Frequently Asked Questions

Who is the Internal Control Institute™?

What is the scope of the Institute's operations?

ICI Professional Certifications

Requirements to obtain a CICS certification

Requirements to obtain a CICP certification

Continuing Education

Internal Control Design and/or Assessment - CBOK Skill Categories

How was the CICS Common Body of Knowledge developed?

Who is COSO?

What if I am a college student and do not have my degree or sufficient work experience?

Do I have to complete any specific courses or training for the CICS certification?

How do I prepare for the CICS examination?

Are instructional courses readily available to prepare for the CICS examination?

When can I take the CICS Examination?

How is the examination organized?

What happens when I pass the examination?

What if I fail to pass the examination?

I’m a CPA, CIA, and / or CISA.   Why should I get a CICS or CICP certification?

What is the difference between an ICI membership and the ICI CICScertification?

How are credits calculated or awarded for recertification reporting?

Who is the Internal Control Institute™?
William E. Perry and H.C. “Pete” Warner previously were the managers and authors of the IIA’s System and Auditability Control Report. In addition, these key professionals participated in the development of the IIA, ISACA, AICPA, IEEE and U.S. Government control standards and are also the founders of the Internal Control Institute. Dr. Michael Pregmon, Jr. is the Chief Operating Officer and Managing Director. He is a co-founder of the Internal Control Institue and has been an author, consultant, senior corporate executive, board member, and an adjunct professor at St. Petersburg College and in the graduaate school of Nova Southeastern University. Together with a strong Board of Directors and other renowned experts, such as CPA partners, CEOs and CFOs, built the Institute into the only organization worldwide that specializes in internal control.                                    [top]

What is the scope of the Institute's operations?
The Internal Control Institute™ is primarily involved in helping organizations specifically improve their internal and operational control of activities within the company.  This is accomplished by making available internal control assessment tools, professional education and training, and professional certification programs to insure individual expertise and personal improvement continues to grow.  Additionally ICI can assist companies in potentially reducing their directors and officers’ liability insurance premiums by improving internal controls.  ICI membership and certification programs involve professionals worldwide whereby at least half or more participating professionals are operating outside the continental United States  [top]

ICI professional certifications
1. Applicants for the Certified Internal Control Specialists (CICS) designation are those professionals who have:

  • At least three years practical work experience in internal control and the equivalent of a baccalaureate degree from an accredited college or university.
  • Masters in Accounting, Business Management, Industrial Engineering or equivalent from an accredited college and two year practical work experience in internal control
  • Doctorate Degree and one year experience or
  • Five years of internal control work experience without college degree
  • Pass CICS Examination
  • CICS (provisional) certificates are issued to individuals who pass the exam but have not attained a degree and/or have not acquired the required professional experience. Upon attaining a degree and/or experience, the customary CICS certificate is provided free of additional cost.

2. Applicants for the Certified Internal Control Professional (CICP) designation are those professionals who have:

  • At least eight years internal control design and/or internal control assessment experience and the equivalent and a four-year baccalaureate degree from an accredited college or university or
  • Masters in Accounting, Business Management, Industrial Engineering or equivalent from an accredited college and seven years practical work experience in internal control
  • Docorate Degree and four years experience
  • Twelve years of internal control work experience without a degree or
  • Previously attained the CICS certification and have a total of eight years professional internal control work experience.   [top]

Requirements to obtain a CICS certification
Applicants must meet the following requirements:

  1. Education and/or professional work experience (Baccalaureate, Masters or Doctorate Dgree in Accounting, Business Management, Industrial Engineering or equivalent) or required work experience
  2. Agree and subscribe to the CICS Code of Ethics
  3. Responsible for maintaining their skills by pursuing professional continuing education
  4. Complete and submit the CICS application and submit the required application fee
  5. Successfully pass the CICS examination within one year of your application submission and receipt of your candidate number. This number can best be identified as it will be preceded by an “A” such as A1111. [top]

Requirements to obtain a CICP certification
Applicants must meet the following requirements:

