General advice for institutional leadership and administration

Here you'll find a summary of advice aimed at institutional leadership and administration for the development of systems for responsible international cooperation.

Recently edited : 11. November 2024

See also the European council recommendation for research security

Support to higher education institutions and other research performing organisations

14.Encourage and support higher education institutions and other research performing organisations to

(a)Create a sector-wide platform of stakeholders to facilitate information exchange, peer learning, development of tools and guidelines, and incident reporting. Consider resource pooling to make best use of scarce and scattered resources and expertise;

(b)Implement internal risk management procedures in a structural manner, including through risk appraisal, due diligence into prospective partners and escalation to higher levels of internal decision-making in case of elements that raise concerns (‘red flags’), while avoiding unnecessary administrative burden;

(c)Whenever entering into research partnership agreements with foreign entities, including through Memoranda of Understanding, insist on including key framework conditions, such as respect for fundamental values, academic freedom, reciprocity and arrangements on intellectual assets management, including the dissemination and valorisation of results, licensing or transfer of results and spin-off creation, and ensure there is an exit strategy in place in case the conditions of the agreements are not complied with;

(d)Assess risks related to foreign government-sponsored talent programmes in higher education and research, notably focusing on any undesirable obligations imposed on their beneficiaries, and guarantee that foreign government-sponsored on-campus providers of courses and trainings abide by the host institution’s mission and rules;

(e)Invest in dedicated in-house research security expertise and skills, assign research security responsibility at the appropriate organisational levels, and invest in cyber hygiene and in creating a culture in which openness and security are in balance;

(f)Develop training programmes, including online courses, for practitioners and new staff members, as part of their on-boarding, as well as curricula aimed at training the next generation of security advisers and policy-makers. Train recruiters to check and detect, as part of a structural vetting process, elements that raise concerns (‘red flags’) in applications for research positions, especially those in critical research domains;

(g)Ensure in scientific publications and all other forms of dissemination of research results full transparency of funding sources and affiliations of research staff, avoiding that foreign dependencies and conflicts of interest or commitment affect the quality and content of the research;

(h)Introduce compartmentalisation, both physical and virtual, guaranteeing that for areas, such as labs and research infrastructure, data and systems that are particularly sensitive, access is granted on a strict need-to-know basis, and, for online systems, robust cybersecurity arrangements are in place;

(i)Ensure that all forms of discrimination and stigmatisation, both direct and indirect, are prevented, that individual safety is guaranteed, with particular attention to coercion of diaspora by the state of origin and other forms of malign influence, which could give rise to self-censorship and may have security implications for the foreign researchers, doctoral candidates and students involved, and that incidents are reported.

Source: Proposal for a COUNCIL RECOMMENDATION on enhancing research security

Make a systematic valuation of what information, positions, infrastructure and other values such as life and health, reputation, norms and principles must be safeguarded at the institution.
Carry out a risk and vulnerability analysis to identify specific security challenges to the institution's values/assets, including pressure on academic freedom and research ethics.
Differentiate access to valuable information and infrastructure.
Create procedures for background checks in connection with appointments in areas of high security risk.
Create an overview of international cooperation agreements and research cooperation at the institution and identify cooperations with countries where academic freedom is under threat, countries of concern based on national risk and threat assessments (NIS (in Norwegian) ,PST (in Norwegian), and NSM (in Norwegian) and countries covered by the national sanctions regulations.
Create procedures that identify cooperation that may fall within the scope of the Export Control Regulations and offer support to the academic environments in their work on establishing international cooperation, recruiting staff and inviting visiting researchers.
Build competence and awareness of academic values, security risks and research ethics dilemmas throughout the knowledge institution.
Establish one or more contact points in the organisation with clearly assigned responsibility for research ethics challenges, for notification of pressure from external actors or for security breaches. Contact the relevant authorities for advice on difficult assessments.
Establish dedicated forums for sharing experiences and discussing complex issues.
When entering into partnership agreements with foreign institutions or organizations, including MoUs, include a basic framework that encompasses respect for fundamental values, academic freedom, reciprocity, and agreements on intellectual property rights (IPR), sharing of research results, and data management. Ensure that the agreements contain an exit strategy in case the terms of the agreement are violated.