To address risks related to research security, National Security Presidential Memorandum 33 (NSPM-33) requires institutions that receive more than $50 million per year in federal science and engineering support for the previous two fiscal years to operate a research security program.  As specified in NSPM-33, and described further in the Office of Science and Technology Policy (OSTP) released Guidelines for Research Security Programs at Covered Institutions (July 9, 2024), a research security program must include:

  • A cybersecurity program consistent with the National Institute of Standards and Technology (NIST) guidance
  • Foreign travel security that includes periodic training for covered individuals and reporting requirements
  • Research security training for covered individuals and an institution’s certification of individuals’ completion of such training
  • Export control training for covered individuals who perform research and development involving export-controlled technologies and processes for reviewing foreign sponsors, collaborators, and partnerships

ASU’s Research Security position can be found here.

Arizona State University’s Research Security Program as outlined below aligns with the requirements of NSPM-33 and OTSP Guidelines for Research Security Programs at Covered Institutions (July 9, 2024):

Cyber Security

ASU has established strong cybersecurity policies and tools to meet federal requirements, including NIST 800-171 as required. Researchers engaged in federally funded projects may need to adjust their information/data security practices to align with these standards. The Knowledge Enterprise (KE) Research Technology Office (RTO) supports researchers by providing guidance and resources for cybersecurity compliance on sponsored research projects.  For more information including points of contact see Controlled Unclassified Information.

Foreign Travel Security

Foreign travel to support research collaborations provides valuable opportunities for sharing information.  Understanding export control regulations and foreign travel restrictions when traveling internationally are vital.  Traveling outside the United States for professional reasons may require a license depending on the destination and equipment or information that will be carried and/or shared (see Export Control Processes and Training, below). Travel to countries of concern (e.g. Peoples Republic of China, Russia, North Korea, Iran and Cuba) or other sanctioned countries additionally may require approvals from ASU senior leadership, as well as sponsor approvals if travel will be funded by a sponsored research project.  Prior to any foreign travel a best practice is to review of KE Research Compliance’s International Collaborations and Travel guidance and consult with the KE Research Compliance Export Control team at [email protected].

Research Security Training

ASU provides research security training to “covered individuals” receiving federal funds. Like ASU responsible conduct of research (RCR) training, the research security training program provides awareness of potential risks and effective mitigation strategies associated with undue foreign influence, foreign collaborations, working with controlled unclassified information (CUI), and conflicts of interest (COI) disclosure/reporting.  Several training options are available, including on-line (CITI) modules and individual and group training sessions.  KE Research Compliance Team members facilitate on-line CITI training and maintain certificates of completion.  For more information see:

Export Control Processes and Training

Export control regulations are federal laws that restrict the export of information, goods, technology and services to foreign nationals, within and outside of the United States, and to federally sanctioned countries and countries of concern.  In addition to assisting with licenses that may be required for items carried/information shared during foreign travel, the KE Research Compliance Export Control Team members work directly with researchers to ensure research project activities align with applicable federal export laws and regulation.  If export controls are found to apply to ASU research activities, they assist researchers with the development of required export control technology plans (TCP), monitor TCP implementation for compliance, and provide export control training and guidance to TCP personnel.   For more information see:

  • CITI Training – Online Module:  Available at citiprogram.org. Export Compliance

Additional information regarding ASU’s Research Security Program can be found on this website by navigating to the Items on the left side of this page.   For all questions regarding ASU’s Research Security Program please contact  [email protected]

April 28, 2025.

Subject: Responsibilities Regarding International Research, Compliance, and Research Security

Dear Colleagues,

As ASU’s research enterprise continues to grow in scale and impact, it’s more important than ever that we uphold the highest standards of compliance, research integrity, and security. Our ability to collaborate globally and conduct innovative research depends on our collective attention to regulatory requirements, responsible conduct, and risk mitigation.

To support faculty and staff in navigating these responsibilities, we’ve developed a centralized checklist that consolidates key obligations, resources, and training related to:

International Research, Research Compliance, and Security Checklist

This checklist includes guidance and links on:

  • International Engagement and Collaborations
    Disclosures, foreign influence training, and sponsor-specific requirements
  • Export Control and Foreign Travel
    Country-of-concern guidance, restricted parties, and the Export Control Wizard
  • Conflict of Interest and Conflict of Commitment
    Reporting obligations and upcoming changes to our disclosure systems
  • Research Security Requirements
    CITI training modules, insider threat awareness, and data protection expectations
  • Research Compliance and Integrity
    Adherence to sponsor regulations, institutional policies, and responsible conduct expectations
  • Intellectual Property and Contractual Obligations
    Disclosure procedures, ABOR IP policy, and contract signature authority
  • International Remote Work
    Review process, risks, and institutional considerations for employees working abroad
  • Consultation and Support
    How to request help from Knowledge Enterprise teams in research operations, export control, and compliance

We encourage you to bookmark the Research Compliance webpage(s) and reference the checklist regularly to ensure continued compliance as regulations evolve and success in your research activities.

If you have any questions or would like personalized guidance, please contact Heather Clark, Assistant Vice President for Research Operations, at 480-965-1427 or [email protected] Thank you for your leadership in advancing ASU’s research mission with integrity and excellence.