  1. Education and/or professional work experience (Baccalaureate, Masters or Doctorate Degree in Accounting, Business Management, Industrial Engineering or equivalent) and the required number of  years of internal control work experience
  2. Complete the CICP application and substantiate and verify internal control experience by submitting documentation and attesting to active participation in the required CBOK skill categories.  This requires the mandatory skill category #1 (Internal Control Concepts) and a minimum of five of the remaining seven CBOK job dimensions.  
  3. Agree and subscribe to the Professional Code of Ethics
  4. Responsible for maintaining their skills by pursuing professional continuing education
  5. Submit the CICP application and remit the required application fee [top]

Continuing Education
Continuing education will be required to insure that the Certified professional maintains up-to-date technical knowledge and professional competency.  Certificate holders will need to qualify for recertification every three years after becoming certified.  The recertification provision will require forty hours per year of continuing professional education as specified by the certification board.  Individuals can acquire credit toward recertification by study or attendance at programs in any of the Certification Common Body of Knowledge (CBOK) skill dimensions.  Emphasis is on skill improvement, not specific programs.  Learning experience can be at a company site, through college programs, public or private seminars and conferences, self-study, and active membership in professional groups.   [top]

Internal Control Design and/or Assessment - CBOK Skill Categories

JOB DIMENSION
DESCRIPTION
1. Internal Control – Principles, Terms and Concepts     

Understanding the accepted principles of risk and control. Control concepts include control types, the cost/benefit of control, control responsibilities, the plan-do-check-act concept and the control responsibilities and standards issued by the FASB, SEC, NY Stock Exchange, AICPA, and other similar organizations

2. Internal Control - Environment 

Control environment establishes the vision, values, policies, procedures, and management leadership in place to assure individuals are encouraged and supported in designing, assessing, using, monitoring, and reporting control violations.  

3. Risk Management

Risk management includes an understanding of the risk factors facing business applications such as security, ease of operations; the trade-off between   risk factors such as security and ease of operations; developing risk policies and assigning risk responsibilities throughout an organization.

4. Assessing Application Controls

Assessment of the adequacy of the control system to reduce the application business risks to an acceptable level.  Assessment should be a formal process that is risk oriented.

5. Business System Control Assessment

Business system controls represent the system of control that will control a business application.  The control system should include the business risks and the controls necessary to minimize those risks; the interrelationship of controls to assure the entire business application is controlled and the method of reporting and acting upon control violations.

6. Risk Assessment

Understanding the business risks faced by organizations; mastery of methods to determine the magnitude of those risks; the efficiency/value of controls used to minimize  those risks; determination of where perpetrators are most likely to penetrate business systems, including  performing risk assessments for complete business applications

7. Internal Control Measurement and Reporting

Methods used to identify, record, and report results of internal control systems including both status of control systems and reporting results. Includes the series of roll up of measurement of data that can be used by workers, supervisory personnel, operational managers, executive management and the board of directors.  This also includes the process of naming, identifying, recording, maintaining and consolidating violations and defects in order to identify problems in the business application and/or control process. Defect management reports are used to identify the magnitude of control deficiencies and the points in the control system where controls can be improved.

8. Governance Practices

This involves corporate code of ethics, corporate environmental and community involvement; good corporate citizenship programs; corporate leadership programs to ensure the code of conduct and values are incorporated into day-to-day operations; the methods used to ensure that the code of ethics is promoted and utilized from top down in a corporation.

[top]

How was the CICS Common Body of Knowledge developed?
ICI’s professional staff under the direction of ICI’s Certification Board collected literature, best practices, professional standards, SEC statements, COSO’s internal and risk management framework and CPA/CCA recommendations on internal control; and then consolidated all of that information into the CBOK.  [top]

Who is COSO?
COSO is the acronym for The Committee of Sponsoring Organizations of the Treadway Commission. It is a voluntary private sector organization dedicated to improving the quality of financial reporting through business ethics, effective internal controls, and corporate governance. The following are the COSO organizations:
      AICPA – American Institute of Certified Public Accountants
      AAA – American Accounting Association
      FEI – Financial Executives International
      IIA – Institute of Internal Auditors
      IMA – Institute of Management Accountants   [top]

What if I am a college student and do not have my degree or sufficient work experience?
You may make application and sit for the online examination. When you successfully pass the examination, you will get a certificate for successfully passing the test from St Petersburg College, and then the Institute will issue a CICS (provisional) certificate. Upon completing your degree requirements and/or satisfying the work requirements, you must notify the Internal Control Institute. You then will receive your regular CICS certification free of additional cost. [top]

