When applying to Canadian federal research funding that is subject to the National Security Guidelines for Research Partnerships (NSGRP), researchers must complete a Risk Assessment Form (RAF).
UBC researchers should complete and submit their RAF to the research security team for validation as early as possible, but no later than five (5) business days' prior to the sponsor's full application deadline.
For relevant funding opportunities, the RAF must be completed and include all industry partners (companies/corporations), as well as industrial associations and producer groups. The form helps identify, assess and mitigate potential risks that the partnership(s) may pose to the integrity of the research and Canada’s national security.
Drafting Risk Mitigation Plans
If researchers identify any potential risks when completing the form, they must prepare a risk mitigation plan. The plan should reduce the likelihood and impact of risks to a level that is acceptable to the researcher, their institution, the granting agency and the Government of Canada. Each risk mitigation plan should be unique to the specific project and/or partner.
The proposed risk mitigation plan will be assessed as part of the evaluation of the project proposal to ensure appropriate safeguards are in place to mitigate risks to the work. The following research security best practices are recommended as part of your risk mitigation plan:
- Building a strong research team, such as enrolling the team in training on research security, cyber security, intellectual property, and employing research security guidance and best practices from Government of Canada;
- Assessing the alignment of your partners’ motivations;
- Using sound cybersecurity and data management practices, such as employing UBC information technology security policies, and including any practices that are relevant to intellectual property and technology transfer clauses that address identified risks;
- Establishing an agreement with your partner(s) on the intended use of the research findings, which may include creating partnership agreements that cover intellectual property and technology transfer clauses that address national security risks; or
- Prioritizing the implementation your risk mitigation plan and that all members of the team are aware of their responsibilities, and ensuring the monitoring of mitigation measures.
Post-Award Risk Management Requirements
Upon receipt of a successful funding decision, researchers should begin implementing the risk mitigation plan outlined in their proposal.
If the risks that were originally identified in the RAF change or evolve throughout your research, or new private partners are brought onto the project, researchers must inform the granting agency of these changes. The agency may require new risk assessment form(s) to be completed. UBC’s Research Security Team has created a post-award guide to assist you in understanding your obligations following receipt of your research funding.