CIA Part 1 Textbook Update July 2021

The CIA Part 1 Textbook has been updated, and the new files are available for current students to download in My Studies. The significant changes are listed below including page numbers in the new July 2021 book.

Section I

  • Added Board Approval and Communication of Charter to B. The Internal Audit Charter, page 14.
  • Additional discussion in D. IIA Code of Ethics, pages 16-25.

Section II

  • Additional discussion in all topics, pages 26-39.

Section IV

  • Additional discussion in all topics, pages 49-62.

Section V

  • Added Three Lines Model, pages 63-68.
  • Additional discussion in Risk Appetite, Risk Tolerance, and Risk Capacity, pages 89-92.
  • Additional discussion in Risk Assessment, pages 95-97.

Section VI

  • Additional discussion in all topics, pages 146-157.

If you have any questions about these changes, please contact us and we will be glad to assist you.

You can also learn more about the HOCK CIA Textbooks and other exam prep materials if you are not already a HOCK student.

Share on:

CIA Part 3 Textbook Update July 2021

The CIA Part 3 Textbook has been updated, and the new files are available for current students to download in My Studies. The significant changes are listed below including page numbers in the new July 2021 book.

Section I

  • Added Boston Consulting Group Growth-Share Matrix and Operational Performance Measurement, pages 15-17.
  • Added Responsibility Centers and Responsibility Accounting, pages 29-32.
  • Added work schedules and compensation, pages 42-43.
  • Added IIA SG Optimizing Public Sector Audit Activities, pages 53-54.
  • Added Non-Disclosure Agreements, page 83.
  • Added more details about the value and governance of Data Analytics, pages 85-87.
  • Added Sensitivity Analysis and Monte Carlo Simulations, page 88.
  • Added more details about auditing software, pages 90-91.

Section II

  • Added excerpts from IIA GTAGs throughout the Section.
  • Added a chart with control weaknesses and related actions, page 105.
  • Added more details about some Emerging Technologies, pages 106-108.

Section III

  • Added excerpts from IIA GTAGs throughout the Section.
  • Added an overview of different types of databases, page 126.
  • Added basic IT terms, pages 133-134.
  • Added a longer introduction to IT Control Frameworks and IT Risks, pages 139-140.

If you have any questions about these changes, please contact us and we will be glad to assist you.

You can also learn more about the HOCK CIA Textbooks and other exam prep materials if you are not already a HOCK student.

Share on:

From Brian’s Desk: Is a Personal Counselor or Mentor necessary to pass the exam?

Is a Personal Counselor or Mentor necessary to pass the exam?

A Personal Counselor or Mentor is something that some exam prep providers include as a benefit of choosing their materials. While I agree that it is important that a review provider answer your questions as part of their support, there is no practical reason that you need to have a personal counselor as part of your exam preparation process.

Why do I say this? Because the exam that you take is not personal to you.

Everyone takes the same exam covering the same material tested at the same level of depth. The exam does not adapt its depth based on your background or experience. To say it one more time: EVERY candidate needs to know the SAME material at the SAME depth for the exam.

Because every candidate needs to know the same information, I am not sure what a personal counselor can do that you are not able to do for yourself. You can look at the results of your study sessions and determine how well you know a topic. In fact, you know more than anyone else can about how well you know a topic.

For example, let us say that there are 10 questions, and you know with certainty 6 of the 10 questions. That is 60% proficiency, but that is not enough and you need to study that topic more. Even though you do not know the other 4 questions, statistically you will get one of the four correct – giving you a 70% score. If you get lucky and guess two of those four correctly, you will score 80%, and someone else just looking at the percentage probably will say you are proficient and can move on to the next topic. But you know the truth, that you really are not 80% proficient on that topic.

In terms of guiding you through your studies, a personal counselor is not needed for this, either. Assuming that the study materials are set up properly with a good study plan, only you know best how much time you need to spend on each topic. When you are reading the book, watching videos, and/or doing practice questions, you know how well you know the topic and how much longer you need to spend to feel comfortable.

