By browsing our site you agree to our use of cookies. You will only see this message once.

> Find out more about how this site uses cookies

Certification in Risk Management Assurance (CRMA)

Enrol for this course

Course Description

Study Method: Training Center Location
Awarding Body: Certification in Risk Management Assurance (CRMA)


become an auditor small

Earning a professional credential from The IIA is the best way to demonstrate your commitment to advancing in this competitive niche and communicating your breadth of knowledge.

If your goal is to become a trusted advisor to the audit committee and executive management in the critical areas of risk assurance, governance processes, quality assurance, or control self-assessment, the CRMA designation is for you.

This IIA course has training provided by BHBi at our BHBi training location.


Course modules

This is a single module course. (All the information is on this course page).

Certification in Risk Management Assurance (CRMA)

Be a Key Advisor to the Audit Committee and Executive Management for Risk Management 

Job analysis and stakeholder surveys have indicated a key element to unlocking internal audit’s full potential can be found in a professional’s ability to provide advice and assurance on risk management to audit committees and executive management. In response, The IIA developed the CRMA designation.

The standard CRMA Core Exam will be a 100-question, multiple-choice exam, with a seat time of two hours. These exams will be instantly scored like all of the other IIA exams, and will be administered at Pearson VUE testing centers around the world. All Certification in Risk Management Assurance® (CRMA®) eligibility requirements will apply.

The CRMA: Your Key to Career Success

The CRMA is designed for internal auditors and risk management professionals with responsibility for and experience in providing risk assurance, governance processes, quality assurance, or control self-assessment (CSA). It demonstrates an individual’s ability to evaluate the dynamic components that comprise an organization’s governance and enterprise risk management program and provide advice and assurance around these issues.

The CRMA is one more mark of professional distinction for internal audit practitioners. Earning the CRMA will assist you in demonstrating your ability to:

  • Provide assurance on core business processes in risk management and governance.
  • Educate management and the audit committee on risk and risk management concepts. 
  • Focus on strategic organizational risks.
  • Add value for your organization.


Eligibility Requirements

By applying to become a candidate in the CRMA program, an individual agrees to accept the conditions of the program. These include eligibility requirements, exam confidentiality,Code of Ethics, and Continuing Professional Education (CPE), and any other conditions enacted by The IIA's Professional Certification Board (PCB).

  • CIA Part 1
  • 3-4 year or higher degree
  • Character reference
  • Relevant Work Experience 
  • Proof of Identity
  • Come within the eligibility period
  • Agree to exam confidentiality / non-disclosure 
  • Comply with the code of ethics
  • Have IIA membership


More Info
More information on eligibility can be found here:

Exam Syllabus

The CRMA exam includes two sections: Part 1 of the CIA  exam and a separate CRMA exam, which consists of 100 multiple-choice questions covering four domains. The CRMA exam requires a completion time of two hours.

Candidates who have already passed Part 1 of the CIA exam may advance directly to the CRMA core exam, having fulfilled that eligibility requirement.

All content covered in the four domains of the CRMA exam will be tested at the proficiency level (P). This means that candidates must exhibit proficiency (thorough understanding and the ability to apply concepts) in these topic areas.

Standards tested on the CRMA exam:

  • CIA exam Part 1 topics tested include aspects of the IPPF, responsibilities of the internal audit activity, independence and objectivity, governance concepts, risk identification and management, management controls, and audit planning.
  • The CRMA exam topics tested include governance aspects and principles of risk management assurance in addition to appropriate assurance and consulting roles for internal audit professionals.


The CRMA exam core content covers four domains:



 Domain I

Organizational governance related to risk management (25-30%)

A. Assess risk management processes in the context of alignment with strategic imperatives

  1. Objectives of risk management processes
  2. Organization's risk culture
  3. Risk capacity, appetite, and tolerance of organization


B. Assess the processes related to the elements of the internal environment in which organizations seek to manage risks and achieve objectives

  1. Integrity, ethical values, and other soft controls
  2. Role, authority, responsibility, etc., for risk management
  3. Management's philosophy and operating style
  4. Legal/Organizational structure
  5. Documentation of governance-related decision-making
  6. Capabilities, in terms of people and other resources (e.g., capital, time, processes, systems, and technologies)
  7. Management of third party business relationships
  8. Needs and expectations of key internal stakeholders
  9. Internal policies


C. Assess the processes related to the elements of the external environment in which organizations seek to manage risks and achieve objectives

  1. Key external factors (drivers and trends) that may impact the objectives of the organization
  2. Needs and expectations of key external stakeholders (e.g., involved, interested, influenced)


Domain II

Certification in Risk Management Assurance™ (CRMA®) Exam Syllabus — Domain II

Principles of risk management processes (25-30%) A. Benchmark risk management processes using authoritative guidance B. Evaluate risk management processes related to:

  1. Setting objectives at all levels to achieve strategic initiatives
  2. Identifying risks
  3. Risk analysis and evaluation including correlation, interdependencies, and prioritization
  4. Risk response (e.g., avoid, transfer, mitigate, accept), including cost/benefit analysis
  5. Developing and implementing risk mitigation plans
  6. Monitoring risk mitigation plans and emerging risks
  7. Reporting risk management processes and risks, including risk mitigation plans and emerging risks
  8. Periodic review of risk management processes to aid in continuous improvement


Domain III

Certification in Risk Management Assurance™ (CRMA®) Exam Syllabus

Assurance role of the Internal Auditor (IA) (20-25%)

A. Review the management of key risks

B. Evaluate the reporting of key risks

C. Provide assurance that risks are adequately evaluated

D. Provide assurance on risk management processes


Domain IV

Consulting role of the Internal Auditor (IA) (20-25%)

A. Facilitate identification and evaluation of risks

B. Coach management in responding to risks

C. Coordinate risk management activities

D. Consolidate reporting on risks

E. Maintain and develop the risk management framework

F. Advocate for the establishment of risk management

G. Develop risk management strategy for board approval

Course sessions

Course prices include all study materials, access to BHBi online interactive learning system, access to dedicated expert tutor, all day refreshments, and 3-course lunch. Course sizes are restricted to ensure active student participation. Course prices exclude VAT.

Revision sessions include refreshments, and lunch. Prices exclude VAT.

Module Month Date Location Price Enrol
Certification in Risk Management Assurance (CRMA) January
01/01/2021 to 31/12/2021
Virtual £1,295

Enrol for this course

Accredited By

institute of consulting premier practice
CIPFA Accredited
institute of consulting premier practice
leadership management wales
chartered management institute approved

  In Partnership With

institute of internal auditors

Thanks for visiting BHBi

Mark Barnes

Hi. I'm Mark Barnes one of the directors at BHBi.

Is there anything I can help you with? Perhaps you are keen to find out more about a course?

Mark Barnes

Thanks for asking.

If you add your email or telephone below. I'll get back to you as soon as I am online.

Mark Barnes

Thanks for your message or question.

I'll get back to your shortly. I look forward to chatting more with you.


ask us