Student? Switch to our Career Center Site →
Contact Us

Certificate of Cloud Auditing Knowledge (CCAK)

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential that industry professionals can obtain to demonstrate their expertise in understanding the essential principles of auditing cloud computing systems. The CCAK credential training program was developed by the Cloud Security Alliance, the global leader in cloud security best practices, in partnership with ISACA, an international professional association focused on IT audit, security, cybersecurity, risk, privacy and governance.
Select Class Date
Course Details

Price:

Days:

2

Location:

Course Overview

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential that industry professionals can obtain to demonstrate their expertise in understanding the essential principles of auditing cloud computing systems. The CCAK credential training program was developed by the Cloud Security Alliance, the global leader in cloud security best practices, in partnership with ISACA, an international professional association focused on IT audit, security, cybersecurity, risk, privacy and governance.
  • Scroll right to view Objectives, Prerequisites, and Agenda

1 – Cloud Governance

  • An Overview of Governance
  • Cloud Assurance
  • Cloud Governance Frameworks
  • Cloud Risk Management
  • Cloud Governance Tools

2 – Cloud Compliance Program

  • Designing a Cloud Compliance Program
  • Building a Cloud Compliance Program
  • Legal & Regulatory Requirements
  • Standards & Security Frameworks
  • Identifying Controls & Measuring Effectiveness
  • CSA Certification, Attestation, & Validation

3 – CCM and CAIQ Goals, Objectives & Structure

  • CCM
  • CAIQ
  • Relationship to Standards: Mappings & Gap Analysis
  • Transition from CCM V3.0.1 to CCM V4

4 – Threat Analysis Methodology for Cloud using CCM

  • Definitions & Purpose
  • Attack Details & Impacts
  • Mitigating Controls & Metrics
  • A Use Case

5 – Evaluating a Cloud Compliance Program

  • Evaluation Approach
  • A Governance Perspective
  • Legal, Regulatory & Standards Perspectives
  • Risk Perspectives
  • Services Changes Implications
  • The Need for Continuous Assurance/Continuous Compliance

6 – Cloud Auditing

  • Audit Characteristics, Criteria & Principles
  • Auditing Standards for Cloud Computing
  • Auditing an On-Premises Environment vs. Cloud
  • Differences in Assessing Cloud Services & Cloud Delivery Models
  • Cloud Audit Building, Planning & Execution

7 – CCM Auditing Controls

  • CCM Audit Scoping Guidance
  • CCM Risk Evaluation Guide
  • CCM Audit Workbook
  • CCM an Auditing Example

8 – Continuous Assurance & Compliance

  • DevOps and DevSecOps
  • Auditing CI/CD Pipelines
  • DevSecOps Automation and Maturity

9 – STAR Program

  • Standard for Security and Privacy
  • Open Certification Framework
  • STAR Registry
  • STAR Level 1
  • STAR Level 2
  • STAR Level 3
Select Class Date
Class Dates & Times
Filters Sort results
Reset Apply
No results found. Clear filters and try again?
— Questions?

Information Request

— Empower Change

Invest in Skills & Equality

Support Diversity, Equity, and Inclusion with Every Purchase.

Great Horizons is a North Carolina Certified HUB Vendor and WOSB. By becoming a patron of our organization, you are not only supporting a historically underutilized business, but a woman-owned small business as well.