Digital crime by an anonymous hacker

Research Security Training

The U.S. National Science Foundation, in partnership with the National Institutes of Health, the Department of Energy and the Department of Defense, is sharing online research security training for the research community. 

This training provides recipients of federal research funding with information on risks and threats to the global research ecosystem — and the knowledge and tools necessary to protect against these risks.

Take the research security training

Take the training directly from your browser. Visit the four training modules at the links below.

  • Each module should take about 60 minutes to complete.
  • You can leave a module and return without losing progress from this browser.
  • When you complete the module, you can download or print a completion certificate, but the module will not save a record of your training.

Module 1: What is Research Security?

Learn key concepts of research security and how to recognize situations that may indicate undue foreign influence. Understand the regulatory landscape that shapes research security and discover what you can do to safeguard the core values that underpin U.S. academic research.

Module 2: Disclosure

Learn about federal funding agency disclosure requirements, including types of information that must be disclosed, how that information is used, and why such disclosures are fundamental to safeguarding the U.S. research enterprise from foreign government interference and exploitation. 

Module 3: Manage and Mitigate Risk

Learn to identify types of international collaborative research and professional activities, associated potential risks, and strategies and best practices for managing and mitigating such risk. Learner experience will be customized based on their role as either a researcher or administrator.

Module 4: International Collaboration

Learn about the role of principled international collaboration in U.S. science, innovation and economic competitiveness. Discover how to balance principled international collaboration with research security concerns, as well as how to foster an open, welcoming research environment that fulfills research security needs.

Deploy your own instance of the training

If you would like to download these modules for your organization to use, you have two options:

  1. LMS/SCORM: Download the LMS/SCORM file for use in your organization's learning management system. The files are compiled as SCORM 1.2. 
  2. Storyline Source File: Most of our online lessons are built in Articulate 360. Download the .story file if you would like to edit or modify the lessons in Storyline.
TitleSource files
Module 1:
What is Research Security?
  2. Storyline Source File
  3. Transcript (DOC, 102.5 KB)
Module 2:
  2. Storyline Source File
  3. Transcript (DOCX, 52.13 KB)
Module 3:
Manage and Mitigate Risk
  2. Storyline Source File
  3. Transcript (DOC, 62 KB)
Module 4:
International Collaboration
  2. Storyline Source File
  3. Transcript (DOC, 206 KB)

About the training module design

The design of the training modules reflects research-based best practices in multimedia instructional design and adult learning. Design teams drew on a number of resources and frameworks in considering how to foster long-term, meaningful learning in a short-duration training module. These resources and frameworks include:

Frequently asked questions

The training was developed through four cooperative agreements with non-federal, largely academic, research entities and funding from and/or engagement with several federal agencies, including the U.S. National Science Foundation, National Institutes of Health, Department of Defense, Department of Energy and Federal Bureau of Investigation. 

Research security training is listed as one of four elements of a Research Security Program required by National Security Presidential Memorandum 33, issued on Jan. 14, 2021, to safeguard our research ecosystem. The "CHIPS and Science Act of 2022," Section 10634, codifies the requirement for research security training for federal research award personnel in public law.

No, the modules are being made available as a resource to institutions/organizations. The training modules were developed cooperatively with federal agency staff engaged in research security to meet federal expectations; however, alternative (non-federal) training modules and resources can be utilized to meet federal training requirements.

No, institutions/organizations will determine what training or combination of training meets their standards and allow the institution to certify, per Section 10634 of the "CHIPS and Science Act of 2022," that required personnel have been trained. 

Yes, however, the use of all four federal training modules is not a requirement.

Yes, institutions/organizations can include institution/organization-specific information, such as local policies, contacts and other information. With consideration for future training module updates, this may be best achieved as an appendix or addendum to the training modules rather than integration into the modules. 

Yes, institutions have the option to use commercial or institutionally/organizationally developed training modules to meet federal requirements. Per Section 10634 of the "CHIPS and Science Act of 2022," institutions/organizations will need to certify that required personnel have been trained.

