request an exception to take the exam after 16 December, but before 31 December. The candidate must submit an incident in CCMS requesting consideration and provide supporting, relevant documentation via The IIA’s Document Upload Portal. The request will be evaluated by The IIA on a case-by-case basis and any decision made by The IIA is final.

4

Applying for the CIA Challenge Exam Who is eligible to take the CIA Challenge Exam?

Current ISCA members who are Chartered Accountants of Singapore (CA) and Fellow Chartered Accountants of Singapore (FCA), are eligible to apply to the program as long as their ISCA membership is current and in good standing. ISCA Associates do not qualify for the program.

Do I have to be a member of the local IIA to take the CIA Challenge Exam?

No. If the candidate is not already a member of The IIA through their local institute, the exam bundle includes IIA membership.

How will I become a member of IIA Singapore if I am not already a member?

Membership in the IIA will begin 1 January 2017. If the candidate is an ISCA member residing outside of Singapore, the candidate will be made a member of their local Institute, or if located in a country where there is currently no IIA Institute, the candidate will become a Member-at-Large unless the candidate submits an Institute preference to The IIA.

What documentation will I need to provide in order to apply to the CIA Challenge Exam program and how do I submit the documentation to The IIA?

Candidates should be prepared to complete an online application (containing the candidate’s ISCA member ID number) and submit required documentation, including ISCA’s Letter of Good Standing, a signed Character Reference Form, and government issued Photo ID, to The IIA using the Certification Document Upload Portal. The application and documents must be reviewed and approved before the candidate is considered eligible for the program.

The Character Reference Form is included herewith. To submit documentation to The IIA for review, access the certification Document Upload Portal. If a candidate has difficulty using the Document Upload Portal, the candidate should submit an incident in CCMS to request assistance. Please visit the IIA’s Photo ID Policy to view acceptable forms of identification.

What is the Education requirement?

ISCA Chartered Accountants and Fellow Chartered Accountants are deemed to have met the IIA’s education requirements and do not have to provide education documentation.

What is the Experience requirement? ISCA Chartered Accountants and Fellow Chartered Accountants are deemed to have met the IIA’s experience requirements and do not have to provide experience documentation.

What happens if I apply for the CIA Challenge Exam but do not meet the eligibility requirements? If it is determined during the validation process that the candidate does not meet the eligibility requirements, the application will be denied. No refunds, in part or whole, will be provided to candidates once the application is submitted.

5

How do I apply for the CIA Challenge Exam program? Exam candidates are required to create a profile record in The IIA’s Certification Candidate Management System (CCMS). If the candidate has previously taken an IIA exam, the candidate already has a record in CCMS. DO NOT create a second record, instead, select “forgot your password” to recover your account. Candidates requiring assistance may contact The IIA’s Customer Relations Department at customerrelations@theiia.org or +1-407-937-1111.

After the candidate is logged into CCMS, they will click on the COMPLETE A FORM LINK on the left side navigation panel. Under the NEW FORMS tab, locate the form labeled CIA Challenge Exam. Click on the form title to open the form. Complete the entire form, upload required documents, and submit payment. Upon completion, you will receive an automated email confirming your application submission.

Application to the CIA Challenge Exam program is just the first step. After application approval, candidates are required to REGISTER for the exam and SCHEDULE to sit for the exam. Details outlining the process are located in the CIA Challenge Exam Guide to Certification.

What happens after I submit my application? The candidate’s documents will be reviewed and verified by The IIA. When the verification process is complete, the candidate will receive notification from The IIA and instructions to REGISTER for the exam.

PLEASE NOTE: ISCA is solely responsible for providing the Letter of Good Standing. The IIA cannot provide insight as to why a letter is not provided. If a candidate is unsure of qualifying, the candidate should contact ISCA before submitting the CIA Challenge Exam application form. Under no circumstances will a refund (in part or whole) be issued after the application has been submitted.

