Embedded Files
May 1, 2025 Edition of Ask the Assessor: Navigating Policy Hierarchies in Support of Compliance
June 11, 2025 @ 2 pm ET / 11 am PT
Lessons Learned - NC State’s Journey to CMMC Level 2 Compliance |Institutional Showcase
Presented by: Adria Snead, Cybersecurity Research Analyst, Doug Lewis, Cybersecurity Risk and Compliance Specialist, and Damon Armour, Director of Information Security, Risk & Assurance
Alright, buckle up for the CMMC Level 2 assessment rollercoaster! NC State University jumped into the deep end to conquer the giant known as CUI certification. Come join us as NC State discusses our journey through the belly of the beast. We learned it’s NOT just 110 controls, N/A is a rarity, and some things are not POA&M eligible. It’s all about the objectives. This rigorous assessment with our C3PAO was a high stakes test of our policies, implementation and documentation. NC State forged a path forward so you can navigate it with confidence. You’ve got this!
[New User Sign-In or Add Me to Office Hours Invite | Presentation | Recording]
May 14, 2025 @ 2 pm ET / 11 am PT
What’s In or Out? Compliance Check-In |Training Topic
Presented By: Laura Raderman, Carnegie Mellon University
With regulations changing so quickly, and the rumor mill churning, what’s the current state of information security regulations that apply to research? Join RRCoP for an overview of regulations “in-flight” and recently implemented to learn what we know, what we expect, and what rumors exist.
Past Presentations
For full descriptions, download meeting notes, and recordings
Institutional Showcase | Community relationships and collaboration opportunities; Establish Community Inventory; Surface Community Needs; Help emerging centers through CoP and discover mentoring opportunities
Research Security Offices: Structure, Organization and Operation [Recording] | Apr. '25
Tackling NIST 800-171 HPC Challenges: Insight and Lessons Learned [Recording] | Feb. '25
Do you know your campus government relations team? [Recording] | Nov. '24
Assessment Experiences [Recording] | May '24
NC State Regulated Research Responsibility Ownership [Recording] | Mar. '24
Certifying HiPerGator for Protected Health Information [Recording] | Dec. '23
Debrief of first-ever - CMMC Learning Assessment [Recording] | Nov. '23
CU Boulder CMMC Gap Analysis Lessons Learned [Recording] | Oct. '23
Climbing the NISTy Mountains: A travelers guide [Recording] | Aug. '23
Panel on GRC Tools [Recording] | Apr. '23
Financials & Cost Model [Recording] | Feb. '22
NIST 800-171 Compliance Journey [Recording] | Sep. '22
Impact of Cybersecurity on UCF Research Administration [Recording] and The UChicago Security Research Data Strategy and Secure Data Enclave [Recording] | Nov. '22
System Security Plan Innovators [Recording] | Mar. '22
Researcher Focused Session | Strengthen relationships with impacted domain researcher; Gather feedback on their interests from the community; Develop collaboration opportunities
Facilitating Research: Intersections with Security at UCSD [Recording] | Sep. '23
Compliance & Researchers: Teamwork makes the dream work [Recording] | May '22
Training Topic | Establishing Community Inventory; Develop Community Skills; Address Gaps Missing at the Institutional Level
What’s In or Out? Compliance Check-In [Recording] | May '25
Flipping the Script on CMMC with ARFL Digital Research | recording by request: info@regulatedresearch.org | Mar. '25
C3PAO Perspective on Sponsorship and Governance [Recording] | Jan. '25
CISA Resources [Recording] | Oct. '24
Navigating Clinical Research Operations and Compliance [Recording] | Jul. '24
Debrief of "A Day with the CMMC Assessors" workshop [Recording] | Jun. '24
What you really need to know about HIPAA [Recording] | Apr. '24
CMMC 2.0 Rulemaking by Jacob Horne [Recording] | Feb. '24
The Path to CMMC Assessment [Recording] | Feb. '23
ChatGPT for CMMC Compliance [Recording] | Mar. '23
System Security Plan Workshop Deliverables [Recording] | May '23
NIST SP 800-171 R3 [Recording] | Jun. '23
Preparing and Engaging with Third-Party Assessors [Recording] | Aug. '22
Making FAQs & Documentation More User-Friendly [Recording] | Apr. ' 22
Convenience vs Security & Debrief from Certified CMMC Professional course [Recording] | Oct. '22
Tales from the IT Policy Office at the University of California [Recording] | Dec. '22
Strategic Partnership | Dedicated time to the partners to hear from the community
Trusted CI & RRCoP: The Next Five Years [Recording]| Dec. '24
EDUCAUSE Policy Review [Recording] | Sep. '24
Voices from Aligned Communities [Recording] | Jun. '22
NIST guidance document for implementing controls on HPC systems [Recording] | Jan. '23
Department of the Navy Blue Cyber Education Series for Small Businesses and Academic/Research Institutions [Recording] | Jul. 23
Biomedical Programs & HITRUST [Recording] | Jul. '22
All Hands Meeting | Addressing updates from Academic and Industry
RRCoP Planning and All Hands [Recording] | Jan. '24
Overview of RRCoP and Planning [Recording] | Jan. '22
Assessment | Confirming that RRCoP provides value; Planning for future needs
RRCoP Then & Now [Recording] | Aug. '24
Save the Date
2025
May 14 @ 2 pm EST / 11 am PST
The Compliance State of Union | Training Topic
June 11 @ 2 pm EST / 11 am PST
Lessons Learned - NC State’s Journey to CMMC Level 2 Compliance | Institutional Showcase
Alright, buckle up for the CMMC Level 2 assessment rollercoaster! NC State University jumped into the deep end to conquer the giant known as CUI certification. Come join us as NC State discusses our journey through the belly of the beast. We learned it’s NOT just 110 controls, N/A is a rarity, and some things are not POA&M eligible. It’s all about the objectives. This rigorous assessment with our C3PAO was a high stakes test of our policies, implementation and documentation. NC State forged a path forward so you can navigate it with confidence. You’ve got this!
