All Practice Exams

100+ Free CPrac (SA) Practice Questions

Pass your CISA Compliance Practitioner CPrac (SA) Board Examination exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately
100+ Questions
100% Free

Loading practice questions...

Sample CPrac (SA) Practice Questions

Try these sample questions to test your CPrac (SA) exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 100+ question experience with AI tutoring.

1The Generally Accepted Compliance Practice (GACP) framework is best described as:
A.A South African tax Act
B.CISA's benchmark of principles, standards and guides for compliance best practice
C.A building code
D.A sports rulebook
Explanation: GACP is CISA's compliance practice benchmark (principles, standards and guides) that organisations and Compliance Officers should apply.
2The revised GACP referenced for CPrac (SA) is effective from:
A.1 January 1994 only
B.Never — GACP was withdrawn
C.1 January 2024 on CISA's online GACP platform
D.Only 2030
Explanation: CISA states the revised GACP is effective from 1 January 2024 via the online platform.
3The foundation of the CPrac (SA) designation is:
A.The National Building Regulations alone
B.The ARCON PPCE architecture syllabus alone
C.IPOPHL patent-agent rules alone
D.The 2024 GACP framework (with King IV/King V and ethics codes referenced in CPrac materials)
Explanation: CISA states CPrac (SA) is founded on the 2024 GACP framework and is SAQA-registered; application materials also reference King IV/King V and the Code of Ethical and Professional Conduct.
4Compliance risk primarily means:
A.The risk of legal/regulatory or related obligations being breached, with resulting harm
B.Only the risk that share price falls on a quiet day
C.Only IT hardware failure with no regulatory angle
D.Only cafeteria food quality
Explanation: Compliance risk is exposure to breaches of laws, regulations, codes and related obligations and the consequences that follow.
5A Compliance Risk Management Plan (CRMP) typically:
A.Replaces the need for any policies
B.Documents obligations, risks, controls and monitoring for a regulatory theme/area
C.Is only a marketing flyer
D.Is the same as a building plan
Explanation: CRMPs break down how specific compliance obligations will be managed — risks, controls and assurance activities.
6Compiling an organisation's compliance risk profile involves:
A.Ignoring all laws except one favourite Act
B.Copying a competitor's logo
C.Identifying applicable obligations and assessing where compliance risk is concentrated
D.Deleting regulator correspondence
Explanation: A compliance risk profile maps applicable requirements and where breach risk is highest so resources can be prioritised.
7Second-line compliance functions typically:
A.Replace the board entirely
B.Originate all loans
C.Set the repo rate
D.Advise, monitor and challenge the business on compliance risk
Explanation: Compliance as second line supports and challenges first-line ownership of compliance risk.
8GACP principles/standards exist to:
A.Provide a consistent professional benchmark for how compliance should be practised
B.Authorise criminal activity if profitable
C.Eliminate the need for statutes
D.Replace King IV entirely in company law
Explanation: GACP benchmarks professional compliance practice; it complements law and governance codes rather than repealing them.
9Working knowledge of the organisation's compliance governance, framework and policy is:
A.Irrelevant for practitioners
B.Part of the CPrac (SA) candidate profile
C.Only for architects
D.Only for sports coaches
Explanation: CISA's CPrac profile explicitly includes working knowledge of compliance governance, framework and policy.
10Distinguish a compliance policy from a CRMP:
A.They are always identical documents with one title
B.CRMPs always repeal policies
C.Policy sets organisational direction/rules; CRMPs operationalise management of specific obligation sets
D.Policies are illegal under GACP
Explanation: Policies set the 'what/why' at enterprise level; CRMPs detail how particular regulatory themes are managed day-to-day.

About the CPrac (SA) Exam

CPrac (SA) is CISA's foundational compliance practitioner designation. It tests operational compliance process competence under the GACP framework — risk profiling, CRMPs, control evaluation, monitoring and reporting — together with King Code governance literacy, professional ethics and regulator/line-manager stakeholder skills.

