Regulated Research Community of Practice (RRCoP)
NSF # 2201028
Who is RRCoP?
We are research institutions that support research subject to compliance regulations, working together to grow the knowledge pool and produce efficiencies.
Watch the four minute introduction [RRCoP Introduction]
Our project deliverables include:
Hosting Monthly Webinars
This map represents the involved institutions with RRCoP. As of May 2023, we have +270 Institutions. See our partners, stakeholders, and the meaning of the different icons on this map.
**NEW** REFERENCE DOWNLOAD
Following our Advanced System Security Plan Workshop, the community produced a partially completed SSP built from a new system diagram and 42 controls designed to be a reference when working on your own SSP. [Learn More & Download]
June 14th, 2023 - NIST 800-171 R3 Discussion On May 10, 2023 the third revision of NIST S 800-171 was released for comment. As a community impacted by this, RRCoP will host a discussion to share information with each other.
July 12th, 2023 - TBD
May 10, 2023 SSP Workshop Debrief [Meeting Recording]
April 12, 2023 Panel on GRC Tools [Meeting Recording]
March 8, 2023 Sustainable SSP? Automate Your CMMC Efforts with ChatGPT [Meeting Recording]
February 2023 The Path to CMMC Assessment [Meeting Recording]
January 2023 Updates from RRCoP Year One & NIST guidance document for implementing controls on HPC systems [Meeting Recording]
December 2022 Tales from the IT Policy Office at University of California [Meeting Recording]
November 2022 Impact of Cybersecurity on UCF Research Administration [Meeting Recording] and The UChicago Security Research Data Strategy and Secure Data Enclave [Meeting Recording]
Community Objectives and Supporting Resources
Build a Community
The Regulated Research Community of Practice (RRCoP) builds a network of people able to help each other in implementing an affordable but effective cybersecurity and compliance program at academic institutions.
Resources: Participation, HigherEdCUI Slack, Regulated Workshop Series, and Subscribe, Regulated Research Benchmark Study, Collaborating Communities
Collect and Share Resources
Establish a leadership training and development program accelerating availability of distributed university resources.
Resources: Higher Education specific Resources, Related Presentations, Tools and Templates, Purdue's End to End CUI Workflow and Deliverables #NSF 1840043
Advocate and Negotiate
Develop representation through strategic partnerships with industry and government entities.
Resources: Advocating and Influencing, Federal Sponsored Resources
The Department of Defense modified the DFARS clause to mandate that NIST 800-171 be followed for data classified and marked as CUI in 2017. The next evolution of this program, CMMC, has already undergone significant changes now called CMMC 2.0. Other agencies, for example, Department of Education, have indicated that they are considering following a similar path to safeguard data.
Resource: Effective Cybersecurity for Researchers
A collective and streamline approach to compliance lowers the barrier to entrance for expansion of supported regulations by individual institutions.
Resource: Compliance Frameworks,
This project is lead by Carolyn Ellis & Erik Deumens
Contact email@example.com for more information on the project