Certified Internal Control Assessor


Download the brochure
 
CICA

Description

The effectiveness of monitoring depends largely on the quality and competence of the personnel responsible for assessing the adequacy, effectiveness and efficiency of internal controls at all levels in the organization. The CICA (Certified Internal Control Assessor) is the benchmark certification for internal auditors and control professionals who need to assess the effectiveness of internal control systems using the COSO Internal Control – Integrated Framework. It provides a methodology that uses a comprehensive model like COSO as a basis for evaluating the effectiveness of the corporation’s system of internal control.
Designed by seasoned practitioners to go beyond theoretical concepts, the program focuses on an operational methodology to help candidates run a complete, evidence-based assessment aligned with best practices.

Upon completion, CICA holders will be able to:

  • plan and deliver a rigorous COSO-based assessment;
  • document work performed (working papers, matrices, scoring tools);
  • formulate prioritized recommendations and an action plan;
  • communicate clear, defensible results to management, audit committees, and regulators.
Submit your Application

Why Choose CICA ?

The CICA (Certified Internal Control Assessor) stands out for its unique, hands-on approach to internal control evaluation. Unlike generalist certifications, it focuses exclusively on the technical mission of the internal auditor: assessing, testing, and concluding on the effectiveness of internal control systems in line with the COSO Internal Control – Integrated Framework.

Discover why CICA is the strategic choice for ambitious professionals

Develop a unique skill set in analyzing and testing internal control systems by applying COSO components and principles.

Case studies, scoring grids, checklists, and full evaluation simulations allow you to immediately apply your knowledge in real audit assignments.

Earning the CICA designation means joining the community of professionals certified by GECB and strengthening your credibility with employers and regulators.

CICA represents the advanced level of the GECB Internal Control Framework (GECB-ICF) and paves the way to the prestigious GECB-ICF Ambassador title.

CICA holders are recognized as specialists in internal control assessment, capable of delivering direct value to their organizations.

What You Will Learn

Internal Control Assessment Principles

Internal Control Assessment Process

Internal Control Assessment Tools and Techniques

Internal Control Components Assessment

Determining the Internal Control Systems Maturity

Why Getting Certified?

 

Enhanced Knowledge

Gain a good understanding of a globally recognized internal control framework.

Technical expertise

: Learn to confidently use the COSO model to assess and report on the effectiveness of internal controls.

Career Advancement:

Unlock your full potential and Pursue career opportunities in various industries and countries with your certified status, verifiable anytime online.

Greater Earning Potential

Demonstrate your aspiration to higher salaries with specialized knowledge and skills in internal control assessment.

Competitive edge

Stand out from the crowd with highly specialized skills that are essential for internal auditors and other control professionals

Making a Difference

Contribute significantly to your organization's success by demonstrating to employers that you're ready to add value to their enterprise

Eligibility Criteria

The CICA (Certified Internal Control Assessor) certification is open to internal auditors, control professionals, and risk managers seeking to strengthen their ability to evaluate internal control systems using the COSO framework.

Eligibility requirements include:

Academic Qualification: Hold at least a Bachelor’s degree in auditing, finance, accounting, internal control, risk management, law, or a related field.

Professional Experience:

Minimum of 2 years of experience in internal audit, internal control, compliance, risk management, or similar functions;

  • Hold the GECB CICRP Certification: CICA is the second level in GECB’s internal control certification path. The CICRP (Certified Internal Control and Risk Professional) certification is a mandatory prerequisite.
  • Submit an application file approved by GECB: Applicants must complete an eligibility form and provide a CV, proof of education and prior certifications, and a motivation or recommendation letter.
Submit your Application

Program Overview

The CICA program is structured into 9 progressive modules, each covering an essential skill required to master internal control assessment using the COSO 

  • Define the scope, processes, and cycles to be assessed
  • Identify control objectives linked to risks
  • Develop the assessment plan (resources, timeline, tools)
  • Map processes and identify key control points
  • Connect internal control assessment with the Risk-Based Audit approach
  • Collect and organize initial data

  • ·         Conduct COSO-based interviews and questionnaires
  • ·         Observe practices and perform walkthroughs
  • ·         Test control design and operating effectiveness
  • ·         Document evidence through structured working papers
  • ·         Apply scoring grids and evaluation matrices
  • ·         Define judgment criteria (effective, deficient, material weakness)

  • Ethical culture and organizational values
  • Governance: role of the board and management
  • Organizational structure and delegation of authority
  • Personnel competence, integrity, and development
  • Accountability and performance mechanisms

  • Defining and communicating strategic objectives
  • Identifying and analyzing risks (operational, financial, compliance, fraud)
  • Evaluating fraud risk and identifying red flags
  • Managing internal and external changes
  • Documenting and tracking the risk assessment process

  • Preventive, detective, and corrective controls
  • Segregation of duties and compensating controls
  • Embedding controls within business processes
  • Manual vs. automated controls
  • Testing control effectiveness

  • Relevance, quality, and reliability of information
  • Internal communication: top-down, bottom-up, and cross-functional
  • External communication with regulators, stakeholders, and partners
  • The role of IT systems and technology in internal control
  • Practical case: evaluating communication within a financial process

  • Ongoing monitoring and independent reviews
  • Alert mechanisms and anomaly reporting
  • Internal and external audit evaluations
  • Cost-benefit and effectiveness analysis of controls
  • Integrating continuous improvement

