As Horizon Europe deals with new technologies and innovations, the European Commission wants to make sure that these are not misused for the wrong purposes (e.g. crime) or that sensitive information falls in the wrong hands.
To this purpose they have set-up security procedures for projects submitted under their R&I framework programme. In Horizon 2020 this was called the security scrutiny procedure but in Horizon Europe it has been expanded and renamed to ‘security appraisal procedure’.
In contrast to Horizon 2020 the procedure is now mandatory for all project proposals though it has to be said that for most proposals this work will be limited to answering the questions of the self-assessment questionnaire.
Overview of the procedure
There are 3 steps of the procedure which in turn are also divided into phases.
Security self-assessment by the applicant
All project proposals must fill in the security issues table as a self-assessment which contains some straight-forward questions. This is what most proposals will have to do. You can find this table in the standard application document.
For those calls that are submitted under security sensitive topics, a security section (application form part B security) must also be filled in. At the moment this is the case for the Space calls (cluster 4) and the civil security calls managed by DG Home (cluster 3). These files will immediately go to the security scrutiny phase and skip the first 2 phases of step 2.
Security review by the granting authority, the Commission and national security expert
Only proposals above the threshold will undergo a security review. The first phase of this step is the pre-screening carried out by the granting authority (in casu competent DG or agency). Afterwards all these files are sent to DG Home which will take care of the screening phase. if in the screening phase it seems that more analysis is needed then the file will be transferred to the security screening group
The final phase is thus the security scrutiny in which a group of nationally appointed security experts will review the proposals and give their verdict. This might be no security concern, classification (limit the access) of certain deliverables or information, appointing a project security officer, install a security advisory board, organize security trainings for the staff involved in the project etc. The most strict judgment can be the non-funding of the proposal but this is extremely rare.
Security checks and audits by the commission or the relevant funding body
Once the project is ongoing the staff of the European Commission can also perform checks and maybe an audit on the security requirements regarding the projects.
The timeline can be long to get the full security clearance so it might not be concluded by the time the invitation letter is sent. However at the moment of the grant signature this procedure must be finalized.
If you want more information regarding this topic you can watch this webinar of the European Commission on Youtube and you can also check their guide on how to handle security sensitive projects. In case you have some specific questions you can send them to HOME-SECURITY-APPRAISAL@EC.EUROPA.EU