Research Security Program (I.A.6)

Volume I: Academic and Research Affairs
Chapter A: Education and Research
Responsible Executive: Executive Vice President for Research
Responsible Office: Research Security and Export Controls
Date Issued: January 8, 2024
Date Last Revised: August 1, 2025

Contacts
Statement of Policy
Reason for This Policy
Individuals and Entities Affected
Exclusions
Responsibilities
Definitions (defined terms are capitalized throughout the document)
Related Documents, Forms and Tools
Website Address for This Policy
History and Updates
Appendix

Contacts

Policy Clarification

Senior Director of Research Security and Export Controls
765-496-2518 | Regulatory Affairs staff page

Statement of Policy

Purdue University maintains a research security program to protect intellectual capital, prevent research misappropriation, and ensure responsible management of U.S. and Indiana taxpayer dollars while maintaining an open environment to foster research discoveries and innovation. The program promotes transparency and guards against conflicts of interest and commitment, provides training and information on research security, and implements processes to assess and manage potential risks associated with collaborations and data. The program includes elements of cybersecurity, foreign travel security, research security training, export control compliance measures, and ensuring annual reporting of foreign financial support.

As part of the program’s compliance with applicable laws and regulations, Covered Individuals are prohibited from participating in Malign Foreign Talent Recruitment Programs (MFTRP) and must complete all disclosure, training and certification requirements prescribed by the program. Furthermore, all employees of Purdue are prohibited from participating in foreign recruitment programs affiliated with or organized by a Foreign Adversary Nation.

Failure to comply with any part of this policy may result in appropriate discipline, including but not limited to censure, suspension or revocation of university-sponsored travel privileges, removal from grants, loss of principal investigator eligibility, up to and including termination of employment.

Reason for This Policy

Purdue’s pursuit of knowledge yields innovative research and valuable partnerships with industry leaders. With these accomplishments comes the responsibility to safeguard information and technologies from exploitation. The CHIPS and Science Act of 2022 and related guidance provide a framework for those protections. This policy describes the University’s efforts to comply with applicable laws, regulations and guidelines that govern research security and ensures Purdue’s ability to certify that it is in compliance with those requirements.

Individuals and Entities Affected

Purdue faculty, staff, students and others involved in research-related activities.

Faculty, staff and others responsible for information technology services and systems that support Purdue research.

All employees of Purdue.

Exclusions

There are no exclusions to this policy.

Responsibilities

Research Security and Export Controls

Oversee the University’s research security program. This includes coordination with process owners whose functions support one or more aspects of the program to ensure internal processes are aligned with applicable federal and state requirements.
Follow federal guidance for determining whether an activity meets the definition of an MFTRP and advise on the appropriate response.
Determine whether an employee’s participation in a foreign recruitment program is prohibited by the state of Indiana and advise on the appropriate response.
Ensure the University’s research security training content meets applicable regulatory requirements and oversee the delivery and certification of all mandatory research security training.
Provide information and guidance to Covered Individuals and department/unit heads on meeting the requirements of the research security program.
Ensure measures are in place that enable the University to evaluate international travel to foreign destinations and existing and proposed relationships, activities, and other forms of engagement with foreign entities to determine potential risks and advise on the appropriate response.
Coordinate with IT to ensure implementation of baseline cybersecurity requirements in accordance with NSPM-33 and the protections for data subject to export controls and cybersecurity requirements.
Develop, implement, and monitor Research Security Plans (RSPs) and Risk Mitigation Plans (RMPs) as needed to align with sponsor requirements and mitigate research security risks.
Conduct audits for compliance with this policy and related operating procedures.

Covered Individuals

Disclose participation or affiliation with non-U.S. entities, as required by other Purdue policies. If an activity is determined to be an MFTRP by Research Security and Export Controls, follow recommendations for corrective action.
Refrain from engaging with parties on U.S. government restricted party lists.
Fulfill all disclosure, certification and training requirements as prescribed by the research security program.

Department/Unit Heads

Consult with Research Security and Export Controls and the Outside Activities Officer (as defined in the Conflicts of Commitment and Reportable Outside Activities (III.B.1) policy), or Responsible Official (as defined in the Individual Financial Conflicts of Interest (III.B.2) policy) when reviewing requests or proposals that involve foreign entities. This includes, but is not limited to, proposal submissions, research or sabbatical leaves, disclosures of reportable outside activities, conflicts of interest disclosures, etc.

Process Owners

Consult with Research Security and Export Controls to ensure internal procedures align with the program. This refers to offices or units that oversee a process or system that supports one or more aspects of the research security program (e.g., conflicts of commitment, conflicts of interest, IT, sponsored programs, global travel support).

All Employees

Do not take part in any foreign recruitment programs affiliated with or organized by a Foreign Adversary Nation.
Follow mitigation measures implemented by Research Security and Export Controls.

Definitions

All defined terms are capitalized throughout the document. Refer to the central Policy Glossary for additional defined terms.

Covered Individual
Officers, faculty, staff and students of Purdue University who are engaged in research at or on behalf of the University and any other individuals helping to conduct research at Purdue. This term includes but is not limited to graduate students, undergraduate students, postdoctoral researchers, fellows and visiting scholars.

Foreign Adversary Nation
A country as defined from time to time in 15 CFR 791.4 or designated so by the governor of Indiana under IC 1-1-16-8.

Malign Foreign Talent Recruitment Program (MFTRP)
As defined by the Chips and Science Act of 2022.

Website Address for This Policy

www.purdue.edu/vpec/policies/academic-research-affairs/ia6

History and Updates

August 1, 2025: Added prohibition on foreign recruitment programs and added a definition of Foreign Adversary Nation. Replaced the definition of FTRP with a definition for Malign Foreign Talent Recruitment Program. Included additional responsibilities for Research Security and Export Controls and added responsibilities for all employees.

July 1, 2024: Responsibilities for Research Security Office expanded. Responsibilities for Covered Individuals clarified. Added responsibilities for department/unit heads and process owners. Updated the definition of FTRP. Removed the interim status.

January 8, 2024: This is the first policy to address this issue.

Appendix

There are no appendices to this policy.