CIA Exam Review Courses Exam Preparation and Practice Resources
Certified Internal Auditor® (CIA®) Exam Preparation and Practice Resources
The CIA exam is a self-study exam and does not require a prescribed curriculum. Candidates may choose their own method of preparing or practicing for the exam.
The IIA’s CIA Learning System – Now Aligned with the new IPPF
The IIA’s CIA Learning System teaches the entire global CIA exam syllabus in a mobile format for flexible study time. In addition, online and in-person courses taught by CIA experts are available. Group pricing and packages are offered. Learn more.
CIA Review Manuals and Software
Various CIA exam review manuals and software programs are available and may be ordered through the IIA.
CIA Review Courses
The IIA and a variety of independent third parties offer CIA exam review courses.
Sample CIA Exam Questions
The IIA provides a limited number of sample CIA exam questions (with answers) to give candidates an understanding of the types of questions that typically appear on the exam.
-
Most Relevant
- The IIA’s International Professional Practices Framework
- Applying the International Professional Practices Framework, by Urton Anderson and Andrew J. Dahle
- Internal Auditing Assurance and Advisory Services, by Urton Anderson, Michael Head, and Sridhar Ramamoorti
- Sawyer's Guide for Internal Auditors, by Larry Sawyer
- Quality Assessment Manual, by The IIA
- Enterprise Risk Management Framework, by COSO
- Internal Control – Integrated Framework, by COSO
- Risk Appetite Critical to Success, by COSO
- Managing Cyber Risk in a Digital Age, by COSO
- The IIA’s Internal Audit Competency Framework
- IIA Position Paper “The IIA’s Three Lines Model: An Update of the Three Lines of Defense”
Additional Resources
- Auditor Essentials: 100 Concepts, Tips, Tools, and Techniques for Success, by Hernan Murdock
- New Auditor’s Guide to Internal Auditing, by Bruce Turner
- Auditing Social Media: A Governance and Risk Guide, by J. Mike Jacka and Peter Scott
- Ready and Relevant: Prepare to Audit What Matters Most, by Timothy Berichon
- Understanding Management, by Richard Daft and Dorothy Marcic
- People-Centric Skills Interpersonal and Communication Skills for Auditors and Business Professionals
- Current resources on internal auditing and relevant topics
-
Most Relevant
- The IIA’s International Professional Practices Framework
- Applying the International Professional Practices Framework, by Urton Anderson and Andrew J. Dahle
- Internal Auditing Assurance and Advisory Services, by Urton Anderson, Michael Head, and Sridhar Ramamoorti
- Sawyer's Guide for Internal Auditors, by Larry Sawyer
- IIA Position Paper “Staffing Considerations for the Internal Audit Activity”
- “Managing Cyber Risk in a Digital Age,” by COSO
Additional Resources
- Auditor Essentials: 100 Concepts, Tips, Tools, and Techniques for Success, by Hernan Murdock
- New Auditor’s Guide to Internal Auditing, by Bruce Turner
- Auditing Social Media: A Governance and Risk Guide, by J. Mike Jacka and Peter Scott
- Data Analysis and Sampling Simplified: A Practical Guide for Internal Auditors, by Donald Dickie
- Internal Audit of the Future: The Impact of Technology and Innovation, by A. Michael Smith
- Ready and Relevant: Prepare to Audit What Matters Most, by Timothy Berichon
- Current resources on internal auditing and relevant topics
-
Most Relevant
- The IIA’s International Professional Practices Framework
- Applying the International Professional Practices Framework, by Urton Anderson and Andrew J. Dahle
- Internal Auditing Assurance and Advisory Services, by Urton Anderson, Michael Head, and Sridhar Ramamoorti
- Sawyer's Guide for Internal Auditors, by Larry Sawyer
- Understanding Management, by Richard Daft and Dorothy Marcic
- Data Analytics: Elevating Internal Audit's Value, by Warren Stippich Jr. and Bradley Preber
- Data Analysis and Sampling Simplified: A Practical Guide for Internal Auditors, by Donald Dickie
- Rethinking Data Governance and Data Management, by ISACA
- Principles of Information Security, by Michael Whitman and Herbert Mattord
- IT Auditing: Using Controls to Protect Information Assets, by Chris Davis, Mike Schiller, and Kevin Wheeler
- Internal Audit of the Future: The Impact of Technology and Innovation, by A. Michael Smith
- Implementing the NIST Cybersecurity Framework, by ISACA
- Enterprise Risk Management Framework, by COSO
- Internal Control – Integrated Framework, by COSO
- “Managing Cyber Risk in a Digital Age,” by COSO
- Privacy and Data Protection: Internal Audit’s Role in Establishing a Resilient Framework, by IIA Foundation and Crowe
- Accounting Principles, by Jerry Weygandt, Paul Kimmel, and Donald Kieso
Additional Resources
- Auditor Essentials: 100 Concepts, Tips, Tools, and Techniques for Success, by Hernan Murdock
- Ready and Relevant: Prepare to Audit What Matters Most, by Timothy Berichon
- Project Management Body of Knowledge (PMBOK) Guide, by Project Management Institute
- Contract and Commercial Management: The Operational Guide, by IACCM
- Performance Auditing: Measuring Inputs, Outputs, and Outcomes, by Stephen Morgan, Ronell Raaum, and Colleen Waring
- "Analytics: Good Practices for (smaller) IAFs," by IIA-Netherlands
- Data Analytics for Beginners: Practical Guide to Master Data Analytics, by TechWorld
- Auditing Social Media: A Governance and Risk Guide, by J. Mike Jacka and Peter Scott
- Auditing the Procurement Function by David O'Regan
- Information Technology Control and Audit, by Sandra Senft, Frederick Gallegos, and Aleksandra Davis
- Transfer Pricing Guidelines for Multinational Enterprises and Tax Administrations, by OECD
- Current resources on internal auditing and relevant topics
CIA Reference Resources
CIA exam questions are derived from the body of knowledge for internal auditing, which includes – but is not limited to – the following key references. Please note that periodically, new references are added and outdated references are removed from these reference lists:
NEW! Official IIA Glossary
The IIA Glossary comprises internal audit terminology extracted from our official sources: the International Professional Practices Framework (IPPF); Internal Auditing: Assurance & Advisory Services, 4th Edition (Textbook); and Sawyer's Internal Auditing, 7th Edition.
Information for Review Course Providers
-
If review course providers want their course included on The IIA's website, The IIA will include it as long as no serious complaints are received about the provider/course from the local IIA Affiliate.
-
When a non-IIA-Affiliate review course provider is added to The IIA's website, The IIA will notify the certifications chairperson at the nearest IIA Affiliate(s) and ask the chairperson to contact The IIA if they know of a reason the provider should be excluded from the list.
-
If the non-IIA-Affiliate review course provider has courses located in certifications agreement countries, The IIA will not list these courses on The IIA's website except at the request of the certifications agreement country. We will notify the review course provider to contact the certifications coordinator in the certifications agreement country.
-
For additional information, contact Customer Relations at CustomerRelations@theiia.org.
NOTE: Inclusion of a review course on The IIA's website does not imply endorsement. The IIA is not responsible for errors or inaccurate information included in this listing. The data is claimed to be accurate as reported by the providers.