Cloud Auditing Training Guide

The document outlines the instructor-led training syllabus for the Certificate of Cloud Auditing Knowledge (CCAK). The 5-module course covers cloud governance, compliance, auditing, assurance, and CSA tools. It aims to provide knowledge on cloud security assessment methods and ensuring cloud services comply with requirements. The 9-module course is divided into sections on governance, compliance programs, CCM/CAIQ structure, threat analysis, evaluating compliance programs, auditing, using CCM for auditing, continuous assurance, and the CSA STAR program.

Uploaded by

mailrelay 1030

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

621 views3 pages

Cloud Auditing Training Guide

Uploaded by

mailrelay 1030

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 3

Certificate of Cloud Auditing Knowledge

instructor-led training syllabus

Revision date - 03/17/2021

CCAK Overview
The CCAK instructor-led training course curriculum consists of 5 major areas of coverage:
1. Cloud Governance
2. Cloud Compliance
3. Cloud Auditing
4. Cloud Assurance
5. CSA Tools: CCM, CAIQ and STAR Program

The areas of coverage or covered in 9 modules, with specific coverage areas as listed below.

CCAK Objectives
The objectives of the CCAK training are to provide knowledge about:
● cloud security assessment methods and techniques and how to use them to evaluate
a cloud service prior to and during the provision of the service and
● how to ensure that a cloud service is compliant with the company requirements and is
aligned with the governance approach of the organization.
● In addition, the CCAK will give those individuals with an auditing role and background
the necessary knowledge to be able to update their expertise from on-prem IT security
auditing to cloud and hybrid security auditing.

Course Structure
The CCAK course is divided into nine modules that cover the essential principles of auditing
cloud computing systems.

MODULE 1: Cloud Governance (4 hrs)

 Overview of governance
 Cloud assurance
 Cloud governance frameworks
 Cloud risk management
 Cloud governance tools
MODULE 2: Cloud Compliance Program (3 hrs)
 Designing a cloud compliance program
 Building a cloud compliance program
 Legal and regulatory requirements
 Standards and security frameworks
 Identifying controls and measuring effectiveness
 CSA certification, attestation and validation

MODULE 3: CCM and CAIQ Goals, Objectives and Structure (1.5 hrs)
 CCM
 CAIQ
 Relationship to standards: mappings and gap analysis
 Transition from CCM V3.0.1 to CCM V4

MODULE 4: A Threat Analysis Methodology for Cloud Using CCM (1 hr)

 Definitions and purpose
 Attack details and impacts
 Mitigating controls and metrics
 Use case

MODULE 5: Evaluating a Cloud Compliance Program (1.5 hrs)

 Evaluation approach
 A governance perspective
 Legal, regulatory and standards perspectives
 Risk perspectives
 Services changes implications
 The need for continuous assurance/continuous compliance

MODULE 6: Cloud Auditing (2 hrs)

 Audit characteristics, criteria & principles
 Auditing standards for cloud computing
 Auditing an on-premises environment vs. cloud
 Differences in assessing cloud services and cloud delivery models
 Cloud audit building, planning and execution

MODULE 7: CCM: Auditing Controls (1 hr)

 CCM audit scoping guidance
 CCM risk evaluation guide
 CCM audit workbook
 CCM an auditing example
MODULE 8: Continuous Assurance and Compliance (1 hr)
 DevOps and DevSecOps
 Auditing CI/CD pipelines
 DevSecOps automation and maturity

MODULE 9: STAR Program (1 hr)

 Standard for security and privacy
 Open Certification Framework
 STAR Registry
 STAR Level 1
 STAR Level 2
 STAR Level 3

