Colorado State University participates in research for federal agencies that requires adherence to several federal regulations. The key regulations that you will typically find in your projects that need to be understood and addressed are:​

• FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems (Links to pages that cover the basic “controls”)​
• DFARS 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting​
• Requires implementation of NIST SP 800-171: Protecting of Controlled Unclassified Information in non-federal systems and organizations (Link to the CUI pages)​
• NSPM-33 United States Government-Supported Research and Development National Security Policy (Link to the Research Security Program Pages/NSPM-33)​

This is not an exhaustive list of the specific regulation that may be listed in your award so please reach out to discuss these controls and regulations and how you can protect your data and systems on your project.​