Proceduralizing Research Compliance

Streamline Risk Discovery and Mitigation to Increase Research Data Security

This report profiles the ways that progressive institutions are encouraging researchers to self-identify and mitigate the risks to their research data, as well as strategies to identify emerging research compliance risks.

IT Higher Education Researcher Compliance Grants Funding Data Requests

Security-minded IT leaders at research institutions already oversee a high volume of research compliance projects related to data security. Leaders can expect more requests as grant awards increasingly contain more explicit security and compliance language regarding storage, access, and reporting. But as the number of requests expand, resources are not.

CISOs are caught between a desire to elevate researcher awareness of information security risks and the IT security team’s capacity to provide services to rectify these risks. To overcome barriers to securing research data, IT leaders need to proceduralize research compliance—and increase awareness among researchers of self-service security tools.

Read this executive brief to discover ways that progressive higher education organizations are proceduralizing research compliance among their faculty.

Surfacing Research Data at Risk

Online Risk Diagnostic
Interactive Questions Pinpoint Applicable Data Restrictions

PIs can self-identify the level of risk related to their research data by accessing an online tool that takes them through nine questions pinpointing the data restrictions that apply to projects. If necessary, the Diagnostic will prompt the PI to contact the information security team for consultation. Download the practice.

>Streamlining Access to Existing Solutions

Research Security Solutions Toolbox
Enabling Researchers to More Easily Find Security Solutions

To reduce security staff and PI effort to complete grant proposals, institutions are linking results of security needs diagnostics to a catalog of common, pre-approved security solutions related to different risks. These catalogs may even include language PIs can use in their grant proposals to articulate the steps they will take to protect their data. Extending these catalogs to includes costs associated with data security protocols provides PIs with an estimate of initial and ongoing costs. Download the practice.

Uncovering New Areas for Protection

IRB Security Advisor
Managing Previously “Invisible” Risks

A handful of universities are appointing a representative from information security to institutional review boards to spot check pre-award data management plans and identify emerging research methodologies and projects that require may additional security needs. Download the practice.

This is a preview of restricted content.

Full access to this content is reserved for IT Forum members. Log in now or learn more about IT Forum.

Next, Check Out

Reducing Cycle Time Between Need and Solution

  • Manage Your Events
  • Saved webpages and searches
  • Manage your subscriptions
  • Update personal information
  • Invite a colleague