Regulated Research Community of Practice (RRCoP)
NSF # 2201028
Who is RRCoP?
**NEW** REFERENCE DOWNLOAD
Following our Advanced System Security Plan Workshop, the community produced a partially completed SSP built from a new system diagram and 42 controls designed to be a reference when working on your own SSP. [Learn More & Download]
December 13, 2023 11am PT / 2 pm ET Certifying HiPerGator for Protected Health Information University of Florida, with auditor Frazier & Deeter, and the HITRUST Alliance will present the story of certifying HiPerGator for Protected Health Information (PHI). [Join]
January 10, 2023 - All Hands We will review the accomplishments of the last year and how RRCoP was part of this change. We will reflect on changes to our needs. We’ll offer aligned communities for working groups. We’ll plan for what we’re like more or less of.
November 8, 2023 Debrief of UCSD Learning Assessment with Cyber-AB [Meeting Recording]
October 11, 2023 CMMC Gap Analysis Lessons Learned [Meeting Recording]
September 13, 2023 Facilitating Research: intersections with Security at UCSD [Meeting Recording]
August 9, 2023 Climbing the NISTy Mountains: A travelers guide [Meeting Recording]
July 12, 2023 Department of the Navy Blue Cyber Education Series for Small Business and Academic /Research Institutions [Meeting Recording]
June 14, 2023 NIST SP 800-171 R3 [Meeting Recording]
May 10, 2023 SSP Workshop Debrief [Meeting Recording]
In these two videos, check out what the experience was from different institutions who did recent C3PAO CMMC Gap Assessments
Community Objectives and Supporting Resources
Build a Community
The Regulated Research Community of Practice (RRCoP) builds a network of people able to help each other in implementing an affordable but effective cybersecurity and compliance program at academic institutions.
Collect and Share Resources
Establish a leadership training and development program accelerating availability of distributed university resources.
The Department of Defense modified the DFARS clause to mandate that NIST 800-171 be followed for data classified and marked as CUI in 2017. The next evolution of this program, CMMC, has already undergone significant changes now called CMMC 2.0. Other agencies, for example, Department of Education, have indicated that they are considering following a similar path to safeguard data.
Resource: Effective Cybersecurity for Researchers