About RRCoP Project
NSF # 2201028 & 240985
Community Objectives and Supporting Resources
Build a Community
The Regulated Research Community of Practice (RRCoP) builds a network of people able to help each other in implementing an affordable but effective cybersecurity and compliance program at academic institutions.
Resources: Participation, HigherEdCUI Slack, Regulated Workshop Series, and Subscribe, Regulated Research Benchmark Study, Collaborating Communities
Collect and Share Resources
Establish a leadership training and development program accelerating availability of distributed university resources.
Resources: Higher Education specific Resources, Related Presentations, Tools and Templates, Purdue's End to End CUI Workflow and Deliverables #NSF 1840043
Advocate and Negotiate
Develop representation through strategic partnerships with industry and government entities.
Resources: Advocating and Influencing, Federal Sponsored Resources
Manage Change
The Department of Defense modified the DFARS clause to mandate that NIST 800-171 be followed for data classified and marked as CUI in 2017. The next evolution of this program, CMMC, has already undergone significant changes now called CMMC 2.0. Other agencies, for example, Department of Education, have indicated that they are considering following a similar path to safeguard data.
Resource: Effective Cybersecurity for Researchers
Simplify Compliance
A collective and streamline approach to compliance lowers the barrier to entrance for expansion of supported regulations by individual institutions.
Resource: Compliance Frameworks,
Mission of the project
The daily news clearly shows the increasing threat to safety and privacy of data, personal as well as intellectual property. While the requirements such as DFARS 7012, HIPAA, and Cybersecurity Maturity Model Certification (CMMC) improve the consistency of data handling between agencies and contractors and grantees, it leaves academic institutions to figure out how to meet such requirements in a cost-effective way that fits the research and education mission of the institution. Most institutions, agencies, and companies act in isolation with one-off contract language to address data security and safeguarding concerns. Even though cybersecurity has a clear and uniform goal of protecting data, a onesize solution does not fit all academic institutions.
By supporting this community with development of a community strategic roadmap, regular discussions and workshops, and a repository of generalized and specific resources for handling regulated research programs RRCoP lowers the barrier to entry for institutions handling new regulations.
Project Plan for Year 2022
Plan
Assessment Survey
Formalize Deliverables & Project Pan
Means to Address Existing Resources
Fellowship & Mentor Relationships
Establish
Assessment Metrics & Feedback Questions
Key Partnerships
Connections to Overlapping CoPs
Community Inventory
Regular Feedback
Collaborate
Participate in Partners' meetings
Deliverables
Initial Roadmap (this page)
Training & Working sessions
Central Resource for Sharing
Project Plan for Year 2023
Plan
Community Interests with regular BoFs
Interests of Domain Researchers
RRCoP inventory of expertise, standards, and processes
Establish
Fellowship & Mentor Relationships
Collaborate
Unify communication between partners & RRCoP
Regularly with Overlapping CoPs
Participate in Partners' Meetings
Regular Feedback
Deliverables
Training & Working sessions
RRCoP inventory of expertise, standards, and processes, audit resources
Project Plan for Year 2024
Finalize
Assessment Metrics
Deliver
Final Feedback
Remaining Deliverables
Leverage
Community interest in Partner Conference BoFs
Deliverables
Updated Roadmap Promoting Sustainable RRCoP
Entire Project Deliverables
For the entire project, RRCoP deliverables include:
Monthly meeting cadence with rotating topics and activities including as: All Hands Meetings, Established and Emerging Institutional Showcases, Researcher Focus, Training, Webinars, Assessment and Planning, Strategic Partnerships
Three full or six half day workshops & training events
Repository of generalized and specific resources (templates, standards, best practices, mentoring or consulting expertise, researcher and institution collaboration opportunities)
Central hub for communication within CoP and with the Partners
Community strategic roadmap (current and future needs with specific focus to the researcher’s voices)
Community of Practice evaluation criteria and assessment metrics