How to do security screening in international collaborations
Screening is one of the measures aimed at protecting critical research at UCPH.
To deal with the growing threat of espionage against strong Western research environments, the Rectorate has introduced new procedures at the University of Copenhagen. The procedures are intended to mitigate the risk of UCPH research being misused for unwanted purposes.
It is necessary to do a risk assessment before starting a collaboration with, hosting, hiring or enrolling someone who is closely affiliated with one of the countries that the authorities have designated as high-risk countries. These countries are currently China, Russia and Iran.
There are two stages of security assessment:
- prescreening
- extended screening where necessary.
Prescreening at departmental level
The first step in a security assessment is prescreening, which is done locally at the department or centre. It must be performed by the researcher at associate professor level or above, who is responsible for the intended collaboration, visit or hiring.
The prescreening assesses UCPH's interest in the collaboration. In other words, whether the potential benefit is large enough to offset the potential risk of the collaboration.
It should be considered whether it's a matter of critical research. For example, research in a field that has been identified as a critical technology area (see list to the right) or research that can be used for both civilian and military purposes (dual use). It could also be research of particular strategic significance to UCPH.
Another key consideration is whether the person being screened is closely affiliated with one of the high-risk countries. Close affiliation is if an individual has resided in the high-risk country for more than six months, received funding from that country or published substantially with researchers from the high-risk country.
Extended screening in central unit
If it's desirable to proceed even though the prescreening indicates that it could be critical research, and the person being screened is closely affiliated with a high-risk country, an extended security screening will be necessary. UCPH Research and Information Security will perform the extended screening.
The extended screening is booked by sending the case with all available information, such as CV, list of publications, etc., to Research and Information Security at protect@adm.ku.dk. Research and Information Security will return an extended screening within seven working days.
Final decision at the local level
When the extended screening is available, management of the department or centre will make the final decision about collaboration, hosting, hiring or enrolment.
If the extended screening recommends not proceeding with collaboration, hosting or hiring, and local management decides to do so anyway, the head of department must explain the reasons for this in writing to the dean's office, including protect@adm.ku.dk in the email.
The decision may also be to take certain precautions to mitigate the risk associated with the collaboration, for example, authorised access control to IT systems and physical facilities along with follow-up interviews with local management
Log in to KUnet
This page comes from the University of Copenhagen intranet and is aimed at university students and/or employees. The page is accessible because an employee or student has chosen to share the page.
If you are an employee or student at UCPH, you can log in and see more on the intranet.