Skip Ribbon Commands
Skip to main content
Certifications & Qualifications
Expand/CollapseNew to Certification?

Expand/CollapseCurrently Enrolled?

Expand/CollapseAlready Certified?

Expand/CollapseCIA Certification

Expand/CollapseQIAL Qualification

Expand/CollapseCGAP Certification
Expand/CollapseCFSA Certification
Expand/CollapseCCSA Certification
Expand/CollapseCRMA Certification
Get Started
Eligibility Requirements
Exam Syllabus
CPE Requirements
Exam Preparation Resources
Expand/CollapseCPSA and CPEA Certification

Access CCMS & User Guide
Administrative Directives
CBT Exam Tutorial
CCMS Single Sign On
Certification Corner News
Certifications Merchandise
Candidate Eligibility Extension
Document Upload Portal
Download Handbook
Exam Language Offerings
Exam Security
Pricing Structure
Recognized CPE Providers
Social Media & Open Badging
Certification FAQ

​Certification in Risk Management Assurance® (CRMA®) Exam Syllabus

The CRMA exam includes two sections: Part 1 of the CIA  exam and a separate CRMA exam, which consists of 100 multiple-choice questions covering four domains. The CRMA exam requires a completion time of two hours.

Candidates who have already passed Part 1 of the CIA exam may advance directly to the CRMA core exam, having fulfilled that eligibility requirement.

All content covered in the four domains of the CRMA exam will be tested at the proficiency level (P). This means that candidates must exhibit proficiency (thorough understanding and the ability to apply concepts) in these topic areas.

Standards tested on the CRMA exam:

  • CIA exam Part 1 topics tested include aspects of the IPPF, responsibilities of the internal audit activity, independence and objectivity, governance concepts, risk identification and management, management controls, and audit planning.
  • The CRMA exam topics tested include governance aspects and principles of risk management assurance in addition to appropriate assurance and consulting roles for internal audit professionals.

Exam Non-disclosure

The CRMA exam is a non-disclosed examination, which means that current exam questions and answers will not be published or divulged.

NOTE: Exam topics and/or format are subject to change as approved by The IIA's Professional Certification Board (PCB).

CRMA Exam Domains

The CRMA exam core content covers four domains:

Domain I: Organizational governance related to risk management (25-30%)
Domain II: Principles of risk management processes (25-30%)
Domain III: Assurance role of the Internal Auditor (20-25%)
Domain IV: Consulting role of the Internal Auditor (20-25%)

CRMA Reference Resources

Download the PDF below for a list of references that encompass the body of knowledge for the CRMA exam.

CRMA Reference Resources

IMPORTANT! CCMS users go here to prepare for Single Sign On.

Access CCMS

Candidates from the following countries must refer to their local IIA Institute web-site or contact their local representative for more information about local certification processes:

The information contained on this website pertains to all other countries.