CCAK: Certificate of Cloud Auditing Knowledge FAQ
How does the Certificate of Cloud Auditing Knowledge (CCAK) certification program differ from other IT audit certification programs?
Using cloud computing to satisfy control objectives in an audited organization will require a very different approach. There will be many security controls in cloud computing that will be unfamiliar to an audit and assurance professional whose background is in traditional IT audit practices. Cloud tenants will certainly not have the same access as tenants in legacy IT systems.
What skills and knowledge does the CCAK complements and enhances?
- Certificate of Cloud Security Knowledge (CCSK)
- Certified Information Systems Auditor (CISA)
- FedRAMP 3PAO Assessor
- PCI/DSS Qualified Security Assessor
- ISO 27001 Lead Auditor Credentials
Are there any prerequisites for the exam?
There are no prerequisites to take the CCAK exam. It is recommended, however, that you earn the Certification of Cloud Security Knowledge (CCSK) before pursuing the CCAK since it assumes you have a working knowledge of cloud security best practices.
How will the CCAK training help me pass the exam?
Your instructor will go over the topics you need to know for the exam, as well as provide more detailed explanations and examples of how that knowledge can be applied at work. Not only will the CCAK training ensure that you understand the material, but also allow you to ask clarifying questions and learn more about it.
Will my CCAK certificate expire?
No, your CCAK certificate will not expire. However, information technologies in general, and cloud computing in particular, are rapidly progressing fields, and it is advisable to stay up-to-date with the most current version of the CCAK certificate.
Will I be mailed my certificate?
The vendor does not send out hard copies of individual certificates. If you wish to see your certificate you can log into your account and download it in PDF format.
Are there testing accommodations for individuals with testing disorders who need extra time on the exam?
No, the feature to extend exam time does not currently exist. If you do not pass the exam on the first two attempts, please contact us and we will consider your circumstances.
Does the Cloud Security Alliance plan to offer other certificates?
Yes, CSA’s Cloud Controls Matrix (CCM) training and Security, Trust and Assurance Registry (STAR) certifications and attestations are additional examples of CSA’s offerings. They are also working to develop educational programs in the areas of security architecture, audit and assurance, and software development.
What are the study materials available for the exam?
Yes, you can find all of the study materials free of charge here:
- Consensus Assessments Initiative Questionnaire (CAIQ) v3.1
- Cloud Controls Matrix (CCM) v3.0.1
- Top Threats to Cloud Computing Deep Dive (2018)
- Value of STAR for Cloud Customers
For how long is my exam token valid?
It is recommended that you complete the CCAK exam within one year after purchasing the token. CCAK tokens are valid for two years from the date of purchase.
Do I have to take the exam immediately after purchasing or redeeming a token?
No, you may use your attempts at any time before your token expiration date.
If I fail my first exam attempt, will I get another chance?
Yes, standard tokens are good for two attempts at the exam. If you fail a second time you will need to purchase another token at $395 USD should you wish to attempt the exam again.