CIA vs CPA; which certification should you hold?
I get this question quite a bit from new auditors who want to take their career to the next level. When it comes to the question of CIA vs CPA, it ultimately boils down to your education and your career goals.
But there are other factors to consider as well that depend on personal preference. So, before I answer, I ask some questions myself!
Here are the questions I ask in response to the question, “Should I become a Certified Internal Auditor (CIA) or a Certified Public Accountant (CPA)?” and a little bit about why I ask them.
Do you have an accounting degree?
Or at least have gobs of college credit hours in accounting? If not, you can’t be a CPA.
CPAs are subject matter experts when it comes to accounting records and data and that got that way by studying the very granular details of accounting. In Texas, the requirement to become a CPA is a 150-hour degree program in accounting from an accredited university. That equates to a master’s degree in accounting.
I chose to study accounting at the University of Texas by process of elimination (I wasn’t math savvy enough to be an engineer and my father was opposed to my first choice, art history) and got my CPA license just before they raised the hours from 120 to 150. And this is very fortuitous, because I would not have been able to tolerate another two years of accounting studies.
Can you tolerate that many accounting classes? I ask.
On the other hand, CIAs don’t even need a degree. If you get 5 years of experience as an internal auditor, you can get your certification (after passing the exam of course) with a high school diploma. If you have a bachelors degree of any sort (including art history (!)) you can get your CIA after two years of internal audit experience.
A few universities offer programs for internal auditors specifically. The University of Houston’s program comes to mind.
Where do you see your career headed?
Next I ask, “Do you want to stay in internal audit for your entire career?” And if the answer is no, I suggest they may like the flexibility of a CPA license.
A CPA can work in the finance and accounting department of any type of entity, perform any type of audit including financial and performance audits, prepare tax returns, plan estates, and advise business owners and program managers. A CPA license opens lots of doors.
The CIA is designed for internal auditing only.
And while a CPA can be an internal auditor, a CIA cannot be an external financial auditor.
How does tight regulation sit with you?
Did you notice my reference to my CPA ‘license.’ So the complete term for what I hold is a Certified Public Accounting license. Notice I did not add that term to the CIA designation. Certified Internal Auditor. The term ‘license’ implies government regulation. The term ‘certification’ does not.
CPAs hold a ‘license’ awarded by state boards of public accountancy if the CPA satisfies state law regarding CPAs. And the state can revoke your license if you do not meet those terms.
For instance, although I am a CPA, I cannot do an audit at will, I must establish and register my CPA firm with the state and undergo a peer review every three years that is mandated and overseen by the state. If I do something outside of the stringent boundaries set by the state, my license will be revoked.
And in an effort to scare all of us CPAs into compliance (and this works like a charm!) the State Board publishes a list of all CPAs who’s licenses are revoked and sends it to the other CPAs in the state on a regular basis!
In addition, my license also only has weight in Texas, where I took the exam. I cannot practice public accountancy in any other state without registering with that state and meeting that state’s requirements.
On the other hand, The Institute of Internal Auditors (IIA), who issues the CIA, is proud to say that they are an international organization so no one government can regulate them. They are also a member organization – which means they want to make their members (including their CIA’s) happy. I have never heard of the IIA going after a CIA and revoking their license.
CIAs are supposed to undergo a peer review every five years, but many do not. I saw data on how many internal audit shops had not met this requirement at one point (and I want to say it was half) but I can’t find that data on the internet now. And the IIA is definitely not going to publish a list of all their members who do not comply in an effort to shame their members.
Would you rather get sued or fired?
Due to the nature of auditing, somewhere along the way an auditor is going to miss something significant. We aren’t omnipotent, all-knowing sorcerers who have their heads in everything… we don’t have time or the magical powers for that!
So when something bad happens, the auditors often get blamed and then suffer some kind of consequence. Would you prefer the consequence to be getting sued, fired and shamed or would you prefer to simply be fired?
CPAs can get sued, fired and shamed.
CPAs are public accountants. Catch the word ‘public.’ Which means that we have a responsibility to the public when we do our work.
So let’s say that a CPA performs a financial audit of a corporation and misses something major and bad in the financial statements, the shareholders and the bank who relied on those financial statements will sue them and seek to have their license revoked. So the CPA will both lose money, possibly lose their business, lose their license and be publicly shamed. Fun!
A CIA is an internal auditor. Catch the word ‘internal.’ This means if the users of their reports (the managers and leaders inside the organization in which the auditor works) want to sue them they will be suing themselves. This is very unlikely, to say the least. Might they fire the internal auditor? Sure. But will disgruntled leaders publicly flog them and wipe them out financially? I doubt it.
Being licensed as a CPA has its benefits
Man, I made being a CPA sound really scary, didn’t I? I am quaking in my own boots. So, to remain a CPA after you pass that really difficult exam, you do have to keep your nose clean.
But in that holds one of the main benefits of being a CPA. People who must keep clean noses can be trusted. And a CPA’s clients can trust their CPA. And that could be why many organizations who understand the difference between these two designations prefer to populate their internal audit shop with CPAs instead of CIAs.
Being a CIA is powerful and dare I say it… fun?
However, few internal audit projects center on financial data and therefore an accounting background isn’t required. But a big brain with a breadth of knowledge is. And that is why the subject matter for the CIA exam is so far reaching and why having any education that challenges you to think (even my coveted art history degree) will help you be an internal auditor.
The IIA does a great job keeping its members current and looking to the future of the audit profession. The IIA is also a great place to meet like minds and share experience and have fun. Yes, I said fun; IIA conferences are luxurious blasts.
I serve on the board of the local IIA chapter and love the IIA community because it encourages leadership, growth, sharing, and innovation. And being a CIA is the pinnacle of professional achievement in that community. So if that sounds like your kind of people, I highly recommend the CIA.
I bet you have things to say: CIA vs CPA
If you lean one way or the other or are personally invested in the choice CIA vs CPA, I bet you have some comments. I welcome them and will publish them in a future blog. Let us all hear from you about why you think your path was best for you (and maybe if you want to be as bold as to say what is right for others… go ahead and say that, too!).
So who wins in the choice, CIA vs CPA? Both choices are great and you can’t go wrong either way.
Want to know more?
If you are considering a career in auditing, you may want to get a taste of what auditing is like. I suggest the Essential Skills Bundle.
And if you want to know more about IIA standards that are the basis of the IIA exam and how they contrast with the Yellow Book, please join us for the Red Book vs. Yellow Book webinar on August 30.
Comments from a Federal Inspector General (CPA, CGFM) 6/1/2022:
I read your article and it has a lot of good points. A few things:
- I would say the exam is quite different. The CPA is a lot harder because they are trying to exclude you. The CIA not so much. A point you made very clearly.
- The CPA opens up other job possibilities that the CIA does not. For example, I got invited to the Postal Inspector and FBI exams based on my CPA. Otherwise, the passing qualification would have been much tougher.
- CIA’s like to think they are equivalent to CPAs. Not by a long shot.