Ownership & Roles
Content pulled from Cal Frye of Case Western Reserve University from the June 2nd, 2021 final workshop.
Ownership and Roles
Some of this is new to researchers
Some researchers will be new to thinking about compliance
Compliance isn’t just about IT. Other departments have a role
First, identify what roles will play in your program, and who fills those roles
Find a sponsor
Each institution may look very different
Academic and Administrative leadership should all be on board
IT or Research Computing support building compliant environments
Finance, Grants and Contracts, both support the project and can apply brakes
Institutional Risk and Internal Audit help evaluate your progress to the goal
Training and Education are essential; this doesn’t come naturally to researchers
Research Administration already hosts similar processes and responsibilities
Your Institutional Review Board can be a model
Your organization does not look like mine. Adjust accordingly.
“I pay for it, I own it” can work, but may not be the best choice.
Information Security may be best equipped to take ownership, if you don’t have dedicated compliance resources.
Compliance or Risk Management may be suited for ownership.
Internal Audit could own it, but are better left to assess the results.
Research Administration may be best-received by the researchers as owners.
Assemble and Organize Your Team
Expect the makeup of your program team to change as it matures.
The implementation phase may require different offices and members than operation.
An independent program manager may be quite useful. This could be a consultant.
Once in operation, bringing larger labs into compliance may also be best treated as formal projects with designated managers to steer toward success.
Attend to communications with offices outside the team. Report often.
Do your offices work together well enough to be successful?
Is there a champion among senior leadership to instill a sense of purpose?
Does your intended process owner have authority to make decisions?
Have you defined roles and responsibilities clearly enough?
Do your offices each take ownership of their portion of the task?
The ultimate success is when your researchers can easily obtain the grants, do the work, run their labs, and publish their results. They are responsible for compliance success. How do you best help them achieve the goal?