he CRMA exam includes two sections: Part 1 of the CIA  exam and a separate CRMA exam, which consists of 100 multiple-choice questions covering four domains. The CRMA exam requires a completion time of two hours.

Candidates who have already passed Part 1 of the CIA exam may advance directly to the CRMA core exam, having fulfilled that eligibility requirement.

All content covered in the four domains of the CRMA exam will be tested at the proficiency level (P). This means that candidates must exhibit proficiency (thorough understanding and the ability to apply concepts) in these topic areas.

Standards tested on the CRMA exam:

• CIA exam Part 1 topics tested include aspects of the IPPF, responsibilities of the internal audit activity, independence and objectivity, governance concepts, risk identification and management, management controls, and audit planning.
• The CRMA exam topics tested include governance aspects and principles of risk management assurance in addition to appropriate assurance and consulting roles for internal audit professionals.

Exam Non-disclosure

The CRMA exam is a non-disclosed examination, which means that current exam questions and answers will not be published or divulged.

NOTE: Exam topics and/or format are subject to change as approved by The IIA's Professional Certification Board (PCB).

CRMA Exam Domains

The CRMA exam core content covers four domains:

Domain I: Organizational governance related to risk management (25-30%)
Domain II: Principles of risk management processes (25-30%)
Domain III: Assurance role of the Internal Auditor (20-25%)
Domain IV: Consulting role of the Internal Auditor (20-25%)

CRMA Reference Resources

Download the PDF below for a list of references that encompass the body of knowledge for the CRMA exam.

CRMA Reference Resources