Frequently Asked Questions

What steps have recently been taken at the University of Arkansas?

  • Completed an internal review of our approach to international collaborations and developed a framework for how we will continue to pursue international collaboration.
  • The Provost’s Office has reviewed campus procedures regarding J-1 visiting scholars and have updated the campus procedures for review, management and out-processing.
  • Our process for disclosure continues to collect information on foreign financial interests, foreign collaborations and involvement with a foreign talent recruitment program.
  • In fulfillment of the research security measures incorporated in the CHIPS and Science Act, the Division of Research and Innovation conducted a review of campus practices and policies pertaining to foreign talent recruitment programs. As part of this review, policies have been updated to incorporate a prohibition from University of Arkansas affiliated individuals from participating in a malign foreign talent recruitment program (MFTRP). A MFTRP is broadly defined as a foreign program, position or activity that includes compensation (defined broadly to include compensation, honorific titles, research funding, etc.) in return for certain actions (e.g. unauthorized transfer of intellectual property, recruitment of other to the programs, establishing a laboratory or a company in the foreign country, etc.) sponsored by or based in a country of concern.

Why is Research Security Planning Important?

Understanding key export and security concepts will assist in securing intellectual property, resources, information, technology, and individuals on our campuses while protecting national security and reducing overall risk to University of Arkansas.

Additionally, it facilitates collaboration and the exchange of information in a safe, efficient, and legal manner. Lastly, security planning assists employees and students in identifying risks and developing appropriate controls and countermeasures to provide a safe and secure work environment at University of Arkansas. 

How does research security planning apply to visitors to University of Arkansas?

Collaboration with both international and domestic colleagues is a critical component of information sharing in an effort to advance education, research, science and technology here at UNIVERSITY OF ARKANSAS. The U.S. Government has continued to see a sharp increase in the theft or illegal acquisition of information and technology resident at both companies and Universities nationwide.

To support the University’s interests in collaboration, while complying with laws and regulations, the University has published polices to help with protecting intellectual property, research data, research facilities, network access, and physical spaces.

What is Controlled Unclassified Information (CUI)?

Controlled Unclassified Information is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended.

The RSP can assist you with identifying and training research teams concerning Controlled Unclassified Information (CUI).

Relevant Policies on CUI

  • Executive Order 13556 “Controlled Unclassified Information” (the Order), establishes a program for managing CUI across the Executive branch and designates the National Archives and Records Administration (NARA) as Executive Agent to implement the Order and oversee agency actions to ensure compliance. The Archivist of the United States delegated these responsibilities to the Information Security Oversight Office (ISOO).
  • 32 CFR Part 2002 “Controlled Unclassified Information” was issued by ISOO to establish policy for agencies on designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI, self-inspection and oversight requirements, and other facets of the Program. The rule affects Federal executive branch agencies that handle CUI and all organizations (sources) that handle, possess, use, share, or receive CUI—or which operate, use, or have access to Federal information and information systems on behalf of an agency.

What is a Technology Control Plan (TCP) and do you need one?

A Technology Control Plan (TCP) helps ensure that controlled materials will not be accessed by unauthorized persons. The need for a plan occurs whenever Controlled Unclassified Information (CUI), ITAR, CCL or other controlled items or data are present on campus. The most common use of a TCP is to identify controlled materials or data and describe how these items will be secured on campus. It includes plans for storage, processing, transmission of the information or items and procedures for guarding against unauthorized access by individuals or entities.