  • Presenting results by COSO components and principles
  • Identifying and prioritizing significant deficiencies
  • Consolidating findings to conclude on overall effectiveness
  • Developing a clear, structured, and recommendation-oriented report (executive summary, tables, heatmaps, action plan)
  • Reporting techniques for management, audit committees, and regulators

  • Understanding maturity models applied to internal control
  • Maturity levels: initial, repeatable, defined, managed, optimized
  • Methods and tools to assess control system maturity
  • Developing and using a COSO maturity matrix  
  • Linking control maturity to organizational strategic objectives
  • Building a roadmap for continuous improvement and higher maturity levels

About The GECB-IAF

The GECB Internal Control Framework (GECB-ICF) is a proprietary reference model developed by GECB experts to guide organizations in the implementation and evaluation of internal control systems.

Unlike traditional frameworks, often perceived as abstract or overly technical, the GECB-ICF offers a practical, structured, and context-aware approach that empowers internal control professionals to move from theory to performance.

It is built on three key pillars:
 Clear and operational language, designed for direct application by field practitioners;
 Adaptable tools and ready-to-use templates, applicable across all types of organizations;
 A progressive 2-level certification path:

The GECB-ICF reflects the accumulated experience of multi-certified practitioners from diverse sectors (private, public, NGOs, banking, etc.). It bridges the gap between international standards and real-world organizational realities.

The highest distinction awarded by GECB, reserved for professionals who demonstrate outstanding commitment to advancing internal control practices.

  • Joining the GECB Internal Control Leaders Circle, an international network of recognized experts;
  •  Being consulted by GECB to contribute to framework improvements, publish insights, and shape the future of the GECB-ICF;
  •  Publishing strategic content (articles, case studies, etc.) featured by GECB to boost your international visibility;
  •  Leading GECB webinars, virtual conferences, and official events;
  •  Receiving the digital Ambassador badge to display on your CV, LinkedIn, or email signature;
  •  Earning the status of accredited trainer, with priority to deliver sessions for ATCs or official programs;
  •  Gaining free or priority access to premium content: exclusive case studies, advanced tools, strategic templates, benchmarking resources;
  •  Enjoying a single bundled renewal fee for all GECB-ICF certifications (instead of separate payments);
  •  And above all… being recognized as a globally credible and influential expert in internal control.

Certification Toolkit

499 USD

  •  A detailed manual covering both fundamental and advanced principles of internal control assessment, with step-by-step methodologies to test and evaluate the effectiveness of controls under COSO and the GECB-ICF.
  •  Unlimited access to over 1500 high-quality MCQs, aligned with the 9 CICA modules, to test your knowledge and build mastery.
  •  24/7 access to the GECB online learning platform, allowing you to study anytime, anywhere. Track your progress, review as needed, and benefit from regular content updates.
  •  A secure, remotely proctored certification exam, available anytime from the comfort of your home or office.
  •  An official and verifiable digital certificate instantly issued upon passing, easily shareable on LinkedIn, your résumé, or with employers.
  •  3-Year Certification Validity
  • Your CICA certification is valid for three (3) years, with unlimited renewals based on continuing education and GECB community membership.

Submit Your Application
 

What They Say About Us

Amanda Lee, Chief Compliance Officer
As someone who's navigated the complexities of internal controls for over a decade, the CICA certification has markedly sharpened my skills. The expert knowledge I gained about the COSO framework has made me the point person for all internal control assessments within my company. This certification is a career-defining achievement."
Sarah Johnson, Director of Risk Management
The CICA certification program offered by GECB transformed the way I approach internal controls. Mastering the COSO framework through this course allowed me to implement stronger, more effective controls and contribute significantly to our risk management strategy."
Lisa Marie, Internal Control Manager
The CICA certification was a game changer for my professional development. It has not only increased my earning potential but has also given me the recognition I needed to advance to a managerial position in my firm. Highly recommend for anyone serious about their career in internal controls."
Amina Yusuf, Risk Management Specialist
The practical skills and knowledge I acquired from the CICA program have been directly applicable to my role. The focus on the COSO model’s 5 components and 17 principles has equipped me to perform thorough and effective internal control assessments. This certification has truly enhanced my professional capabilities
Ahmed Al-Mansoori, Internal Audit Manager
The CICA certification has had a substantial impact on the way i approached audit engagements. With the knowledge gained, we are definitely turning to a risk based approach to improve our operational efficiency and add more value to our organization. I highly recommend this certification to any professional in the field

Certified Internal Control And Risk Professional

Certified Internal Control And Risk Professional">

Certified Risk-Based Internal Auditor

Certified Manager of Internal Audit

Certified Manager of Internal Audit">

CICA Certification Exam

The CICA exam is conducted online and remotely proctored.

Use a laptop equipped with a webcam and a reliable internet connection

Take your exam from anywhere by selecting a convenient date within the official GECB exam windows.

Get your results instantly upon completion.

Receive your premium digital certificate and share your achievement immediately.

Verify the authenticity of your certification anytime online.

Enjoy certified status for 3 years with no additional renewal fees.

Format

Multiple Choice Questions (MCQ)

Languages available

English, French, Spanish

Number of questions

100

Exam duration

120 minutes

Passing score

70%
Last modified: Tuesday, 9 September 2025, 7:54 PM