What if I have already been approved for the CIA program and/or completed a CIA exam part? CIA Challenge Exam candidates who are already approved into the CIA program (including those that have already completed one or more parts of the CIA exam) will be permitted to apply for the CIA Challenge Exam under the following conditions:

The candidate must notify The IIA by submitting an incident in their CCMS record indicating that they want to participate in the CIA Challenge Exam. Please put the words “Admin Request” in the subject line to expedite processing;

No refunds of any kind (in part or whole) will be issued for any prior payments (this is due to expenses that have already been incurred in the prior program attempt);

The candidate will retain credit for all previously passed examination parts, should they not pass the CIA Challenge Exam;

Candidate will pay FULL PRICE for the CIA Challenge Exam program;

All other eligibility requirements apply.

6

If the candidate approves the conditions, the candidate must submit an incident in their CCMS record indicating the desire to “expire” out of the CIA program in preparation for the CIA Challenge Exam program. The certification team will issue a “CIA application expired status” effective immediately, and submit the appropriate form for any exam part that the candidate has previously passed. This will allow the candidate access to the CIA Challenge Exam application form in the CCMS system. It will take approximately 24 to 48 hours to process the expired status before a candidate will be able to access the CIA Challenge Exam application.

If a candidate fails the CIA Challenge Exam, the candidate will have four (4) years (from the date of the CIA Challenge Exam application approval) to complete all CIA exam parts to obtain their CIA professional designation.

7

Preparing for the CIA Challenge Exam Where can I obtain more information with regards to the Exam?

To find out more about the Challenge exam, IIA Singapore will conduct two briefing sessions. Candidates may attend either one of the following: Dates: 6 September 2016 and 28 September 2016 Time: 7.30 pm – 8.30 pm Venue: ISCA House, 60 Cecil St, Singapore 049709 Please note that dinner will not be provided at the event.

The briefing sessions are complimentary. Please register HERE for the desired session.

What language will the CIA Challenge Exam be offered in? The Challenge Exam is offered in English only.

How long does it take to complete the exam?

The CIA Challenge Exam contains 150 multiple choice questions. Candidates will have 3 hours to complete the exam.

How do I prepare for the Challenge exam?

As part of the exam bundle, candidates receive the customized study guide called “The IIA’s ISCA CIA Challenge Exam Study Guide” along with access to the IIA’s International Professional Practices Framework (IPPF) and Standards. The customized study guide is developed independently from the exam and in no way guarantees that candidates will pass the test. Candidates will receive two separate emails: one email with download and access instructions to obtain the custom CIA Challenge Exam study materials; one email with download and access instructions for the International Professional Practices Framework (IPPF) and Standards. Delivery of the customized CIA study materials begins 10 September. PLEASE NOTE: The email will be sent to the primary email address provided in your CCMS profile. Review materials will only be available for download in English through December 2016.

Candidates experiencing difficulty with receipt of The IIA’s ISCA CIA Challenge Exam Study Guide should contact The IIA Distribution Center at +1-651-905-2670 or via email at customerservice@holmescorp.com. Candidates experiencing difficulty with receipt of the IPPF and Standards should access their profile in CCMS and log an incident. Please include “CIA Challenge Exam” in the subject line.

Where can I get more assistance to prepare for the Exam? IIA Singapore will conduct two exam preparatory classes to prepare candidates for the exam. Please look out for more information under “News & Events” on IIA Singapore’s Homepage.

8

Where will I take the exam? The CIA Challenge Exam is available through computer-based testing at a variety of IIA-authorized Pearson VUE test center locations in Singapore. Access the Pearson VUE website to locate the nearest test center and follow the instructions to schedule to sit for the exam. All activities related to scheduling or rescheduling an exam are managed directly with Pearson VUE.

If the candidate is an ISCA member who DOES NOT RESIDE in Singapore, the candidate will need to access their CCMS account and open an incident expressing interest in sitting for the exam outside Singapore. Candidates must include their ISCA Member ID and city / country of residence. A member of The IIA’s Certification team will contact the candidate with information about applying for, and scheduling the exam. The candidate’s application and registration MUST be approved prior to scheduling to sit for the exam.

9

CIA Challenge Exam Pricing and Payment How much will the CIA Challenge Exam cost?

