Active Program
Phase 1 of 3
CUI · CMMC · NIST 800-171
Controlled Research
Support Program
Building the enterprise infrastructure, compliance framework, and operational team UT Austin needs to support federally funded research involving Controlled Unclassified Information.
3
Partner Organizations
3
Program Phases
6
Active Workstreams
Governance
Partnership Structure
Three organizations share responsibility across sponsorship, operations, and compliance — each with a clearly defined lane.
VP Research (OVPR)
Program Sponsor
OCIO / Enterprise Technology
Operational Unit
ISO & Compliance
Compliance & Risk
Program Roadmap
Three-Phase Program
The program moves from rapid remediation and program build through full technical maturity and into long-term sustainment.
1
Phase 1 · Active
Program Build & In-Flight Remediation
In Progress
✓Leadership in place — Program Director, VPR Compliance Mgr, Sr. Dir. Research Security
✓Program charter finalized and approved
✓HTM and Hypersonics labs onboarded
✓Azure GCCH access established
✓PI-facing webpage launched
✓Benchmarked with peer institutions
→CMMC Level 1 gap analysis (70% complete)
→P&P harmonization — OVPR, ISO, ET alignment nearing completion
→Intake process workflow development
→Budget to UBC for funding approval
2
Phase 2 · Upcoming
Technical Build & Operational Maturity
Queued
○Design and implement secure CUI enclave environment
○Network segmentation and access controls
○Entra, AutoPilot, Intune deployment
○CUI Identity Management (IDM)
○Migrate compliant in-flight projects into enterprise enclave
○Map and implement NIST 800-171 controls (initiated)
○Hire remaining 10–13 technical and compliance FTEs
○External C3PAO audit preparation
3
Phase 3 · Future
Sustainment & Continuous Improvement
Future State
○Annual program review and executive leadership brief
○Semiannual compliance audits
○Ongoing monitoring and reporting framework
○Refresher and new-hire CUI training modules
○Stakeholder feedback and lessons-learned review
○Year 2 roadmap development
Program Status
Workstream Progress
Six active workstreams spanning governance, staffing, technical build, compliance, and remediation across Phase 1.
Governance & Program Management
12 tasks
7 Complete
4 In Progress
1 Not Started
Technical Environment Build
15 tasks
3 Complete
7 In Progress
5 Not Started
Compliance & Validation
9 tasks
0 Complete
6 In Progress
3 Not Started
Staffing & Training
7 tasks
3 Complete
3 In Progress
1 Not Started
Inflight Lab Remediation
5 tasks
3 Complete
2 In Progress
0 Not Started
Sustainment & Continuous Improvement
5 tasks (Phase 3)
0 Complete
0 In Progress
5 Not Started
Current Work
Active & Recently Completed
Key tasks in flight and milestones recently crossed as Phase 1 progresses.
⬤ In Progress
CMMC Level 1 Gap Analysis
P&P Harmonization Build
Develop Intake Process Workflow
NIST 800-171 Controls Mapping
Site Tours — Document Infrastructure Needs
TACC Integration Meetings / Request SSPs
✓ Recently Completed
Program Charter Finalized & Approved
HTM Lab Onboarded (In-Flight)
Hypersonics Project Onboarded
Azure GCCH Access Established
PI-Facing Webpage Launched
Benchmarked with Peer Institutions