Regulated Research Community of Practice (RRCoP)

NSF # 2201028

Who is RRCoP?

We are research institutions that support research subject to compliance regulations, working together to grow the knowledge pool and produce efficiencies.

Watch the four minute introduction [RRCoP Introduction]

Our project deliverables include:

This map represents the involved institutions with RRCoP. As of November 2022, we have +260 Institutions.

Upcoming Events

  • February 8 @ 2 pm EST / 11 am PST | Training Topic | CMMC Path to Assessment | presented by Amy Starzynski Coddens, Provisional Assessor and Provisional Instructor Certifications from the Cyber-AB

  • March 8 @ 2 pm EST / 11 am PST Training Topic | Sustainable SSP? Automate Your CMMC Efforts with ChatGPT | presented by Derrich Phillips, Certified CMMC Assessor and Provisional Instructor

  • April 12 @ 2 pm EST / 11 am PST

  • May 1-3, 2023 Cybersecurity and Privacy Professionals Conference

  • May 10 @ 2 pm EST / 11 am PST

Recent Events

  • January 2023 Updates from RRCoP Year One & NIST guidance document for implementing controls on HPC systems [Meeting Recording]

  • December 2022 Tales from the IT Policy Office at the University of California [Meeting Recording]

  • November 2022 Impact of Cybersecurity on UCF Research Administration and The UChicago Security Research Data Strategy and Secure Data Enclave [Meeting Recording]

  • October 2022 Convenience vs Security & Debrief from Certified CMMC Professional course [Meeting Recording]

Project Goals and Supporting Resources

Goal 1: Build a Community

The Regulated Research Community of Practice (RRCoP) builds a network of people able to help each other in implementing an affordable but effective cybersecurity and compliance program at academic institutions.

Resources: Participation, HigherEdCUI Slack, Regulated Workshop Series, and Subscribe, Regulated Research Benchmark Study, Collaborating Communities

Goal 2: Collect and Share Resources

Establish a leadership training and development program accelerating availability of distributed university resources.

Resources: Higher Education specific Resources, Related Presentations, Tools and Templates, Purdue's End to End CUI Workflow and Deliverables #NSF 1840043

Goal 3: Advocate and Negotiate

Develop representation through strategic partnerships with industry and government entities.

Resources: Advocating and Influencing, Federal Sponsored Resources

Goal 4: Manage Change

The Department of Defense modified the DFARS clause to mandate that NIST 800-171 be followed for data classified and marked as CUI in 2017. The next evolution of this program, CMMC, has already undergone significant changes now called CMMC 2.0. Other agencies, for example, Department of Education, have indicated that they are considering following a similar path to safeguard data.

Resource: Effective Cybersecurity for Researchers

Goal 5: Simplify Compliance

A collective and streamline approach to compliance lowers the barrier to entrance for expansion of supported regulations by individual institutions.

Resource: Compliance Frameworks,


This project is lead by Carolyn Ellis & Erik Deumens

Contact to get more information on the project