Research Security Requirements for Grant Applications

red checkbox Please Note

Updated March 28, 2024: The federal government has released new requirements related to research security for all new funding applications to the Tri-Agencies and the Canada Foundation for Innovation that involve conducting research aimed at advancing a sensitive technology research area. For further details, see the updated New Requirements for Federal Research Funding – Policy on Sensitive Technology Research and Affiliations of Concern.

What do I need before I can begin?

No information is required to begin.

Please be advised that funding opportunities include relevant research security requirements. 

For information on different funding sources, see the U of T Funding Opportunities Database
For information on grant application requirements pertaining to cyber and data security, contact the Research Information Security Program team or see Information Security.


The Research Security Team (RST) supports researchers in two ways throughout the grant application process. The goal is to support a smooth and successful grant review. 

  1. Pre-Application: Currently, the RST reviews applications where the National Security Guidelines for Research Partnerships (NSGRP) are applicable prior to their submission to the granting agency as part of the submission review process. In this review, the RST replicates the type of analysis granting agencies may conduct to identify potential concerns. Should concerns be identified, the RST will provide advice to the researcher on how to address them prior to submission. The RST also supports researchers who require assistance completing pre-submission attestations that they do not have any affiliations under the STRAC policy (see below). 
  2. Post-Application: The RST also assists researchers after an application has been submitted to a granting agency, if the granting agency identifies any research security concerns that require information prior to rendering a funding decision. This process may include submitting an official attestation document that requires approval by designated university leadership. 

Applicants should note internal deadlines for grant applications and allow sufficient time for review. The RST cannot guarantee that applications submitted on short notice will be reviewed prior to submission to the granting agency. 

Sensitive Technology Research and Affiliations of Concern (STRAC) Policy - Federal

See the Please Note at the top of this page for additional information on the forthcoming implementation of this policy. 

Although the new STRAC policy is distinct, it is complementary to the National Security Guidelines for Research Partnerships (NSGRP) process below. 

It may also be applicable to Ontario Research Fund (ORF) applications that are joint with the Canada Foundation for Innovation (CFI) once STRAC is in effect.

National Security Guidelines for Research Partnerships (NSGRP) - Federal

At present, Natural Sciences and Engineering Research Council of Canada (NSERC) Alliance applicants who are working with a private sector partner are required to submit The National Security Guidelines for Research Partnerships’ Risk Assessment Form with their funding applications. It is expected that similar risk assessment processes will be applied to other Tri-Agency (Canadian Institutes for Health Research (CIHR), Social Sciences and Humanities Research Council (SSHRC), NSERC) and CFI funding application processes in the future. 

For example, CFI announced that it will be applying the National Security Guidelines for Research Partnerships (NSGRP) to the 2023 Innovation Fund and will require the risk assessment form to be completed prior to funding being awarded. The Research Security Team (RST) is working with applicants to advise on CFI’s requirements. 

When granting agencies conduct national security reviews, they will analyze all partners and all listed individuals identified on the application. Likewise, when conducting bibliometric reviews, granting agencies may consider all co-authors on a paper. 

If the applicable granting agency determines that additional information is required to address research security concerns, the agency will contact the researcher directly. Researchers can request RST assistance with this process via the VPRI Contact listed on this page. 

Please be advised that, starting immediately, NSERC will be considering the Sensitive Technology Research Areas and Named Research Organizations associated with the STRAC policy as factors, among others, in their NSGRP review process.

Mitigating Economic and/or Geopolitical Risk (MEGR) – Provincial

In Ontario, applicants are required to complete the Mitigating Economic and Geopolitical Risk Checklist for Ontario Research Fund Applications checklist related to research security for funding programs delivered through the Ministry of Colleges and Universities (MCU). These include Ontario Research Fund (ORF) programs: Large/Small Research Infrastructure (CFI matching) and Research Excellence (research operating grants).

The required checklist asks researchers to provide context regarding collaborations with partners. The Provincial government will then assess the checklist for concerns from a research security perspective.  While the government analyzes all listed partners and individuals on an application, it does not provide a publicly available list of partners of concern. The provincial government’s attestation process normally includes collaborations going back approximately two years to ensure that they are no longer active. Researchers requiring assistance in completing the risk checklist should contact the Research Security Team.

Prior to rendering a funding decision, the government will provide institutions the opportunity to address identified research security concerns by providing additional context or mitigation strategies. This information is provided through an official attestation document. The RST will work with individual researchers and their academic unit/Division to complete these attestations. The Division of the Vice-President, Research & Innovation will submit them to the government for assessment.  Attestations will be project- and researcher-specific, and signed by the researcher, the designated Divisional research leader (normally a Vice or Associate Dean/Vice-Principal), and the Vice-President, Research and Innovation, and Strategic Initiatives.

Forms & Downloads


  • Provide support in conducting research security due diligence and partner vetting
  • Provide guidance and support with research risk assessments and attestation forms
  • Provide outreach and training on best practices for safeguarding your research
  • Communicate updates on research security requirements

VPRI Contact


Other Resources