The exam bundle will cost $1,500 USD for non-IIA members and $1,300 USD if the candidate is already a member of The IIA. The bundle will include the following components:

CIA Challenge Exam application fee (normally $100 USD member/$200 USD non-member)

CIA Challenge Exam registration fee (normally $650 USD member/$950 USD non-member)

A customized CIA Challenge Exam Study Guide in downloadable e-book format (normally $600 USD member/$500 USD non-member)

IIA Membership (nonmembers only, as candidates that are already a member of The IIA receive a discount of $200 USD on the exam bundle).

Can I just pay for the application and exam registration without purchasing the review materials and membership?

No. The CIA Challenge Exam is only being offered as a bundle. Candidates may choose to take the exam by completing the standard three (3) part examination process if they wish to only pay for the exam application and registration fees.

How do I pay for the exam?

Payment for the CIA Challenge Exam must be submitted at the time of application. Applications will not be reviewed for approval until required documents (Letter of Good Standing, Character Reference Form, and government issued photo identification) and payment are received. Payment must be submitted in the form of a credit card only.

What if I do not pass the Challenge Exam? Can I retake it? No. Each candidate will be allowed only one (1) attempt to pass the Challenge Exam. Candidates who do not successfully complete the CIA Challenge Exam can pursue certification by registering and successfully completing the three-part CIA exam. Candidate’s application into the program is valid for a period of four (4) years from the date of application approval.

10

Continued Professional Education (CPE) Requirements

What are the CPE reporting requirements for the CIA professional certification when a candidate successfully completes the CIA Challenge Exam?

Certified Internal Auditors are required to report CPE hours on an annual basis, by 31 December. Newly Certified Internal Auditors are immediately awarded 80 CPE hours. Half (40) of the awarded CPE hours are for the year in which the exam is passed. The balance (40) are for the following year. These hours are automatically reported on a candidate’s behalf for the first two (2) years of certification. Candidates who successfully complete the CIA Challenge Exam will need to report their CPE credit hours for the first time no later than 31 December 2018. To learn more about maintaining certification, refer to the CPE Requirements webpage.

Who do I contact if I have a question regarding my certification or CPE requirements? Contact The IIA’s Customer Relations department at +1-407-937-1111, fax: +1-407-937-1101, or email at CustomerRelations@theiia.org.

11

CIA Challenge Exam Syllabus

The Certified Internal Auditor Challenge Exam tests a candidate’s knowledge of current internal auditing practices and understanding of internal audit issues, risks, and remedies.

ALL TOPICS TESTED AT PROFICIENCY LEVEL unless otherwise indicated

From CIA Part One Required Level Topic %

I. Mandatory Guidance Proficiency 20%

A. Definition of Internal Auditing

1. Define purpose, authority, and responsibility of the internal audit activity

B. Code of Ethics

1. Abide by and promote compliance with The IIA Code of Ethics

C. International Standards

1. Comply with The IIA's Attribute Standards

2. Maintain independence and objectivity

3. Determine if the required knowledge, skills, and competencies are available

4. Develop and/or procure necessary knowledge, skills and competencies collectively required by the internal audit activity

5. Exercise due professional care

6. Promote continuing professional development

7. Promote quality assurance and improvement of the internal audit activity

II. Internal Control / Risk Awareness 8%

A. Types of Controls (e.g., preventive, detective, input, output, etc.)

B. Management Control Techniques

C. Internal Control Framework Characteristics and Use (e.g., COSO, Cadbury)

1. Develop and implement an organization-wide risk and control framework

D. Alternative Control Frameworks

III. Conducting Internal Audit Engagements – Audit Tools and Techniques Proficiency 2%

E. Process Mapping, Including Flowcharting

12

From CIA Part Two Required Level Topic %

I. Managing the Internal Audit Function 25%

A. Strategic Role of Internal Audit Proficiency

1. Initiate, manage, be a change catalyst, and cope with change

2. Build and maintain networking with other organization executives and the audit committee

3. Organize and lead a team in mapping, analysis, and business process improvement

4. Assess and foster the ethical climate of the board and management

5. Educate senior management and the board on best practices in governance, risk management, control, and compliance

6. Communicate internal audit key performance indicators to senior management and the board on a regular basis

7. Coordinate IA efforts with external auditor, regulatory oversight bodies and other internal assurance functions

8. Assess the adequacy of the performance measurement system, achievement of corporate objective

Awareness

B. Operational Role of IA Proficiency

1. Formulate policies and procedures for the planning, organizing, directing, and monitoring of internal audit operations

