r/InternalAudit

Had my Part 1 exam yesterday around 24h ago. Saw some people saying it usually takes 24-72 hours to know the results, and others saying IIA will never release results immediately as they used to do in the past (don't know why tho).

I know I shouldn't, but been thinking about this 3 week wait time to receive results, as theorizing about the grade in this scenario is inevitable, at least for me.

I'd assume they know the results immediately after I submit my responses... Is it appropriate to say this quality control is more likely to be present in passed exams? Or is there really a chance they're validating a failed exam? Why would they do such a thing?

My plan was to take all three parts until the end of this year. This wait time is bizarre considering I'd already like to be studying for Part 2 if approved.

Any other thoughts or experiences on this?

I’ve been spending nights/weekends building something around vendor risk (think SOC 2 / third-party reviews), and I’m at that awkward stage where I can’t tell if it’s useful or just “interesting.”

I don’t have paying users yet; just a few people I know poking at it and giving feedback. Traction is… slow.

The idea came from seeing how much time goes into reviewing vendor reports and mapping controls manually.

For anyone in security/compliance/audit:

– How do you actually handle vendor reviews today?

– What part of the process is the biggest time sink?

– What have you tried that didn’t work?

Not trying to pitch anything. Just trying to figure out if I should keep going or pivot early.

Hey everyone, ı just started for preparing for Part 1. I am doing pretty well actually but governance… my brain is really do not accept governance. I dont understand it. I cant answer the questions and cannot understand that unit’s lecturing. Is there anyone who could help me with governance? Thank you so much!!

I work in IT audit and based on what I am reading Mythos AI can already do testing and compliance. Is this just marking or the auditing industry atleast on the IT side, is about to become obsolete?

I used Hock and went through entire textbook and question bank. Did not watch a single video. I found all of Hock questions far too easy. Sometimes I found the answer options ridiculous ie fear of robot uprising. The Hock mock questions were harder but still would be considered easy. I was scoring an average of 95%. But Hock helped me with the concept.

I bought the IIA mock, and I believe this is what helped me pass the paper. There were so many terms in the IIA Mock that was not in the Hock bank or textbook. I scored 75% and 69%. I noted everything I got wrong and the terms I wasnt familiar with, and used chatgpt to explain it to me in table form (ie cold site vs warm site vs hot site).

My actual exam had a lot of ratio questions. Between 5-10 for sure. I found it harder than the IIA Mock. There was also a lot of cybersecurity questions. I flagged almost 30 questions at the end of my exam and thought the ratio questions were going to make me fail. Tbh I think if I didnt buy the IIA Mock, I would have failed. I walked out of my exam thinking I was gonna fail too because I did not focus much on financial concept questions.

ETA: I have 5 years working experience in IA

Hi everyone! I’m currently preparing for Part 2 of the IIA exam and honestly having a tough time with ratios, sampling, and analytical procedures.

I’d really appreciate any tips, study strategies, or resources that helped you get through these topics. Also, which areas should I focus on the most, and which topics are heavily tested in the exam?

Thanks in advance for your insights!

Wondering if there is anyone working on Part 2 now that has already passed Part 3 (probably not many) and would like to exchange notes ( specifically test banks).

I am working on Part 3 , have Gleim and thinking of buying the IIA test bank

For part 2 I bought IIA test bank for both old and new syllabus.

So if there is anyone that has the IIA part 3 test bank and would like to have part 2 test banks to avoid another costly purchase let me know!

If not it’s all goood and Goodluck !!

Appreciate your support and Thanks in advance to anyone who provide me with lIA Practice Questions - Part 2 or the IIA mock exam Part 2 in PDF email/ ahmed_audit77@yahoo.com

I’m planning to take the exam (part one) next month, i studied the gliem material and solved it’s mcqs, then i solved examsboost mcqs and it was a lot harder.

I’m also going to solve a couple of mock exams from hock, i have an average of 75% in everything i solved. Should that be enough for taking the exam? Or what should i do more?

Would you take a Senior Internal Audit Manager role in a small IA team (3 people total) under an experienced Head of IA?