I believe that there are two essential support functions that actually add value to your studies:

  1. A detailed study plan that helps you go through the materials, points out the main topics and can be tailored to your pace of learning and time frame for study.
  2. Subject matter experts who can answer your questions about anything in the materials while you are studying. Whether it is a concept in the book or a question that you just can’t figure out, a knowledgeable person who is experienced in that exam should be available to answer your questions in a timely manner (one business day).

All of this to say, when you are making a decision about your study materials, be sure to look for things that actually add value to your studies, and not just what sounds good. At HOCK, we have continually refined our materials and processes since 2003 so that we can offer you the most comprehensive materials and support without any unneeded and potentially expensive extras.

HOCK Exam Prep with unlimited access and teacher support:

Share on:

Blog: Certification Value Part 3 – Individuals

Certification Value - Part 3. Individuals.

In my last two blogs, I have written about how review course providers and the certification-issuing organizations add value to their certifications. In this blog, I will look at what you should do in order to maximize the value that you get from having the certificate.

Conduct yourself in a professional manner at all times

Perhaps the most important thing that you can do is to conduct yourself in a professional manner at all times. As I wrote earlier, most certificates get their value simply because they are valued by the business community. Certificates have value because the people who hold the certificate create value for them. Every individual benefit from all of the others who hold the same certificate. In order to keep this value, each holder needs to act so that the business community as a whole will continue to value that certificate. For example, everyone who is a CIA is connected to everyone else who is a CIA. When a colleague finds out that you are CIA, their first impression of you will be based on what they think of the other CIAs that they know. If enough individuals behave poorly and unethically the “brand” that is CIA will lose value. So, if you want your certificate to retain or grow its value, you need to behave in a way that will bring value to that certificate and everyone else who holds it.

Have a responsibility

In addition to holding yourself to the highest standards of behavior, you also have a responsibility to hold fellow certificate holders to a similarly high standard of behavior. When others are acting in a way that does not bring value to the “brand,” you need to work with them to change their behavior. Even though any certificate can survive “a few bad apples” in the profession, everyone needs to work to make certain that there are as few as possible.

Market the certificate

In order to maximize the value of your investment (in both time and money), you also need to market the certificate, for example, help people know what the certificate is and what the requirements are to obtain it. If an HR person in your company is not familiar with the CMA, give them information about it. That information, coupled with your behavior, will help them understand the value of CMA. Also, use the letters of your designation on your business card, your CV, and anywhere your name is used.

Become active in a local Chapter

If you are able to, you should also become active in a local Chapter of your professional organization. Chapters help to grow the profession and are a way of letting the larger community know that the certification has value. While it may be difficult to see any specific, direct benefit from attending a Chapter event, you need to remember that you are part of a larger profession and that you will benefit indirectly from the success of the organization. Professionals before you built a brand that you are benefitting from, and you need to be certain that the professionals who come after you will be able to benefit from your professional organization in the same way you have.

I encourage you to be proactive in doing these things (and more) because your certificate will only have as much value as the effort that everyone puts into it.

Brian Hock, CMA, CIA

Share on:

Blog: Certification Value Part 2 – The Organization

Certification Value - Part 2. The Organization.

In my last blog, I wrote about the value that review course providers provide for a certification. In this blog, I will look at the value that is brought to a certification by the organization that administers the exam and awards the certification.

Obviously, the organization that offers the certification provides value to it. But, it is critical that the certification continues to hold its value and even increases in value. Remember that because most certifications gain their value only because the business community desires them, it is imperative that the organizations work to provide ongoing value. Aside from giving the certificate itself, some of the things that the organization must do are:

Keep the syllabus current

Every few years the organization should evaluate the content of their exams to make certain that it continues to be relevant.

Provide sufficient information about the content of the exam

The syllabus that they provide should be detailed enough to allow candidates (and material providers) to know what is on the exam without being so detailed that it is essentially a list of the questions. (I would add that the IMA does a spectacular job with the syllabus for the CMA Exams.)

