CRMA: Why, How, and What's New


Risk management assurance is an essential internal audit responsibility. As the risk landscape has continued to expand and change, The IIA recognized the need for the Certification in Risk Management Assurance® (CRMA®) program to keep pace. This required a thorough evaluation of the exam requirements and content to ensure they reflect the skills needed to audit today’s emerging risks, as well as consider the organizational view required to effectively execute risk management assurance. The IIA conducted two studies — a market study in 2018 and a job analysis study in 2019. The market study revealed perceived ambiguity between the CRMA and the Certified Internal Auditor® (CIA®). Additionally, it confirmed that more business experience and a deeper level of risk management knowledge are required in order to provide holistic and effective risk management assurance. As such, the new CRMA is positioned as a career pathway for internal auditors after achieving the CIA designation. It is the only risk management assurance certification for internal auditors


The amount of both business and internal audit-specific experience required to sit for the exam has increased. Additionally, the new exam includes multiple-choice questions, as well as advanced-format questions, such as scenario item sets, fill-in-the-blanks, and hot spots. The level of understanding has also been elevated from basic to proficient for all questions. 

Read More Here