July 9 @ 2 pm EST / 11 am PST
August 13 @ 2 pm EST / 11 am PST
September 10 @ 2 pm EST / 11 am PST
October 8 @ 2 pm EST / 11 am PST
November 12 @ 2 pm EST / 11 am PST
December 10 @ 2 pm EST / 11 am PST
2026
January 14 @ 2 pm EST / 11 am PST
February 11 @ 2 pm EST / 11 am PST
March 11 @ 2 pm EST / 11 am PST
April 8 @ 2 pm EST / 11 am PST
May 13 @ 2 pm EST / 11 am PST
June 10 @ 2 pm EST / 11 am PST
July 8 @ 2 pm EST / 11 am PST
August 12 @ 2 pm EST / 11 am PST
September 9 @ 2 pm EST / 11 am PST
October 14 @ 2 pm EST / 11 am PST
November 12 @ 2 pm EST / 11 am PST
December 9 @ 2 pm EST / 11 am PST
2027
January 13 @ 2 pm EST / 11 am PST
February 10 @ 2 pm EST / 11 am PST
March 10 @ 2 pm EST / 11 am PST
April 14 @ 2 pm EST / 11 am PST
May 12 @ 2 pm EST / 11 am PST
June 9 @ 2 pm EST / 11 am PST
July 14 @ 2 pm EST / 11 am PST
August 11 @ 2 pm EST / 11 am PST
September 8 @ 2 pm EST / 11 am PST
October 13 @ 2 pm EST / 11 am PST
November 10 @ 2 pm EST / 11 am PST
December 8 @ 2 pm EST / 11 am PST
2028
January 12 @ 2 pm EST / 11 am PST
February 9 @ 2 pm EST / 11 am PST
March 8 @ 2 pm EST / 11 am PST
April 12 @ 2 pm EST / 11 am PST
May 10 @ 2 pm EST / 11 am PST
June 14 @ 2 pm EST / 11 am PST
July 12 @ 2 pm EST / 11 am PST
August 9 @ 2 pm EST / 11 am PST
September 13 @ 2 pm EST / 11 am PST
October 11 @ 2 pm EST / 11 am PST
November 8 @ 2 pm EST / 11 am PST
December @ 2 pm EST / 11 am PST
2029
January 10 @ 2 pm EST / 11 am PST
February 14 @ 2 pm EST / 11 am PST
March 14 @ 2 pm EST / 11 am PST
April 11 @ 2 pm EST / 11 am PST
May 9 @ 2 pm EST / 11 am PST
June 13 @ 2 pm EST / 11 am PST
July 11 @ 2 pm EST / 11 am PST
August 8 @ 2 pm EST / 11 am PST
September 12 @ 2 pm EST / 11 am PST
October 10 @ 2 pm EST / 11 am PST
Categories of Community Discussion
Over the period between 2022–2024, RRCoP is committed to delivering sessions with different areas of focus. Below is the categories, total number of sessions, and a brief description of the content delivered at these meetings.
All Hands Meeting — 6x Addressing updates from Academic and Industry
Established Institutional Showcase — 5x Community relationships and collaboration opportunities; Establish Community Inventory; Surface Community Needs
Institutional Showcase — 4x Help emerging centers through CoP and discover mentoring opportunities
Researcher Focused Session — 3x Strengthen relationships with impacted domain researcher; Gather feedback on their interests from the community; Develop collaboration opportunities
Training Topic — 9x Establishing Community Inventory; Develop Community Skills; Address gaps missing at institutional level
Assessment Baseline & Planning — 3x Confirming that RRCoP provide value; Planning for future needs
Strategic Partnership — 6x Dedicated time to the partners to hear from the community
Page updated
Google Sites
Report abuse