As a Carnegie-recognized R1 institution, USU benefits greatly from its international partnerships and the research contributions of foreign collaborators. In recent years, however, there has been growing concern that foreign governments are seeking to inappropriately exploit the openness, transparency, and reciprocal collaboration that make the United States a global leader in research and innovation.
Email: michael.hoopes@usu.edu
Because USU receives more than $50 million in annual federal research funding, the university must maintain a research security program in compliance with federal research security policy, namely National Security Policy Memo 33 (NSPM-33, 2021) and the CHIPS & Science Act (2022), which require that covered individuals at USU:
- complete research security training;
- complete export control training;
- complete foreign travel security training and follow travel reporting requirements; and
- comply with the cybersecurity standards outlined in forthcoming NSPM-33 implementation guidance, expected mid-2025.
By implementing and following these mandates, the Office of Research and USU researchers will help protect research data and intellectual property from theft, misappropriation, violations of research integrity, and foreign government interference.
Research Security Requirements by Federal Agency
Research Security Training
Beginning October 1, 2025, all individuals identified by the proposer as senior/key personnel must certify to NSF that they have completed Research Security Training within 12 months of submitting their proposal.
For more information: Updates to NSF Research Security Policies
Malign Foreign Talent Recruitment Programs
Under NSF’s Proposal & Award Policies & Procedures Guide (PAPPG) (NSF 24-1), starting June 7, 2025, Principal Investigators (PIs) or Co-PIs on an NSF award made on or after May 20, 2024 must complete an annual certification that they are not party to a MFTRP.
Beginning June 2025, NSF may contact PIs and Co-PIs directly in order to complete their annual MFTRP certification. PIs and Co-PIs may also be prompted to complete the certification when they log into Research.gov. PIs and Co-PIs must complete the certification before submitting an Annual Project Report or conducting any other Research.gov activity. USU cannot perform the certification on behalf of PIs and Co-PIs.
If you are a PI or Co-PI on an NSF award made on or after May 20, 2024, and have not been prompted to complete your annual certification, contact your assigned grant and contract officer from Sponsored Programs.
Research Security Training
Beginning May 1, 2025, all covered individuals listed on funding proposals to DOE must certify to DOE that they have completed Research Security Training within 12 months of submitting their proposal. Covered individuals that later join a DOE award proposed on or after May 1, 2025 will also be required to take the training before participating in award activities.
*DOE defines a covered individual as anyone who (a) contributes in a substantive, meaningful way to the development or execution of the scope of work of a project funded by DOE or proposed for funding by DOE, and (b) is designated as a covered individual by DOE. This designation, at a minimum, includes any principal investigator, project director, co-principal investigator, co-project director, project manager, and any individual, regardless of title, that is functionally performing any of those roles.
For more information: U.S. Department of Energy Research Security Training Requirement
Malign Foreign Talent Recruitment Programs
DOE Order 486.1A, Foreign Government Sponsored or Affiliated Activities (2020) prohibits awardees from participating in any MFTRP. DOE awardees should also review Order 486.1A to understand further DOE restrictions on participation in other foreign government sponsored or affiliated activities.
Research Security Training
Research Security Training is required on a project-by-project basis, and USU principal investigators on DoD awards should refer to the award requirements to determine which, if any, personnel on a project must take the training.
Malign Foreign Talent Recruitment Programs
DoD’s Component Decision Matrix (2025) outlines how the agency assesses possible MFTRP involvement by researchers seeking awards for fundamental/basic research. In addition to its prohibition on active MFTRP association, DoD assesses a researcher’s past involvement with any MFTRP when considering research proposals.
Research Security Training
USDA’s Research Security Training requirement is pending.
Malign Foreign Talent Recruitment Programs
USDA policy on malign foreign talent recruitment programs is pending.
Additional Requirements
On July 8, 2025, the USDA issued its America First Memorandum for USDA Arrangements and Research Security, which introduces restrictions on foreign persons and U.S. citizens with certain foreign ties seeking to engage in USDA-sponsored research. The USU Office of Research will update this resource when it determines how to implement the USDA memorandum.
Research Security Training
NIH’s Research Security Training requirement is pending.
Malign Foreign Talent Recruitment Programs
NIH’s Decision Matrix for Assessing Potential Foreign Interference (2024) outlining how the agency assesses MFTRP involvement by researchers seeking awards. USU researchers interested in NIH funding should also review NIH’s Foreign Interference resources to understand how to protect against inappropriate foreign interference in their research.
Research Security Training
In 2024 the National Science Foundation (NSF) released its four-part Research Security Training to comply with expected federal regulations and sponsor agency requirements for funding.
