What is the new EQA requirement introduced in 2024?

The new External Quality Assessment requirement is that at least one assessor must hold an active Certified Internal Auditor (CIA) credential. This ensures the evaluation benefits from current, practice-oriented expertise and up-to-date knowledge of auditing standards and risk landscapes, including cybersecurity considerations. An active CIA demonstrates ongoing commitment to professional development, maintains familiarity with contemporary audit techniques, and lends credibility to the assessment findings for the organization and its stakeholders. Requiring this ensures the team can apply relevant, current criteria during the evaluation, improving the reliability and integrity of the process. The other options would be too restrictive or impractical: insisting all assessors be CIA-certified isn’t necessary, removing the credential requirement would risk outdated practices, and limiting assessors to external auditors only could overlook valuable internal audit perspective and collaboration.