Risk Assessment & Mitigation

A Presidential Memorandum issued in January 2021 to strengthen protections of U.S. Government-supported R&D against foreign government interference and exploitation. It focuses on ensuring full disclosure of potential conflicts of interest and commitment by recipients of federal R&D and requires research institutions receiving over $50 million in federal R&D funding to certify they operate a research security program covering cybersecurity, foreign travel security, insider threat awareness, and export control training. As of November 2025, federal agencies continue to coordinate and work to implement this requirement for awardee institutions.

A supplement to NSPM-33 outlining recommendations for research organizations to enhance research security and integrity. Categories include: Demonstrate organizational leadership and oversight; Establish an expectation of openness and transparency; Provide and share training, support, and information; Ensure effective mechanisms for compliance with organizational policies; and Manage potential risks associated with collaborations and data.

A May 2020 joint release from AAU and APLU providing effective practices that can be utilized by universities to implement research security efforts and minimize foreign influence.

Draft standards for research security programs published for comment in February 2023 by OSTP/the NSTC Research Security Subcommittee. The document was superseded by the final standard guidelines published on July 9, 2024. The following are related documents and comments from higher education associations.

A January 2022 report by the White House OSTP/NSTC Research Security Subcommittee providing additional details on 1.) Disclosure Requirements and Standardization 2.) Persistent Identifiers 3.) Consequences for Violation of Disclosure Requirements 4.) Information Sharing and 5.) Research Security Programs. Largely superseded by the final July 9, 2024 guidelines.

Issued by the NCSC in December 2021, this document includes links to risk mitigation materials that can be utilized to improve: physical security, personnel security, operations security, cybersecurity, defensive counterintelligence, insider threat mitigation, and supply chain risk management.

Research security training developed by institutions and organizations under cooperative agreements funded by NSF in collaboration with the National Institutes of Health (NIH), Department of Energy (DoE), and Department of Defense (DoD), with engagement from the Federal Bureau of Investigation (FBI). The training consists of 4 modules: 1.) What is Research Security?; 2.) Disclosure; 3.) Manage and Mitigate Risk; 4.) International Collaboration.

A February 2024 biannual update from the Fast Track Action Subcommittee on Critical and Emerging Technologies of the NSTC that defines critical and emerging technologies (CETs), which are a subset of advanced technologies that have a significant impact on U.S. national security. [List of CETs is outlined on pages 8-11]

An August 2024 report emphasizing the importance of the critical quantum information science and technology (QIST) field and the need to enhance interagency cooperation, fund international collaboration, and track global competitiveness.

A summary document from AAU, updated in January 2024, that references key federal documentation that has been developed to address foreign influence in research.

A matrix that lists policies and requirements under the headings of: Disclosures, Agency Risk Assessment, FCOI & COC, Training, Certifications, and Research Security Program for each federal agency. Per COGR, this tool is frequently updated to reflect the release of new documentation. Updated September 30, 2025.

September 2022. Requires agencies to implement a due diligence program to assess security risks for SBIR and STTR proposals. Disclosure requirements include information on foreign ties, business relationships, investment, and ownership. [Source: AAU, January 2024].

The Congressional Research Service (CRS) issued a report on May 20, 2025, summarizing federal research security policy efforts to date, and providing options Congress might consider to address perceived gaps or deficiencies while also remaining cognizant of the potential increase to administrative burden they would present. Proposed options discussed include: a. Expanding sources of foreign support researchers are required to disclose, b. Broadening the scope of who is required to disclose Current and Pending (Other) Support, c. Increasing the frequency of post-award updates, d. Expanding agency requirements when reviewing disclosed information, e. Focusing risk assessment activities more narrowly on critical and emerging technologies, f. Expanding agencies' requirements to report to congress on research security violations, mitigation measures, and implementation status.

A June 2023 report issued by the National Academies providing recommendations that U.S. institutions of higher education can take to identify and mitigate risks associated with foreign-funded language and culture institutes on campus.

The National Academies of Sciences, Engineering, and Medicine's National Science, Technology, and Security Roundtable, called for in the Fiscal Year 2020 National Defense Authorization Act, explored issues related to protecting U.S. national and economic security while ensuring the open exchange of ideas and the international talent.

The National Academies Assessing Research Security Efforts in Higher Education working group held a number of meetings and a May workshop with federal and non-federal experts beginning September 2024 and concluding September 4, 2025, to discuss assessment of federal research security efforts. Proceedings from the workshop can be found on the National Academies website.

The ODNI research security portal providing resources, threat briefings, and guidance for the academic research community on protecting research from foreign intelligence threats.

November 2021 guidelines for the Australian University sector to help manage and engage with risk to deepen resilience against foreign interference in the university sector.

A searchable database that provides ratings on 'risk' for collaboration with an entity. In addition to the tracker, an associated document (released in 2019): Exploring the military and security links of China's universities.

A Government of Canada website (October 2022) that provides guidance and resources for researchers engaging in international research.