CSA STAR Assessments
The Cloud Security Alliance (CSA) STAR Program has been developed as an assurance framework for cloud service providers (CSPs) and cloud service customers to assess the security of cloud-based services and solutions.
LBMC is an approved Certified STAR auditor, accredited by the CSA to perform STAR Level 2 third-party audits to attest or certify CSPs against the STAR framework. LBMC is also equipped to assist organizations with preparing for a STAR Level 1 self-assessment, or with assessing their cloud service providers against the CSA’s Cloud Controls Matrix.
Questions About Cybersecurity Services?
If you’re evaluating risks, preparing for an assessment, or responding to new security requirements, our team can help you understand your options and determine next steps.
What is CSA STAR?
The CSA STAR Program is the most popular cloud security provider certification program, integrating a three-tiered provider assurance package of self-assessment, third-party audit, and continuous monitoring. STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM). By being listed on the CSA STAR Registry of cloud service providers, organizations can show current and potential customers their security and compliance posture, including the regulations, standards, and frameworks they adhere to. It can carry the benefit of reducing compliance complexity and alleviating the burden of completing multiple customer security questionnaires.
What is the Cloud Security Alliance?
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA has developed the definitive best practices for the industry, such as the “Security Guidance for Critical Areas of Focus in Cloud Computing”, the “Cloud Controls Matrix”, “Top Threats to Cloud Computing” and 50 other cloud security research artifacts. For further information, visit www.cloudsecurityalliance.org.
Cybersecurity Insights — Delivered to Your Inbox
Stay informed on emerging threats, evolving compliance requirements, and practical strategies to strengthen your organization’s security posture.
What you’ll receive:
- Cybersecurity trends, threats, and risk insights
- Compliance updates across frameworks like HITRUST, CMMC, SOC, and NIST
- Practical guidance from LBMC cybersecurity advisors
- Invitations to webinars, events, and new resources
CSA STAR Services
CSA STAR Attestation
LBMC conducts SOC 2 attest engagements against the AICPA Trust Service Criteria in addition to the CSA Cloud Controls Matrix. STAR Registry attestation listings expire after one year unless updated.CSA STAR Certification
LBMC Certification Services, LLC conducts ISO certification and surveillance audits against the ISO/IEC 27001:2013 standard in addition to the CSA Cloud Controls Matrix. STAR Registry certification listings require annual audit and expire after three years unless updated.CSA STAR Advisory
LBMC assists the organization with establishing its STAR compliance program, preparing for STAR Level 1 self-assessment, or conducting Cloud Controls Matrix assessments against cloud service providers. Organizations benefit from LBMC advisory professionals’ cloud security and compliance expertise to enhance their security, compliance, and vendor management programs.Why choose LBMC as your STAR Auditor?
- CSA STAR Level 2 Attestation is built upon a SOC 2 attest engagement. LBMC Cybersecurity’s audit professionals operate as part of LBMC, PC—a Top 40 US CPA firm. We provide SOC services to clients across the country and ensure all attestation engagements are performed in accordance with the standards established by the American Institute of Certified Public Accountants.
- CSA STAR Level 2 Certification is built upon an ISO/IEC 27001:0213 audit. LBMC Certification Services, LLC is an accredited global ISO Certification Body with over 10 years’ experience in ISO audit and assessment. Audits are conducted in accordance with ISO 17021-1, ISO/IEC 27006, and applicable accreditation guidelines.
- LBMC is as an approved CSA STAR auditor. Upon successful assessment completion, LBMC can submit organizations to be listed on the CSA STAR Registry.
If you’re navigating complex security, compliance, or risk challenges, LBMC’s cybersecurity advisors can help you prioritize next steps with clarity. Start with a conversation focused on your goals, risks, and operational realities.
Industries We Serve
Our cybersecurity advisory team works with organizations across industries to address security risks, compliance requirements, and operational challenges. We help clients strengthen controls, reduce exposure, and align security efforts with business priorities. Whether you’re responding to new regulations, supporting growth, or improving security maturity, our team provides clear guidance grounded in real-world experience.
All Industries We Support
Local Expertise, Wherever You Are
With offices in Chattanooga, Memphis, Louisville, Nashville, Knoxville, Philadelphia, and Charlotte, plus remote offices, LBMC partners with businesses across the region and beyond.
IT Security Compliance and Assurance Resources
Executive Team
LBMC Is Here to Help
Whether you’re preparing for a compliance assessment, addressing security gaps, or strengthening your overall risk posture, LBMC’s cybersecurity advisors are ready to help. We’ll start with a conversation focused on your current environment, requirements, and the steps needed to move forward with confidence.