The CCAK is being developed by the Cloud Security AllianceOn September 8, 2020 by admin
Certificate of Cloud Auditing Knowledge
The industry’s first global cloud auditing credential.
Education Home Get Involved FAQ Education CCAK The Certificate of Cloud Auditing Knowledge (CCAK) is a credential that industry professionals can obtain to demonstrate their expertise in understanding the essential principles of auditing cloud computing systems.
The CCAK is being developed by the Cloud Security Alliance, the global leader in cloud security best practices and will be available in Q4 2020.
Filling the Skills Gap.
Why is the Cloud Security Alliance developing the Certificate of Cloud Auditing Knowledge?.
Cloud computing represents a radical departure from legacy IT in virtually every respect.
The new technology architecture, the nature of how cloud is provisioned and the new shared responsibility model means that IT audit must be significantly altered to provide assurance to stakeholders that their cloud adoption is secure.
Because Cloud Security Alliance has developed the most widely adopted cloud security audit criteria and organizational certification , we are uniquely positioned to lead industry efforts to ensure industry professionals have the requisite skill set for auditing cloud environments.
How is this certification program different from other IT audit certification programs?.
Traditional IT audit education and certification programs have many excellent elements, but were not developed with an understanding of cloud computing and its many nuances.
An audited organization using cloud computing will have a very different approach to satisfying control objectives.
A cloud tenant will certainly not have the same administrative access as in a legacy IT system and will employ a wide range of security controls that will be foreign to an audit and assurance professional that is grounded in traditional IT audit practices.
The CCAK provides a body of knowledge to ensure that IT auditors and other related stakeholder s are communicating appropriately and accurately as to the effectiveness of cloud security controls.
Body of Knowledge.
The CCAK body of knowledge will include several existing familiar components
The Cloud Controls Matrix (CCM) is the fundamental framework of cloud control objectives that is the most popular collection of security controls for existing cloud audits.
The companion Consensus Assessments Initiative Questionnaire (CAIQ) is the primary means for assessing a cloud provider’s adherence to CCM.
The CSA Security, Trust, Assurance & Risk (STAR) program is the global leader in cloud security audits and self assessments.
These components in addition to some new material provides the holistic body of knowledge that will comprise the Certificate of Cloud Auditing Knowledge (CCAK).
Who should earn the CCAK?.
The CCAK is designed to provide CISOs
security and compliance managers, internal and external auditors and practitioners of tomorrow with the proven skillset to address the specific concerns that arise from the use of various forms of cloud services.(Cloud) Security third-party auditors.
(Cloud) Security internal auditors.
Chief Privacy Officers.
Data Protection Officers.
Vendor/Partners Program Managers
CSA STAR Program Auditors/Assessors (STAR Certification
CSA Code of Conduct assessors.
Security and Privacy Consultants.
Stay CCAK Informed.
What are the opportunities to get involved or stay informed about the CCAK?
There are many opportunities to participate in the development of the CCAK
An individual may desire to volunteer to provide subject matter expert (SME) contributions and peer review.
Organizations with a vested interest in cloud auditing may wish to be a founding sponsor.
Please use our contact form to express your interest.
First Name Last Name Email Organization Department – Select – Information Security Information Technology Sales & Marketing Regulatory/Auditing Training & HR Development Operations/Support Student/Academia Job Level – Select – C-level VP Director Manager Senior Mid-level Entry Region – Select – North America Central/South America EMEA APAC I am interested as a… – Please Select – Sponsor Volunteer/Subject Matter Expert Beta Tester Instructor Student How did you hear about CSA.
Frequently Asked Questions.
Why certify as a CCAK.
The Certificate of Cloud Auditing Knowledge (CCAK) is intended to provide a common baseline of expertise and a shared nomenclature to a broad set of stakeholders that include IT auditors, cybersecurity professionals and IT professionals.
Because CCAK is intended to create a common cloud audit understanding
we anticipate it being a mandatory requirement for IT auditors and highly recommended for any IT manager and professional, especially for governance, risk management, compliance, and vendor/supply chain management.
How will the Certificate of Cloud Auditing Knowledge (CCAK) relate to the Certificate of Cloud Security Knowledge (CCSK).
The Certificate of Cloud Security Knowledge (CCSK) is Cloud Security Alliance’s flagship industry credential, created in 2010.
The CCAK and CCSK will be complementary by their very nature
The CCSK provides the knowledge enabling an expert to secure cloud systems that will be successfully scrutinized by an expert holding the CCAK.
In many cases, an industry professional will be well served by obtaining both certificates.
From a delivery perspective, CCAK is anticipated to be similar to CCSK with a combination of in-person and online courses and an online examination.
Is the CCAK a viable substitute for other industry certifications
including the CCSK.
The CCAK is unique in the industry and will help to fill the skills gap that will help keep the cloud ecosystem more secure.
This is why CSA is moving quickly to implement by Q4 2020
Does the CCAK have industry support
Many large enterprises have already committed subject matter experts to work on CSA’s Cloud Audit Initiative upon which the CCAK will be built.