Regulated Research Community of Practice (RRCoP)
NSF # 2201028
Who is RRCoP?
We are research institutions that support research subject to compliance regulations, working together to grow the knowledge pool and produce efficiencies.
Watch the four minute introduction [RRCoP Introduction]
Our project deliverables include:
Hosting Monthly Webinars
Sharing Resources
This map represents the involved institutions with RRCoP. As of May 2023, we have +270 Institutions. See our partners, stakeholders, and the meaning of the different icons on this map.
**NEW** REFERENCE DOWNLOAD
Following our Advanced System Security Plan Workshop, the community produced a partially completed SSP built from a new system diagram and 42 controls designed to be a reference when working on your own SSP. [Learn More & Download]
Upcoming Events
October 11, 2023 11 am PT / 2 pm ET CMMC Gap Analysis Lessons Learned Barbara Schnell and Silas Korb, University of Colorado, Boulder, will share the lessons learned from their recent C3PAO gap assessment of their enclave. [Join]
November 8, 2023 11am PT / 2 pm ET Cyber-AB Learning Assessment UC San Diego will present on their Mock Assessment handled with the lead assessor also being Cyber-AB's curriculum manager. The primary goal was to address how Research Institutions are different from the standard assessment.
Recent Events
September 13, 2023 Facilitating Research: intersections with Security at UCSD [Meeting Recording]
August 9, 2023 Climbing the NISTy Mountains: A travelers guide [Meeting Recording]
July 12, 2023 Department of the Navy Blue Cyber Education Series for Small Business and Academic /Research Institutions [Meeting Recording]
June 14, 2023 NIST SP 800-171 R3 [Meeting Recording]
May 10, 2023 SSP Workshop Debrief [Meeting Recording]
April 12, 2023 Panel on GRC Tools [Meeting Recording]
March 8, 2023 Sustainable SSP? Automate Your CMMC Efforts with ChatGPT [Meeting Recording]
February 2023 The Path to CMMC Assessment [Meeting Recording]
January 2023 Updates from RRCoP Year One & NIST guidance document for implementing controls on HPC systems [Meeting Recording]
Community Objectives and Supporting Resources
Build a Community
The Regulated Research Community of Practice (RRCoP) builds a network of people able to help each other in implementing an affordable but effective cybersecurity and compliance program at academic institutions.
Resources: Participation, HigherEdCUI Slack, Regulated Workshop Series, and Subscribe, Regulated Research Benchmark Study, Collaborating Communities
Collect and Share Resources
Establish a leadership training and development program accelerating availability of distributed university resources.
Resources: Higher Education specific Resources, Related Presentations, Tools and Templates, Purdue's End to End CUI Workflow and Deliverables #NSF 1840043
Advocate and Negotiate
Develop representation through strategic partnerships with industry and government entities.
Resources: Advocating and Influencing, Federal Sponsored Resources
Manage Change
The Department of Defense modified the DFARS clause to mandate that NIST 800-171 be followed for data classified and marked as CUI in 2017. The next evolution of this program, CMMC, has already undergone significant changes now called CMMC 2.0. Other agencies, for example, Department of Education, have indicated that they are considering following a similar path to safeguard data.
Resource: Effective Cybersecurity for Researchers
Simplify Compliance
A collective and streamline approach to compliance lowers the barrier to entrance for expansion of supported regulations by individual institutions.
Resource: Compliance Frameworks,
Questions?
This project is lead by Carolyn Ellis & Erik Deumens
Contact info@regulatedresearch.org for more information on the project