Ensure that the exam is challenging

If the pass rate is too high, the certification loses value because it is assumed that anyone can pass. If the pass rate is too low, nobody attempts it because the return on investment is too low. For example, when the DipIFR (Russian) exam was first started, the pass rate was around 15% and the exam almost collapsed because of the low pass rate.

Maintain its own ethics surrounding the qualification 

The exam creation and grading process must be above reproach. There should be controls and systems in place to ensure that if a person passes the exam that the world knows that this person actually passed the exam honestly and fairly.

Provide a fair and level field for all providers 

When an examining body is involved in materials preparation and sells their own materials, this weakens the certificate because it draws into question the grading process. Even if there are controls in place and independence between the materials creation group, the exam creation group, and the grading process, there is still the potential for the appearance of a conflict of interest.

Require some form of Continuing Education

(It has different names in different organizations) So that their certificate holders maintain relevant knowledge.

Provide value to its members through things other than the certifications

Such as conferences, publications, webinars, networking opportunities to its members, or any number of other benefits that it can provide. If the only value that it provides is in the exam itself, the organization will have difficulty maintaining its membership and attracting new members.

While there are a lot of things that professional organizations need to do in order to maintain and build the value that their certificate has in the market, it is essential that they do these things because without the certification having value, fewer people will join the organization.

I am certain that this list is not complete. What are some of the other ways that your certifications (that you have or are in the process of earning) and their supporting organization could add even more value to your career?

Brian Hock, CMA, CIA

Share on:

Blog: Certification Value

Certification Value

Professional Certification – Requirement or Preference?

A professional certification gets value from one of two sources: either it is required by law or regulation, or the business community prefers its employees have the certification, even if it is not required by law. An example of the first type is the CPA certification in the United States, which is required by law in order for an individual to sign an audit report or prepare income taxes for another party. An example of the second type is the CPA certification in countries outside the United States. In other countries, a CPA license is not required by law for any specific activity, but the business community values it, and therefore being a CPA is valuable.

Most international certifications fall into the second category. One of the reasons for this is that most internationally recognized exams are in English and therefore they can be required by law only in countries that speak English. In non-English-speaking countries, the exam gets value because it is desired by the businesses there.

While it may not seem obvious, there are a number of groups that contribute to the value that a certification has in markets where the certification is not required by law. In this blog, I will write about one of them, and I will write about others in the future.

Review Course Providers

The group that I want to write about now is what I will call Review Course Providers (RCPs). They may be called different names in different countries, but these are the companies that deliver live-taught courses for candidates to prepare to pass the exam. RCPs are different than Material Providers (MPs), who only provide materials for self-study. For example, HOCK international is an MP, whereas HOCK UAE is an RCP, where live courses are offered.

RCPs play a critical role in the development of value for a professional certification in a few different ways:

  1. When there is an RCP for a certification, it shows to prospective candidates that the certification has value. If there is no value to the certification, there would not be a company providing training locally.
  2. RCPs play an important role in marketing the certification because they are marketing the certification as well as their own courses. For the organizations that offer certifications, RCPs are a critical element of the expansion of the certification to new areas.
  3. RCPs help keep pass rates higher. If the pass rate for a certification becomes too low, fewer people will attempt it because there is not a high enough chance to get a return on their investment. Or, if the pass rate is too high, there is also a decrease in candidates because both individuals and businesses perceive that it is too easy and does not have any value.
  4. RCPs also give credibility to the certification by demonstrating that the exam is independent. When the organization that gives the exam also provides training material, there is a perception that the exam is not serious or rigorous because the same organization is in charge of all of the steps of the process. It is a bit like the segregation of duties – ideally, one organization creates the exam and grades it, and other organizations provide the training. When the examiner is also a training provider there is a conflict of interest that decreases the value of the certification.

