Requirements
University of Arizona employees and Designated Campus Colleagues (DCCs) must meet the following training requirements prior to working on an export-controlled project or accessing export-controlled information. Agreements may not be signed until training is confirmed and the TCP is in place.
For all export-controlled projects that require a Technology Control Plan (TCP):
Export Control Certification (biennial recertification required)
Additional training for export-controlled projects involving Controlled Unclassified Information (CUI) that require a Technology Control Plan-System Security Plan (TCP-SSP):
Insider Threat Awareness Certification (annual recertification required)
Information Security Awareness Certification (annual recertification required)
Please note:
- PIs conducting research secured with a TCP are responsible for ensuring all personnel complete and maintain the required training.
- Recertification training is required as long as an individual remains on the TCP.
Contact Export Control with questions or concerns.
Certifications
These links will take you directly to the Export Control Certification and Insider Threat Awareness Certification in the EDGE Learning system. Next, select "Register" (or "Recertification" to renew), then "Complete Registration." This will enroll you in the appropriate e-Learning course.
For assistance with system-related questions please contact Research-Training@arizona.edu.
Supplemental Training
Export Compliance for Researchers Part 1 and Export Compliance for Researchers Part II expand the introduction of export regulations. To access these courses, click the link, log in, then select "enroll" on the course.
The Bureau of Security (BIS) offers Export Administration Regulations (EAR) training videos that do not fulfill University training requirements.
Encryption Guide
Federal regulations and university policy requires restricted data (e.g. HIPAA, Export Control, etc.) to be encrypted at certain levels depending on the type of data The below resource guide was developed to assist faculty, staff, and students in protecting restricted data. There is a great variety of encryption methods available depending on your computer configuration; this guide does not cover every single method. Please contact the appropriate compliance partner (e.g. Export Control or HIPAA) for guidance on the encrypting level requirements in the regulations. For technical assistance contact your Unit’s IT Manager or the 24/7 IT Support Center.
Controlled Unclassified Information (CUI) Guide
Controlled Unclassified Information research computing environments meet the information security requirements mandated in NIST Special Publication 800-171 Rev3. These environments are available to UA researchers when their government contract or award indicates that they are working with CUI or contract clauses indicate that NIST SP 800-171 controls are required. Request the Service: Contact the CUI team at cui-support@list.arizona.edu.
Controlled Unclassified Information (CUI) Guide
Export Control-Agiloft
Export Control-Agiloft is the new centralized location for Export Control Technology Control Plans (TCPs) and associated documents.
Training materials: Export Control-Agiloft Video Tutorial