NSPM-33

NSPM-33 Final Guidance

The final guidance focused on four areas of concern. They were: Cybersecurity, Foreign Travel Security, Research Security Training, and Export Control Training. Evaluation of those requirements by leaders across campuses has resulted in modifications to workflows and processes as well as the addition of required training for employees. University compliance of NSPM-33 and agency requirements can be found on the NSPM-33 Compliance page.    

Research Security Recommendations

Each year, since NSPM-33 took effect, the Joint Committee on the Research Environment (JCORE) has provided guidance to the research community on implementation and best practices for an effective research security program. That guidance was prescriptive and could be divided into nine functional areas. Four of those areas were addressed by the final guidance, however, "NSPM-33 permits federal research agencies to develop additional requirements for the research security programs of covered institutions beyond the four elements described in this memorandum." It is expected that agencies will develop additional requirements aligning with the unaddressed functional areas.

What to expect?

You can expect to see changes in policy as it pertains to cybersecurity, foreign travel, and training requirements. Examples include the use of a loaner laptop for international travel, new processes in registering travel in Concur, and the addition of research security and export control training via the CITI platform. As federal agencies develop additional requirements, the University will enact new policies and processes to comply with those requirements. Learn more about training, certifications, and additional requirements.