100+ Free IIA IAP Practice Questions

Pass your Internal Audit Practitioner (IAP) exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately

Not publicly disclosed Pass Rate

100+ Questions

100% Free

1 / 100

Question 1

Score: 0/0

What is the fraud triangle, and which of the following BEST describes its three elements?

Opportunity, Motivation, and Corruption

Motive, Means, and Method

Pressure, Opportunity, and Rationalization

Intent, Opportunity, and Financial Gain

to track

Same family resources

Explore More IIA Certifications

Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.

CIA Part 1

Practice Questions199 questions Study Guide Cheat Sheet Flashcards50 cards 1 blog

IIA CRMA Certification in Risk Management Assurance

Practice Questions100 questions

More From This Family

Videos and articles for deeper review.

ArticleCIA Part 1 Exam Guide 2026: GIAS-Aligned Internal Audit Fundamentals28 min read

2026 Statistics

Key Facts: IIA IAP Exam

125 Qs

Exam Questions

150-minute time limit

600/750

Passing Score

IIA scaled scoring

4 Domains

Exam Content Areas

35% / 20% / 30% / 15% weighting

No Prereqs

Eligibility

No education or experience required

$430

Member Total Cost

$120 app + $310 exam (USD)

Permanent

Designation Status

As of May 28, 2025 (20 CPE/yr from 2026)

IAP is a 125-question, 2.5-hour entry-level IIA certification ideal for students and new auditors — no education or work experience required. As of May 2025, it uses the CIA Part 1 (Internal Audit Fundamentals) exam and the 2024 Global Internal Audit Standards (effective January 9, 2025). Delivered by Pearson VUE at test centers (online proctoring ended May 2025). IAP holders earn a permanent designation, require 20 CPE hours/year from 2026, and can pursue CIA Parts 2 and 3 for the full CIA without repeating Part 1.

Sample IIA IAP Practice Questions

Try these sample questions to test your IIA IAP exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 100+ question experience with AI tutoring.

1According to the Global Internal Audit Standards (2024), what is the primary purpose of the internal audit function?

A.To detect and prevent all fraud within the organization

B.To enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight

C.To ensure compliance with all applicable laws and regulations

D.To prepare financial statements and management reports

Explanation: The Global Internal Audit Standards (2024) define internal auditing as an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. The primary purpose is to enhance and protect organizational value through risk-based and objective assurance, advice, and insight. Fraud detection and compliance are important but are not the primary stated purpose.

2Which document formally establishes the internal audit function's authority, position, and scope of activities within the organization?

A.The annual audit plan

B.The internal audit charter

C.The board resolution

D.The internal audit policy manual

Explanation: The internal audit charter is the formal document that establishes the internal audit function's position within the organization, its authority, access to records and personnel, and the scope of activities. The charter must be approved by senior management and the board. Annual audit plans detail specific engagements but do not establish authority.

3What is the key distinction between assurance services and advisory services provided by internal audit?

A.Assurance services are mandatory under law; advisory services are always voluntary

B.Assurance services involve an independent objective assessment; advisory services provide counsel without the auditor assuming management responsibility

C.Assurance services focus only on financial risks; advisory services cover operational risks

D.Assurance services require external auditor involvement; advisory services do not

Explanation: Assurance services involve the internal auditor providing an independent, objective assessment of evidence to render an opinion or conclusion. Advisory services provide counsel, recommendations, or facilitation without the internal auditor assuming management responsibility for implementation. The nature of the engagement and auditor role differ — not the subject matter.

4To which body should the Chief Audit Executive (CAE) functionally report to preserve organizational independence?

A.The Chief Financial Officer

B.The Chief Executive Officer

C.The board or audit committee

D.The external auditors

Explanation: The Global Internal Audit Standards require the CAE to functionally report to the board or its audit committee. This reporting line gives internal audit the independence needed to objectively assess management activities. The CAE may administratively report to the CEO for day-to-day matters, but functional reporting to the board is essential for independence.

5Which of the following best describes the concept of organizational independence for the internal audit function?

