CoE Cybersecurity and Data Security Reference Terms and Process Guide
This guide outlines the resources for identifying cybersecurity and data security requirements within the College of Engineering (CoE). Designed for Research Administrators (RAs) and Principal Investigators (PIs), it offers a structured approach to detecting security obligations early in the grant lifecycle - specifically during the review of RFPs, NOAs, and contracts. Additionally, the guide details the step-by-step engagement with Computer-Aided Engineering (CAE) to ensure research plans align with federal and sponsor-imposed standards.
In this document:
- Cybersecurity and Data Security Terms
- Process Guide: How and when to contact CAE
- Frequently Asked Questions
Cybersecurity and Data Security Terms
| Category | Terms |
|---|---|
| Federal Cybersecurity Requirements |
|
| Sensitive Data & Handling Requirements |
|
| Security Language |
|
| System, Access, & Audit Requirements |
|
| Publication & Dissemination Restrictions |
|
| Security Requirements for Subawardees and Vendors |
|
| Specialized Security Infrastructure Requirements |
|
Process Guide: When and How to Contact CAE
Step-by-Step Process for Research Administrators
- Identify Potential Security Requirements
Review RFPs, NOAs, and contracts for:- Cybersecurity requirements (e.g., NIST 800-171, CUI, DFARS)
- Data protection clauses
- Restricted research or publication controls
If anything seems unclear or security-related, proceed to Step 2.
- Contact CAE Early
Email compliance@engr.wisc.edu as soon as possible. - Prepare the Required Documentation
Attach or include:- Any sponsor-provided language referencing security or data restrictions
- Relevant sections from the RFP, NOA or contract
- A brief description of the project (1-2 sentences)
- Include Key Details
In your email make sure the message includes:- Name of PI Sponsor and program information
- Deadline or expected timeline
- Request for CAE assessment of requirements
- Notify the PI
- Request PI to complete the CAE Compliance Review Request Form
- Inform PI if they have questions to email: compliance@engr.wisc.edu
Step-by-Step Process for Principal Investigators
- Respond Promptly When Notified
If your Research Administrator flags cybersecurity requirements, understand that a compliance review request is needed for proposal accuracy and award acceptance. - Complete the CAE Compliance Review Request Form
Fill out the CAE Compliance Review Request Form as soon as as possible.
Include details about:- Data types expected
- How and where you plan to store or use the data
- Any sponsor-imposed timelines
- Follow-Up Correspondence and Meetings
You may need to provide additional information to CAE or be available for meetings with CAE to ensure your research plan aligns with required security controls.
- Update Proposal Materials Based on CAE Guidance
If CAE recommends specific environments, tools, or language:- Adjust proposal narratives, budgets, or data management plans as needed
- Coordinate with your Research Administrator to ensure requirements are accurately reflected
Frequently Asked Questions
How soon should CAE be contacted?
Preferably during the proposal stage, if possible.
What information and documentation are needed upon initial contact?
Any documentation provided by the sponsor indicating security requirements.
Who should contact CAE?
Research Administrators should initially reach out to CAE with any supporting documentation by sending an email to: compliance@engr.wisc.edu
Include the name of PI upon sending and ask PI to complete the CAE Compliance Review Request Form.