Certified Internal Auditor

The Institute of Internal Auditors (IIA) is an organization which advocates, provides educational conferences, and develops standards, guidance, and certifications for the internal audit profession.

History

Established in 1941, the IIA today serves more than 200,000 members from more than 170 countries and territories. IIA's global headquarters are in Lake Mary, FL, United States. Anthony Pugliese is the President and CEO. Pugliese succeeded Richard Chambers, in 2021. Previously, Pugliese was President and CEO of CalCPA.

Professional certification

The Certified Internal Auditor (CIA) is the primary professional designation offered by The IIA. The CIA designation is a globally recognized certification for internal auditors and is a standard by which individuals may demonstrate their competency and professionalism in the internal audit field. In order to become a certified internal auditor, candidates must possess a four-year degree from an accredited institution as well as pass all three parts of the CIA exam.

Earning the CIA certification is intended to demonstrate a professional knowledge of the internal audit profession. CIAs are required to take continuing education courses.

Internal Auditors who take and pass the CIA Part One exam can earn the designation of Internal Audit Practitioner. In 2019, the IIA announced it would be changing the Internal Audit Practitioner program. The program changes include a new exam and waiving of the educational requirement for active Internal Audit Practitioner designation holders applying for the CIA program. The changes go into effect in 2020.

Other certifications

In 2019, the IIA announced plans to change its Certification in Risk Management Assurance (CRMA) program. The CRMA changes go into effect in October 2020, and will include a new exam and updated prerequisites and experience requirements.
* Certification in Risk Management Assurance (CRMA)
* Qualification in Internal Audit Leadership (QIAL)
* Internal Audit Practitioner (IAP)
* Certification in Control Self Assessment (CCSA)
* Certified Government Auditing Professional (CGAP), for Government performance auditing and Government Auditors
* Certified Financial Services Auditor (CFSA)

As of December 31, 2018, the CCSA, CFSA, and CGAP are no longer accepting new applications, and the three designations will be re-positioned into assessment-based certifications in the future.

Below demonstrates the Number of CIA Holders by Region as of December 31, 2021.

Professional standards

The IIA has two levels of professional guidance: (1) Mandatory Guidance (including the Standards) and (2) Strongly Recommended Guidance. The two levels of guidance constitute the IIA's International Professional Practices Framework (IPPF).

Mandatory guidance

The definition of internal auditing and the code of ethics and the Standards
are mandatory for IIA members and internal audit organizations claiming to complete audits to IIA technical standards around the world. The guidelines and recommendations are recorded in what is referred to as the "Red Book."
* The definition: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
* The four principles of the IIA's Code of Ethics are integrity, objectivity, confidentiality and competency.
* The international standards for the professional practice of internal auditing:

Strongly Recommended Guidance

Position papers, practice advisories, and practice guides are Strongly Recommended Guidance that help define and explain the IIA standards.

Additional sources of guidance include a variety of materials that are developed and/or endorsed by the IIA, including research studies, books, seminars, conferences, and other products and services related to the professional practice of internal auditing.

Practice guides

As practice guides, 8 PGs, 15 GTAG (Global Technology Audit Guide), and 3 GAITs (Guide to the Assessment of IT Risk) have been issued in 2009 and 2010. GTAGs are written in straightforward business language to address a timely issue related to information technology (IT) management, control, and security. To date, the IIA has released GTAGs on the following topics:

:*GTAG 1: Information Technology Controls
:*GTAG 2: Change and Patch Management Controls: Critical for Organizational Success
:*GTAG 3: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment
:*GTAG 4: Management of IT Auditing
:*GTAG 5: Managing and Auditing Privacy Risks
:*GTAG 6: Managing and Auditing IT Vulnerabilities
:*GTAG 7: Information Technology Outsourcing
:*GTAG 8: Auditing Application Controls
:*GTAG 9: Identity and Access Management
:*GTAG 10: Business Continuity Management (BCM)
:*GTAG-11: Developing the IT Audit Plan
:*GTAG-12: Auditing IT Projects (Mar. 2009)
:*GTAG-13: Fraud Prevention and Detection in an Automated World (December 2009)
:*GTAG-14: Auditing User-developed Applications (June 2010)
:*GTAG-15: Information Security Governance (June 2010)
:*GTAG-16: Data Analysis Technology (August 2011)
:*GTAG-17: Auditing IT Governance (July 2012)
:*Auditing Smart Devices: An Internal Auditor’s Guide to Understanding and Auditing Smart Devices (August 2016)
:*Assessing Cybersecurity Risk: Roles of the Three Lines of Defense (September 2016)
:*Understanding and Auditing Big Data (May 2017)
:*Auditing Insider Threat Programs (August 2018)

The IIA offers 31 General practice guides, 4 Financial Services guides, 4 Public Sector guides, 18 Global Technology Audit Guides (GTAG), 3 Guides to the Assessment of IT Risk (GAIT), and 2 guides for supplemental guidance.

Other initiatives

Internal Audit Foundation

The Internal Audit Foundation is a not-for profit organization that promotes and advances the value of the internal audit profession globally. It supports research, grants and awards, and promotes internal auditing study at post-secondary institutions worldwide. The 2020 Annual Report of the Foundation included white papers on auditing during the COVID pandemic.

American corporate governance index

In December 2019, the IIA announced the results from its inaugural American Corporate Governance Index (ACGI). The ACGI is a joint project of the IIA and the Neel Corporate Governance Center at the University of Tennessee, and grades companies on eight Guiding Principles of Corporate Governance. The principles were compiled from guidance and principles from organizations like the Business Roundtable, National Association of Corporate Directors, and New York Stock Exchange. Scores were based on the survey responses of 128 chief audit executives. The criteria included: board performance, external disclosures, companywide communication, corporate culture, and long-term strategies. The first report graded U.S. publicly listed companies overall with a C+.

See also

* Committee of Sponsoring Organizations of the Treadway Commission
* External audit, External auditor, Certified Public Accountant, and AICPA
* Internal Audit, Director of audit, Comptroller General, Inspector General
* Internal Control, Controller
* List of international professional associations

References

External links

The Institute of Internal Auditors (IIA)
- and The IIA'
Code of EthicsInternal Audit FoundationNew York State Internal Control AssociationEssays on Common Sense Management regarding Internal ControlInternal Audit Training Courses across EMEAThe Chartered Institute of Internal Auditors

{{Authority control

Internal audit
Professional accounting bodies
Auditing in the United States
Organizations established in 1941
1941 establishments in the United States