Date/Time
Date(s) - 11/11/2024 - 15/11/2024
8:30 am - 3:00 pm

Location
Movenpick Hotel Apartments Downtown

Detailed Content of the CIA Exams

The IIA regularly updates the content of the CIA exam to make sure the content is always up-to-date and relevant for the practicing internal auditor.

The topics are not all tested at the same skill level. The IIA recognizes two cognitive levels:

• Basic Level: Tests memory and comprehension of basic concepts.
• Proficient Level: Tests application of knowledge.

Part 3 – Business Knowledge for Internal Auditing

• Domain I – Business Acumen
• Domain II – Information Security
• Domain III – Information Technology
• Domain IV – Financial Management

TRAINING METHODOLOGY

The practical and results-oriented CIA® training course is based on adult learning concept. It incorporates short inspiring lectures with captivating PowerPoint slides; videos to enhance learning; ongoing discussions, training activities to reinforce key concepts within a fun learning environment.

Topics Covered:

Part 3 – Business Knowledge for Internal Auditing

Domain I – Business Acumen (35%)

A.      Organizational Objectives, Behavior, and Performance

1. Describe the strategic planning process and key activities (objective setting, globalization and competitive considerations, alignment to the organization’s mission and values, ) (Basic)
2. Examine common performance measures (financial, operational, qualitative vs. quantitative, productivity, quality, efficiency, effectiveness, ). (Proficient)
3. Explain organizational behavior (individuals in organizations, groups, and how organizations behave, etc.) and different performance management techniques (traits, organizational politics, motivation, job design, rewards, work schedules, ). (Basic)
4. Describe management’s effectiveness to lead, mentor, guide people, build organizational commitment, and demonstrate entrepreneurial ability. (Basic)

B.     Organizational Structure and Business Processes

1. Appraise the risk and control implications of different organizational configuration structures (centralized decentralized, flat structure vs. traditional, etc.). (Basic)
2. Examine the risk and control implications of common business processes (human resources, procurement, product development, sales, marketing, logistics, management of outsourced processes, ). (Proficient)
3. Identify project management techniques (project plan and scope, time/team/resources/cost management, change management, etc.). (Basic)
4. Recognize the various forms and elements of contracts (formality, consideration, unilateral, bilateral, etc.). (Basic)

C.      Data Analytics

1. Describe data analytics, data types, data governance, and the value of using data analytics in internal auditing. (Basic)
2. Explain the data analytics process (define questions, obtain relevant data, clean/normalize data, analyze data, communicate results). (Basic)
3. Recognize the application of data analytics methods in internal auditing (anomaly detection, diagnostic analysis, predictive analysis, network analysis, text analysis, etc.). (Basic)

Domain II – Information Security (25%)

A.      Information Security

1. Differentiate types of common physical security controls (cards, keys, biometrics, etc.). (Basic)
2. Differentiate the various forms of user authentication and authorization controls (password, two-level authentication, biometrics, digital signatures, etc.) and identify potential risks. (Basic)
3. Explain the purpose and use of various information security controls (encryption, firewalls, antivirus, ) . (Basic)
4. Recognize data privacy laws and their potential impact on data security policies and (Basic)
5. Recognize emerging technology practices and their impact on security (bring your own device [BYOD], smart devices, internet of things [IoT], ). (Basic)
6. Recognize existing and emerging cybersecurity risks (hacking, piracy, tampering, ransomware attacks, phishing attacks, etc.). (Basic)
7. Describe cybersecurity and information security-related policies. (Basic)

B.     Emerging Technologies and Cybersecurity

1. Recognize emerging technology practices and their impact on security (bring your own device [BYOD], smart devices, internet of things [IoT], )
2. Recognize existing and emerging cybersecurity risks (hacking, piracy, tampering, ransomware attacks, phishing attacks, etc.)
3. Describe cybersecurity and information security-related policies

Domain III – Information Technology (20%)

A.      Application and System Software

1. Recognize core activities in the systems development lifecycle and delivery (requirements definition, design, developing, testing, debugging, deployment, maintenance, etc.) and the importance of change controls throughout the process. (Basic)
2. Explain basic database terms (data, database, record, object, field, schema, etc.) and internet terms (HTML, HTTP, URL, domain name, browser, click-through, electronic data interchange [EDI], cookies, ). (Basic)
3. Identify key characteristics of software systems (customer relationship management [CRM] systems; enterprise resource planning [ERP] systems; and governance, risk, and compliance [GRC] systems; ). (Basic)

B.     IT Infrastructure and IT Control Frameworks

1. Explain basic IT infrastructure and network concepts (server, mainframe, client-server configuration, gateways, routers, LAN, WAN, VPN, ) and identify potential risks. (Basic)
2. Define the operational roles of a network administrator, database administrator, and help (Basic)
3. Recognize the purpose and applications of IT control frameworks (COBIT, ISO 27000, ITIL, ) and basic IT controls. (Basic)

C.      Disaster Recovery

1. Explain disaster recovery planning site concepts (hot, warm, cold, ). (Basic)
2. Explain the purpose of systems and data (Basic)
3. Explain the purpose of systems and data recovery (Basic)

Domain IV – Financial Management (20%)

A.     Financial Accounting and Finance

1. Identify concepts and underlying principles of financial accounting (types of financial statements and terminologies such as bonds, leases, pensions, intangible assets, research and development, ). (Basic)
2. Recognize advanced and emerging financial accounting concepts (consolidation, investments, fair-value partnerships, foreign currency transactions, ). (Basic)
3. Interpret financial analysis (horizontal and vertical analysis and ratios related to activity, profitability, liquidity, leverage, ). (Proficient)
4. Describe revenue cycle, current asset management activities and accounting, and supply chain management (including inventory valuation and accounts payable). (Basic)
5. Describe capital budgeting, capital structure, basic taxation, and transfer (Basic)

B.     Managerial Accounting

1. Explain general concepts of managerial accounting (cost-volume-profit analysis, budgeting, expense allocation, cost-benefit analysis, etc.). (Basic)
2. Differentiate costing systems (absorption, variable, fixed, activity-based, standard, etc.). (Basic)
3. Distinguish various costs (relevant and irrelevant costs, incremental costs, etc.) and their use in decision making. (Basic)

Information about the CIA Exam Structure as follows:

• Exam Duration: 120 minutes
• Number of Questions: 100

Course Duration: 5 days

CPE Credits: 27

Level: All

Pre-requisites: None

Bookings