Background

The international research and innovation sector has gained new geopolitical significance in recent years. Scientific knowledge, key technologies, data, and critical raw materials have become strategic resources.

Many technologies—especially in the life, environmental, climate, energy, and materials sciences—have dual-use potential: they can be employed for civilian purposes as well as for military or security-relevant applications.

Some states deliberately leverage international cooperations to acquire technological know-how, build strategic dependencies, or exert influence on scientific discourse.

This creates new challenges for universities. Beyond the traditional matters of scientific quality and integrity, issues such as undesirable knowledge transfer, foreign interference, and the protection of sensitive infrastructure are moving into focus, contributing to the emergence of a new cross-cutting discipline: research and knowledge security.

European and national framework

With the Council Recommendation on Enhancing Research Security (C/2024/3510) of 30 May 2024, EU Member States were called upon to:

  • develop national strategies,
  • expand support structures for higher education institutions,
  • promote evidence-based risk analyses.

In parallel, several EU and national legal acts affect the work of universities—for example in the areas of dual-use, critical raw materials, export control, data protection, and the resilience of critical entities.

Research and knowledge security is thus not an isolated topic, but part of a comprehensive regulatory and strategic framework.

Research and Knowledge Security at BOKU

As part of its performance agreement with the Austrian Federal Ministry of Education, Science and Research (BMBWF), BOKU is establishing a structured risk management system for research and knowledge security. The goal is to identify risks at an early stage, assess them appropriately, and manage them through suitable measures and clearly defined processes.

The system includes:

  • traceable criteria for risk identification and analysis,
  • transparent decision-making and responsibility structures,
  • proportionate protective and accompanying measures.

Research and knowledge security is understood as a continuous development process that links strategic, legal, and practice-oriented scientific aspects.

Risk Management in accordance with ISO 31000

BOKU follows the internationally recognized ISO 31000:2018 standard for risk management.

This framework helps to:

  • systematically identify risks,
  • assess likelihoods and impacts,
  • define appropriate risk‑mitigation measures,
  • establish continuous improvement processes.

The standard is available in the ÖNORM reading room.