CSA Official Press Release
Cloud Security Alliance, ISACA Announce Strategic Partnership to Reinvent Cloud Auditing and Assurance
Organizations to collaborate on joint venture to bring the Certificate of Cloud Auditing Knowledge (CCAK) to the market
SEATTLE – Aug. 17, 2020 – Global technology association ISACA and the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced a strategic partnership to collaborate closely on critical initiatives to transform the auditing and assurance of cloud computing. The first initiative will combine forces to bring to market the previously announced Certificate of Cloud Auditing Knowledge (CCAK) as a joint venture. The two industry leaders will announce a broader collaboration roadmap later in 2020.
The CCAK, scheduled for completion in Q4 2020, is the first credential for industry professionals that demonstrates expertise in the essential principles of auditing cloud computing systems. With this announcement, ISACA has joined CSA as an equal partner to deliver the CCAK portfolio (body of knowledge, training materials, and an examination), giving IT, audit and information security professionals the opportunity to obtain the credential and raise the baseline of cloud assurance knowledge across the industry.
“I have enjoyed a professional relationship with ISACA for over 20 years that predates the founding of Cloud Security Alliance,” said Jim Reavis, co-founder and CEO of Cloud Security Alliance. “I am delighted that we are working together even more closely to deliver authoritative education about cloud auditing and assurance to our mutual community. ISACA’s global leadership within the IT audit profession and its reputation for high-integrity knowledge programs make them the ideal partner to achieve real progress in creating trust in the cloud.”
“ISACA is pleased to forge this new partnership with CSA, an organization we have worked with since its founding in 2009,” said David Samuelson, CEO of ISACA. “As cloud becomes the centerpiece of organizational IT strategies and the repository of corporate crown jewels, we have a unique responsibility to increase the security and transparency of this platform. We truly believe that this partnership allows us to do more together than we could individually to accelerate cloud assurance competencies throughout our global audience.”
The CCAK’s holistic body of knowledge will be composed of the CSA’s Cloud Controls Matrix (CCM), the fundamental framework of cloud control objectives; its companion Consensus Assessments Initiative Questionnaire (CAIQ), the primary means for assessing a cloud provider’s adherence to CCM; and the Security, Trust, Assurance & Risk (STAR) program, the global leader in cloud security audits and self-assessments, in addition to new material.
ISACA and CSA will announce detailed availability and pricing of the CCAK offerings later this year. More information can be found at https://cloudsecurityalliance.org/education/ccak/.
In the coming months, ISACA and CSA will provide a roadmap of additional initiatives they will undertake to broaden this partnership for cloud auditing and assurance. The collaboration will promote harmonization between the myriad cloud trustmarks and standards within various industries and nations, as well as drive greater consensus between cloud providers, customers, and governing bodies. ISACA and CSA members will be key stakeholders in moving these initiatives forward and improving the assurance of the global cloud ecosystem.
“We look forward to continuing to partner with CSA going forward to not only drive collaboration and progress in the area of cloud security but also bring value to our respective members worldwide,” said Nader Qaimari, ISACA chief learning officer.
For more than 50 years, ISACA (http://www.isaca.org) has advanced the best in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations. Through the CSX, COBIT and CMMI solutions, ISACA enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its 145,000 members who work in information and cybersecurity, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 223 chapters worldwide.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
Kari Walker for the CSA
Emily Van Camp
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.
For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.