6.4 After the Exam and Next Steps

If you passed

A pass on Part 1 is one-third of the credential, not the finish line. The CIA is a three-part program:

Momentum matters: schedule Part 2 while the study habits and content overlap are fresh. Part 2 builds directly on the Part 1 foundations — charter, independence, governance, and risk — by moving into managing the engagement and the audit function, so the transition is smoother if you do not let months pass. Save your official score notice and confirm the pass is recorded in your IIA candidate portal.

Remember the overarching deadline. You must complete all three parts within the program eligibility window of three years (for candidates approved on or after 1 September 2019). The clock started when the IIA approved you into the program, not when you passed Part 1. If you need more time, the IIA allows a one-year extension for a fee, but planning to finish inside the original window is far cheaper and less stressful.

The full path to the designation

Passing all three exam parts is necessary but not sufficient. To be awarded the CIA, you must also satisfy the IIA's education, experience, character-reference, and identification requirements. Education typically means a post-secondary degree (with experience-based pathways for those without one), and experience generally means a defined amount of internal audit or equivalent work, which can sometimes be submitted within the program window rather than up front.

Confirm exactly which requirements you have already met and which remain outstanding, so that the day you pass Part 3 you are not blocked from certification by a missing reference form or unverified work history. Keep digital copies of your degree, experience verification, and exam score notices in one folder.

If you did not pass

Failing one part is common — Part 1 pass rates run in the 41-44% range — and it is recoverable. Two rules govern your next move:

• Retake waiting period: You must wait at least 30 days from the date you failed before retaking that same part. (This waiting period was shortened from 90 days to 30 days.) The 30-day wait applies only to the failed part — it does not block you from sitting a part you have not yet attempted.
• Program window: You may retake as many times as needed as long as you are still inside your eligibility window (and you re-pay the exam fee each attempt).

Do not simply re-study everything. The IIA provides a section-level score report for failed attempts that shows your relative performance band per section. Build your retake plan around the lowest bands, weighted by exam weight — a weak showing in Foundations (35%) or Governance/Risk/Control (30%) is worth far more attention than a weak band in Fraud Risks (15%).

A focused 30-day retake plan

1. Week 1: Re-read the standards and frameworks behind your two weakest sections; rebuild your error log.
2. Weeks 2-3: Drill mixed timed sets, targeting 75%+ on the weak sections.
3. Week 4: Two full-length timed simulations under real 150-minute conditions, then light review.

Maintaining the CIA after you finish all three parts

Once you pass all three parts and meet the IIA's education and experience requirements, you are awarded the CIA designation. The credential is not permanent on its own — you keep it active through continuing professional education (CPE):

You must report your CPE annually to the IIA and attest to compliance. Failing to report can move your status to inactive, and continued non-compliance can lead to losing the designation; reinstatement then requires catching up on the shortfall. At least some hours typically must relate to ethics, and CPE should be relevant to internal audit practice.

Connect the credential to your career

Treat the CIA as a platform, not an endpoint. It maps directly to roles such as internal auditor, senior auditor, audit manager, and ultimately Chief Audit Executive, and it pairs well with specialty IIA certificates and adjacent credentials in risk, controls, and fraud examination. Update your resume and professional profiles the day your designation is awarded, and log the new title with your employer if a certification differential or promotion track applies.

The discipline you built passing Part 1 — reading for the governing standard, choosing the defensible action, documenting the evidence — is the same discipline that advances an internal audit career.

Keep the CPE habit easy to sustain

The simplest way to never fall out of compliance is to log CPE as you earn it rather than scrambling at year-end. Conferences, IIA chapter events, webinars, structured self-study, and relevant on-the-job training typically qualify, subject to the IIA's rules on documentation and the ethics portion. Keep certificates and attendance records in the same folder as your exam and credential documents. If your status ever slips to inactive because of a reporting gap, you generally must make up the deficiency to reinstate active standing — so a few minutes of record-keeping each quarter protects years of effort.

Treating CPE as routine maintenance, not an annual emergency, keeps the CIA you worked for firmly in active status.