Cloud Computing Compliance Controls Catalogue (C5) : Criteria To Assess The Information Security of Cloud Services
100% (1)
Cloud Computing Compliance Controls Catalogue (C5) : Criteria To Assess The Information Security of Cloud Services
70 pages
CCAK VS Advance Cloud Governance
No ratings yet
CCAK VS Advance Cloud Governance
8 pages
ISACA CCAK v2022-03-22 q27
No ratings yet
ISACA CCAK v2022-03-22 q27
7 pages
Isaca: CCAK Exam
50% (2)
Isaca: CCAK Exam
96 pages
Cloud Audit Academy-Cloud Agnostic
100% (1)
Cloud Audit Academy-Cloud Agnostic
102 pages
SaaS Security Checklist Guide
No ratings yet
SaaS Security Checklist Guide
3 pages
Auditor
100% (1)
Auditor
21 pages
10 Key Cloud Migration Questions
No ratings yet
10 Key Cloud Migration Questions
4 pages
CISA Task Statements
100% (1)
CISA Task Statements
3 pages
Cyber Audit Certificate Exam Guide - Eng - 0918
No ratings yet
Cyber Audit Certificate Exam Guide - Eng - 0918
10 pages
Cloud Computing An Internal Audit Perspective
No ratings yet
Cloud Computing An Internal Audit Perspective
43 pages
CCMv4 0AuditingGuidelines
No ratings yet
CCMv4 0AuditingGuidelines
79 pages
Domain 2 - Crisc
No ratings yet
Domain 2 - Crisc
91 pages
Cloud Computing Audit Program - Final
100% (2)
Cloud Computing Audit Program - Final
5 pages
Domain 1 - Crisc
No ratings yet
Domain 1 - Crisc
74 pages
Section 4: System Infrastructure and Control
No ratings yet
Section 4: System Infrastructure and Control
72 pages
Gap Assessment For 27017
No ratings yet
Gap Assessment For 27017
9 pages
Cisa Questions
No ratings yet
Cisa Questions
73 pages
Chandra - Auditing Cloud Computing
No ratings yet
Chandra - Auditing Cloud Computing
17 pages
ITSC Seminar - 27001 27002 Update Philip Sy
No ratings yet
ITSC Seminar - 27001 27002 Update Philip Sy
30 pages
Actualtests: Topping Certification Exam Prep, Test Dumps Materials - Actualtestsit
No ratings yet
Actualtests: Topping Certification Exam Prep, Test Dumps Materials - Actualtestsit
8 pages
Domain 4 - Crisc
No ratings yet
Domain 4 - Crisc
90 pages
Cloud Computing Compliance Criteria Catalogue - C5:2020
100% (1)
Cloud Computing Compliance Criteria Catalogue - C5:2020
124 pages
Cloud Security Posture Management - Why You - Cloud Security Alliance PDF
No ratings yet
Cloud Security Posture Management - Why You - Cloud Security Alliance PDF
7 pages
DumpsBoss CISA Certified Information Systems Auditor Dumps Guaranteed Exam Success
0% (1)
DumpsBoss CISA Certified Information Systems Auditor Dumps Guaranteed Exam Success
11 pages
Select The Correct Answer
No ratings yet
Select The Correct Answer
10 pages
Cloud Computing Security Risk Assessment
No ratings yet
Cloud Computing Security Risk Assessment
50 pages
CISCO On Security Officer All in One Exam Guide 9781260463934 Pages 1
No ratings yet
CISCO On Security Officer All in One Exam Guide 9781260463934 Pages 1
124 pages
Cyber Risk Management Assessment 1708187613
No ratings yet
Cyber Risk Management Assessment 1708187613
34 pages
SOC 2 Compliance Checklist Guide
No ratings yet
SOC 2 Compliance Checklist Guide
2 pages
CCSK QB
No ratings yet
CCSK QB
25 pages
CISA Full File 1ttekr
No ratings yet
CISA Full File 1ttekr
106 pages
05.2 - 2020 - CISA-50Q - Additional - Questions - v1
100% (1)
05.2 - 2020 - CISA-50Q - Additional - Questions - v1
8 pages
HOW TO PREPARE FOR INFOSEC DOMAIN White Paper
No ratings yet
HOW TO PREPARE FOR INFOSEC DOMAIN White Paper
14 pages
Vendor: ISACA Exam Code: CISA Exam Name: Certified Information Systems Auditor Version: DEMO
No ratings yet
Vendor: ISACA Exam Code: CISA Exam Name: Certified Information Systems Auditor Version: DEMO
6 pages
CISAplanningguide 2019
No ratings yet
CISAplanningguide 2019
10 pages
ITAF Companion Performance Guidelines 2208
No ratings yet
ITAF Companion Performance Guidelines 2208
20 pages
CGRC - Domain1 & Glossary
No ratings yet
CGRC - Domain1 & Glossary
17 pages
Cisa 2
No ratings yet
Cisa 2
9 pages
Google Cloud Platform GCP Audit Program
100% (1)
Google Cloud Platform GCP Audit Program
31 pages
SOC 1 2 3 Ebook 2018
100% (1)
SOC 1 2 3 Ebook 2018
18 pages
Information Security Course Outline
No ratings yet
Information Security Course Outline
2 pages
SEBI Cybersecurity Framework Guide
No ratings yet
SEBI Cybersecurity Framework Guide
19 pages
Cloud Audit
100% (1)
Cloud Audit
38 pages
CISA Review Manual 28 Edition Summary Chapter-5
No ratings yet
CISA Review Manual 28 Edition Summary Chapter-5