USU has adopted a shorter version of this training, developed by the NSF-sponsored SECURE Center, which is available in Learn Blue and takes roughly 1 hour to complete.
For Department of Energy (DOE) awardees: Beginning May 1, 2025, all covered individuals* listed on funding proposals to DOE must certify to DOE that they have completed Research Security Training within 12 months of submitting their proposal. Covered individuals that later join a DOE award proposed on or after May 1, 2025 will also be required to take the training before participating in award activities.
*DOE defines a covered individual as anyone who (a) contributes in a substantive, meaningful way to the development or execution of the scope of work of a project funded by DOE or proposed for funding by DOE, and (b) is designated as a covered individual by DOE. This designation, at a minimum, includes any principal investigator, project director, co-principal investigator, co-project director, project manager, and any individual, regardless of title, that is functionally performing any of those roles.
For more information: U.S. Department of Energy Research Security Training Requirement
For National Science Foundation (NSF) awardees: Beginning October 1, 2025, all individuals identified by the proposer as senior/key personnel must certify to NSF that they have completed Research Security Training within 12 months of submitting their proposal.
For Department of Defense (DoD) awardees: Research Security Training is required on a project-by-project basis, and USU principal investigators on DoD awards should refer to the award requirements to determine which, if any, personnel on a project must take the training.
For other federal awardees: To comply with federal law (the CHIPS and Science Act of 2022) and regulations (Presidential Memorandum on United States Government-Supported Research and Development National Security Policy, or NSPM-33), other federal agencies (including NIH) are in the process of implementing similar research security training requirements. This webpage will be updated to reflect those requirements upon their release.
If you are uncertain as to whether you are a covered individual for the purposes of Research Security Training, please contact compliance@usu.edu.
You can access the Research Security Training in Learn Blue by searching “Research Security Training” in the course catalog. Covered individuals at USU are expected to take the version of the training offered in Learn Blue, where the Office of Research will verify you have completed the training.
Covered individuals working outside of USU but who are subawardees on USU-led projects will not have access Learn Blue and must either complete the shortened training via their organization’s partnership with CITI Program, or all four modules of the NSF Research Security Training. Subawardees must provide a certificate of their course completion to USU as part of the Kuali proposal process, before submission of the proposal to a sponsor may occur.
If you are considering applying for a federal award that requires your completion of research security training, contact your proposal development specialist and the Sponsored Programs Office.
Frequently Asked Questions
Many different research activities at USU involve export controls regulations that impact certain equipment, technical data, substances, international shipments, and what you take with you or access when you travel abroad.
Federal research security policy does not currently require specific export control training, but USU researchers must follow USU’s Export Compliance guidance, which may require you to take the Export Compliance Training available through CITI.
Federal research security policy does not currently require specific travel training for those engaging in international travel related to their research. USU researchers may take the Research Security Training in Learn Blue, which features content on international travel.
New requirements for foreign travel training and security briefings may result from forthcoming final guidance from federal grant-making agencies, and the Office of Research will work to incorporate any such guidance into USU’s foreign travel procedures.
USU employees and students must follow the requirements outlined in University Policy 536: International Travel, which requires that you register any travel related to your employment role at USU. University travel policy may also depending on your destination, require that you submit travel safety and risk mitigation plans for review and approval by USU Risk Management and the International Travel Oversight Committee.
Your international travel may also subject you to export control regulations depending on your destination and the equipment, data, and/or software you will carry or access while abroad. To determine whether your travel may be subject to export control regulations, you should review the Office of Research’s International Travel guidelines specific to export compliance.
USU researchers are not currently required to adhere to a specific set of federal cybersecurity standards for research security. To meet the cybersecurity requirement of the research security program mandated by NSPM-33, the National Institute of Standards and Technology (NIST) is developing a resource on research cybersecurity.
When NIST makes its resource available, the Office of Research will work to ensure that university researchers have the tools required to adhere to the necessary cybersecurity standards in their research.
The Office of Science and Technology Policy defines a foreign talent recruitment program as “an effort organized, managed, or funded by a foreign government, or a foreign government instrumentality or entity, to recruit science and technology professionals or students.”
Because some foreign talent recruitment programs are malign in nature due to their intent to acquire, sometimes illicitly, research data and intellectual property to further the military and/or economic goals of a foreign government, these programs are one of the most commonly cited threats to the research security in the US.
USU provides a Foreign Talent Recruitment Programs resource on the rules governing researcher interaction with such programs. This resource includes information on Malign Foreign Talent Recruitment Programs, with whom USU researchers are explicitly prohibited from participating in under University Policy 2301: Conflicts of Interest.