Class Is Recorded with Unlimited Access for 90-Days
We Coach Until You Pass
100 % Exam Pass Guarantee
12-Additional Hours of Exam Review at No Charge
CCAK Overview
Welcome to ISACA’s Certificate of Cloud Auditing Knowledge, or CCAK, training and certification course. Are you considering CCAK Certification? This course prepares students to pass the certification exam and be recognized among the world’s most qualified information security cloud professionals. The CCAK program at 327 Solutions is an ISACA Authorized Event. 327 Solutions is an ISACA Authorized Training Organization (ATO). Our training utilizes the latest courseware and exam prep material in the market, delivered by ISACA Authorized Trainers, and uses 327 Solutions Persistent Training Environment. When you take a training program with 327, we will record your event, and after class, you’ll have access to your training for 3-months after we turn your event into eLearning, along with live exam review and mentoring.
The course covers all nine CCAK domains. BONUS! In our program, you’ll also learn FedRAMP and FISMA regulatory oversights related to CCAK and cloud compliance.
Benefits:
- Pass your exam, guaranteed (if you don’t pass, you’ll be coached until you do)
- Intensive Authorized Virtual-Live & Live Training (online live sessions on Zoom)
- YOUR live class is recorded and turned into eLearning with 3-months access via the student portal
- Access mock exams, exam prep, and assessments to ensure you are ready to test
Curriculum
Domain 1 - Cloud Governance
In this module, you will learn about the basics of cloud governance, including:
- Assurance
- Governance Frameworks
- Risk Management
- Governance Tools
Domain 2 - Cloud Compliance Program
In this module, you will learn:
- How to design and build a Cloud Compliance Program
- Legal and regulatory requirements
- Standards and security frameworks
- How to identify controls and measure effectiveness
- CSA certification, attestation, and validation
Domain 3 - CCM and CAIQ Goals, Objectives, and Structure
In this module, you will learn about:
- The CSA Cloud Controls Matrix (CCM)
- The Consensus Assessments Initiative Questionnaire (CAIQ)
- The relationship to standards: mappings and gap analysis
- The transition from CCM V3.0.1 to CCM V4
Domain 4 - Threat Analysis Methodology for Cloud Using CCM
In this module, you will learn about:
- Definitions and purpose
- Attack details and impacts
- Mitigating controls and metrics
Domain 5 - Evaluating a Cloud Compliance Program
In this module, you will learn:
- Governance perspectives
- Legal, regulatory, and standards perspectives
- Risk perspectives
- Services changes implications
- The need for continuous assurance/continuous compliance
Domain 6 - Cloud Auditing
In this module, you will learn how to:
- Audit characteristics, criteria, and principles
- Audit standards for cloud computing
- Audit an on-premises environment vs. cloud
- Pinpoint the differences in assessing cloud services vs. cloud delivery models
- Build, plan, and execute a cloud audit
Domain 7 - CCM Auditing Controls
In this module, you will learn about:
- Audit scoping guidance
- Risk evaluation guide
- Using an audit workbook
Domain 8 - Continuous Assurance and Compliance
In this module, you will learn about:
- DevOps and DevSecOps
- Auditing CI/CD pipelines
- DevSecOps automation and maturity
Domain 8 - STAR Program
In this module, you will learn about:
- Security and privacy standards
- Open Certification Framework
- STAR Registry
- STAR Levels 1, 2 and 3
Domain 9 - FedRAMP and FISMA Compliance
This content is written and contributed by 327 Solutions. Understanding and demonstrating cloud governance, compliance, analysis, auditing, controls, and related topics require an oversight standard. FedRAMP (Federal Risk and Authorization Management Program) is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring of cloud products and services.
