Skip to main content

System Status: 

Cybersecurity Certification Process

Learn the steps to certify your lab or work environment.

Governance is a shared responsibility, and, as individuals entrusted with our academic and research mission, certification of the baseline cybersecurity efforts falls to faculty and researchers.

For most labs, the process to certify security will require only three steps.


1. Collect Project Information

Begin by collecting the information that will be required to complete the request for certification form.

Only a project's Principal Investigator and staff will know what data or artifacts are difficult or impossible to reproduce and are most likely to need secure backup. These are the people who will document a lab's information and complete the certification form.

Project information includes:

Download this Excel workbook to simplify the process of collecting the information needed for a certification request before logging in to the Certification Request application form. Line-by-line instructions are included in the workbook.

The Lab Environment

Reference is made to the 'lab' environment throughout the certification process. A lab can differ, depending on the researcher:

  • Individuals whose research does not involve a physical lab should complete the documentation for yourself and your research-related computing equipment. This may be as little as a workstation or laptop.
  • Researchers with multiple labs submit a separate certification request for each lab.
  • Researchers who rely on a separate support organization such as SDSC for lab data should provide as much of the information as is relevant. While organizations such as SDSC provide highly secure enclaves, ultimate responsibility for the secure handling of data and its backup remains that of the Principal Investigator.

2. Complete the Certification Request Form

Information must be manually transferred from the Excel data collection workbook to corresponding fields in the Cybersecurity Certification for Research request form.

Access the Cybersecurity Certification for Research request form at (Active Directory sign-on required. Please use your login, not or

3. PI Review and Submit

The PI will receive an email with instructions to log in to the certification tool, review the information, and click the certification button.

Submission Reviews

A workgroup of research IT and security personnel will review certification submissions:

  • All labs that have been pre-identified as high-risk will be reviewed. See What is a “High-Risk” Lab?
  • A random subset of all labs not deemed high-risk will be reviewed

PIs may request a more rigorous assessment than the basic program at no charge, with fee-based options, by emailing

What is a ‘High-Risk’ Lab?

A high-risk lab is a lab with specific DoD or security requirements from the sponsoring agency, a very extensive IT infrastructure, or a research topic known to be a high-value target.

Faculty and researchers whose research is determined to be high-risk will be notified.


Campus faculty and researchers, email for assistance. 

Health Sciences faculty and researchers, email