Security documentation refers to cyber security plans and/or risk mitigation plans for research projects. These documents are necessary to fulfill compliance obligations associated with certain funding applications and research agreements.

Cyber security and risk mitigation plans may be explicit requirements for some funding applications or research agreements. Requesting this documentation is essential to finalize grants or data transfer/sharing agreements.

It’s important to request security documentation during the initial stages of a research project. Delaying this request may lead to administrative delays or an increased risk of non-compliance with contractual obligations.

This depends on the project. Review your funding application or research agreement to determine what security documentation is required and who needs to approve it.

Once the security documentation process is complete, the requester will receive the required documentation needed for funding applications and research agreements.

Completion times vary based on workload and the complexity of the security documentation. While RISP is mindful of research timelines and strives to complete requests promptly, it’s recommended to submit requests as early as possible to allow sufficient processing time.

RISP will not gather information directly from your project’s information system or implement any recommendations or mitigations within it. RISP can, however, assist your technical staff if clarification is needed.