To address risks related to research security, National Security Presidential Memorandum 33 (NSPM-33) requires institutions that receive more than $50 million per year in federal science and engineering support for the previous two fiscal years to operate a research security program.  As specified in NSPM-33, and described further in the Office of Science and Technology Policy (OSTP) released Guidelines for Research Security Programs at Covered Institutions (July 9, 2024), a research security program must include:

• A cybersecurity program consistent with the National Institute of Standards and Technology (NIST) guidance
• Foreign travel security that includes periodic training for covered individuals and reporting requirements
• Research security training for covered individuals and an institution’s certification of individuals’ completion of such training
• Export control training for covered individuals who perform research and development involving export-controlled technologies and processes for reviewing foreign sponsors, collaborators, and partnerships

ASU’s Research Security position can be found here.

Arizona State University’s Research Security Program as outlined below aligns with the requirements of NSPM-33 and OTSP Guidelines for Research Security Programs at Covered Institutions (July 9, 2024):

Cyber Security

ASU has established strong cybersecurity policies and tools to meet federal requirements, including NIST 800-171 as required. Researchers engaged in federally funded projects may need to adjust their information/data security practices to align with these standards. The Knowledge Enterprise (KE) Research Technology Office (RTO) supports researchers by providing guidance and resources for cybersecurity compliance on sponsored research projects.  For more information including points of contact see Controlled Unclassified Information.

Foreign Travel Security

Foreign travel to support research collaborations provides valuable opportunities for sharing information.  Understanding export control regulations and foreign travel restrictions when traveling internationally are vital.  Traveling outside the United States for professional reasons may require a license depending on the destination and equipment or information that will be carried and/or shared (see Export Control Processes and Training, below). Travel to countries of concern (e.g. Peoples Republic of China, Russia, North Korea, Iran and Cuba) or other sanctioned countries additionally may require approvals from ASU senior leadership, as well as sponsor approvals if travel will be funded by a sponsored research project.  Prior to any foreign travel a best practice is to review of KE Research Compliance’s International Collaborations and Travel guidance and consult with the KE Research Compliance Export Control team at [email protected].

Research Security Training

ASU provides research security training to “covered individuals” receiving federal funds. Like ASU responsible conduct of research (RCR) training, the research security training program provides awareness of potential risks and effective mitigation strategies associated with undue foreign influence, foreign collaborations, working with controlled unclassified information (CUI), and conflicts of interest (COI) disclosure/reporting.  Several training options are available, including on-line (CITI) modules and individual and group training sessions.  KE Research Compliance Team members facilitate on-line CITI training and maintain certificates of completion.  For more information see:

• CITI Training – Online modules available at citiprogram.org.  Courses available includes Research Security, Undue Foreign Influence: Risks and Mitigations, Conflicts of Interest, and CITI webinar – “Controlled Unclassified Information – What It Is, Isn’t, and University Obligations”.
• ASU Information Security Training
• Controlled Unclassified Information (CUI) Training and Resources

Export Control Processes and Training

Export control regulations are federal laws that restrict the export of information, goods, technology and services to foreign nationals, within and outside of the United States, and to federally sanctioned countries and countries of concern.  In addition to assisting with licenses that may be required for items carried/information shared during foreign travel, the KE Research Compliance Export Control Team members work directly with researchers to ensure research project activities align with applicable federal export laws and regulation.  If export controls are found to apply to ASU research activities, they assist researchers with the development of required export control technology plans (TCP), monitor TCP implementation for compliance, and provide export control training and guidance to TCP personnel.   For more information see:

• ASU Research Compliance Export Control Information and Resources

• CITI Training – Online Module:  Available at citiprogram.org. Export Compliance

Additional information regarding ASU’s Research Security Program can be found on this website by navigating to the Items on the left side of this page.   For all questions regarding ASU’s Research Security Program please contact  [email protected]. 

A word about export control from Matt Hulver, VP of Knowledge Enterprise Initiatives 

March 12, 2024

Re: Responsibilities Regarding International Research and Global Collaborations

Dear Colleagues,

As we continue to increase our research competitiveness and research expenditures, we must continue our efforts to protect both National Security Interests and the Intellectual Property of our research endeavor. It is important to ensure we meet the overarching obligations for complying with restrictions that are tied to the funds our sponsors provide.

ASU’s international academic, research, and other scholarly activities are strongly encouraged as we support academic freedom and the ability to openly exchange ideas and collaborations occurring outside the United States to advance knowledge. To ensure the continued success in these areas it is critical that we follow our established practices and comply with all federal funding agencies guidelines, as well as disclosure and reporting requirements. This allows us to maintain our productive relationship with the United States Government (USG) and the federal funding sponsors that support our faculty in their important research and scholarly works.