Live Classes

Whether or not you are using or used an RCP in your preparations for the exam, you should say a word of “Thanks” to the RCPs in your area; they have helped create and sustain the value of the certificate that you have earned or are in the process of earning. If you don’t know if there are any in your area, we have a list of RCPs using HOCK materials on our website

You can send a short “Thanks” to your RCP as a comment below – let them know that they are appreciated!

Brian Hock, CMA, CIA

Share on:

Roles and responsibilities of an internal audit team

internal audit team

Certified Internal Auditor

Are you curious about becoming a Certified Internal Auditor (CIA)? This article will explain the roles and responsibilities of this position, detail how you can earn your certification, and how you can use this designation in your career.

As a CIA, your role is to independently and objectively evaluate the operations within an organization. The role can vary depending on the industry or company needs, but in general, the auditor is tasked with maintaining relevant information flow between the company’s board of directors and/or senior management and making sure that operations and business processes are in compliance with company policy and legal regulations.

The biggest difference between an internal and external auditor is the type of information you are managing. As an internal auditor, you’re tasked with the holistic management of information, which is primarily non-financial information. As a hired external auditor, your job is to examine the financial condition or business dealings, as well as compliance with different laws within the industry. As an internal auditor, understanding the functionality of each kind of external auditor helps one better prepare for the documentation and requirements when an audit is required.

Who is an ideal candidate for the CIA?

Anyone who envisions a career in internal auditing is the perfect candidate for the CIA Certification. Being a CIA will offer auditors more opportunities for advancement as well as a higher salary. Students are excellent candidates for the CIA Exams:

  1. It is more affordable to take the exams with student discounts.
  2. Students usually have more free time than working professionals and/or individuals who have families.
  3. Students are already entrenched in and accustomed to the study process.

What is an Internal Audit?

An internal audit is a managerial tool that serves to improve processes and internal controls within a company. It consists of a department within a company that is mandated to provide an assessment of the organization’s risks, control environment, and operational effectiveness. The department reports to the board and senior management, which are within the organization’s governance structure.

What do Internal Auditors Do?

As an internal auditor, your role includes providing an in-depth dive into the company’s business dealings and processes and then analyzes and converts the information into meaningful and insightful data to improve operations. To do this, the auditor uses techniques such as:

  1. Consistently reviewing company business practices.
  2. Evaluating that risk management procedures are in place.
  3. Implementing controls to protect against fraud and theft of the organizational assets and money.
  4. Ensuring laws and regulations are compliant.
  5. Making recommendations on process improvement.

Responsibilities of Internal Auditors

Ensuring the success of an organization and bridging the gap between the board of directors and the corporate management team is a key performance indicator. Below are some of their specific responsibilities and duties:

  1. Evaluating risk management activities within the organization.
  2. Determining the organization’s compliance with relevant laws and regulations.
  3. Evaluating and making recommendations that can assist in improving internal control.
  4. Investigating fraud via a fraud risk assessment that uses fraud deterrence principles.
  5. Offering an objective source of independent advice to help reach the goal and achieve legality and validity.
  6. Performing audit assignments assigned to them
  7. Learning and studying the organization’s policy and guidelines.
  8. Identifying audit scope and developing annual plans within the organization.
  9. Gathering, analyzing, evaluating, and presenting accounting documentation, reports, data, and flowcharts.
  10. Following up the audits to monitor the managements’ intervention.
  11. Promoting ethics and identifying improper conduct within the company.

Qualities of a professional Internal Auditor

You must be objective, independent, and impartial when carrying out internal audits. Below are some of the qualities a professional internal auditor should possess.

  • Integrity – High ethical work standards.
  • Independence – Ability to work alone because auditors may travel far away from their team.
  • Good communication skills – Ability to explain their findings and insights.
  • Diversity – Ability to change with current trends and affairs.
  • Persuasiveness – Ability to effectively communicate the necessary course of action.
  • Assertiveness – Be confident during the audit process and take control of the agenda.
  • Reliability – They must be ready to be available for all critical audit processes by investing their time and energy.
  • Punctuality – The auditors need to hand in reports on time, and since a team is involved, a good auditor should be punctual in all meetings.

