Certificate of Cloud Auditing Knowledge (CCAK)
Guaranteed to Run
Price
$1,995.00
Duration
2 Days
Delivery Methods
Virtual Instructor Led Private Group
Delivery
Virtual
ESTDescription
Objectives
Content
Course Description
The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential that industry professionals can obtain to demonstrate their expertise in understanding the essential principles of auditing cloud computing systems. The CCAK credential training program was developed by the Cloud Security Alliance, the global leader in cloud security best practices, in partnership with ISACA, an international professional association focused on IT audit, security, cybersecurity, risk, privacy and governance.Anyone who is setting up systems, performing audits or is the target of an audit. Specific job roles include:
- Third Party Assessors and Auditors
- Internal and External Assessors and Auditors
- Teams in the offices of CISOs and Information Security Officers
- Compliance Managers
- Vendor/Partners Program Managers
- Procurement Officers
Course Objectives
- understanding the differences between cloud and traditional IT auditing.
- Evaluating cloud security and controls using tools like the CSA Cloud Control Matrix.
- Developing cloud compliance programs.
- Implementing continuous assurance practices
Who Should Attend?
Anyone who is setting up systems, performing audits or is the target of an audit. Specific job roles include:
- Third Party Assessors and Auditors
- Internal and External Assessors and Auditors
- Teams in the offices of CISOs and Information Security Officers
- Compliance Managers
- Vendor/Partners Program Managers
- Procurement Officers
Course Content
Module 1: Cloud Governance
- An Overview of Governance
- Cloud Assurance
- Cloud Governance Frameworks
- Cloud Risk Management
- Cloud Governance Tools
Module 2: Cloud Compliance Program
- Designing a Cloud Compliance Program
- Building a Cloud Compliance Program
- Legal & Regulatory Requirements
- Standards & Security Frameworks
- Identifying Controls & Measuring Effectiveness
- CSA Certification, Attestation, & Validation
Module 3: CCM and CAIQ Goals, Objectives & Structure
- CCM
- CAIQ
- Relationship to Standards: Mappings & Gap Analysis
- Transition from CCM V3.0.1 to CCM V4
Module 4: Threat Analysis Methodology for Cloud using CCM
- Definitions & Purpose
- Attack Details & Impacts
- Mitigating Controls & Metrics
- A Use Case
Module 5: Evaluating a Cloud Compliance Program
- Evaluation Approach
- A Governance Perspective
- Legal, Regulatory & Standards Perspectives
- Risk Perspectives
- Services Changes Implications
- The Need for Continuous Assurance/Continuous Compliance
Module 6: Cloud Auditing
- Audit Characteristics, Criteria & Principles
- Auditing Standards for Cloud Computing
- Auditing an On-Premises Environment vs. Cloud
- Differences in Assessing Cloud Services & Cloud Delivery Models
- Cloud Audit Building, Planning & Execution
Module 7: CCM Auditing Controls
- CCM Audit Scoping Guidance
- CCM Risk Evaluation Guide
- CCM Audit Workbook
- CCM an Auditing Example
Module 8: Continuous Assurance & Compliance
- DevOps and DevSecOps
- Auditing CI/CD Pipelines
- DevSecOps Automation and Maturity
Module 9: STAR Program
- Standard for Security and Privacy
- Open Certification Framework
- STAR Registry
- STAR Level 1
- STAR Level 2
- STAR Level 3
Do You Need Help? Please Fill Out The Form Below