How to Pass the Big Part 3 CIA Exam

While passing parts 1 and 2 mainly requires understanding concepts related to internal audit, governance, risk and fraud, in addition to some small topics, part 3 has a wide range of topics. In addition, part 3 topics are not interrelated as those of parts 1 and 2. These differences require a different approach and a different mindset. Most candidates pass parts 1 and 2 and then fail part 3 because they prepare for part 3 exam using the same strategy they used in preparing for the previous exams. This might work for some candidates, but it does not work for the majority of candidates. We will try in this article to tackle the main differences in preparation strategy between part 3 and the rest of the CIA exams. Let’s start by reviewing the content of part 3 exam.

CIA Part 3 Structure

Domain I: Business Acumen – 35 %

  1. Organizational Objectives, Behavior, and Performance
    • Strategic Planning
    • Performance Measurement
    • Organizational Behavior
    • Management Skills
  1. Organizational Structure and Business Processes
    • Organizational Structure
    • Common Business Processes
    • Project Management / Change Management
    • Contracts
  1. Data Analytics

Domain II: Information Security – (25%)

  1. Information Protection
    • Information Systems
    • Introduction to IT Controls
    • General IT Controls
    • Application Controls
    • Privacy
  1. Emerging Technologies and Cybersecurity
    • Emerging Technology Practices
    • Cybersecurity

Domain III: Information Technology – (20%)

  1. Application and System Software
    • Systems Development Lifecycle
    • Database
    • The Internet
    • Types of Software Systems
  1. IT Infrastructure and IT Control Frameworks
    • IT Infrastructure & Network Concepts
    • Functional Areas of IT Operations
    • IT Control Frameworks
    • Electronic Systems Assurance and Control (eSAC)
  1. Disaster Recovery

Domain IV: Financial Management – (20%)

  1. Financial Accounting and Finance
    • Financial Accounting – Concepts and Principles
    • Financial Accounting – Advanced Concepts
    • Financial Analysis
    • Current Assets Management
    • Capital Budgeting
  1. Managerial Accounting
    • General Concepts
    • Costing Systems
    • Relevant Costs for Decision Making

As you can see the topics of part 3 range from organization to data analytics, to information technology and accounting. This variation in topics requires a unique preparation method.

What’s Different about Part 3?

Understanding vs. memorization

Parts 1 and 2 contain concepts about internal audit, risk management, governance, fraud, and some other small topics, but all the topics are interrelated. Passing the exams of parts 1 and 2 requires a deep understanding of those concepts, and the ability to apply that understanding to real life situations. On the other hand, part 3 includes a collection of topics that are not the main core knowledge required of internal auditors. The knowledge required in part 3 is very different from that required in the other parts, and this difference requires a different approach from the examiners to test candidates’ knowledge. You will have exam questions that require you to know some concepts by heart. For example, you will study a number of information systems’ development frameworks within the second IT domain (Information Technology).  Such a topic requires that you not only understand those frameworks, but also memorize their components. The same applies to accounting, where you will need to memorize some formulas. For example, you will need to memorize how to calculate a certain financial ratio.

In addition to memorizing such information, you might also have to memorize concepts that you are not very familiar with. Such concepts are different from one candidate to another as each candidate has a different background.

The first difference then between preparing for part 3, in contrast to parts 1 and 2, is that you need to memorize and understand, while previously you only needed to understand.

Audit knowledge vs. general business knowledge

When preparing for parts 1 and 2 exams, having previous internal audit knowledge and experience is very helpful. On the other hand, part 3 does not require audit knowledge. Part 3 is, in fact, easier for those who have a business background, specifically an accounting background. The financial management domain is 20% of the exam. Not the highest percentage, but accounting is the most challenging topic in part 3 because the outline includes almost every accounting related topic. Retaining such a huge amount of knowledge is challenging. The good news is that accounting questions are easy and straightforward on the exam.

The other challenge with part 3 is the first domain, which makes up 35% of the exam questions. This domain covers many diverse topics. However, for a candidate who has a business background, the majority of those topics should be familiar, since they are all basic knowledge taught in business schools.

Amount of tested information

This is obviously the biggest difference between part 3 and the rest of the CIA exams. You need to retain a lot of information. This requires more reviews, and more time for preparation and a different preparation strategy. We, at PRC, encourage candidates to apply the: Understand, Apply & Repeat method. Where you start by understanding the concepts from the textbook, test your understanding through application by answering quiz questions, and repeating the process until you are ready for the exam. With part 3, we believe that you need several cycles of this process, a lot more than what is required for parts 1 and 2. You might be ready to sit for part 1 or 2 after 2 or 3 cycles of understanding and application, but with part 3 you might need up to 4 cycles, not because the knowledge is more difficult, but because the amount of information is greater, which requires more repeats for the information to sink in.

Should I sit for Part 3 before or after 1 and 2?

After!

Think of parts 1 and 2 as a warm up for the big part 3. If you come from a professional certification program, i.e. if you are already a CMA or a CPA, then you might be able to sit for part 3 before 1 and 2 because you have the necessary knowledge and experience with such exams. If the CIA is your first certification program, our advice is to sit for part 1, then 2, and finally 3.

Why do Candidates Fail Part 3?

Candidates usually fail the exam due to one of the following two reasons:

  1. Insufficient preparation
  2. Inadequate time management during the exam

Let’s discuss how we can diagnose the reasons and deal with each reason.

“How were the exam questions?

Very difficult. There were unfamiliar questions. The answers were very similar; I couldn’t tell which the correct answer was. My score was way lower than I expected.”

If the above applies to you, then you probably did not prepare well for the exam. You need to go over the material again. Make sure you read everything, understand all concepts, and solve all questions, and repeat the cycle 3 to 4 times.

“How was your exam?

The questions were not that difficult but I did not have enough time to finish all the questions. My score was very close to passing.”

You did not pass because you did not manage your time well during the exam.

We advise that you practice the following techniques:

  • Do not attempt long and/or difficult questions; mark them and move on.
  • Once you have attempted all short and easy questions, return to the difficult/long questions.
  • By applying the above two steps, you will make sure you have gained all the points of the easy and short questions and saved a lot of time. If you answer 80% of the short and easy questions correctly, you might need to answer only 50% of the long and difficult questions correctly to pass the exam!
  • Repeat the above process until you are left with a few questions that require more time for solving.
  • Eliminate answers you know are not
  • Read all the choices before choosing your answer.
  • Your first choice is usually the right one, unless you misread the question. Do NOT change your answer except if you are definitely sure you should change it.

Part 3 is a challenge that requires hard work, but it’s doable. Most candidates who fail their first part 3 attempt do so because they approach it the same way they had approached parts 1 and 2. We hope this brief guide would be helpful for your part 3 exam preparation plan.