Completing a Risk Assessment Form

When applying to Canadian federal research funding that is subject to the National Security Guidelines for Research Partnerships (NSGRP), researchers must complete a Risk Assessment Form (RAF).

UBC researchers should complete and submit their RAF to the research security team for validation as early as possible, but no later than five (5) business days prior to the sponsor's full application deadline.

For relevant funding opportunities, the RAF must be completed and include all industry partners (companies/corporations), as well as industrial associations and producer groups. The form helps identify, assess and mitigate potential risks that the partnership(s) may pose to the integrity of the research and Canada’s national security.

follow the plan
Project Information

In completing the risk assessment, applicants should provide information specific to their proposed research project and the prospective private-sector partner organizations. 

Relevant project information should include:

 

decorative
Partner Information

Information regarding the proposed partners must also be included, to determine whether the partner(s) may pose national security risks when using information and data derived from your project. 

Relevant partner information should include:

  • Subsidiaries, affiliations or partnerships that could lead to the transfer of research to third party governments, militaries or other organizations;
  • Their potential for foreign government influence or control through both legal or illegal means;
  • Uncertainty or a lack of transparency of funding sources;
  • Company charges or convictions speaking to a lack of transparency or ethical behavior;
  • Research team conflicts of interests that could lead to research transfers to third part government, militaries or other organizations.

 

Drafting Risk Mitigation Plans

If researchers identify any potential risks when completing the form, they must prepare a risk mitigation plan. The plan should reduce the likelihood and impact of risks to a level that is acceptable to the researcher, their institution, the granting agency and the Government of Canada. Each risk mitigation plan should be unique to the specific project and/or partner.

The proposed risk mitigation plan will be assessed as part of the evaluation of the project proposal to ensure appropriate safeguards are in place to mitigate risks to the work. The following research security best practices are recommended as part of your risk mitigation plan:

  • Building a strong research team, such as enrolling the team in training on research security, cyber security, intellectual property, and employing research security guidance and best practices from Government of Canada;
  • Assessing the alignment of your partners’ motivations; 
  • Using sound cybersecurity and data management practices, such as employing UBC information technology security policies, and including any practices that are relevant to intellectual property and technology transfer clauses that address identified risks;
  • Establishing an agreement with your partner(s) on the intended use of the research findings, which may include creating partnership agreements that cover intellectual property and technology transfer clauses that address national security risks; or 
  • Prioritizing the implementation your risk mitigation plan and that all members of the team are aware of their responsibilities, and ensuring the monitoring of mitigation measures.

Researcher Requirements & UBC Review Process

When applying to a federal research grant that is subject to the NSGRP, the principal applicants are required to:

  1. Complete a Risk Assessment Form (and any relevant risk mitigation plans) in its entirety and as accurately as possible.
  2. Submit the RAF, research proposal, and the UBC RPIF to research.security@ubc.ca for validation.

To ensure sufficient time for feedback and advice, researchers are encouraged to submit the above materials as as early as possible.

Once the above package has been received, UBC’s Research Security team will validate the form to ensure that the partner risks have been sufficiently identified and that the mitigation plan will be effective against relevant national security concerns. The Research Security team may consult with the applicant during validation to request additional information if needed.

UBC researchers should complete and submit their RAF to the research security team for validation as early as possible, but no later than five (5) business days' prior to the sponsor's full application deadline.

SUBMIT YOUR RAF FOR VALIDATION

Post-Award Risk Management Requirements

Upon receipt of a successful funding decision, researchers should begin implementing the risk mitigation plan outlined in their proposal. 

If the risks that were originally identified in the RAF change or evolve throughout your research, or new private partners are brought onto the project, researchers must inform the granting agency of these changes. The agency may require new risk assessment form(s) to be completed. UBC’s Research Security Team has created a post-award guide to assist you in understanding your obligations following receipt of your research funding.

View Post-Award Guide

 

Take the 'Introduction to Research Security' Course

Learn why research security matters and develop some core competencies to support you in safeguarding your research.

Start now

Part of the VP Research & Innovation portfolio

UBC Research Security Office

Suite 580, Walter C. Koerner Library, 1958 Main Mall
Vancouver, BC Canada
E-mail research.security@ubc.ca

UBC receives support for managing its research enterprise from the federal Research Support Fund.

UBC Crest The official logo of the University of British Columbia. Urgent Message An exclamation mark in a speech bubble. Caret An arrowhead indicating direction. Arrow An arrow indicating direction. Arrow in Circle An arrow indicating direction. Arrow in Circle An arrow indicating direction. Chats Two speech clouds. Facebook The logo for the Facebook social media service. Information The letter 'i' in a circle. Instagram The logo for the Instagram social media service. External Link An arrow entering a square. Linkedin The logo for the LinkedIn social media service. Location Pin A map location pin. Mail An envelope. Menu Three horizontal lines indicating a menu. Minus A minus sign. Telephone An antique telephone. Plus A plus symbol indicating more or the ability to add. Search A magnifying glass. Twitter The logo for the Twitter social media service. Youtube The logo for the YouTube video sharing service.