9 pages
Aligning PCI DSS With ISO 27001 - ISMS - Online
No ratings yet
Aligning PCI DSS With ISO 27001 - ISMS - Online
14 pages
Disaster Recovery Audit Guide
No ratings yet
Disaster Recovery Audit Guide
34 pages
GRC Analyst Resume - Hire IT People - We Get IT Done
100% (1)
GRC Analyst Resume - Hire IT People - We Get IT Done
7 pages
Cloud Computing Security Threats
No ratings yet
Cloud Computing Security Threats
9 pages
Governance Isaca Crisc Cert Study Guide
No ratings yet
Governance Isaca Crisc Cert Study Guide
8 pages
CSCRF - Internal Audit Checklist v1.0
No ratings yet
CSCRF - Internal Audit Checklist v1.0
13 pages
Implementing The NIST Cybersecurity Framework Using COBIT 5: A Step-by-Step Guide For Your Enterprise
No ratings yet
Implementing The NIST Cybersecurity Framework Using COBIT 5: A Step-by-Step Guide For Your Enterprise
14 pages
VPN Security Audit Assurance Program - Icq - Eng - 1012
No ratings yet
VPN Security Audit Assurance Program - Icq - Eng - 1012
34 pages
ISO27001 c5
No ratings yet
ISO27001 c5
19 pages
2023
100% (1)
2023
249 pages
Ccak 2022
0% (1)
Ccak 2022
2 pages
Cloud Security 1.0 - Scope Sequence
No ratings yet
Cloud Security 1.0 - Scope Sequence
6 pages
CCA3006 - CLOUD-SECURITY-MANAGEMENT - LT - 1.0 - 34 - Cloud Security Management
No ratings yet
CCA3006 - CLOUD-SECURITY-MANAGEMENT - LT - 1.0 - 34 - Cloud Security Management
2 pages
Certificate of Cloud Security Knowledge: (CCSK) - Plus H8P76S
No ratings yet
Certificate of Cloud Security Knowledge: (CCSK) - Plus H8P76S
3 pages
Door Catalog August 2022 1
No ratings yet
Door Catalog August 2022 1
68 pages
Muscular System Overview
No ratings yet
Muscular System Overview
19 pages
Abnish Kumar Saxena 409
No ratings yet
Abnish Kumar Saxena 409
5 pages
Campus Recruitment Proposal - Cermati
No ratings yet
Campus Recruitment Proposal - Cermati
25 pages
Tungsten Oxide WO3 X-ray Data
No ratings yet
Tungsten Oxide WO3 X-ray Data
1 page
Strategy Innovation For Taza Mia Coffee Philippines
No ratings yet
Strategy Innovation For Taza Mia Coffee Philippines
17 pages
Discrete Structures Course Guide
No ratings yet
Discrete Structures Course Guide
5 pages
The Top 50 Questions Kids Ask Susan Bartell PDF Download
100% (3)
The Top 50 Questions Kids Ask Susan Bartell PDF Download
57 pages
Asphalt Burner Specs for Engineers
No ratings yet
Asphalt Burner Specs for Engineers
4 pages
S9 - Q3 - Answer Key 2
No ratings yet
S9 - Q3 - Answer Key 2
6 pages
Dior's Fashion Evolution
No ratings yet
Dior's Fashion Evolution
20 pages
Juvinale Diabetes
No ratings yet
Juvinale Diabetes
29 pages
Method of The Year 2024: Spatial Proteomics
No ratings yet
Method of The Year 2024: Spatial Proteomics
2 pages
High Elevation Airport Operation and RNP Implementation - 0
No ratings yet
High Elevation Airport Operation and RNP Implementation - 0
113 pages
Static Water Level (Metro Manila)
No ratings yet
Static Water Level (Metro Manila)
2 pages
ATX-UK Exam Guidance 2024-2025
No ratings yet
ATX-UK Exam Guidance 2024-2025
7 pages
IJMEDPH Ayushi
No ratings yet
IJMEDPH Ayushi
5 pages
Kids' Maker Faire Creations
No ratings yet
Kids' Maker Faire Creations
2 pages
Zara's Pre-Owned Challenges & Strategy
No ratings yet
Zara's Pre-Owned Challenges & Strategy
4 pages
Introduction To Information Systems 2025
No ratings yet
Introduction To Information Systems 2025
59 pages
Oscar Wao
No ratings yet
Oscar Wao
5 pages
Schott Tubing Datasheet Glass 8250 English
No ratings yet
Schott Tubing Datasheet Glass 8250 English
1 page
Delhi University
No ratings yet
Delhi University
62 pages
Co1 Science 1ST Quarter
No ratings yet
Co1 Science 1ST Quarter
4 pages
35 KumaraSwamiyam 3bw PDF
100% (1)
35 KumaraSwamiyam 3bw PDF
7 pages
PCM
No ratings yet
PCM
6 pages
Bernpyle #3
100% (3)
Bernpyle #3
28 pages
M A History 2024
No ratings yet
M A History 2024
2 pages
Soothsayer
No ratings yet
Soothsayer
17 pages
Job Portal
No ratings yet
Job Portal
127 pages

Cloud Auditing Training Guide

Uploaded by

Cloud Auditing Training Guide

Uploaded by

Certificate of Cloud Auditing Knowledge

instructor-led training syllabus

MODULE 1: Cloud Governance (4 hrs)

MODULE 4: A Threat Analysis Methodology for Cloud Using CCM (1 hr)

MODULE 5: Evaluating a Cloud Compliance Program (1.5 hrs)

MODULE 6: Cloud Auditing (2 hrs)

MODULE 7: CCM: Auditing Controls (1 hr)

MODULE 9: STAR Program (1 hr)

You might also like