2. Review the role of the internal audit function within the risk management framework

3. Direct administrative activities (e.g., budgeting, human resources) of the internal audit department

4. Interview candidates for internal audit positions

5. Report on the effectiveness of corporate risk management processes to senior management and the board

6. Report on the effectiveness of the internal control and risk management frameworks

7. Maintain effective Quality Assurance Improvement Program

C. Establish Risk-Based IA Plan Proficiency

1. Use market, product, and industry knowledge to identify new internal audit engagement opportunities

2. Use a risk framework to identify sources of potential engagements (e.g., audit universe, audit cycle requirements, management requests, regulatory mandates)

3. Establish a framework for assessing risk

4. Rank and validate risk priorities to prioritize engagements in the audit plan

5. Identify internal audit resource requirements for annual IA plan

6. Communicate areas of significant risk and obtain approval from the board for the annual engagement plan

7. Types of engagements, assurance, compliance and consulting engagements

13

From CIA Part Two (continued) Required Level Topic %

II. Managing Individual Engagements Proficiency 25%

A. Plan Engagements

1. Establish engagement objectives/criteria and finalize the scope of the engagement

2. Plan engagement to assure identification of key risks and controls

3. Complete a detailed risk assessment of each audit area (prioritize or evaluate risk/control factors)

4. Determine engagement procedures and prepare engagement work program

5. Determine the level of staff and resources needed for the engagement

6. Construct audit staff schedule for effective use of time

B. Supervise Engagement

1. Direct / supervise individual engagements

2. Nurture instrumental relations, build bonds, and work with others toward shared goals

3. Coordinate work assignments among audit team members when serving as the auditor-in-charge of a project

4. Review work papers

5. Conduct exit conference

6. Complete performance appraisals of engagement staff

C. Communicate Engagement Results

1. Initiate preliminary communication with engagement clients

2. Communicate interim progress

3. Develop recommendations when appropriate

4. Prepare report or other communication

5. Approve engagement report

6. Determine distribution of the report

7. Obtain management response to the report

8. Report outcomes to appropriate parties

D. Monitor Engagement Outcomes

1. Identify appropriate method to monitor engagement outcomes

2. Monitor engagement outcomes and conduct appropriate follow-up by the internal audit activity

3. Conduct follow-up and report on management's response to internal audit recommendations

4. Report significant audit issues to senior management and the board periodically

14

From CIA Part Two (continued) Required Level Topic %

III. Fraud Risks and Controls 5%

A. Consider the potential for fraud risks and identify common types of fraud associated with the engagement area during the engagement planning process

Proficiency

B. Determine if fraud risks require special consideration when conducting an engagement

C. Determine if any suspected fraud merits investigation

D. Complete a process review to improve controls to prevent fraud and recommend changes

E. Employ audit tests to detect fraud

F. Support a culture of fraud awareness, and encourage the reporting of improprieties Awareness

G. Interrogation/investigative techniques

H. Forensic auditing

From CIA Part Three Required Level

Topic %

II. Risk Management Proficiency 4%

A. Risk Management Techniques

B. Organizational Use of Risk Frameworks (e.g. COSO and ISO 31000)

V. Management / Leadership Principles Awareness 4%

D. Conflict Management

1. Conflict resolution (e.g., competitive, cooperative, and compromise)

2. Negotiation skills

3. Conflict management

4. Added-value negotiating

E. Project Management / Change Management

1. Change management

2. Project management techniques

VI. IT / Business Continuity 7%

A. Security Awareness

1. Physical/system security (e.g., firewalls, access control)

2. Information protection (e.g., viruses, privacy)

3. Application authentication

4. Encryption

B. Application Development

1. End-user computing Awareness

2. Change control proficiency

3. Systems development methodology

4. Application development

5. Information systems development Awareness

C. System Infrastructure

3. IT control frameworks (e.g., eSAC, COBIT)

D. Business Continuity

1. IT contingency planning

100%