A.Internal auditors must never communicate with management during an engagement

B.The internal audit function is free from conditions that threaten its ability to carry out its responsibilities impartially

C.Internal auditors must be located in a separate building from all other departments

D.The internal audit function reports to the external auditors to ensure independence

Explanation: Organizational independence means the internal audit function is free from conditions that threaten its ability to carry out responsibilities in an unbiased manner. This includes having an appropriate reporting structure (functional reporting to the board) and freedom from management interference in scope, work, and reporting. Physical separation or reporting to external auditors is not required.

6According to the Global Internal Audit Standards, what does individual objectivity require of internal auditors?

A.Auditors must avoid all personal relationships with anyone in the organization

B.Auditors must have an impartial, unbiased attitude and avoid conflicts of interest

C.Auditors must obtain approval from the board before expressing any opinion

D.Auditors must rotate to a new organization every three years

Explanation: Individual objectivity requires internal auditors to have an impartial, unbiased attitude and to avoid situations that compromise or appear to compromise their ability to make objective assessments. Conflicts of interest — whether actual or perceived — must be disclosed and managed. Objectivity is a state of mind, not a structural arrangement requiring rotation or external approval.

7What does due professional care require of an internal auditor when conducting an engagement?

A.Absolute assurance that no fraud or errors exist

B.Auditing every area of the organization at least once per year

C.Applying the care and skill expected of a reasonably prudent and competent internal auditor

D.Obtaining external certifications in every discipline audited

Explanation: Due professional care requires internal auditors to apply the care and skill expected of a reasonably prudent and competent internal auditor — not perfection or absolute assurance. This includes exercising professional skepticism, considering potential risks, and planning appropriate procedures. It does not require auditors to be experts in every area or guarantee the discovery of all errors.

8Which of the following is an example of an assurance service performed by internal audit?

A.Facilitating a risk assessment workshop for management

B.Providing training to employees on internal controls

C.Conducting an independent evaluation of the effectiveness of an organization's internal control system

D.Assisting in the design of a new accounting information system

Explanation: An independent evaluation of internal control effectiveness is a classic assurance service — the auditor objectively examines evidence and renders an opinion without management directing the conclusion. Risk workshops, employee training, and system design assistance are advisory or consulting services because the auditor provides guidance rather than independent assessment.

9Which of the following best describes the internal audit mandate under the Global Internal Audit Standards?

A.Authority granted by law to compel management to implement audit recommendations

B.The authority conferred by the governing body that defines the purpose, authority, and responsibility of the internal audit function

C.Management's right to direct the scope and findings of internal audit engagements

D.The external auditor's delegation of financial statement testing to internal audit

Explanation: The internal audit mandate is the authority conferred by the governing body (typically the board) that defines the purpose, authority, and responsibility of the internal audit function — most commonly formalized in the audit charter. This mandate gives internal audit the standing to access records, personnel, and operations needed to fulfill its responsibilities.

10The Global Internal Audit Standards (2024) replaced which prior framework?

A.COSO Internal Control — Integrated Framework (2013)

B.The International Professional Practices Framework (IPPF) Standards (2017)

C.ISO 31000:2018 Risk Management Standard

D.The Sarbanes-Oxley Act Section 404 requirements

Explanation: The Global Internal Audit Standards, effective January 9, 2025, replaced the prior International Standards for the Professional Practice of Internal Auditing contained in the IPPF (2017 version). The new Standards are organized around 5 Domains and 15 Principles. COSO, ISO 31000, and SOX are related frameworks but were not replaced by the 2024 Standards.

About the IIA IAP Exam

The IIA's Internal Audit Practitioner (IAP) is an entry-level, foundational certification open to university students, early-career auditors, and professionals without degrees. As of May 28, 2025, the IAP exam is the CIA Part 1 — Internal Audit Fundamentals exam. The 125-question exam covers four content domains: Foundations of Internal Auditing (35%), Ethics and Professionalism (20%), Governance, Risk Management, and Control (30%), and Fraud Risks (15%). It is graded on a 250-750 scaled scoring basis with 600 required to pass.

