Effective: 03/31/2025
Last revised: 12/9/2025
Many federal agencies require research security training for applicants and awarded researchers. This mandate originates from the National Security Presidential Memo-33 (2021) and the CHIPs and Science Act (2022). Research Security Training is an integral component of a Research Security Program. The goal is to raise awareness and ensure that risks are identified, elevated, and addressed by the appropriate offices.
Core Training Areas include:
- Research Security Fundamentals: What research security is, why it matters, key federal regulations and core values.
- Disclosure & Compliance: Understanding disclosure requirements (funding, affiliations, conflicts of interest/commitment).
- Export Controls: Training on U.S. export control laws relevant to research.
- Foreign Travel/Collaboration: Risks associated with international travel, foreign visitors, talent programs, and fostering principled international partnerships.
- Data & IP Protection: Best practices for protecting sensitive data, valuable research, and patentable property.
- Cybersecurity: Recognizing phishing, ransomware, social engineering, password hygiene, multi-factor authentication (MFA), and safe browsing.
WashU’s Research Security Training, which complies with sponsor requirements, is included in the Responsible Conduct of Research (RCR) course. This course also satisfies funding agencies’ Responsible and Ethical Conduct of Research on-line training requirements (e.g. for the NIH, NSF and DOD). For all agencies, it is required prior to proposal submission. Additional training, such as Conflicts of Interest or Export Controls, may also be required based on other policies. The University assures and confirms training compliance as part of the funding application process.
Always confirm the information below aligns with the sponsor’s latest requirements before submitting a proposal or annual certification.
National Institutes of Health (NIH) – Effective 05/25/2026
- Who: PI/PD and other senior/key personnel listed on a grant application.
- When: Before proposal submission and within the last 12 months. All covered individuals should self-enroll to complete the training.
- Sponsor requirement: Research Security Training Requirements for NIH – NOT-OD-26-017
- Additional requirements: NIH collects individual certifications at the time ofapplication submission through the Biographcal Sketch.
National Science Foundation (NSF)
- Who: PI/PD and other senior/key personnel. All individuals sourced to NSF funds are automatically assigned the RCR course. All covered individuals not currently funded by the NSF must self-enroll to complete the training.
- When: Before proposal submission and within the last 12 months.
- Sponsor requirement: Important Notice No. 149: Updates to NSF Research Security Policies
Department of Energy (DOE)
- Who: PI/PD; Co-PI/Co-PD; project manager; and any individual regardless of title that is functionally performing as a PI, PD, Co-PI, Co-PD or project manager. The DOE may choose to designate others as covered individuals through the NOFO or terms of the award.
- When: Before proposal submission and within the last 12 months. All covered individuals should self-enroll to complete the training.
- Sponsor requirement: Financial Assistance Letter Research Security Training Requirements for all R&D Financial Assistance Awards
United States Department of Agriculture (USDA)
- Who: PI/PD and other senior/key personnel
- When: Before proposal submission and within the last 12 months, annually thereafter. All covered individuals should self-enroll to complete the training.
- Sponsor requirement: America First Memorandum for USDA Arrangements and Research Security
Other Federal Agencies
- Other federal agencies will adopt these requirements in the future. It is strongly recommended that Senior Key Personnel on active federal awards or recently submitted federal proposals complete research security training.
Contact Office: Office of Research Integrity and Ethics – orie@wustl.edu