Internal Audit Practitioner Exam

5 Domains, 23 Objectives
100 questions (all are tested at basic level), 2 hours seat time
Syllabus Topics Domain %
I. Internal Audit Aributes (IIA Standard 1000, 1100, 1200) 20%
1 Recognize the elements of The IIA’s Internaonal Professional Pracces Framework (IPPF)
2 Explain the difference between assurance and consulng services provided by the internal audit acvity
Define internal audit acvity independence and an individual internal auditor's objecvity, including determining
3
whether an individual internal auditor has any impairments to his/her objectivity
Describe the knowledge and competencies that an internal auditor needs to possess to perform his/her
4
individual responsibilities
Define due professional care and illustrate an individual internal auditor's competency through connuing
5
professional development
II. Nature of Work (IIA Standard 2100) 20%
1 Define fundamental concepts of risk and the effecveness of risk management within processes and funcons
2 Describe internal control concepts, types of controls, and globally accepted internal control frameworks
3 Idenfy the effecveness and efficiency of internal controls
Recognize fraud risks, types of frauds, the potenal for occurrence of fraud (i.e., red flags, etc.) and determine
4
whether fraud risks require special consideration when conducting an engagement
III. Engagement Planning (IIA Standard 2200) 23%
Identify relevant information (review previous audit reports and data, conduct walk-throughs and interviews,
1
perform observations, etc.) as part of a preliminary survey of the engagement area
Define engagement objectives, evaluation criteria, and the scope of the engagement to assure identification of
2
key risks and controls
3 Describe checklists and risk-and-control questionnaires as part of a preliminary survey of the engagement area
Identify a detailed risk assessment of each audit area, including evaluating and prioritizing risk and control
4
factors
5 Recognize engagement procedures and the engagement work program including level of resources needed
IV. Engagement Work (IIA Standard 2300) 25%
Recognize the relevance, sufficiency, and reliability of evidence for workpapers and documentaon to support
1
conclusions and engagement results
Recognize the risk implicaons and relevant controls of common business processes (human resources,
2
procurement, product development, sales, marketing, logistics, management of outsourced processes, etc.)
Describe computerized audit tools and techniques (data mining and extraction, continuous monitoring,
3
automated workpapers, embedded audit modules, etc.)
Identify appropriate analytical approaches and process mapping techniques (process identification, workflow
4
analysis, process map generation and analysis, spaghetti maps, RACI diagrams, etc.)
5 Identify appropriate sampling (random, judgment, discovery, etc.) and statistical analysis techniques
Differentiate common performance measures (financial, operational, qualitative vs. quantitative, productivity,
6 quality, efficiency, effectiveness, etc.) and financial analysis (horizontal and vertical analysis and ratios related to
activity, profitability, liquidity, leverage, etc.)
V. Engagement Communication (IIA Standard 2400) 12%
Recognize communicaon quality (accurate, objecve, clear, concise, construcve, complete, and mely) and
1
elements (objectives, scope, conclusions, recommendations, and action plan)
2 Discuss recommendations to enhance and protect organizational value
3 Describe engagement communicaon (preliminary, interim reporng, conclusions) with appropriate pares