Assessment

CISA board assessment for the SAQA-registered CPrac (SA) designation, founded on the 2024 GACP framework. Candidates are mid-management compliance practitioners expected to build risk profiles and CRMPs, evaluate controls, monitor and report, advise on legislation, and manage operational stakeholders including regulators. This free bank focuses on knowledge MCQs spanning GACP, risk management, monitoring/advisory, King IV/ethics and stakeholder management.

Time Limit

Confirm timed duration in CISA instructions for your diet; compulsory prep session and technical dry runs are scheduled ahead of exam dates.

Passing Score

No fixed public percentage pass mark verified. Confirm assessment standards with CISA.

Exam Fee

Application fee R1,995.00 (incl. VAT) + assessment (exam/RPL) R6,250.00 (incl. VAT) per CISA's published schedule; confirm before payment. (Compliance Institute Southern Africa (CISA))

CPrac (SA) Exam Content Outline

25%

GACP & Compliance Fundamentals

GACP benchmark, compliance risk, policies/CRMPs, culture and designation foundations.

25%

Compliance Risk Management

Risk profiles, CRMPs, control adequacy/effectiveness, issues and remediation.

20%

Monitoring, Reporting & Advisory

Monitoring assignments, MI, regulatory advice and follow-up.

20%

Governance, King Codes & Ethics

King IV outcomes, ethics, conflicts, gifts and integrity.

10%

Stakeholder & Regulatory Management

Line managers, regulators, inspections and assurance partners.

How to Pass the CPrac (SA) Exam

What You Need to Know

  • Passing score: No fixed public percentage pass mark verified. Confirm assessment standards with CISA.
  • Assessment: CISA board assessment for the SAQA-registered CPrac (SA) designation, founded on the 2024 GACP framework. Candidates are mid-management compliance practitioners expected to build risk profiles and CRMPs, evaluate controls, monitor and report, advise on legislation, and manage operational stakeholders including regulators. This free bank focuses on knowledge MCQs spanning GACP, risk management, monitoring/advisory, King IV/ethics and stakeholder management.
  • Time limit: Confirm timed duration in CISA instructions for your diet; compulsory prep session and technical dry runs are scheduled ahead of exam dates.
  • Exam fee: Application fee R1,995.00 (incl. VAT) + assessment (exam/RPL) R6,250.00 (incl. VAT) per CISA's published schedule; confirm before payment.

Keys to Passing

  • Complete 500+ practice questions
  • Score 80%+ consistently before scheduling
  • Focus on highest-weighted sections
  • Use our AI tutor for tough concepts

CPrac (SA) Study Tips from Top Performers

1Study GACP as your process backbone: risk profile → CRMP → control evaluation → monitoring → reporting → remediation — then drill King IV outcomes/ethics scenarios that sit around that process.
2Practise writing crisp distinctions (policy vs CRMP, adequacy vs effectiveness, inherent vs residual) because MCQs often test precise compliance vocabulary.
3Use CISA's compulsory prep session/dry runs and keep a regulatory-change log so advisory-style questions feel concrete, not abstract.

Frequently Asked Questions

What is CPrac (SA)?

Compliance Practitioner (SA) is a SAQA-registered designation from the Compliance Institute Southern Africa for candidates who meet knowledge and compliance work-experience requirements and succeed in the board exam or assessor-determined RPL pathway. It is founded on the 2024 GACP framework.

What does the CPrac board exam test?

Operational compliance competencies: facilitating compliance risk profiles, compiling CRMPs, evaluating control adequacy/effectiveness, monitoring, reporting, advising on new legislation, operational stakeholder management (line managers/regulators), and working knowledge of compliance governance/policy — underpinned by GACP and governance/ethics literacy including King IV themes.

How much does CPrac (SA) cost?

CISA publishes an application fee of R1,995.00 (incl. VAT) and an assessment fee (exam or RPL) of R6,250.00 (incl. VAT). Confirm current fees on the official programme page before applying.

How is GACP different from King IV?

GACP is CISA's compliance practice benchmark (principles, standards and guides) for compliance officers and organisations. King IV is South Africa's corporate governance code (apply-and-explain) focused on governance outcomes such as ethical culture and effective control. CPrac candidates need both: GACP for the compliance process and King literacy for governance/ethics context.