Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

CCAK Testimonials: From a Cybersecurity Principal

Published 05/28/2021

CCAK Testimonials: From a Cybersecurity Principal

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical education for cloud IT auditing. In this blog series, we’re interviewing developers of the CCAK about the importance of this certification and who should consider earning it. In this fifth blog, we’re interviewing Doug Barbin from Schellman.

1. How is the CCAK certification program different from other IT audit certification programs?

As someone who maintains double-digit CPA licenses, CISSP, CIPP, and ISO 27001 lead auditor as well as one of the first CCSKs, there is no other certification that takes an applied approach of auditing to very specific and technical subject matter.

2. Why did you want to get involved in the development of the CCAK?

I have been a strong support of the CSA for more than a decade. I was one of the first to obtain the CCSK, arguably one of the most valuable certifications I have because of its focus and practical application.

3. Who should earn their CCAK?

The obvious candidates are those who do security audits for a living. The broader answer includes internal compliance teams, security engineers and professionals, internal audit staff and others who need to see their roles in the content of cloud audit and compliance.

4. Why is the CCAK important?

Competence is defined by the AICPA as the synthesis of education and experience. Traditional audit techniques, while they form the foundation are insufficient to perform assessments of today’s and tomorrow’s cloud architectures.

5. What is the added value CCAK will bring to the market?

This is a topic people want to learn. Cloud compliance is not easy and takes knowledge of the nuances of specific requirements, tools, and techniques. This is not just for cloud auditors, but cloud engineers that need to pass their audits!

6. Any additional comments you would like to make?

As someone who employs an extensive amount of both CISAs and CCSKs, I am particularly excited about the prospect of bringing CSA’s deep cloud experience to ISACA’s large bench of IT audit professionals in a manner that raises the bar for the entire IT audit industry.


If you are actively involved in the CSA community you may be eligible for a discount on the CCAK exam and preparation materials. You can learn more about the Certificate of Cloud Auditing Knowledge, and purchase the exam and study materials here.

Share this content on your favorite social network today!