The Certificate of Cloud Auditing Knowledge (CCAK) offers IT professionals mechanism to address challenges related to transparency, complexity and interdependency within the scope of cloud environments
SEATTLE – March 22, 2021 – The Cloud Security Alliance (CSA) and ISACA today announced the availability of the Certificate of Cloud Auditing Knowledge (CCAK), the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing the security of cloud computing systems.
Developed by CSA and ISACA, the CCAK credential and training program fills the need for vendor-neutral, technical training and credentials in cloud auditing. By building on the body of knowledge covered in CSA’s Certificate of Cloud Security Knowledge (CCSK) and complementing ISACA’s ANSI-accredited certifications, CCAK delivers the best possible solution for cloud assessment and auditing education by preparing IT and security professionals to ensure the internal requirements are fulfilled and the right controls are in place; mitigate the risks and costs of audit management, as well as penalties for noncompliance; and lead their organization through successful cloud migration while retaining customer trust.
“The historic shift to cloud has created a new technology foundation for our global economy. Trusting this computing infrastructure is one of our most fundamental challenges. The introduction of the Certificate of Cloud Auditing Knowledge (CCAK) is an important milestone in delivering the necessary expertise to enable professionals to objectively evaluate critical cloud assurance issues. Cloud Security Alliance is proud of our collaboration with ISACA to create this high quality credential which will be leveraged by individuals, businesses and regulatory bodies around the world to raise the baseline of security, governance and compliance in cloud computing,” said CSA Chief Technology Officer Daniele Catteddu.
“Cloud, while not an emerging technology, is still new for many organizations. As such, there tends to be lack of internal knowledge and effective auditing among leaders and staff. Enterprises need to understand the hurdles as they attempt to migrate to the cloud to make sure the issues are adequately addressed. CSA and ISACA decided to collaborate to ensure that companies had the right tools and expertise to successfully migrate to the cloud,” said ISACA Technical Research Manager Paul Phillips, CISA, CISM, CDPSE.
The CCAK curriculum addresses the main areas where the largest skills gaps exist, namely cloud governance, cloud compliance, cloud auditing and cloud assurance. It also provides practical tools that bolster each of the four areas, with the goal of driving students to design a cloud compliance program based on a set of key questions and then measuring the program’s effectiveness. Topics covered include:
- Building and executing a cloud audit plan and applying auditing as an assurance tool
- The impact of cloud automation, native development, and integration models on auditing and compliance
- Key concepts and tools of cloud governance and risk management
- Designing and building a cloud compliance program
- Compliance requirements, control objectives and frameworks, certification, attestation, and authorizations
Those interested in taking the exam, which consists of 76 multiple-choice questions, can choose from an array of study options, ranging from the Certificate of Cloud Auditing Knowledge Study Guide/Body of Knowledge ($59 for members/$70 for non-members) to an online, self-paced study course with 16+ CPE credits (available late April). Other study and exam-prep options include a 2-day instructor-led virtual course (available March 22) and an item bank, featuring study games and sample questions, which will be made available in Q2 2021. For more information and complete pricing details, please contact sales@cloudsecurityalliance.org.
The CCAK exam cost is $395 (CSA and ISACA members) and $495 (non-members) A link to purchase the exam can be found at https://ccsk.cloudsecurityalliance.org/en?_ga=2.227886040.454484037.1616420368-2093560876.1585916278
About ISACA
For more than 50 years, ISACA (www.isaca.org) has advanced the best in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations. Through the CSX, COBIT and CMMI solutions, ISACA enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its 145,000 members who work in information and cybersecurity, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 223 chapters worldwide.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloud security alliance.org, and follow us on Twitter @cloudsa.
