• Регистрация
Български (България)English (United Kingdom)
CCSA Print E-mail

The CCSA exam tests your understanding of important CSA fundamentals, processes, and related topics such as risk, controls, and business objectives.

The CCSA exam is available through computer-based testing, allowing you to test year-round at more than 500 locations worldwide. In Bulgaria there are two examination centers:

· IT Consulting & Education, 115 G, Tsarigradsko shose blvd., Business Center Magapark, fl.1, office 6, 1784 Sofia;

· SAN PRO LTD, 14, Hristo Samsarov Str., Parter, 9000 Varna.

Access CCMS and visit the Forms section to begin the CCSA application process.


CCSA candidates must meet the following eligibility requirements for education, character, work experience, facilitation experience/training, and identification. Before a candidate application can be approved, ALL documentation (proof of education, character reference, and identification) must be received and approved by The IIA’s Certification staff.


CCSA candidates must have a post-secondary (four-year) degree or equivalent. Two years of post-secondary schooling with an accredited organization plus three years of general business experience may be substituted for a bachelor's degree.

Acceptable Documents: Copy of your diploma.

Character Reference

CCSA candidates must exhibit high moral and professional character and must submit a Character Reference Form signed by a CIA, CGAP, CCSA, CFSA, CRMA, or the candidate's supervisor.

Acceptable Documents: Character Reference Form

Work Experience

CCSA candidates must obtain one year of control-related business experience, such as CSA, auditing, quality assurance, risk management, or environmental auditing. A completed Experience Verification Form is required. Candidates may apply to the program and sit for the exam prior to satisfying the professional experience requirement, but will not be certified until all program requirements have been met.

Acceptable Documents: Professional Experience Verification Form

Facilitation Experience/Training

CCSA candidates must obtain at least seven hours of acceptable facilitation experience or at least 14 hours of acceptable facilitation training. To be considered acceptable, facilitation experience or training must meet the guidelines listed on the facilitation validation form. Validation of facilitation experience/training may accompany application or be submitted later.

Acceptable Documents: CCSA Facilitation Validation Form


Proof of Identification

Candidates must provide proof of identification in the form of a copy of the candidate’s official passport or national identity card. These must indicate current status; expired documents will not be accepted.

Eligibility Period


Effective November 2010, the certification program’s eligibility requires candidates to complete the program certification process within four years of application approval. If a candidate has not completed the certification process within four years, all fees and exam parts will be forfeited.

Code of Ethics

CCSA candidates agree to abide by the Code of Ethics established by The IIA.

Continuing Professional Education (CPE)

Upon certification, CCSAs are required to maintain their knowledge and skills and stay abreast of improvements and current developments by satisfying CPE requirements.


Certification in Control Self-Assessment® (CCSA®) Exam Syllabus

Domain I: CSA Fundamentals (5-10%)

A. Code of Ethics

B. Ownership and accountability for control

C. Reliance on operational expertise

D. Comparison to traditional techniques of risk and control evaluation

E. Control awareness and education

F. Cooperation, participation, and partnership

Domain II: CSA Program Integration (15-25%)

A. Alternative approaches to CSA (A)

B. Supporting technology alternatives (A)

C. Cost/benefit analysis for implementation of the CSA process

D. Organizational theory and behavior

E. Strategic and operational planning processes

F. Change management and business process reengineering

G. Presentation techniques for successful integration

H. Organizational risk and control processes

I. Client feedback mechanisms (e.g., interviews, surveys)

J. Strategic CSA program planning methodologies or techniques, including resource allocation

Domain III: Elements of the CSA Process (15-25%)

A. Management's priorities and concerns

B. Project and logistics management

C. Business objectives, processes, challenges, and threats for the area under review

D. Resource identification and allocation

E. Culture of area under review

F. Question development techniques

G. Technology supporting the CSA process

H. Facilitation techniques and tools

I. Group dynamics

J. Fraud awareness

K. Evaluation/analytical tools and techniques (trend analysis, data synthesis, scenarios)

L. Formulating recommendations or action plans (practical, feasible, cost-effective)

M. Nature of evidence (sufficiency, relevance, adequacy)

N. Reporting techniques and considerations (types, audience, sensitive issues, access to information)

O. Motivational techniques (creating support and commitment for recommendations)

P. Monitoring, tracking, and follow-up techniques

Q. Awareness of legal, regulatory, and ethical considerations

R. Measuring CSA program effectiveness

Domain IV: Business Objectives and Organizational Performance (10-15%)

A. Strategic and operational planning processes

B. Objective setting, including alignment to the organization's mission and values

C. Performance measures

D. Performance management

E. Data collection and validation techniques (e.g., benchmarking, auditing, consensus testing, etc.)

Domain V: Risk Identification and Assessment (15-20%)

A. Risk Theory

B. Risk models/frameworks (including COSO's Enterprise Risk Management/Integrated Framework)

C. Understanding the risks inherent in common business processes

D. Application of risk identification and assessment techniques

E. Risk management techniques/cost-benefit analysis

F. Using CSA in enterprise risk management

Domain VI: Control Theory and Application (20-25%)

A. Corporate governance, control theory, and models

B. Methods for judging and communicating the overall effectiveness of the system of internal control

C. Relationship between informal and formal controls

D. Techniques for evaluating formal controls (manual or automated)

E. Techniques for evaluating informal controls/control environment

F. Control documentation techniques

G. Control design and application

H. Techniques for determining control track record for the organization (e.g., reviews, audits, other assessments)


Copyright © 2017. www.iiabg.org.

S5 Box




Fields marked with an asterisk (*) are required.