An integral component of the risk assessment process is the Risk Assessment Form. Researchers complete the form by conducting open-source due diligence, by working with internal resources and services within their institutions, and by consulting with their partner organization(s), where appropriate, to validate their responses. Following that, the completed form is submitted alongside their research partnership grant application. As with all other application documentation and information that is provided by the applicant, the Risk Assessment Form is only used for its intended purpose – to collect information on and assess risks related to the research partnership.
For each research partnership application submitted with a Risk Assessment Form, the risk assessment process is conducted in three steps:
Step 1: Administrative validation by the Granting Agency
First, the Risk Assessment Form is administratively reviewed by the granting agency to ensure that all the questions and components on the form have been completed by the applicant. This review also includes a risk validation assessment using open-source due diligence methods, based on the National Security Guidelines for Research Partnerships and guidance from Canada’s national security departments and agencies. As part of the administrative review process, applications with possible or identified risks are referred to the granting agency’s internal Risk Assessment Committee, which discusses each application on a case-by-case basis and determines whether additional assessment and advice is required from the national security departments and agencies.
After completing the administrative review, the granting agency proceeds with the merit assessment of the funding application using its established mechanisms of peer review. The Risk Assessment Form is not shared with peer reviewers.
In cases where the granting agencies’ internal risk assessment identifies a need for a national security assessment and advice to inform the funding decision, the relevant application documents are referred to Public Safety Canada. This referral usually occurs after the merit assessment has been deemed successful, but prior to a funding decision being rendered by the granting agency.
Step 2: Referral of applications to Public Safety Canada
Upon receipt of a funding application from a granting agency, Public Safety Canada conducts an initial review, to determine which security agency is responsible for leading the national security assessment of the proposed research partnership project. The lead security agency may be Public Safety Canada, the Canadian Security Intelligence Service, or the Communications Security Establishment.
- Public Safety Canada coordinates national security-related activities across relevant federal departments and agencies. The department’s mandate is to keep Canadians safe from a range of risks such as natural disasters, crime, and terrorism. As part of Public Safety Canada’s mandate, the Minister of Public Safety is responsible for policy leadership in the areas of national security and economic-based threats to national security. This includes leading the coordination of the federal security and intelligence community in safeguarding Canada’s world-leading research ecosystem, as well as intellectual property businesses.
- Canadian Security Intelligence Service is an intelligence agency that investigates activities suspected of constituting a threat to the security of Canada and Canadians. Canadian Security Intelligence Service’s priorities include threats that can jeopardize Canada’s economic, national, and research security.
- Communications Security Establishment is the national signals intelligence agency for foreign intelligence and the technical authority for cybersecurity and information assurance.
The lead security agency, under their respective authorities and mandate, conducts a national security assessment and provides it to Public Safety Canada. Once the assessment is completed, Public Safety Canada may further consult other relevant departments such as Global Affairs Canada to take into account other relevant considerations related to the science, economic benefits, or global implications of the funding application, before returning the assessment results and any additional advice to the granting agency.
Step 3: Funding decision
The granting agency considers the national security assessment and advice received from Public Safety Canada, alongside the result of the merit assessment, to make a funding decision for each application. The granting agency then notifies the applicant of its funding decision.
The applicant is provided a decision letter that includes information on the results of the merit assessment and information on the national security assessment of their application (where applicable). The Government of Canada is committed to ensuring transparency across all funding decisions while also building the science and research community’s level of risk awareness. Where applicable, applicants that were denied funding will be offered the opportunity to request a meeting with representatives from the respective granting agency and the Research Security Centre to discuss the results of their application’s national security assessment.
If an applicant receives funding for their proposed research project, they must implement the risk mitigation plan outlined in their application, for the duration of the project. Dependent on the advice provided by the national security departments and agencies, the granting agency may require the implementation of additional mitigation measures as a condition of funding.