Context:

I’m currently Head of Internal Audit, strong title, good compensation

Reality: one-man show, been fighting for resources for 2.5 years

Finally got 0.6 FTE, but not the profile I wanted, person was out of IA for 7 years

Feels like... and obviously... the function isn’t taken seriously, more of a cost solution than a strategic one

New opportunity:

Senior Manager Group IA, reporting to a seasoned Head IA.

Company is a spin-off of a large conglomerate, solid and attractive business model but a bit chaotic it seema after the spin off.

IA function is relatively new, mix of building the setup and hands-on delivery

Lower title and lower pay (~20%). Still solid but always more painful to step back.

Trade-off: Stay where I have the title, access to AC and higher salary but limited traction, or move to a smaller, more credible setup where I can actually build something, but take a step back on paper.

What would you do? And do you still think I later could get a Head IA role. I am 44.

I’ve started noticing a few issues coming up again even after they were marked as resolved in previous audits

On paper everything looks fine. Actions were taken, responses were documented, and the issue was closed

But after some time, it shows up again in a slightly different form or sometimes almost the same

It makes me wonder if this is just part of the process or if it usually points to something deeper not being fully addressed

How common is this in your experience?
Do you treat repeat issues differently or just handle them the same way each time?

On CCMS it’s showing that I passed but wondering if there is a score report available? Can I just rely on it saying I passed or is there something more tangible.

I’m starting to feel a bit stressed about the financial and accounting concepts for Part 2 of the exam. Should I actually be worried?

Overall, I feel like I understand the material, but there’s just so much to keep in mind that it’s getting a bit overwhelming.

For those who have already taken Part 2:

• What types of questions did you see?
• How heavily was each section tested, especially the financial/accounting part?

Any insights or reassurance would really help. Thanks a lot in advance!

Been looking at the DOL audit quality study numbers again.

Firms doing 1-2 EBP audits a year: 70% deficiency rate.

Firms doing 25+: drops significantly.

Firms doing 100+: under 20%.

So the profession has known for years that EBP audit quality is almost entirely a function of volume and specialization. And the response has been... peer review checklists and CPE requirements.

Meanwhile the number of CPA firms doing these audits dropped from 7,330 in 2011 to 4,300 in 2020 while the number of plans that need auditing went up. Less firms. More plans. Same manual process. Same deadline. I don't think this is a competence problem. I think it's a capacity problem that the profession keeps trying to solve with training.

What's actually going to fix this?

Hi all, yesterday i did the first cia exam on the new syllabus and have been told that the official score will be communicated to me through the email and the ccms dashboard within 3 weeks so did anyone receive their score in less than a week or so?

Hey everyone,

Need some honest advice from people in KPMG / audit / risk roles.

I’m currently working as a Transfer Pricing Analyst at a KPMG, but my background is actually more aligned with audit and taxation. I have ~4 years of experience overall — most of it in CA firms where I’ve handled statutory audits, tax audits, ITR filings, and worked on internal controls and compliance-related areas.

Right now, I’ve come across an Internal Audit (Executive) opening within KPMG Assurance & Consulting Services, and the role involves process consulting, risk advisory, and internal audit work — which is more in line with where I want to build my career long-term.

A couple of things I’m thinking about:

- I’m currently pursuing MSc in International Accounting & Finance and ACCA (6/13 cleared, more exemptions expected soon)

- My current role is in Transfer Pricing, so I’m worried about how strongly my profile will be considered for IA internally

- I’ve heard switching early is easier vs getting stuck in TP longer

My question is:

👉 Should I apply right away for this IA role, or wait until I complete more ACCA papers / get formal exemptions to strengthen my profile?

Also:

👉 From a hiring perspective, would my prior audit + tax experience be considered relevant enough for Internal Audit / Risk roles, despite my current TP role?

Would really appreciate insights from anyone in IA / Risk / KPMG hiring side.

Happy to share more details if needed. Thanks in advance!

Used ChatGpt to align my thoughts

Hi everyone,

I have around 4 years of experience in external audit, and I’m considering transitioning into internal audit.

For those who made a similar move, how difficult was the transition?

What were the main differences you noticed in terms of skills, workload, and day to day tasks?

Also would I need to start at a more junior level in internal audit, or is it possible to move at a similar level given my experience?

Any advice or tips on making this transition smoother would be really appreciated.

Thanks!