New Research Security Training Requirements for Federal Grants


National Science Foundation (NSF) & U.S. Department of Agriculture (USDA) requirements

Starting October 10, 2025, all principal investigators and key/senior personnel submitting new proposals to the National Science Foundation (NSF) and U.S. Department of Agriculture (USDA) are required to complete research security training within 12 months prior to proposal submission.

  Note: This requirement does not impact existing NSF and USDA grant awards prior to October 10, 2025.

Department of Energy (DOE) requirements

Starting May 1, 2025, all principal investigators and key/senior personnel (or Covered Personnel as determined by DOE) submitting new proposals to the Department of Energy (DOE) are required to complete research security training within 12 months prior to proposal submission.

  Note: This requirement does not impact existing DOE grant awards prior to May 1, 2025.

Complete the CU Boulder's Research Security Training to Comply with Requirements

Research Security & Integrity (RSI), in partnership with the Office of Contracts and Grants (OCG), has established processes and procedures to comply with the new research security training requirement outlined by NSF, USDA and DOE. Senior/Key Personnel (or Covered Personnel as determined by DOE) must complete the Research Security training course within a year prior to the submission of a proposal to NSF, USDA and DOE.

  Launch Research Security Training Course (Percipio)

 

Questions about the NSF, USDA and DOE requirements

National Science Foundation and U.S. Department of Agriculture

Proposers (Principal Investigators) and individuals identified as senior/key personnel by the proposer are required to take Research Security training within a year prior to proposal submission.

Department of Energy

Anyone DOE deems as “Covered Personnel” on the proposal is required to take Research Security training within a year prior to proposal submission. In most cases, Covered Personnel will be Senior/Key Personnel who provide biographical sketches at the time of proposal. However, DOE may further specify who is considered “Covered Personnel” within the funding opportunity announcement.

  • The content is based on NSF’s four Research Security Modules. Lesson titles include Course Introduction, What Is Research Security, Disclosure, Manage & Mitigate Risk, and International Collaboration.
  • The content helps users understand their research security responsibilities as defined by sponsoring agencies and provides guidance around who to contact at the university for support.
  • Users must receive at least an 80% on a 5-question quiz at the conclusion of the course to complete their training requirement.
  • The Research Security training course is a self-paced online course available on SkillSoft Percipio, CU Boulder’s Learning Management System.
  • When CU employees complete the course and pass the quiz, their completion data will be recorded in SkillSoft Percipio. Reports will be pulled from SkillSoft Percipio to confirm individual completion.
  • CU Boulder has adapted content from NSF’s four Research Security training modules, which take 4 hours to complete in total, into a more concise, CU-specific training that should take approximately 75 minutes or less to complete.
  • The course does not have to be completed in one sitting. The user can save their progress and return to the course at any time.
  • Individuals must have a training completion date within twelve months prior to the submission of the proposal.
  • For NSF, USDA and DOE proposals, OCG Proposal Analysts will consult with the CU Boulder PI to determine which individuals on the project are required to complete Research Security training.
  • SubrecipientsThe CU Boulder PI will also consult with their subrecipients to determine who is required to complete Research Security training. Subs will complete their Research Security training requirement in compliance with their home institution’s processes.
  • Prior to the submission of the proposal, the OCG Proposal Analyst will review data from a SkillSoft Percipio report to confirm training completions for the CU Boulder employees identified by the PI.
  • Subrecipients: Subrecipient training completion is verified by the subrecipient instiution through the Subrecipient Commitment Form or the Subrecipient Statement of Collaborative Intent.
  • When the proposal is submitted, the OCG Proposal Analyst (as CU’s Authorized Organizational Representative) is certifying to CU Boulder’s compliance with the sponsor’s Research Security training requirement.
  • Below is the certification language for DOE:
    • The research security training requirement described here is optional until May 1, 2025, and mandatory thereafter. Recipients must maintain a research security training program for covered individuals on the project, consistent with Section 10634 of the CHIPS and Science Act of 2022. Any new covered individuals at the recipient and subrecipient levels added to the project must certify that they have completed the training within thirty (30) calendar days of the individual joining the project (see Current and Pending Support term for certification instructions).
      • In addition, recipients must maintain sufficient records (records must be retained for the time period noted in 2 CFR 200.334 and made available to DOE upon request) of their compliance with this requirement for covered individuals at the recipient organization and they must extend this requirement to any and all subrecipients. To fulfill this requirement, recipients may utilize the four one-hour training modules developed by the National Science Foundation at https://new.nsf.gov/research-security/training or develop and implement their own research security training program aligned with the requirements in Section 10634(B) of the CHIPS and Science Act of 2022.
      • Acceptance of the award or use of the first dollar of award funds constitutes the recipient’s acceptance of this requirement and all other applicable award requirements.
      • Covered individuals previously identified by the recipient who have already certified and completed the research security training do not need to complete it again, even if they are submitting an updated Current and Pending Support Form during the life of the award.
  • Below is the certification language for NSF:
    • Certification Regarding Research Security Training for Federal Research Award Personnel: In accordance with Section 10634 of the CHIPS and Science Act of 2022 (42 U.S.C. § 19234), the AOR must certify that all individuals identified as senior/key personnel have completed the requisite research security training that meets the requirements specified in PAPPG Chapter IX.C. within one year of proposal submission.
    • Research Security Training Requirement for Federal Award Personnel: In accordance with Section 10634 of the CHIPS and Science Act of 2022 (42 U.S.C. § 19234), each individual identified as a senior/key person must certify that they have completed the requisite research security training that meets the requirements specified in PAPPG Chapter IX.C. within one year of proposal submission.

Questions?

Please contact Justin Mack, Director, Research Security & Export Controls:   justin.mack@colorado.edu.

  Search Faculty Experts 

Research and expertise across CU Boulder.

   

  Research Institutes 

Our 12 research institutes conduct more than half of
the sponsored research at CU Boulder.

  Research Centers 

More than 75 research centers span the campus,
covering a broad range of topics.

  Research Computing 

A carefully integrated cyberinfrastructure supports CU Boulder research.