Security Guidelines for Research Partnerships

Become aware of research security risks and learn how to develop a risk mitigation plan for your project by completing the following two online courses (30-40 minute time commitment each):

1) Introduction to Research Security

2) Cyber Security for Researchers

Review the guidelines and tools page for a number of research security resources and use the Safeguarding Your Research portal

Consider also the information in University Canada’s guide on Mitigating Economic and/or Geopolitical Risks in Sensitive Research Projects when forming your risk mitigation plans.

NSERC alliance applicants are also required to submit a Risk Assessment Questionnaire along with their funding applications. Although NSERC is piloting this questionnaire with one program at this time, we expect that the national security risk questionnaires may be applied to other Tri-Council funding application processes in the future. The Introduction to Research Security and  Cyber Security for Researchers courses are designed to help researchers complete this questionnaire.

These best practices come from National Sciences and Engineering Research Council of Canada (NSERC) to help guide researchers and universities.  

Best Practices

Researchers and institutions should use the tools and resources on the Safeguarding Your Research portal for information on how to identify and mitigate risks to security in research partnerships.

• Have open discussions with your partner organization(s) to identify potential or perceived risks.
• Conduct open source intelligence due diligence to identify any potential or perceived risks related to your partner organization(s).

When completing the risk assessment form:

• Ensure to read the form in its entirety and consult any external resources mentioned in the form to ensure your responses are as accurate as possible.
• Use the tools and resources on the Safeguarding Your Research portal for information on how to identify and mitigate risks to national security in research partnerships.
• Use your best judgement and show due diligence when developing a mitigation plan that addresses the potential risks you have identified. Examples of specific mitigation measures to include in your plan are included in the form.
• All projects are unique and thus should be addressed through tailored risk mitigation measures.

Carleton researchers may contact their research facilitator when preparing a funding application that includes a Risk Assessment Questionnaire.

For advice on selecting secure online software and tools to conduct your research at Carleton, domestically and/or abroad, please contact the Research Computing Services branch of ITS.

To report an actual or suspected security breach associated with your Carleton project or to your Carleton information, please notify Chris Lannon in OVPRI and also contact the ITS Security Desk as per their Information Security Incident Response Policy

Please also do your part by reporting any real or potential threats to Canada’s critical infrastructure and national security directly to CSIS.