As countries and industry sectors pivot towards cloud adoption, their respective regulators and industry sector associations seek to ensure such adoption complies with existing security requirements. Some have recommended CCM and STAR to be adopted in their Code of Practice, while others have stipulated these as mandatory requirements. Yet others have undertaken mapping between their own security requirements with CCM, so that STAR certified CSPs provide security assurances that are the same or similar to what is required. In this talk, the speaker will share the use cases (countries or industry sectors) where this practice has been in place. This approach has the advantage of adhering with international norms, removing the need for CSPs to seek country or industry specific certifications, reducing the time and cost associated with such efforts, etc.