Regulated Research Community of Practice (RRCoP)

NSF # 2201028 

Who is RRCoP?

We are research institutions that support research subject to compliance regulations, working together to grow the knowledge pool and produce efficiencies. 

Watch the four minute introduction [RRCoP Introduction]

Our project deliverables include:

This map represents the involved institutions with RRCoP. As of November 2022, we have +260 Institutions.

Upcoming Events

April 12 @ 2 pm EST / 11 am PST

GRC Tools from University Use Case panel

GRC (Governance, Risk, and Compliance) tools help organizations manage and monitor their performance against various regulatory, industry-specific, and internal policies and standards. It helps streamline and automate processes related to risk management, compliance, and governance, allowing organizations to effectively identify, assess, and mitigate potential risks and compliance issues.

Join us for a panel discussion featuring 4 institutions running various GRC tools to share their experiences and insights. Learn how these tools have transformed their businesses and discover the potential benefits for your own organization.


Recent Events

Project Goals and Supporting Resources

Goal 1: Build a Community

The Regulated Research Community of Practice (RRCoP) builds a network of people able to help each other in implementing an affordable but effective cybersecurity and compliance program at academic institutions. 

Resources: Participation, HigherEdCUI Slack, Regulated Workshop Series, and Subscribe, Regulated Research Benchmark Study, Collaborating Communities

Goal 2: Collect and Share Resources

Establish a leadership training and development program accelerating availability of distributed university resources. 

Resources:  Higher Education specific Resources, Related Presentations, Tools and Templates, Purdue's End to End CUI Workflow and Deliverables #NSF 1840043

Goal 3: Advocate and Negotiate

Develop representation through strategic partnerships with industry and government entities.

Resources: Advocating and Influencing, Federal Sponsored Resources

Goal 4: Manage Change

The Department of Defense modified the DFARS clause to mandate that NIST 800-171 be followed for data classified and marked as CUI in 2017. The next evolution of this program, CMMC, has already undergone significant changes now called CMMC 2.0. Other agencies, for example, Department of Education, have indicated that they are considering following a similar path to safeguard data. 

Resource: Effective Cybersecurity for Researchers

Goal 5: Simplify Compliance

A collective and streamline approach to compliance lowers the barrier to entrance for expansion of supported regulations by individual institutions.

Resource: Compliance Frameworks


This project is lead by Carolyn Ellis & Erik Deumens 

Contact to get more information on the project