Cloud Security Alliance, ISACA Announce Strategic Partnership to Reinvent Cloud Auditing and Assurance
August 18, 2020Global technology association ISACA and the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced a strategic partnership to collaborate closely on critical initiatives to transform the auditing and assurance of cloud computing. The first initiative will combine forces to bring to market the previously announced Certificate of Cloud Auditing Knowledge (CCAK) as a joint venture. The two industry leaders will announce a broader collaboration roadmap later in 2020.
The CCAK, scheduled for completion in Q4 2020, is the first credential for industry professionals that demonstrates expertise in the essential principles of auditing cloud computing systems. With this announcement, ISACA has joined CSA as an equal partner to deliver the CCAK portfolio (body of knowledge, training materials, and an examination), giving IT, audit and information security professionals the opportunity to obtain the credential and raise the baseline of cloud assurance knowledge across the industry.
“I have enjoyed a professional relationship with ISACA for over 20 years that predates the founding of Cloud Security Alliance,” said Jim Reavis, co-founder and CEO of Cloud Security Alliance. “I am delighted that we are working together even more closely to deliver authoritative education about cloud auditing and assurance to our mutual community. ISACA’s global leadership within the IT audit profession and its reputation for high-integrity knowledge programs make them the ideal partner to achieve real progress in creating trust in the cloud.”
“ISACA is pleased to forge this new partnership with CSA, an organization we have worked with since its founding in 2009,” said David Samuelson, CEO of ISACA. “As cloud becomes the centerpiece of organizational IT strategies and the repository of corporate crown jewels, we have a unique responsibility to increase the security and transparency of this platform. We truly believe that this partnership allows us to do more together than we could individually to accelerate cloud assurance competencies throughout our global audience.”
The CCAK’s holistic body of knowledge will be composed of the CSA’s Cloud Controls Matrix (CCM), the fundamental framework of cloud control objectives; its companion Consensus Assessments Initiative Questionnaire (CAIQ), the primary means for assessing a cloud provider’s adherence to CCM; and the Security, Trust, Assurance & Risk (STAR) program, the global leader in cloud security audits and self-assessments, in addition to new material.
ISACA and CSA will announce detailed availability and pricing of the CCAK offerings later this year. More information can be found at https://cloudsecurityalliance.org/education/ccak/.
In the coming months, ISACA and CSA will provide a roadmap of additional initiatives they will undertake to broaden this partnership for cloud auditing and assurance. The collaboration will promote harmonization between the myriad cloud trustmarks and standards within various industries and nations, as well as drive greater consensus between cloud providers, customers, and governing bodies. ISACA and CSA members will be key stakeholders in moving these initiatives forward and improving the assurance of the global cloud ecosystem.
“We look forward to continuing to partner with CSA going forward to not only drive collaboration and progress in the area of cloud security but also bring value to our respective members worldwide,” said Nader Qaimari, ISACA chief learning officer.