1. Home
  2. IIA
  3. IIA-CIA-Part3-3P Exam Syllabus

IIA-CIA-Part3-3P Exam Topics

IIA-CIA-Part3-3P Exam Overview :

Exam Name: CIA Exam Part Three: Business Knowledge for Internal Auditing
Exam Code: IIA-CIA-Part3-3P
Certifications: IIA Certified Internal Auditor Certification
Actual Exam Duration: 120 minutes
Expected no. of Questions in Actual Exam: 100
See Expected Questions: IIA IIA-CIA-Part3-3P Expected Questions in Actual Exam

IIA-CIA-Part3-3P Exam Objectives :

Section Weight Objectives
I. Business Acumen 35% 1. Organizational Objectives, Behavior, and Performance
    A     Describe the strategic planning process and key activities (objective setting, globalization and competitive considerations, alignment to the organization's mission and values, etc.)
    B     Examine common performance measures (financial, operational, qualitative vs. quantitative, productivity, quality, efficiency, effectiveness, etc.)  
    C     Explain organizational behavior (individuals in organizations, groups, and how organizations behave, etc.) and different performance management techniques (traits, organizational politics, motivation, job design, rewards, work schedules, etc.)
    D     Describe management’s effectiveness to lead, mentor, guide people, build organizational commitment, and demonstrate entrepreneurial ability

2. Organizational Structure and Business Processes
    A     Appraise the risk and control implications of different organizational configuration structures (centralized vs. decentralized, flat structure vs. traditional, etc.)
    B     Examine the risk and control implications of common business processes (human resources, procurement, product development, sales, marketing, logistics, management of outsourced processes, etc.)
    C     Identify project management techniques (project plan and scope, time/team/resources/cost management, change management, etc.)
    D     Recognize the various forms and elements of contracts (formality, consideration, unilateral, bilateral, etc.)

3. Data Analytics
    A     Describe data analytics, data types, data governance, and the value of using data analytics in internal auditing
    B     Explain the data analytics process (define questions, obtain relevant data, clean/normalize data, analyze data, communicate results)
    C     Recognize the application of data analytics methods in internal auditing (anomaly detection, diagnostic analysis, predictive analysis, network analysis, text analysis, etc.)
II. Information Security 25% 1. Information Security
    A     Differentiate types of common physical security controls (cards, keys, biometrics, etc.)
    B     Differentiate the various forms of user authentication and authorization controls (password, two-level authentication, biometrics, digital signatures, etc.) and identify potential risks
    C     Explain the purpose and use of various information security controls (encryption, firewalls, antivirus, etc.)
    D     Recognize data privacy laws and their potential impact on data security policies and practices
    E     Recognize emerging technology practices and their impact on security (bring your own device [BYOD], smart devices, internet of things [IoT], etc.)
    F     Recognize existing and emerging cybersecurity risks (hacking, piracy, tampering, ransomware attacks, phishing attacks, etc.)
    G    Describe cybersecurity and information security-related policies
III. Information Technology 20% 1. Application and System Software
    A     Recognize core activities in the systems development lifecycle and delivery (requirements definition, design, developing, testing, debugging, deployment, maintenance, etc.) and the importance of change controls throughout the process
    B     Explain basic database terms (data, database, record, object, field, schema, etc.) and internet terms (HTML, HTTP, URL, domain name, browser, click-through, electronic data interchange [EDI], cookies, etc.)
    C     Identify key characteristics of software systems (customer relationship management [CRM] systems; enterprise resource planning [ERP] systems; and governance, risk, and compliance [GRC] systems; etc.)

2. IT Infrastructure and IT Control Frameworks
    A     Explain basic IT infrastructure and network concepts (server, mainframe, client-server configuration, gateways, routers, LAN, WAN, VPN, etc.) and identify potential risks
    B     Define the operational roles of a network administrator, database administrator, and help desk
    C     Recognize the purpose and applications of IT control frameworks (COBIT, ISO 27000, ITIL, etc.) and basic IT controls

3. Disaster Recovery
    A     Explain disaster recovery planning site concepts (hot, warm, cold, etc.)
    B     Explain the purpose of systems and data backup
    C     ?Explain the purpose of systems and data recovery procedures

 
IV. Financial Management 20% 1. Financial Accounting and Finance
    A     Identify concepts and underlying principles of financial accounting (types of financial statements and terminologies such as bonds, leases, pensions, intangible assets, research and development, etc.)
    B     Recognize advanced and emerging financial accounting concepts (consolidation, investments, fair value, partnerships, foreign currency transactions, etc.)
    C     Interpret financial analysis (horizontal and vertical analysis and ratios related to activity, profitability, liquidity, leverage, etc.)
    D     Describe revenue cycle, current asset management activities and accounting, and supply chain management (including inventory valuation and accounts payable)     Basic?
    E     Describe capital budgeting, capital structure, basic taxation, and transfer pricing

2. Managerial Accounting
    A     Explain general concepts of managerial accounting (cost-volume-profit analysis, budgeting, expense allocation, cost- benefit analysis, etc.)
    B     Differentiate costing systems (absorption, variable, fixed, activity-based, standard, etc.)
    C     Distinguish various costs (relevant and irrelevant costs, incremental costs, etc.) and their use in decision making
Official Information https://na.theiia.org/certification/CIA-Certification/Pages/CIA-2019-Exam-Syllabus-Part-3.aspx

Updates in the IIA-CIA-Part3-3P Exam Topics:

IIA-CIA-Part3-3P exam questions and practice test are the best ways to get fully prepared. Study4exam's trusted preparation material consists of both practice questions and practice test. To pass the actual  Certified Internal Auditor IIA-CIA-Part3-3P  exam on the first attempt, you need to put in hard work on these questions as they cover all updated  IIA-CIA-Part3-3P exam topics included in the official syllabus. Besides studying actual questions, you should take the  IIA-CIA-Part3-3P practice test for self-assessment and actual exam simulation. Revise actual exam questions and remove your mistakes with the CIA Exam Part Three: Business Knowledge for Internal Auditing IIA-CIA-Part3-3P exam practice test. Online and Windows-based formats of the IIA-CIA-Part3-3P exam practice test are available for self-assessment.