Federal Agencies Guidance on Ethics, Compliance, and Audit Services under NSPM-33

Slide Note
Embed
Share

The White House OSTP released guidance for federal agencies to implement NSPM-33 focusing on disclosure requirements, digital identifiers, consequences for violations, information sharing, and research security programs. The guidance emphasizes supporting open scientific inquiry and nondiscriminatory implementation while addressing disclosure transparency and avoiding unfair treatment of researchers. Specifics include standardized disclosure requirements, digital identifiers integration, and guidelines for consequences of violations.


Uploaded on Jul 19, 2024 | 0 Views


Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript


  1. ETHICS, COMPLIANCE AND AUDIT SERVICES NSPM-33 Guidance to Federal Agencies January 2022

  2. ETHICS, COMPLIANCE AND AUDIT SERVICES The White House Office of Science and Technology Policy (OSTP) released guidance to federal agencies for implementing National Security Presidential Memorandum-33 (NSPM-33). The guidance specifically focuses on five key areas addressed by NSPM The guidance specifically focuses on five key areas addressed by NSPM- -33: 1. disclosure requirements and standardization 2. digital persistent identifiers 3. consequences for violation of disclosure requirements 4. information sharing 5. research security programs 33:

  3. ETHICS, COMPLIANCE AND AUDIT SERVICES Important points OSTP indicated the importance of continuing to support open and transparent scientific inquiry. And that agencies must implement NSPM-33 guidance in a nondiscriminatory manner that does not stigmatize or treat unfairly member of the research community, including members of ethnic or racial minority groups. The guidance provides a definition of a Foreign government-sponsored talent recruitment program , which is important as it relates to communication around disclosure and transparency.

  4. ETHICS, COMPLIANCE AND AUDIT SERVICES Disclosure Requirements, Standardization, Digital Persistent Identifiers, and Consequences for Violation of Disclosure Requirements Among some of the specifics contained in the guidance are that federal agencies shall: Establish standardized disclosure requirements across federal agencies for researchers to the maximum extent practicable; Develop standardized reporting forms and instructions across federal agencies that will enable the development usage of tools such as electronic curricula vitae (CVs) and digital persistent identifier services (DPIs) and platforms to make compliance easy and uncomplicated. These forms and instructions are to be developed by federal agencies within the 120 days; Incorporate Digital Persistent Identifiers into grant and cooperative agreement application and disclosure processes; and Adhere to specific guidelines for determining appropriate consequences for violations of disclosure requirements as deemed appropriate based upon the facts of the violation and consistent with applicable laws and regulations.

  5. ETHICS, COMPLIANCE AND AUDIT SERVICES Information Sharing The report seeks to provide clarity concerning specific circumstances when federal agencies may share information about violations and potential violations with each other consistent with due process, privacy consideration, and other applicable law.

  6. ETHICS, COMPLIANCE AND AUDIT SERVICES Research Security Programs The guidance outlines more specifics on how research organizations awarded more than $50 million in a given year are to meet the research security program requirements called for in NSPM-33. Specifically: Cybersecurity. Agencies should require that research organizations satisfy the cybersecurity element of the research security program requirement by applying the following basic safeguarding protocols and procedures. Foreign travel security. Agencies should require that research organizations maintain international travel policies for faculty and staff traveling for organization business, teaching, conference attendance, research purposes, or any offers of sponsored travel that would put a person at risk.

  7. ETHICS, COMPLIANCE AND AUDIT SERVICES Research Security Programs continued Research security training. Agencies should require that, as part of their research security programs, research organizations provide training to relevant personnel on research security threat awareness and identification, including insider threat training where applicable. Export control training, as appropriate. Agencies should require that research organizations conducting R&D that is subject to export control restrictions provide training to relevant personnel on requirements and processes for reviewing foreign sponsors, collaborators and partnerships, and for ensuring compliance with Federal export control requirements and restricted entities lists.

  8. ETHICS, COMPLIANCE AND AUDIT SERVICES Research Security Programs continued Agencies should require that research organizations designate a research security point of contact. Research organizations should be required to maintain a description of the research security program, and to provide such documentation within 30 days of a request from a research agency that is funding an R&D award or considering an application for R&D award funding to that research organization. Agencies should consider integrating the research security program requirement into the Compliance Supplement s Research and Development Cluster audit guidance as part of the single audit of Federal grant and assistance programs (2 C.F.R. Part 200, Appendix XI). Research organizations should be provided flexibility to structure the organization s research security program to best serve its particular needs, and to leverage existing programs and activities where relevant, such as existing cybersecurity programs and responsible and ethical conduct in research training to maximize efficiency.

  9. ETHICS, COMPLIANCE AND AUDIT SERVICES Highlights of UC processes and tools NSPM-33 Guidance Recommendations UC actions Apply basic safeguarding protocols and procedures to satisfy the cybersecurity element of the research security program. Cybersecurity audits and assessments are conducted across the system every year. Bi-annual cybersecurity training required across the system. Research organizations conducting R&D that is subject to export control restrictions provide training to relevant personnel on requirements and processes for reviewing foreign sponsors, collaborators and partnerships, and for ensuring compliance with Federal export control requirements and restricted entities lists. Update of the required Ethics and Compliance Briefing for Researchers with information on export controls, effective September 2021. An interactive export control course for staff and faculty made available across the system in January 2021. An on demand course related to restricted parties and screening made available in July 2021. A suite of advanced export classification training for location Export Control Officers made available in June 2021. Live training provided to over 800 participants in FY 2021. Guidance on Export Control Red Flags for agreements, Restricted Party Screening and International Scholar Vetting published in January 2022.

  10. ETHICS, COMPLIANCE AND AUDIT SERVICES Highlights of UC processes and tools, cont. NSPM-33 Guidance Recommendations UC actions Agencies should integrate the research security program requirement into the Compliance Supplement s Research and Development Cluster audit guidance as part of the single audit of Federal grant and assistance programs (2 C.F.R. Part 200, Appendix XI). An audit focused on foreign influence was completed across the system in 2021. Plans to organize a working group and best practices for locations to devise and implement policies and procedures to address research security. Leverage existing programs and activities where relevant, such as existing cybersecurity programs and responsible and ethical conduct in research training-to maximize efficiency. Update of the required Ethics and Compliance Briefing for Researchers with information on disclosure and export control, effective September 2021. Created one page on global engagement resource in 2021. Maintain an up to date web resource with all recent government communications and relevant UC policies since 2020. On demand, research security awareness program covering the following in development o Disclosures: Conflicts of Interest & Conflict of Commitments o Foreign Talent Programs o International Collaborations o Data Security

Related


More Related Content