Questions

125 scored questions

Time Limit

2.5 hours (150 minutes)

Passing Score

600/750 (scaled)

Exam Fee

$310 members / $445 non-members / $245 students (USD) (The Institute of Internal Auditors (IIA) / Pearson VUE)

IIA IAP Exam Content Outline

35%

Foundations of Internal Auditing

IIA mission and purpose, audit charter, mandate, board responsibilities, CAE role, organizational independence, individual objectivity, assurance vs. advisory services, due professional care, QAIP, risk-based audit planning

20%

Ethics and Professionalism

IIA Code of Ethics (Integrity, Objectivity, Confidentiality, Competency), professional skepticism, conflict-of-interest disclosure, continuing professional development, standards of conduct

30%

Governance, Risk Management, and Control

Governance definition and board oversight, COSO IC 2013 (5 components, 17 principles), Three Lines Model (2020), risk concepts (inherent/residual/risk appetite/tolerance), control types (preventive/detective/corrective), segregation of duties, engagement planning, working papers, audit evidence, sampling

15%

Fraud Risks

Fraud triangle (pressure/opportunity/rationalization) and diamond (adds capability), auditor's fraud responsibilities, fraud red flags, occupational vs. management fraud, anti-fraud controls, whistleblower programs, tone at the top

How to Pass the IIA IAP Exam

What You Need to Know

Passing score: 600/750 (scaled)
Exam length: 125 questions
Time limit: 2.5 hours (150 minutes)
Exam fee: $310 members / $445 non-members / $245 students (USD)

Keys to Passing

Complete 500+ practice questions
Score 80%+ consistently before scheduling
Focus on highest-weighted sections
Use our AI tutor for tough concepts

IIA IAP Study Tips from Top Performers

1Memorize the 5 Domains and 15 Principles of the 2024 Global Internal Audit Standards (effective January 9, 2025)

2Know the IIA Code of Ethics four principles by heart: Integrity, Objectivity, Confidentiality, Competency (IOCC)

3Master the Three Lines Model (2020): First Line = operations, Second Line = oversight functions, Third Line = internal audit

4Distinguish COSO IC 2013 (5 components, 17 principles) from COSO ERM 2017 (5 components, 20 principles) — do not mix them up

5Know the fraud triangle elements: Pressure, Opportunity, Rationalization — and the fraud diamond's fourth element: Capability

6Distinguish design deficiencies (control is flawed in design) from operating deficiencies (control is correctly designed but not working)

7Understand risk types: preventive stops events before, detective identifies after, corrective remedies the damage

8Know the 4 Cs of audit findings: Criteria, Condition, Cause, Effect — Cause explains the root problem and drives corrective action

Frequently Asked Questions

How many questions are on the IAP exam and how long is it?

As of May 28, 2025, the IAP exam is the CIA Part 1 — Internal Audit Fundamentals exam: 125 multiple-choice questions in 2.5 hours (150 minutes). It is administered at Pearson VUE test centers. A scaled score of 600 out of 750 is required to pass.

What are the IAP exam content domains?

The IAP/CIA Part 1 exam covers four domains: Foundations of Internal Auditing (35%), Ethics and Professionalism (20%), Governance, Risk Management, and Control (30%), and Fraud Risks (15%). All content is aligned with the 2024 Global Internal Audit Standards, effective January 9, 2025.

What are the eligibility requirements for the IAP?

The IAP has no education or work experience requirements — it is one of the most accessible professional credentials available. Candidates simply need a valid government-issued photo ID to apply through the IIA's CCMS portal. They have two years from application approval to pass the exam.

How much does the IAP cost?

IIA members pay $430 total ($120 application + $310 exam fee). Non-members pay $685 total ($240 + $445). Students at accredited institutions pay $310 total ($65 + $245). Prices are in USD and apply in the US, Canada, and select countries.

Is the IAP a permanent credential?

Yes. Effective May 28, 2025, the IAP became a permanent designation (previously it expired after 3 years). Beginning in 2026, IAP holders must complete 20 hours of CPE annually and complete an annual certification renewal to maintain the designation.

How does the IAP relate to the CIA?

Passing the IAP (CIA Part 1) fulfills the first part of the three-part CIA program. IAP holders can apply for the CIA without meeting the standard education prerequisite and only need to complete CIA Parts 2 and 3 to earn the full CIA designation.