Global
technology association ISACA and the Cloud Security
Alliance (CSA), the world's
leading organization dedicated to defining standards, certifications and best
practices to help ensure a secure cloud computing environment, today
announced a strategic partnership to collaborate closely on critical
initiatives to transform the auditing and assurance of cloud computing. The
first initiative will combine forces to bring to market the previously
announced Certificate of
Cloud Auditing Knowledge (CCAK) as
a joint venture. The two industry leaders will announce a broader collaboration
roadmap later in 2020.
The
CCAK, scheduled for completion in Q4 2020, is the first credential for industry
professionals that demonstrates expertise in the essential principles of
auditing cloud computing systems. With this announcement, ISACA has joined CSA
as an equal partner to deliver the CCAK portfolio (body of knowledge, training
materials, and an examination), giving IT, audit and information security
professionals the opportunity to obtain the credential and raise the baseline
of cloud assurance knowledge across the industry.
"I have
enjoyed a professional relationship with ISACA for over 20 years that predates
the founding of Cloud Security Alliance," said Jim Reavis, co-founder and CEO
of Cloud Security Alliance. "I am delighted that we are working together even
more closely to deliver authoritative education about cloud auditing and
assurance to our mutual community. ISACA's global leadership within the IT
audit profession and its reputation for high-integrity knowledge programs make
them the ideal partner to achieve real progress in creating trust in the
cloud."
"ISACA
is pleased to forge this new partnership with CSA, an organization we have
worked with since its founding in 2009," said David Samuelson, CEO of ISACA.
"As cloud becomes the centerpiece of organizational IT strategies and the
repository of corporate crown jewels, we have a unique responsibility to
increase the security and transparency of this platform. We truly believe that
this partnership allows us to do more together than we could individually to
accelerate cloud assurance competencies throughout our global audience."
The
CCAK's holistic body of knowledge will be composed of the CSA's
Cloud Controls
Matrix (CCM), the fundamental
framework of cloud control objectives; its companion
Consensus
Assessments Initiative Questionnaire (CAIQ), the primary means for assessing a cloud provider's
adherence to CCM; and the
Security, Trust,
Assurance & Risk (STAR) program,
the global leader in cloud security audits and self-assessments, in addition to
new material.
ISACA
and CSA will announce detailed availability and pricing of the CCAK offerings
later this year. More information can be found at https://cloudsecurityalliance.org/education/ccak/.
In the
coming months, ISACA and CSA will provide a roadmap of additional initiatives
they will undertake to broaden this partnership for cloud auditing and
assurance. The collaboration will promote harmonization between the myriad
cloud trustmarks and standards within various industries and nations, as well
as drive greater consensus between cloud providers, customers, and governing
bodies. ISACA and CSA members will be key stakeholders in moving these
initiatives forward and improving the assurance of the global cloud ecosystem.
"We look forward to
continuing to partner with CSA going forward to not only drive collaboration
and progress in the area of cloud security but also bring value to our
respective members worldwide," said Nader Qaimari, ISACA chief learning
officer.