Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

On this ISACA Certificate of Cloud Auditing Knowledge (CCAK) course, you’ll gain extensive knowledge in the essential principles of auditing cloud computing systems to support your business’ scalability.

You’ll discover how to use cloud security assessment methods and techniques to evaluate a cloud service prior to and during the provision of the service.

You will also build knowledge on:

• How to use a cloud-specific security controls • framework to ensure security within your organisation
• Unique requirements of compliance in the cloud due to shared responsibility between cloud providers and customers
• How existing governance policies and frameworks are affected by the introduction of cloud into the ecosystem.

Module 1: Cloud Governance
• An Overview of Governance
• Cloud Assurance
• Cloud Governance Frameworks
• Cloud Risk Management
• Cloud Governance Tools

Module 2: Cloud Compliance Program
• Designing a Cloud Compliance Program
• Building a Cloud Compliance Program
• Legal & Regulatory Requirements
• Standards & Security Frameworks
• Identifying Controls & Measuring Effectiveness
• CSA Certification, Attestation, & Validation

Module 3: CCM and CAIQ Goals, Objectives & Structure
• CCM
• CAIQ
• Relationship to Standards: Mappings & Gap Analysis
• Transition from CCM V3.0.1 to CCM V4

Module 4: Threat Analysis Methodology for Cloud using CCM
• Definitions & Purpose
• Attack Details & Impacts
• Mitigating Controls & Metrics
• A Use Case

Module 5: Evaluating a Cloud Compliance Program
• Evaluation Approach
• A Governance Perspective
• • Legal, Regulatory & Standards Perspectives
• Risk Perspectives
• Services Changes Implications
• The Need for Continuous • Assurance/Continuous Compliance

Module 6; Cloud Auditing
• Audit Characteristics, Criteria & Principles
• Auditing Standards for Cloud Computing
• Auditing an On-Premises Environment vs. Cloud
• Differences in Assessing Cloud Services & Cloud Delivery Models
• Cloud Audit Building, Planning & Execution

Module 7: CCM Auditing Controls
• CCM Audit Scoping Guidance
• CCM Risk Evaluation Guide
• CCM Audit Workbook
• CCM an Auditing Example

Module 8: Continuous Assurance & Compliance
• DevOps and DevSecOps
• Auditing CI/CD Pipelines
• DevSecOps Automation and Maturity

Module 9: STAR Program
• Standard for Security and Privacy
• Open Certification Framework
• STAR Registry
• STAR Level 1
• STAR Level 2
• STAR Level 3

There are no prerequisites for attending the CGEIT course and sitting the exam. We do however recommend you have some knowledge / experience of IT Governance. Achieving the CGEIT Certification In order to become CGEIT certified, you must meet the following requirments: • Pass the CGEIT exam • Adhere to the ISACA Code of Professional Ethics • Agree to comply with the CGEIT Continuing Education Policy • Provide evidence of appropriate IT governance work experience as (outlined below) defined by the CGEIT Job Practice • Required IT Governance Experience You will need to prove a minimum of 5 years experience managing, serving in an advisory or oversight role, and/or otherwise supporting the governance of the IT-related contribution to an enterprise. More specifically, you will need a minimum of one year of experience relating to the definition, establishment and management of a Framework for the Governance of IT. The type and extent of experience accepted is described in CGEIT domain 1 (check the curriculum tab). You'll also need experience directly related to any two or more of the remaining CGEIT domains There are no waivers or substitutions for CGEIT experience, except if you're a full-time university instructor teaching IT governance related subjects at an accredited university. Where every two years of teaching experience can be substituted for every one year of IT governance experience.

ISACA Certificate of Cloud Auditing Knowledge (CCAK) exam Duration: 120 minutes Exam code: CCAK Format: Multiple-choice Number of questions: 76 Passing score: 70 Languages: English

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    CompTIA: SecurityX
    • Duration: 5 Days
    • Language: English
    • Level: Advanced
    • Exam: CAS-005
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Advanced
    • Exam: ECRC
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 5 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details