Certificate of Cloud Auditing Knowledge

CCAK logo

The next online course starts soon!

The Certificate of Cloud Auditing Knowledge (CCAK) is here! Created by the Cloud Security Alliance (CSA) and ISACA, it is the first credential that is focused on the essential principles of auditing cloud applications.

Though the key word in the title is Auditing, the real scope is a bit broader, as it really focuses on establishing a scalable cloud risk management and governance program.

This long-awaited program will fill a real gap in the market, in particular for professionals who are involved in cloud risk management and audits, such as auditors, risk assessors, CISOs, and governance professionals. Another group of professionals who will benefit is security architects. This program, and its suggested prerequisite CCSK, are also great opportunities for keeping up CPE (Continued Professional Education) points.

The CCAK course is designed to cover the following 5 core areas of focus:

  • Cloud Governance
  • Cloud Compliance
  • Cloud Auditing
  • Cloud Assurance
  • CSA Tools: CCM, CAIQ, and STAR Program


The course contains the following modules:

  1. An overview of cloud governance, frameworks, and cloud governance tools
  2. Cloud compliance program: designing and building
  3. CCM and CAIQ Goals, Objectives, & Structure
  4. A Threat Analysis Methodology For Cloud using CCM
  5. Evaluating a Cloud Compliance Program
  6. Cloud Auditing
  7. CCM: Auditing Controls
  8. Continuous Assurance and Compliance including DevSecOps
  9. STAR Program

Prerequisites: according to CSA, this course assumes some working knowledge of cloud and cloud security. It also assumes some basic understanding of IT risk and audit. CCAK is a perfect complement to CCSK or CISA. More information on the CSA website.

Bonus content – real stuff

CCAK is pretty vendor neutral and provider agnostic. That is why I have created a bonus course that dives into PCI DSS for cloud, down to the individual requirement and AWS and Azure screenshots. This is part of the bundle when you register.

The next (online) course starts soon, and is organized as a series of 5 online workshops. Between the workshops there will be some preparation. Each workshop consists of lectures and some quizzes and exercises.

More up to date information on the program, the dates and the timing is here. The planned start dates currently is October 17, 2024. Mail for details.


The CCAK is an online, proctored exam that contains 76 multiple-choice questions. The exam is two hours and the passing score is 70%. No annual renewals or CPEs required. The exam tests understanding of a 410-page study guide. For more information on the FAQ, see below.

The fee for this online course is € 2200, including the exam, exam training, and lifetime access to all my CCAK online workshops and courseware. The ISACA materials are online and available for a year.

My courseware has additional material to:

  • fill in knowledge gaps
  • reiterate material that is also in CCAK
  • help to apply CCAK in the day job.

If you are ready to register, go here to secure your place.

If you want to stay up to date and want to register later, you can leave your contact details below (no commitment). I will send you a message with a brief FAQ. Feel free to use the chatbot to enter any questions, suggestions, or other comments.

Tell me more about the CCAK workshops



dit veld niet invullen s.v.p.


How hard is the exam?

We don’t know yet. It has 76 multiple choice questions and you have two hours to answer them.

How much time will it take to pass the exam?

The study guide should have all the material to study. At 410 pages and 3 minutes per page, this should take you over 20 hours.

If you participate in the online sessions, that is another 20 hours.

The exam itself will take you 2 hours.

A very optimistic estimate is therefore 42 hours. In reality, you would probably double or triple that, depending on your background.

And remember, CCSK or equivalent is assumed knowledge.