Becoming a Certified Internal Auditor (CIA)

The Institute of Internal Auditors (IIA) awards the CIA certification. Becoming a CIA requires a University degree, two years of work experience, and passing a three-part exam. (There are some exceptions to education and work experience requirements.)

A CIA enjoys the following benefits and opportunities:

  • Being part of a global organization for the Internal Auditor Profession, The Institute of Internal Auditors (IIA).
  • Gaining respect and credibility for top positions worldwide.
  • Lucrative salary.
  • Greater career opportunities.

Internal audits play a significant role in the company’s growth by ensuring that the company is moving in the right direction.  As an aspiring CIA, you must possess qualities such as integrity, assertiveness, excellent communication, teamwork, and independence.

Do you think the role of Internal Auditor could be right for you? Learn more about how HOCK international can help you advance your career and succeed in achieving this prestigious credential.

HOCK CIA Exam Preparation

 

 

Share on:

Professional Ethics in our Personal Life: Conflicts of Interest

Code of Ethics

Code of ethics

Most companies and professional organizations have a Code of Ethics that employees and members must follow. It is important to remember that many of those ethical guidelines we have at work and in our professional lives are also important for us outside of work. When individuals act contrary to a Code of Ethics in their personal lives, people can also get hurt – just as in our professional lives.

Conflict of interests

Most Codes of Ethics require the disclosure of potential conflicts of interests, which arise when a person may be influenced in their decision as a result of an interest that they have that is in conflict with the decision that they need to make for their company. Conflicts of interest are not just at work; they are in our personal life, too, and can involve our friends, neighbors, relatives and people we have never met. Unfortunately, not everyone is motivated by a Code of Ethics in their personal life like they should be in their professional life.

For example, if someone asks me what company they should use to host their website, I have a potential conflict of interest because my brother owns a company that hosts websites. If I were to recommend my brother’s company, the question becomes whether I am recommending it because it a good web hosting company, or because it is my brother, or maybe even because I might receive a commission for every person that I refer.

Disclosure

It is not that conflicts of interest are automatically bad. However, an undisclosed conflict of interest is unethical, and potentially harmful. If I recommend my brother’s company and I do not tell the person that it is my brother’s company that I am recommending, I have potentially caused that person harm because I have not given them all of the information they need to make an informed decision. However, if I tell them that my brother owns the company, then I have not done anything to cause that person harm.

The disclosure of this conflict of interest may even be helpful to my brother. If I have acted and worked in a way that causes this person to respect me, the fact that it is my brother’s company may be the reason that the person chooses my brother’s company. By behaving ethically and professionally, my recommendation means more, and the fact that I am related to the owner of that company is a positive thing for the person who asked.

Ethics in our personal lives

In our personal lives it is also important to disclose conflicts of interest. I live in a state that recently deregulated its electricity market, which means that I am now able to choose which company I want to produce the electricity that I use. Needless to say, I was swamped with phone calls and mail from the different companies that wanted me to choose them. One evening I was talking to my neighbor and asked if he had chosen a company and how happy he was with his choice. He told me which company he had chosen and that he was happy.

Later, after I had made my selection, I found out that if I recommended others to select the company that I had chosen, they would pay me $50 for each person I recommended and signed up. When I read this, it made me wonder about my neighbor – did he make his recommendation because he was happy, or because he was going to get $50 if I selected the same company that he did?

So, when someone gives you a recommendation, (especially when it is a website giving you a recommendation), you should ask yourself if they have a conflict of interest that they are not telling you about. It might just change your mind about what decision you should make in a particular situation.

Brian Hock, CMA, CIA

 

Are you taking the CMA exam in May or June? Join the CMA Crash Course and MCQ Practice Sessions for only $108. 

Learn More: https://www.hockinternational.com/shop/cma-crash-course-and-mcq-practice/

Share on:

Exam Preparation Using Exam Content: Planning

Exam Preparation - Planning

In this post, we look at preparing for an exam using some of the same concepts that you might study while preparing for the CMA (Certified Management Accountant) or CIA (Certified Internal Auditor) Exam.