The USG and our federal partners continue to share their concerns with all universities about international engagements and collaborations related to how we comply with the of the laws and regulations that govern these engagements. The focus on national security is ever evolving and it is our shared obligation to remain informed, diligent, and transparent in these collaborations to ASU and our Sponsors. To facilitate compliance, we provide updated information, trainings, etc. as the requirements evolve. We have highlighted a list of resources, information to ensure ASU remains in compliance with laws and regulations and continues to support our research activities.

• International Research and Global Collaborations webpage. This webpage includes access to trainings such as the CITI Training module titled, “Undue Foreign Influence: Risks and Mitigations,” frequently asked questions, sponsor disclosure guidelines and additional resources related to foreign travel, export control and conflict of interest disclosures. The information found on this webpage will provide you with an understanding of all things to be considered and understood in international engagement activities and covers topics such as reporting requirements, data privacy laws, federal security, and control regulations.

• Online training related to Undue Foreign Influence at the CITI Program and internal threat awareness training: Insider Threat Awareness.

• National Science Foundation Research Security Online Training Modules

• International Travel to countries of concern (e.g. Peoples Republic of China, Russia, North Korea, Iran and Cuba) requires approvals from ASU senior leadership and may require sponsor approval if funds are to be paid from a sponsored project. Prior to any foreign travel a best practice is review of our international travel and exports guidance.

• Export control regulations are federal laws that restrict the export of information, goods, technology and services to foreign nationals, within and outside of the United States, and foreign countries of concern. Export controls apply to:
  • Transfer of specified items or information to people or entities outside the U.S.
  • Restricted Institutions, entities, and individuals.
  • Disclosure of controlled information (whether in hard copy or orally) to certain foreign nationals inside or outside the U.S.
  • Training or offering services involving controlled technology, equipment or information to foreign nationals
  • Transactions with, or providing services to, certain foreign countries, entities or individuals that are named on the U.S. restricted party lists (this includes research travel to embargoed countries). Sanctioned programs and Country Information.

The regulations are broad and apply to all activities not just research; and they do provide several exclusions or exemptions for activities that are fundamental in nature. In addition, there are some limitations on travel to embargoed countries, and any additional oversight for specific fields of research. For assistance in determining whether a project is subject to export controls, see the “Export Control Wizard”, visit Research Integrity and Assurance – Export controls and security or request a consult at [email protected].

• ASU faculty and staff who have such collaborations are required to transparently provide full disclosure of all funded as well as unfunded collaborations and affiliations as required by federal and state agencies, as well as ASU’s policies.

• Conflicts of Commitments and Conflicts of Interest must be appropriately disclosed to ASU and Sponsors. There is a wide range of situations where a conflict may occur such as consulting, sponsored funding, employment (nepotism), research and other scholarly activities. These conflicts are to be reported and updated routinely within your department and with ASU.

• We are working to implement a new solution to manage the disclosure of Conflict of Interest and Conflict of Commitment reporting in accordance with federal and state guidelines as well as ASU policies for faculty, staff and researchers. This will replace the current solution used for reporting for researchers within the Research Enterprise. Be on the lookout for launch dates.

• Intellectual Property should be disclosed in accordance with ABOR IP Policy

• Comply with ASU’s Contract Signature Authority.

• International remote work is an increasingly common arrangement. International remote work is defined as an ASU employee who is working outside the United States. An employee could be working on sponsored or non-sponsored work. There are considerations and a process to be followed in determining if a remote work arrangement is in the best interest of the University Operations including research activities. The process and questionnaire to facilitate review of a request are located on International Engagement and Collaboration website under the heading “International Collaborations and Travel”. For further information or support, please contact [email protected]. Knowledge Enterprise is a resource to you and facilitates the ability for you to focus on your research. KE staff are available for consultation, training and workshops and they will continue to provide updated information policy changes that may impact your research.

Thank you for the work you do in support of ASU’s excellence in research and innovation. If you have any questions about your responsibilities in this letter, please contact Heather Clark, Assistant Vice President Research Operations at 480-965-1427 or at [email protected].

Sincerely,

Matt Hulver

Vice President of Knowledge Enterprise Initiatives

Additional resources:

Researcher support

PO Box 877205 | Fulton Center | 300 E University Dr., Suite 145 | Tempe, AZ 85287-7205
ked.asu.edu | research.asu.edu