1

APPENDIX B
THE IIA CIA EXAM SYLLABUS
AND CROSS-REFERENCES

For your convenience, we have reproduced verbatim The IIA’s CIA Exam Syllabus for Part 1
of the CIA exam. Note that the “basic” cognitive level means the candidate must retrieve relevant
knowledge from memory and/or demonstrate basic comprehension of concepts or processes. Those
levels labeled “proficient” mean the candidate must apply concepts, processes, or procedures;
analyze, evaluate, and make judgments based on criteria; and/or put elements or material together to
formulate conclusions and recommendations.
We also have provided cross-references to the study units and subunits in this course that
correspond to The IIA’s more detailed coverage. Please visit The IIA’s website for updates and more
information about the exam. Rely on the Gleim materials to help you pass each part the exam. We
have researched and studied The IIA’s CIA Exam Syllabus as well as questions from prior exams to
provide you with an excellent review program.

Copyright © 2022 Gleim Publications, Inc. All rights reserved. Duplication prohibited. Reward for information exposing violators. Contact copyright@gleim.com.
2 Appendix B: The IIA CIA Exam Syllabus and Cross-References

PART 1 – ESSENTIALS OF INTERNAL AUDITING

Gleim
Cognitive
Domain Study Unit(s)
Level
or Subunit(s)

Foundations of Internal Auditing (15%)

Interpret The IIA’s Mission of Internal Audit, Definition of Internal Auditing,
A and Core Principles for the Professional Practice of Internal Auditing, and the Proficient 1.1
purpose, authority, and responsibility of the internal audit activity
I Explain the requirements of an internal audit charter (required components, board
B Basic 1.7
approval, communication of the charter, etc.)
Interpret the difference between assurance and consulting services provided by
C Proficient 1.1
the internal audit activity
D Demonstrate conformance with the IIA Code of Ethics Proficient 1.2-1.6
Independence and Objectivity (15%)
Interpret organizational independence of the internal audit activity (importance of
A Basic 2.1
independence, functional reporting, etc.)
Identify whether the internal audit activity has any impairments to its
B Basic 2.3
II independence
Assess and maintain an individual internal auditor’s objectivity, including
C determining whether an individual internal auditor has any impairments to his/her Proficient 2.2-2.3
objectivity
D Analyze policies that promote objectivity Proficient 2.2-2.3
Proficiency and Due Professional Care (18%)
Recognize the knowledge, skills, and competencies required (whether developed
A Basic 2.4-2.5
or procured) to fulfill the responsibilities of the internal audit activity
Demonstrate the knowledge and competencies that an internal auditor needs to
possess to perform his/her individual responsibilities, including technical skills
III B Proficient 2.4
and soft skills (communication skills, critical thinking, persuasion/negotiation and
collaboration skills, etc.)
C Demonstrate due professional care Proficient 3.1
Demonstrate an individual internal auditor’s competency through continuing
D Proficient 3.1
professional development

Copyright © 2022 Gleim Publications, Inc. All rights reserved. Duplication prohibited. Reward for information exposing violators. Contact copyright@gleim.com.
 Appendix B: The IIA CIA Exam Syllabus and Cross-References 3

Gleim
Cognitive
Domain Study Unit(s)
Level
or Subunit(s)

Quality Assurance and Improvement Program (7%)

Describe the required elements of the quality assurance and improvement
A Basic 3.2-3.3
program (internal assessments, external assessments, etc.)
IV Describe the requirement of reporting the results of the quality assurance and
B Basic 3.4
improvement program to the board or other governing body
Identify appropriate disclosure of conformance vs. nonconformance with The IIA’s
C Basic 3.4
International Standards for the Professional Practice of Internal Auditing
Governance, Risk Management, and Control (35%)
A Describe the concept of organizational governance Basic 4.1-4.2
Recognize the impact of organizational culture on the overall control environment
B Basic 4.1
and individual engagement risks and controls
Recognize and interpret the organization’s ethics and compliance-related issues,
C Basic 4.1
alleged violations, and dispositions
D Describe corporate social responsibility Basic 4.3
E Interpret fundamental concepts of risk and the risk management process Proficient 5.1
V Describe globally accepted risk management frameworks appropriate to the
F Basic 5.2-5.4
organization (COSO - ERM, ISO 31000, etc.)
G Examine the effectiveness of risk management within processes and functions Proficient SU 5
Recognize the appropriateness of the internal audit activity’s role in the
H Basic 5.1
organization’s risk management process
I Interpret internal control concepts and types of controls Proficient SUs 6-7
Apply globally accepted internal control frameworks appropriate to the
J Proficient 6.3
organization (COSO, etc.)
K Examine the effectiveness and efficiency of internal controls Proficient SUs 6-7
Fraud Risks (10%)
Interpret fraud risks and types of frauds and determine whether fraud risks
A Proficient 8.1
require special consideration when conducting an engagement
Evaluate the potential for occurrence of fraud (red flags, etc.) and how the
B Proficient 8.1-8.2
VI organization detects and manages fraud risks
Recommend controls to prevent and detect fraud and education to improve the
C Proficient SUs 6-7, 8.2
organization’s fraud awareness
Recognize techniques and internal audit roles related to forensic auditing
D Basic 8.3
(interview, investigation, testing, etc.)

Copyright © 2022 Gleim Publications, Inc. All rights reserved. Duplication prohibited. Reward for information exposing violators. Contact copyright@gleim.com.