Research Security

As a Carnegie-recognized R1 institution, USU benefits greatly from its international partnerships and the research contributions of foreign collaborators. In recent years, however, there has been growing concern that foreign governments are seeking to inappropriately exploit the openness, transparency, and reciprocal collaboration that make the United States a global leader in research and innovation.

Contact
Michael Hoopes
Email: michael.hoopes@usu.edu

Because USU receives more than $50 million in annual federal research funding, the university must maintain a research security program in compliance with federal research security policy, namely National Security Policy Memo 33 (NSPM-33, 2021) and the CHIPS & Science Act (2022), which require that covered individuals at USU:

  • complete research security training;
  • complete export control training;
  • complete foreign travel security training and follow travel reporting requirements; and
  • comply with the cybersecurity standards outlined in forthcoming NSPM-33 implementation guidance, expected mid-2025.

By implementing and following these mandates, the Office of Research and USU researchers will help protect research data and intellectual property from theft, misappropriation, violations of research integrity, and foreign government interference.

Frequently Asked Questions

In 2024 the National Science Foundation (NSF) released its four-part Research Security Training to comply with expected federal regulations and sponsor agency requirements for funding.

USU has adopted a shorter version of this training, developed by the University of Michigan, which is available in Learn Blue and takes roughly 1 hour to complete.

For Department of Energy (DOE) awardees: Beginning May 1, 2025, all covered individuals* listed on funding proposals to DOE must certify to DOE that they have completed Research Security Training within 12 months of submitting their proposal. Covered individuals that later join a DOE award proposed on or after May 1, 2025 will also be required to take the training before participating in award activities.

*DOE defines a covered individual as anyone who (a) contributes in a substantive, meaningful way to the development or execution of the scope of work of a project funded by DOE or proposed for funding by DOE, and (b) is designated as a covered individual by DOE. This designation, at a minimum, includes any principal investigator, project director, co-principal investigator, co-project director, project manager, and any individual, regardless of title, that is functionally performing any of those roles.

For more information: U.S. Department of Energy Research Security Training Requirement


For National Science Foundation (NSF) awardees: “Senior/key personnel” will be (but are not currently) required to take Research Security Training within one year of a research and development application once NSF’s 2025 Proposal and Award Policies and Procedures Guide (PAPPG) becomes effective. For reference, NSF’s 2024 PAPPG became effective on May 20, 2024.

For Department of Defense (DoD) awardees: Research Security Training is required on a project-by-project basis, and USU principal investigators on DoD awards should refer to the award requirements to determine which, if any, personnel on a project must take the training. 

For other federal awardees: To comply with federal law (the CHIPS and Science Act of 2022) and regulations (Presidential Memorandum on United States Government-Supported Research and Development National Security Policy, or NSPM-33), other federal agencies (including NIH) are in the process of implementing similar research security training requirements. This webpage will be updated to reflect those requirements upon their release.  

If you are uncertain as to whether you are a covered individual for the purposes of Research Security Training, please contact compliance@usu.edu.

You can access the Research Security Training in Learn Blue by searching “Research Security Training” in the course catalog. Covered individuals at USU are expected to take the version of the training offered in Learn Blue, where the Office of Research will verify you have completed the training.

Covered individuals working outside of USU but who are subawardees on USU-led projects will not have access Learn Blue and must either complete the shortened training via their organization’s partnership with CITI Program, or all four modules of the NSF Research Security Training. Subawardees must provide a certificate of their course completion to USU as part of the Kuali proposal process, before submission of the proposal to a sponsor may occur.

If you are considering applying for a federal award that requires your completion of research security training, contact your proposal development specialist and the Sponsored Programs Office.

Many different research activities at USU involve export controls regulations that impact certain equipment, technical data, substances, international shipments, and what you take with you or access when you travel abroad.

Federal research security policy does not currently require specific export control training, but USU researchers must follow USU’s Export Compliance guidance, which may require you to take the Export Compliance Training available through CITI.

Federal research security policy does not currently require specific travel training for those engaging in international travel related to their research. USU researchers may take the Research Security Training in Learn Blue, which features content on international travel.

New requirements for foreign travel training and security briefings may result from forthcoming final guidance from federal grant-making agencies, and the Office of Research will work to incorporate any such guidance into USU’s foreign travel procedures.

USU employees and students must follow the requirements outlined in University Policy 536: International Travel, which requires that you register any travel related to your employment role at USU. University travel policy  may also depending on your destination, require that you submit travel safety and risk mitigation plans for review and approval by USU Risk Management and the International Travel Oversight Committee.

Your international travel may also subject you to export control regulations depending on your destination and the equipment, data, and/or software you will carry or access while abroad. To determine whether your travel may be subject to export control regulations, you should review the Office of Research’s International Travel guidelines specific to export compliance.

USU researchers are not currently required to adhere to a specific set of federal cybersecurity standards for research security. To meet the cybersecurity requirement of the research security program mandated by NSPM-33, the National Institute of Standards and Technology (NIST) is developing a resource on research cybersecurity.

When NIST makes its resource available, the Office of Research will work to ensure that university researchers have the tools required to adhere to the necessary cybersecurity standards in their research.

The Office of Science and Technology Policy defines a foreign talent recruitment program as “an effort organized, managed, or funded by a foreign government, or a foreign government instrumentality or entity, to recruit science and technology professionals or students.”

Because some foreign talent recruitment programs are malign in nature due to their intent to acquire, sometimes illicitly, research data and intellectual property to further the military and/or economic goals of a foreign government, these programs are one of the most commonly cited threats to the research security in the US.

USU provides a Foreign Talent Recruitment Programs resource on the rules governing researcher interaction with such programs. This resource includes information on Malign Foreign Talent Recruitment Programs, with whom USU researchers are explicitly prohibited from participating in under University Policy 2301: Conflicts of Interest.