When you read job postings for internal audit positions, there is a predominant preference for certified applicants. The same is true for internal candidates who are working toward promotions. While many internal audit certifications exist (over 20 at last count), most internal auditors pursue one or both of the two primary certifications: the Certified Internal Auditor (CIA) and the Certified Information Systems Auditor (CISA). No matter where you are in your career, you should consider the value of an audit certification, or perhaps a second or third certification. This article will explain the relationship between certification and your personal professional value — and how you could have all Certified Internal Auditor training and exam costs covered with a merit-based CIA scholarship from The IIA and AuditBoard’s Elevate Internal Audit program!
How to Become a Certified Internal Auditor?
The Certified Internal Auditor (CIA) certification process usually starts with joining the Institute of Internal Auditors (The IIA). From there, the basic requirements include earning a college degree, passing three exams, submitting a character reference, and completing one to five years of audit-related experience. The experience requirement varies depending on the degree you have earned.
How to Become a Certified Information Systems Auditor?
Most applicants start the certification process for becoming a Certified Information Systems Auditor (CISA) by joining the Information Systems Audit and Control Association (ISACA). The requirements for the CISA include earning a college degree, passing one exam, and completing two to five years of audit-related experience. Since the CISA is a more technical certification, both IT audit and non-audit experience count toward the qualifications. Just like the Certified Internal Auditor, higher degrees reduce the experience requirement, but unlike the CIA certification, the CISA does not require a bachelor’s degree or a character reference.
How Can Certifications Build Your Personal Value?
Certifications are an essential element for professional development within the internal audit profession. By completing an audit certification, the issuing organization assures that you understand a common body of knowledge (CBOK) related to the profession.
From a value point of view, certification can have a profound impact on your career. Whether you are up for a promotion or considering a new position, earning an audit certification shows others the topics you understand. Certification also bridges any potential education gaps. For example, if you have a degree in accounting, earning a CISA shows that you understand IT auditing beyond what an accounting degree typically requires. The certifications demonstrate your capabilities to current and future employers, potentially translating into a direct financial impact gain. According to The IIA, “CIAs earn an average of $38,000 more annually than those without a certification”.
Beyond the possibilities for promotion, pay increases, and career advancement, certifications establish you as an experienced subject matter expert (SME). Local chapters and conferences may also consider you for speaking opportunities. For many people, this level of exposure expands their network to new levels and opens even more professional growth opportunities.
Some internal auditors choose to pursue additional certifications related to specific sub-fields within audit such as risk, internal controls, fraud, or banking after completing a foundational certification like the Certified Internal Auditor or Certified Information Systems Auditor. Certifying bodies design practical certifications as a vehicle for further education in a unique topic. As the world changes more rapidly, these certifications allow auditors to showcase their specialized knowledge and stand out as uniquely trained professionals.
As a reference, the list below includes the most common internal audit certifications and certifying bodies. It is not an exhaustive list, but it will help you navigate potential certifications you may want to explore. The listing also not a ranking, endorsement, or advertisement for any of the certifications or the certifying organizations.
- Internal Audit Practitioner (IAP) – The Institute of Internal Auditors (IIA)
- Certified Internal Auditor (CIA) – The Institute of Internal Auditors (IIA)
- Certified in Risk Management Assurance (CRMA) – The Institute of Internal Auditors (IIA)
- Qualified in Internal Audit Leadership (QIAL) – The Institute of Internal Auditors (IIA)
- Certified Information Systems Auditor (CISA) – Information Systems Audit and Control Association (ISACA)
- Certified in Risk and Information Systems Control (CRISC) – Information Systems Audit and Control Association (ISACA)
- Certificate of Cloud Security Knowledge (CCAK) – Cloud Security Alliance (CSA) & Information Systems Audit and Control Association (ISACA)
- GRC Professional Certification (GRCP) – Open Compliance and Ethics Group (OCEG)
- GRC Audit Certification (GRCA) – Open Compliance and Ethics Group (OCEG)
- Certified Internal Control Auditor (CICA) – The Institute for Internal Control (IIC)
- Certified Control Specialist (CCS) – The Institute for Internal Control (IIC)
- Certified Internal Control Specialist (CICS) – The Internal Control Institute (ICI)
- Certified Internal Control Professional (CICP) – The Internal Control Institute (ICI)
- Certified Agile Auditor Professional (cAAP) – cRiskAcademy
- Certification in Objective-Centric Risk and Certainty Management (cORCM) – cRiskAcademy
- Certified Practitioner in Internal Audit (cPIA) – cRiskAcademy
- Certified Risk-Based Internal Auditor (cRIBA) – cRiskAcademy
- Certified Total Quality Auditor (cTQA) – cRiskAcademy
- Certified Fraud Examiner (CFE) – The Association of Certified Fraud Examiners (ACFE)
- Certified Professional Environmental Auditor (CPEA) – The Board for Global EHS Credentialing (BGC)
- Certified Process Safety Auditor (CPSA) – The Board for Global EHS Credentialing (BGC)
- Certified Bank Auditor (CBA) – Asian Institute of Chartered Bankers (AICB)
- Certified Quality Auditor (CQA) – American Society for Quality (ASQ)
- Sarbanes-Oxley Trained Professional (SOTP) – Management & Strategy Institute (MSI)
Maintaining Your Personal Professional Value
Certification, like education, is not a one-time event. Many certifications include a continuing professional education (CPE) requirement, which shows the importance of sharpening our skills in this ever-changing environment. As you pursue certification, always keep in mind that we cannot rest on our laurels. To add true value as a relevant professional, we should always look ahead to the next challenge we will surely encounter as internal auditors.
The Institute of Internal Auditors and AuditBoard have expanded the Elevate Internal Audit Scholarship program to provide scholarships for qualified internal auditors to receive the training and testing needed to become a Certified Internal Auditor. If you or someone you know is considering getting a CIA certification, we encourage you to learn more and apply at auditboard.com/elevate.
Evan McParland, MBA, CISA, is a Senior Manager of Solutions Advisory Services at AuditBoard. Evan came to AuditBoard from KPMG, where he was an experienced manager in the Risk Advisory practice helping clients build out their SOX and Internal Control programs. Connect with Evan on LinkedIn.