Do I have to complete any specific courses or training for the CICS certification?
There is no specific training required.  The CICS certification program is designed as a self-study process.  A detailed study guide is available for purchase from the Internal Control Institute.  When a candidate satisfies the certification requirements and successfully passes the CICS examination, certification will be granted.  [top]

How do I prepare for the CICS examination?
ICI provides two options; the first is to acquire the CICS Common Body of Knowledge upon which the CICS examination is based; or second you can take the self study courses provided by St. Petersburg College. [Course catalog]  [top]

Are instructional courses readily available to prepare for the CICS examination?
Yes, online courses referred to as the “Certification Series” are available through St. Petersburg College which is a four-year accredited institution located in Florida.  This eight–course “Certification Series” was specifically developed to define the necessary ingredients for internal control and to aid applicants in attaining the CICS certification.   Information about the eight courses that support the CICS Common Body of Knowledge and preparation for the examination is at: http://www.spcollege.edu/ct/profdev_classes/ici.htm.    [top]

When can I take the CICS Examination?
The CICS examination is available online through St. Petersburg College.  It can be taken at any time after your application is received and processed by the Internal Control Institute.  Upon submission of your application, you will be provided with a password by St. Petersburg College which will enable you to access the examination at your convenience.  The password allows you to take the timed examination one time and this is included in the application fee.  [top]

What happens when I pass the examination?
When a candidate successfully completes the CICS examination, a temporary certificate is issued automatically from the SPC online system. Additionally, the Internal Control Institute is notified and the official CICS certificate is prepared and sent to the applicant.  [top]

What if I fail to pass the examination?
You will be authorized to retake the examination at your convenience as many times as necessary for up to one year from your original application date.  However, you will be required to apply for a new password each time after the first sitting.  Each test sitting will require an additional test fee.  The retest application is available on the ICI website. [top]

I’m a CPA, CIA, and / or CISA.   Why should I get a CICS or CICP certification?
These are specialist professional certifications that recognize internal control expertise.  This is a needed “asset” for corporate management to provide assurances that the internal controls are adequate. See Drop-Down on Certification page "The CICS/CICP Difference" [top]

What is the difference between an ICI membership and the ICI professional certifications?
The certifications as described on this website are individual professional certifications. These denote that an individual has achieved a certain level of knowledge and expertise in the professional area of internal control.  An ICI membership is useful in assisting the internal control professional to grow and improve his/her expertise in internal control.  An ICI membership can be beneficial also in assisting the CICS/CICP certified professional obtain certain CPE credits toward recertification.  For more information about membership, click on the “Membership” button on the web page entitled “About Us.”    [top]

How are credits calculated or awarded for recertification reporting?
Recertification reporting is required once each three years to maintain your certification.  The following information will be helpful in determining the number of credits earned which may be reported in the form of either CEU’s, CPE’s or CPD’s that are awarded by educational institution and professional training organizations or associations:

  1. Education – no credit limit per year.  Typical credit is awarded on a per day basis of eight (8) credits  per full day (8 hours) of training.
  2. Publications – no credit limit per year.  Each article published is awarded 10 credits.  Published books or texts during the year are awarded 20 credits each.
  3. Teaching / Speaking – 40 credits limit per year.  Eight (8) credits are awarded for each day of teaching or speaking.  Presentations at conference sessions are credited at four (4) credits for each session delivered.
  4. Professional Meetings / Conferences – 40 credits limit per year.  Eight (8) credits are awarded for each day of participation.
  5. Other – Identify the activity, dates of involvement and credit claimed.  Credit is awarded for participation in activities that contribute to professional growth and improvement.  The ICI Certification Board assesses the appropriateness of the activities reported.  This category may include such involvements as an officer in a related professional organization, working on a special government or industry committee involving internal control, board of directors, audit committee, etc.   [top]

How is the examination organized?
Successful completion of the examination requires the candidate to correctly answer 75% of the questions on the examination. The test platform selects questions from each skill area. There are eight skill areas. As a result, each examination provided via the online system differs in question selection. There are 96 questions selected from the ICI test database for each examination requiring completion in 75 minutes. When a candidate successfully completes the examination, he/she is provided with the grade which is calculated automatically by the online system.  [top]