Policy on security-related issues in international research collaboration ('Trusted Research')

The University's policy on security-related issues in international research collaboration, also known as 'trusted research'.



The University of Sheffield is an international research community.

It values and encourages external collaborations as a productive and beneficial part of our research and scholarship.

It is important to acknowledge that the environment we work in is increasingly complex and that risks exist alongside the benefits of collaboration internationally.

Risks include:

  • Reputational - for individual researchers and the institution
  • Interference with academic freedom
  • Potential breach of national or international legislation
  • Loss of data, results or other intellectual property through cyber or other means.
  • Governments internationally are concerned about security-related issues in research.

Universities UK has published guidance and this has been supplemented by a campaign around ‘Trusted Research’ led by the Centre for the Protection of National Infrastructure and including specific guidance for academics.

At the University of Sheffield, we want to:

  • Promote researchers’ awareness of our Code of Ethics and particularly of security-related issues
  • Ensure we adhere to external legislative and other frameworks
  • Protect our research by ensuring that we make informed decisions about working with international collaborators and partners, recognising and mitigating any risks
  • Empower researchers and other colleagues to raise any concerns they may have.

Our approach is risk-based, focusing our efforts on collaborations with organisations and individuals where the likelihood of risk is greatest or where legislation or other external compliance frameworks require it.

Such collaborations include, but are not limited to research involving international collaborators, funders or partners which:

  • May have military/defence applications (noting that this may not be the researcher’s intention)
  • Could benefit a hostile state actor
  • Involves personally identifiable or sensitive data
  • Raises ethical or moral concerns
  • Has the potential for commercial exploitation
  • Has potential implications for UK national security.

Responsibilities of individual researchers

Researchers must:

  • Maintain mandatory University training in protecting personal data, cyber security and discipline-relevant modules such as Export Controls
  • Consider security-related risks when discussing potential collaborations
  • Disclose collaborations, funding and partnerships with international individuals and organisations whether funded or not
  • Declare any conflict of interest (real or perceived) or not
  • Engage with required organisational due diligence.
  • Individual staff must be aware of, and highlight to the University, any concerns they have about organisations or individuals with whom they are undertaking research and/or innovation.

Concerns may be raised with the Head of Department, Faculty VP or Director/Deputy Director of Research, Partnerships and Innovation.

Responsibilities of the organisation

The University will maintain and publicise a clear policy and will provide support for appropriate due diligence checks for organisations and individuals.

Where due diligence indicates the level of risk to either a researcher, research team or the institution is heightened, approval of any identified mitigation will be sought from the Head of Department.

Escalation points are the relevant Faculty VP, and then the VP-Research who is the UEB member responsible for research security.

If you have any queries or require support or wish to raise a concern, please contact duediligence@sheffield.ac.uk in the first instance.