No, institutionally/organizationally developed research security training programs do not require review and approval by federal agencies. Per Section 10634 of the "CHIPS and Science Act of 2022," institutions will need to certify that required personnel have been trained. The act indicates that modules should focus on cybersecurity, international collaboration and international travel, foreign interference, rules for proper use of funds, disclosure, conflict of commitment, conflict of interest and meet the needs of senior/key personnel as well as undergraduate students, graduate students, postdoctoral researchers and applicants for awards under the Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) programs. 

An LMS is not required to take the training or receive the certification as the training and opportunity for certification are available via the NSF website. Institutions/organizations might strongly consider the use of an LMS to track and retain documentation to support compliance with institutional/organizational policy. 

If an institution does not have access to an LMS for staff training or that LMS is somehow not compatible, free versions are available online. Alternatively, individuals should be instructed to download the certificate of completion they receive at the end of each module/training and provide it to their institutional research security team/individual or other designated contact.

Organizations relying on training via the NSF website will need to request the training certification from their personnel. 

Each module is approximately 45-60 minutes in length. The length of time it takes to complete the modules may depend on how much time the user spends accessing additional optional content. 

The requirement to complete research security training will be part of the 2025 Proposal and Award Policies and Procedures Guide (PAPPG), so it will be required when the 2025 PAPPG becomes effective. Per the "CHIPS and Science Act of 2022," senior/key personnel are required to take the training within one year of a research and development (R&D) application. 

Per Section 10634 of the "CHIPS and Science Act of 2022," covered individuals (senior/key personnel) listed on the application for a research and development award are required to take the training. Institutions/organizations will need to certify annually that these individuals have completed research security training that meets the guidelines in the act. The training requirements are expected to be consistent across the federal government. Institutions/organizations might consider the benefits of requiring or making available for optional use training for undergraduate and graduate students and postdoctoral fellows engaged in research, as well as other audiences, including research administrators. 

Senior/key personnel listed on the application for a research and development award are required to take the training.

Per the "CHIPS and Science Act of 2022," senior personnel are required to take the training within one year of an R&D application. If additional senior personnel join, they also will have one year from the time of joining.

The "CHIPS and Science Act of 2022" does not specify the frequency of training. NSF recommends renewing training annually, but this is not a requirement.

No, institutions may want to track completion to certify with confidence that required personnel have been trained. 

Research security is a shared responsibility across all academic disciplines and university functions. Faculty often work on cross-disciplinary research and scholarly endeavors, including teaching activities. Through these activities, an individual may be exposed to critical or emerging activities. In addition, many of the research security concepts are portable to general research and daily life, such as cybersecurity and recognizing when an individual's stressors (e.g., finances) could adversely impact their decision-making in the workplace, threatening the integrity of the individual or the institution.

It will depend on your institution's policies and procedures. Your national security related trainings may not cover all topics presented in research security training. Please consult with your local training or research security office or officer if you have any questions.

The training module content focuses on building a positive culture of research security and specifically on promoting responsible international collaborations. The module content specifically addresses the risks of bias and discrimination.

Research security training helps to guard against several risks, including but not limited to the theft or misuse of research data, improper use of intellectual property, and the potential dissemination of untrustworthy scientific results. Building a culture of research security protects research advances from misuse and misappropriation.

Responsible conduct of research is related to research integrity and security but covers a broader range of topics, such as the ethical treatment of human subjects. Research security training focuses on providing researchers with clear guidelines and effective strategies to protect against existing and emerging research security threats.

Ignorance of federal law, regulations, policy and guidance does not absolve individuals of compliance with federal requirements. Research security training is like having a driver's license, it demonstrates that an individual understands the principles of how to function on the roadways, but it does not allow one to violate the rules of the road. 

The training modules, particularly module 4, focus on responsible international collaboration to address pressing global problems. 

Contact us

If you need assistance or have any inquiries, please submit a request through our support portal.

These materials were developed with support from NSF cooperative agreements OIA-2230557 (The University of Alabama in Huntsville), OIA-2230530 (The Texas A&M University System), OIA-2230535 (University of Pennsylvania), and OIA-2230538 (Associated Universities, Inc. and AUI Labs). Cooperative agreements were supported by funding from NSF, the National Institutes of Health, the Department of Energy and the Department of Defense.