Planning

Planning is a topic covered in many professional exams because of how important planning is to a business. Without long-term planning, a company does not know what it is trying to accomplish. Every department within a company needs to have a plan too so that it can do what it needs to do to help the company achieve its objectives. Even individual employees need to have a plan so that they can help their department achieve its goals. With proper planning, a company can ensure that all of its components are moving in the same direction.

Just like a company, a candidate for a professional exam also needs to have plans, which we can break down into Long-Term, Medium-Term, and Short-Term.

Long-Term Plan

The first plan that you need is a strategic plan that encompasses what you would like to be doing in 5 years in your career, and which professional certification will best help you achieve your plan. You need to know:

  • What are the certifications in your chosen career?
  • What are the certifications most highly valued in the country where you want to work?
  • Which certifications does your company want for its employees?

Once you have selected a certification, you need to find determine:

  • Do you have the necessary education required by the exam? If not, how will you get it?
  • Do you have the necessary experience in order to be certified? If not, where can you achieve the experience?
  • What is the syllabus for the exam and what will you need to study to pass the exams?

Then, you are ready to create a medium-term plan to pass the exams and get any education or experience that you need.

Medium-Term Plan

The medium-term plan should set up a time frame for when you will pass the exams and get the needed education or experience if you don’t already have them. You need to find out what the average time is for preparing for the exam, and when the exams are offered.

For example, you may decide that it will take you 6 months to prepare for each part of the CMA Exam, and so you determine that you want to take Part 1 in early January and Part 2 in late June. Or, maybe you decide that it will take about 3 months to prepare for each Part of the CIA Exam, so you plan to take them in January, April, and July.

You should also decide the order in which you will take the different Parts of the exam. I usually recommend that you start with the Part that you feel will be easiest for you.

Short-Term Plan

You are now ready to start your short-term plans, including making a study schedule for each week. You should know when during the week you will be studying and set these times aside. If you are going to study Tuesday evening for 3 hours (for example), then when someone asks you to do something Tuesday evening, your answer should be that you are busy. Your scheduled study times should be committed appointments that you will not cancel except for an emergency.

Having a schedule will make all of your time less stressful. If you know when you will study, then in the time that you are not studying you can relax without thinking that you should be studying; your study time and your personal time can stay separate.

Just like a plan that helps a business achieve its goals, proper planning will make achieving your goal of earning a certification much easier.

What are some of your planning strategies to help you stay on track with your studies?

Brian Hock, CMA, CIA

You may also like:

Share on:

Blog: Making one into one billion

Making one into one billionA week ago, I wrote about how a small regular investment grows over time with compounding interest. A reader recently sent me an illustrative story about compounding that I want to share.

Once upon a time, there was a king who collected almost the entire rice crop harvested by his subjects as tax, promising to give it back during tough times. After many good years, there came a year when there was no crop. However, the King was stingy and unwilling to return the rice as promised. A clever girl did a favor to the king and then asked for a reward.

The reward that she asked for was that she would receive one grain of rice on the first day, and double that on the second day. On the third day, she would receive twice that from the second day. And so on for 30 days. The king thought that it was a modest request and granted it to the little girl.

However, when the King started to pay the reward, he realized what it would become.

On day 6, the little girl received 32 grains of rice.

On day 12, the little girl received 2,048 grains of rice.

On day 18, the little girl received 131,072 grains of rice.

On day 24, the little girl received 8,388,608 grains of rice.

On day 30, the little girl received 536,870,912 grains of rice.

After 30 days, she received a total of 1,073,741,823 grains of rice. (After I read this, I did the math in Excel to make certain that it is correct.)

As you can see, the increase from day to day gets larger the more days that the girl has been “investing.” While no investment offers 100% daily returns, the same concept applies to lower returns and longer periods of time.

I am certain that there are similar stories in many cultures. What version of this story have you heard?

Brian Hock, CMA, CIA

Share on: