Research Security

This policy applies to projects awarded under Tier 1, Tier 2, Tier 4, Tier 5, Special Initiatives, Long Term Trials, Knowledge Translation and Transfer (KTT)-Mobilization and KTT-Research programs.

It will be implemented for all new program calls launched after January 1, 2024 with project start dates on or after May 1, 2024.

Information related to research security is captured in the RMS proposal template through responses to a Research Security Checklist on the Research Security tab, as well as information provided in the Team, Intellectual Property, Budget (co-funder table) and OR-5 tabs. Information provided in these sections of the proposal will be assessed for research security implications.

The Research Security Checklist is based directly on the Federal Government’s National Security Guidelines for Research Partnerships Risk Assessment Form.

For each ‘Yes’ or ‘Unsure’ answer to Section 1 (Know your Research) or Section 2 (Know your Partner) on the Research Security tab, ‘Risk Identification’ and ‘Risk Mitigation’ information will be completed (Section 3).

Mitigation measures should be tailored to the project and be commensurate with the risks identified while considering open science principles. Examples of risk mitigation measures include, but are not limited to:

• Raising research security awareness and building capacity across the research team (training).
• Data Management Plans outlining sound cybersecurity and data management practices.
• Agreement on the intended use of research findings.
• Partnership agreements that include intellectual property and technology transfer clauses.
• Establishing access restrictions for partners and personnel to an “as needed” basis.
• Attestations completed by all team members as per the Government of Canada’s Sensitive Technology Research and Affiliations of Concern (STRAC) policy, or equivalent form.

Additional guidance for completing the Research Security tab is available on the following webpages:

• U of G Guide for completing the National Security Guidelines for Research Partnerships Risk Assessment Form, includes guidance on ‘critical infrastructure’ related to food
• U of G Guide to Developing a Risk Mitigation Plan

Research security information will be editable and accessible by the Lead Applicant, Co-Applicant and the Delegate (if assigned by the Lead Applicant). The research security tab will not be visible to other team members.

Research security is not part of the quality assessment of the proposals and the research security tab will not be visible to panel or peer reviewers.

Research security information in proposals will be accessible to U of G and OMAFRA staff directly involved in the administration of Alliance programs. Alliance program staff will engage the Research Risk team in the RSO and share information as needed to support the research security assessment.

Review by U of G Alliance Program Staff

During the proposal review period, a project will be flagged to RSO by Alliance program staff if:

• The applicant selected ‘Yes’ or ‘Unsure’ to any of the questions in Section 1 or 2 of the Research Security Checklist, indicating a potentially sensitive research area and/or a partnership with potential risk.
• A partner or co-funder organization is headquartered outside the 5 Eyes (Canada, United States, United Kingdom, Australia and New Zealand), or it is uncertain where the organization is headquartered. If the partner is a subsidiary, then this criteria will apply to the headquarter location of the parent company.
• If their headquarters are within the 5 Eyes, a commercial/private partner is new to the U of G (no engagement within the past 4 years).

Government agencies, public institutions/organizations (e.g. universities, conservation authorities etc.) or industry associations within the 5 Eyes will not be assessed further.

Review by the RSO Research Risk Team

The purpose of the RSO review is to:

• Identify if a potential concerning research security risk exists.
• Evaluate the identified project risk(s) and complete, as needed, the Researcher Due Diligence (RDD) and/or the Partner Due Diligence (PDD) form as per established processes at RSO (Research Security Due Diligence Process).
• Ensure a suitable mitigation plan is in place to manage identified risks. RSO may work with the applicant, as applicable, to create or further develop the mitigation plan.
• Confirm if a ‘material’ research security risk exists that would require notification of OMAFRA. A ‘material’ research risk occurs where there is clear dual use/military end use; or a partner is assessed as high risk without a suitable mitigation plan and after consultation with researcher, the partner cannot be replaced.

Notification of OMAFRA

OMAFRA will be made aware of any ‘material’ research security risks (as defined above). OMAFRA will review the risk(s) and the mitigation plan and will determine if the project can advance in the review process.

• U of G Guide for completing the National Security Guidelines for Research Partnerships Risk Assessment Form, includes guidance on ‘critical infrastructure’ related to food
• U of G Guide to Developing a Risk Mitigation Plan
• U of G Safeguarding Research webpage
• Mitigating economic and/or geopolitical risks in sensitive research projects – A tool for university researchers published by Universities Canada
• Government of Canada Research Security Training Courses