Does your project need compliance?

Answer these questions or reach out to us.

  • Does your research project receive funding from the DoD or a DoD-funded prime contractor?  Does the contract contain DFARS 252.204.7012’s clause, safeguarding covered defense information and cyber incident reporting?
  • Have you been informed by your OSP Contracting Officer that you have a project funded by a non-DoD sponsor subject to NIST 800-171?
  • Does your project involve funding from DoD’s Small Business Innovation Research (SBIR) or Strategic Technology Transfer Research (STTR) programs?
  • Does your business result in storage, processing or transmission of Controlled Unclassified Information (CUI)?

Next Steps for Campus Research Teams

Review the bulleted questions at the top of this webpage. Did you answer yes to any of the bulleted items? If you did, and your work meets the criteria, please reach out to the Governance, Risk, and Compliance (GRC) Team to begin work through the process below.

*Please note that the timeframe is an estimate of what to expect from the process, and will not necessarily be the exact timeframe experienced by every project and/or lab working to comply with the NIST 800-171 controls.